As part of our occasional series of conversations with compliance and risk executives, we caught up with Michael Pizzi, chief risk officer at E*Trade Financial. Prior to the financial crisis, E*Trade had made sizable investments in mortgaged-related assets—toxic assets whose value ultimately plummeted, resulting in substantial writedowns for the financial services company. Inside, Pizzi talks about how E*Trade revamped its enterprise risk management framework to recover from its crisis predicament.
First, tell us a little about E*Trade generally.
We have close to 3,200 employees. We operate mostly domestically, with 30 branch locations across the United States. Our primary business is in the retail brokerage space as an online broker. We also have a very large stock plan administration business, administering stock plans for many large U.S. corporations.
What was E*Trade’s exposure to the subprime-mortgage crisis?
We were a thrift institution, meaning we were regulated by the OTS [Office of Thrift Supervision]. We had a very broad set of issues. The issues grew out of the crisis and grew out of the losses that occurred around our loan and securities portfolio.
What led to a significant number of the problems is that we had a very large amount of mortgage assets and lending assets on our balance sheet that we accumulated in the pre-crisis environment. Today, that portfolio is down to about $6 billion. It’s been in runoff mode for the past seven or eight years. It’s a problem that’s firmly shifting into the rearview mirror.
Our asset strategy today is almost 100 percent composed of buying government-backed agency-type securities, so essentially securities that would carry either a direct or indirect government guarantee. From a risk model perspective, the inherent risks in our model today are significantly lower, compared to the risks that were inherent in the business model approach of the pre-crisis firm. It’s really a night-and-day difference.
What were the lessons learned from that experience?
When we think about the crisis broadly, what is most important is what we learned from it from a risk capability standpoint and how it changed our thinking around the risk management and balance sheet management of the company.
In 2012, we stepped back and started asking ourselves, “What do we need to do?” We looked at emerging regulation, and we looked at the body of existing regulation, and asked ourselves, “Where do we need to make incremental improvements?”
We looked at best practices across risk management, and we noticed some deficits that we had to address. In terms of best practices, what we lacked was the clear governance, escalation, and root cause analysis of an ERM framework. What I mean by that is organizing risk and reporting risk up through a committee structure to an enterprise risk management committee, followed by clear, articulated reporting up to the board of directors. Those were some of the initial steps that we took in 2012 and then continued to build out over time.
You mentioned emerging regulation. How has that played a role in E*Trade improving its ERM framework?
For us, no bigger investment came about from passage of the Dodd-Frank Act than stress-testing, putting in these capabilities. In 2012, that was the greatest area of emerging regulation where we started to invest immediate resources to understand our operating forecasts over an extended horizon under varying scenarios—the most constraining of which is regulatory prescribed “severely adverse,” which considered situations like a 40 percent drop in the equity markets and a 25 percent drop in home prices.
I’m very happy to say I think we’ve implemented a very strong set of capabilities around both running regulatory-prescribed stress tests and using the mechanics of those stress tests for driving additional business insights and analysis.
That sounds like it requires a lot of manpower.
It took a significant amount of investment from where we started. Since 2012, we’ve had a 50 percent growth in total risk staff across the company, including risk, legal, compliance, and audit. Those four functions are now about 10 percent of the total company’s workforce. It’s a commitment to make those investments, manage them, and set the right culture and tone.
Where does E*Trades’s ERM framework stand today?
In 2014, there was a tremendous focus on completing the build-out. Executing and sustaining the processes we’ve built is kind of where we are today.
It takes driving your risk culture, so that people understand that they’re not just doing something because it’s prescribed; they’re doing something because it’s the right way to run a business. One of the things we did is that the risk team—including legal, compliance, and audit—went to all the different E*Trade offices last year and conducted training sessions with each business unit to really embed risk management and to build a strong risk management culture. During these sessions we worked through various scenarios relevant to their function, identifying risks and how to escalate them to the right ERM business partner. A key goal was to ensure each colleague knows they are risk owners within their respective areas.
ABOUT MICHAEL PIZZI
As chief risk officer, Michael Pizzi oversees and directs the enterprise risk management function at E*Trade. Pizzi has been with E*Trade since 2003 and has an extensive background in treasury and balance sheet management.
From 2008 to 2013, he served as treasurer of E*Trade Bank and took on additional responsibilities as corporate treasurer in 2011. During this time, he was responsible for all portfolio, capital, and liquidity management. Prior to these roles, he held various positions in E*Trade portfolio management and derivatives functions.
E*Trade’s Financial History
Prior to 2007, the company made relatively sizable investments in mortgages, mortgaged-backed securities, and other asset-backed securities. The decline in the value of the assets resulted in substantial write-downs for the company and stressed its capital levels. To recapitalize, the company raised equity and issued a large amount of high-cost debt. The company has since been focused on running off remaining legacy investments and reducing the associated costs, as well as reducing the costs of its parent debt—a large portion of which was refinanced in 2012, again in 2014, and once more in 2015, including the pay down of $740M of total debt.
Additionally, in 2009 the company’s introducing broker-dealer was moved under E*TRADE Bank, where its clearing broker-dealer already resided, to act as a source of strength for the bank. In light of improvements in the regulatory and financial standing, in 2015 the company announced it had received regulatory approval to move its brokerage operations from under the bank, more efficiently positioning a source of capital for the parent.
When business owners understand the risks that are inherent in their business, they understand their control processes, and they understand where breakdowns can occur and the responsibilities they have around them as risk owners. It becomes a process. It becomes a way of thinking. It becomes how the firm operates. That’s what we’ve done. We’ve made some enormous progress in establishing the right culture.
Where all other financial services firms either failed or merged in the aftermath of the sub-prime mortgage crisis, what made E*Trade’s prevail?
We are one large, customer-facing business. A lot of banks have so many business lines and so many product lines that it would have made the transition even more difficult. What helped E*Trade succeed was stepping back, taking a focused view, and really establishing the right tone from the executive level on the importance of getting it done, and getting it done right, and driving that tone throughout the organization.
This is why a lot of institutions fail: senior management doesn’t want to make the investment, or they don’t want to take it as serious as they need to and so they don’t build the capabilities at all, or they don’t build them in a way that can be sustained.
In your role as a chief risk officer, what overall lessons from your experience might your peers be able to learn from?
Culture is important. You can invest a lot, but if you don’t have risk ownership in the business, if you don’t have what we call “first line accountability”—making businesses accountable for the risk—you’re setting yourself up for failure.
It takes not only a top-down culture that has to come from the risk officer, the principal business owners, and CEO, but also a bottom-up culture, meaning you have to be out there instilling that culture at the lowest levels of the company, so that it’s rolling up. That’s one of the most important investments you can make in any ERM framework to make it successful.
Thank you, Michael.