Skip to Content


As Prepared for Delivery

November 22, 2013

Thank you to Americans for Financial Reform and the Economic Policy Institute for hosting this conference. I’d also like to thank Lisa Donner for that kind introduction, as well as Marcus Stanley for all his fine work organizing this event.

The topic of this conference – regulating the shadow banking system – is one that is vitally important.

Stronger oversight of the shadow banking system is critical to protecting the jobs and savings of everyday Americans from reckless risk-taking.

The recent financial crisis has made it abundantly clear that we cannot simply focus exclusively on the banking sector when considering the issue of systemic risk.

There are many other diverse sources of capital that are vulnerable to damaging runs and panics. And it is essential that we take steps to help reduce those risks.

Today, I want to focus the majority of my remarks on one particular area of the shadow banking system that we regulate at the New York State Department of Financial Services (DFS): the insurance industry.

As you likely know, we have a primarily state-based system of insurance regulation in our country.

That means there are more than 50 different regulators – across the many U.S. States and territories – who are responsible for overseeing the safety and soundness of the insurance companies that policyholders rely on for economic security.

Each of those different state regulators is generally responsible for overseeing the insurance operations that take place in their particular jurisdiction.

The Dodd-Frank Wall Street Reform law, however, has made some important changes to that system when it comes to some of our nation's largest insurance companies.

Dodd-Frank gives the Financial Stability Oversight Council (FSOC) the power to designate systemically important financial institutions (SIFIs) for heightened regulatory scrutiny.

Some have questioned whether it is appropriate for FSOC to designate insurers as SIFIs. There have also been similar questions raised about asset managers, as well as other broad categories of investment firms and funds on Wall Street.

I don’t think it should be terribly controversial to say that companies involved in the insurance business, asset managers, and other parts of the shadow banking system can potentially pose systemic risks to the global economy, and should therefore be carefully considered for heightened oversight through the SIFI process.

In the wake of a devastating financial crisis, we should not write off entire multi-trillion dollar industries from the potential for enhanced scrutiny.

Nevertheless, regulators should also take great care to make sure that SIFI determinations and regulations are tailored to the unique nature of each type of business that the FSOC seeks to designate for heightened supervision.

Take the insurance industry, for example.

As we saw with AIG during the financial crisis, it is certainly possible for firms involved in the insurance business to pose a systemic risk. Companies involved in the insurance business can be very large and very interconnected. They are often critical sources of cash and collateral for other big financial institutions in the shadow banking system. And – as we saw with AIG – an insurer can stray into exotic financial products beyond the traditional insurance business, which can potentially strain their liquidity position and put them at risk of a catastrophic failure that threatens our entire economy.

By the same token, however, the asset and liability structure of traditional insurance business is very different from that of banks. And regulators typically have not seen the type of mass policyholder surrenders at insurers that are analogous to depositor runs at banks. Moreover, traditional insurers are typically less interconnected than banks.

As Senator Sherrod Brown and other thoughtful commentators have pointed out, a one-size-fits-all approach to SIFI regulation at the federal level – including regarding capital and liquidity rules for insurers – is not necessarily optimal. Applying bank-like capital regimes to insurance companies could be akin to trying to fit a square peg in a round hole.

The primary expertise of many members of the FSOC is banking regulation. As such, the Federal Insurance Office – led by Michael McRaith – has and will continue to serve as a valuable resource, as will Roy Woodall and Director John Huff. Moreover, state insurance regulators stand ready to provide additional advice and expertise to federal regulators on these issues moving forward, and we have already been doing so.

Troubling Developments in the Insurance Industry

It is also important, however, that we do not let the controversy over the SIFI debate completely obscure other troubling developments in the insurance business that are pervading not only just a few large institutions, but nearly the entire industry. Sadly, these developments are largely being ignored by financial commentators, analysts, and journalists – probably because there is such a focus on the banking sector and Dodd-Frank implementation generally.

An area that we’ve been hard at work on at DFS is “captive insurance,” which is sometimes used to mask risk and leverage at insurance companies.

In July 2012, the New York State Department of Financial Services initiated a serious investigation into this somewhat obscure area that – we believe – could put insurance policyholders and taxpayers at greater risk.

Insurance companies use these captives to shift blocks of insurance policy claims to special entities – often in states outside where the companies are based, or else offshore (e.g., the Cayman Islands) – in order to take advantage of looser reserve and oversight requirements. (Reserves are funds that insurers set aside to pay policyholder claims.)

In a typical transaction, an insurance company creates a “captive” insurance subsidiary, which is essentially a shell company owned by the insurer’s parent. The company then “reinsures” a block of existing policy claims through the shell company – and diverts the reserves that it had previously set aside to pay policyholders to other purposes, since the reserve requirements for the captive shell company are typically lower.

However, this financial alchemy, let’s call it ‘shadow insurance,’ does not actually transfer the risk for those insurance policies off the parent company’s books because, in many instances, the parent company is ultimately still on the hook for paying claims if the shell company’s weaker reserves are exhausted (“a parental guarantee”).

That means that when the time finally comes for a policyholder to collect their promised benefits after years of paying premiums – such as when there is a death in their family – there is a smaller reserve buffer available at the insurance company to ensure that the policyholders receive the benefits to which they are legally entitled.

We detailed the findings of DFS’s nearly year-long investigation into shadow insurance earlier this year. (It took a year for a whole team to unearth the details of the transactions.) And what we found was very troubling.

New York-based insurance companies and their affiliates alone engaged in at least $48 billion of shadow insurance transactions to lower their reserve and regulatory requirements.

They also failed to disclose the parental guarantees associated with nearly 80 percent ($38 billion) of that $48 billion in shadow insurance in their annual financial statements. And where those companies did make disclosures, the disclosures were often spotty and incomplete.

Given that we’re a state regulator, the findings of our investigation are limited to New York-based life insurers. As such, the $48 billion in shadow insurance transactions DFS’s investigation uncovered are likely just the tip of the iceberg nationwide. Indeed, other outside analysts have estimated that the total amount of shadow insurance is more than $300 billion.

It is important to note that not all captive insurance is bad. In some cases, it can be a useful tool for businesses and insurers that are looking to effectively manage their risk profile. But when captive insurance is simply used to juice a firm’s balance sheet – without any genuine risk-transfer – that’s a problem. And if insurance commissioners turn a blind eye to that issue, it could call into question our very system of state-based insurance regulation.

I believe state-based insurance regulation serves our system well. But I fear that if we don’t do more about issues like shadow insurance, and something goes wrong, people will blame the state-based system.

Shifting risk around so it can’t be seen in order to artificially boost financial performance is almost always a recipe for disaster. The use of these shadow insurance transactions has boomed in ways that pervert our system of careful oversight and it is high time we put the regulatory breaks on these types of deals.

Principals Based Reserving

Another troubling development in the insurance industry is an issue called principals-based reserving (PBR).

It’s a complex topic and one that, again, I don’t believe is getting enough attention. But essentially PBR is a proposed change to the rules governing the amount of reserves insurers have to dedicate to backstop policyholder claims. It is supported by a huge number of insurers, trade groups, and regulators.

Right now, insurers have to follow relatively conservative models for reserves, which are set in statute.

PBR would substitute those conservative standards for a new approach that relies on the insurers’ own internal, black-box risk models to set reserves.

If your initial reaction to hearing about PBR is “we’ve seen this movie before and it did not turn out well,” you’re exactly right.

There are, as I noted, important differences between the appropriate prudential standards for insurers and for banks. But, in many ways, principals-based reserving is eerily reminiscent of the weak, black-box, Basel II bank capital requirements that my fellow speaker – former FDIC Chairwoman Sheila Bair – fought so hard against in the lead up to the financial crisis.

That’s why, in September 2013, New York pulled out of a 50-state pilot for certain insurance products that relied on a modified PBR approach.

The pilot was supposed to force insurance companies to put up billions in new reserves to protect policyholders, but unfortunately failed. We were essentially testing whether a self-modeling system could work for insurers.

In fact, companies would have actually been allowed to reduce their overall reserves by nearly $4 billion had the pilot not also included a special fail-safe preventing them from using the new calculations to do just that.

In its current form, PBR represents an unwise move away from reserve requirements that are established by formulas and diligently policed by insurance regulators in favor of internal models developed by insurance companies themselves. Although proponents of PBR assert that the leeway
granted to companies is limited, those restraints are so loose as to be practically illusory. By outsourcing the setting of reserves to companies themselves, insurance regulators again invite criticism about whether state-based regulation is truly effective.
Furthermore, to move forward with PBR at this stage suggests that insurance regulators learned exactly the wrong lessons – or no lessons at all – from the recent financial crisis. State insurance regulators have rightly noted how the traditional insurance business – separate from other esoteric financial products written at AIG FP and other companies – emerged from the crisis far more intact than the banking sector. But that is precisely because insurance regulators had not previously moved to water down reserve and capital standards by allowing them to be governed by internal firm models.

The Too Big to Regulate Issue

While moving toward a stronger, more robust, and more holistic oversight regime for our nation's largest insurers is necessary to reduce systemic risk, it certainly is not sufficient.

We also need to grapple with deeper questions about whether we have the tools and capacity as regulators to truly protect everyday Americans from reckless risk-taking by large financial institutions in the shadow banking system and elsewhere.

Usually, this issue is presented as the “Too Big to Fail” problem: The notion that the collapse of a large, interconnected financial institution would be so damaging to the broader economy that regulators and taxpayers would have no choice but to bail them out.

Others ask whether our nation's financial institutions are “Too Big to Manage.” The recent London Whale problem at JPMorgan, for example, have led many to question about whether financial executives have a true handle on the risks that their institutions are taking around the world.

However, there’s another related – but distinct – issue we need to confront.

And that is whether some of our nation's largest and most complex financial institutions are too big to regulate effectively.

That's not something that many financial regulators are willing to discuss – at least publicly. But I think it's something that needs to be said.

Indeed, rather than forthrightly acknowledge our limitations, it sometimes appears that regulators are more likely instead to display a false sense confidence about their ability to assess and manage risk at the institutions they oversee. And that pretense of knowledge can ultimately prove very damaging.

The recent financial crisis is perhaps the clearest example of this phenomenon. In the years leading up to the crash, regulators repeatedly and vastly underestimated the impact that the mortgage crisis would have on the health of our nation's financial institutions and the broader economy.

And even now, with all that's been done to reform the financial system since the crisis – the new rules, the new regulations, the new tools – it is not clear with respect to the very biggest and most complex firms that we are keeping up as regulators.

At some point, we need to soberly assess our own limitations. Think about this: Our nation’s six largest bank holding companies have more than one million employees and nearly ten trillion in assets. I can tell you that one of the largest insurance companies we regulate at DFS has more than 1,500 subsidiaries around the globe.

We live in a financial world where a few keystrokes on a computer screen at a small office an ocean away can severely harm or even cripple a major U.S. company that has lasted for generations. And where the failure of that company can do serious damage to the jobs and savings of everyday Americans.

With that in mind, we need to stare in the mirror as regulators and ask ourselves whether we can adequately regulate such institutions.

My view is that the very act of acknowledging our limitations and grappling with the true difficulties of regulating behemoth firms will itself make us better regulators – where we are more aware of what we should be looking for and what we may be missing.

By the same token, regulators often deal with these limitations by engaging consultants or monitors to provide additional assistance given the finite resources of regulators and the large size of the financial institutions.

These consultants are installed at banks and other companies by regulators — usually after an institution has committed serious regulatory violations or broken the law. The intent is that monitors assist companies in improving controls and ensuring that violations do not reoccur. They are supposed to be independent of the bank and working on behalf of the regulator.

All too often, however, the outcome of a monitorship is disappointing, as we recently saw in the context of the independent foreclosure review. This could be blamed on a number of factors, but it is worth considering that certain structural issues can significantly undermine the independence of the monitors — the monitors are hired by the banks, they’re embedded physically at the banks, they are paid by the banks, and they depend on the banks for future business.

At DFS, we’re conducting a serious investigation into the consulting industry. Earlier this year, we took action to ban and fine Deloitte for its misconduct and lack of autonomy during its work on anti-money laundering issues at Standard Chartered. Deloitte also agreed to a set of reforms to strengthen consultant oversight and independence. Those reforms – many of which have since been adopted by the OCC – will serve as a model for future consultant engagements.

Our investigation into bank consulting is still ongoing. But I will say that the problems of improper influence and lack of independence are not isolated to Deloitte. They appear to run very deep throughout this industry. And we have a lot more work to do.

If we can soberly reflect on our own limitations as regulators and at the same time more robustly ensure the independence of the consultants we hire to help us, we may significantly improve the quality of our regulatory work, and the protections that work is supposed to be providing our system.

Why Does This Matter?

Now, it might seem obvious to those of us who spend our day steeped in the minutia of financial reform why the too big to regulate issue matters. But I think it’s fair to say that “Too Big to Regulate” does not resonate with everyday Americans the same way as the too big to fail issue.

After all, I think there’s a natural distrust among the public about financial regulators – particularly in the wake of a financial crisis that severely damaged their credibility.

So, I think it’s worth pausing for a moment and outlining why working to address the too big to regulate issue is vital to protecting everyday Americans and our economy.

First, if these firms are too big to regulate, that means regulators (and law enforcement officials) face much greater challenges in uncovering dangerous misconduct at those companies that can do serious damage to everyday Americans.

In recent years, we’ve seen egregious violations of law and ethics at a number of our nation’s largest financial firms.

We’ve seen money laundering for terrorists, drug lords, and enemy nations that puts our national security at risk.

We’ve seen mortgage misconduct that has severely damaged many families and neighborhoods – for some, perhaps irreparably.

The list – unfortunately – goes on. And those are just the things we know about.

Of course, no regulator or law enforcement official has an all-seeing eye. But the larger and more diffuse these firms are, the greater the risk that misconduct goes undetected.

And that means less deterrence. And that, in turn, means more everyday Americans will get hurt by misconduct at financial institutions in the future.

Second, if these firms are too big to regulate, they are more likely to take on too much risk, which puts them at greater danger of failing.

In some ways, financial firms rely on regulators to save them from themselves. The lure of potential profits and bonuses is so great that many executives are willing to take on outsized risks.

It’s the regulators job to hold up a stop sign before a large financial institution crosses the line and slips past the point of no return.

But if a regulator does not know where the line is or if a firm is close to crossing it, that’s a recipe for disaster. And it could put our entire economy at risk.


To be clear, I think we all acknowledge that making our nation's financial institutions smaller and simpler will not – by itself – eliminate systemic risk.

The financial crisis that accompanied the Great Depression was propelled in part by a cascading set of small bank failures.

Financial markets, by their very nature, will always be vulnerable to panics, manias, and destabilizing runs.

But if we, as regulators, simply accept a risky status quo – a status quo where we may not have the ability or capacity to effectively regulate the mammoth institutions we oversee – aren't we being negligent?

I do not necessarily know that I – or anyone else – has a fully satisfying solution to the Too Big to Regulate problem. Some suggest making our financial institutions smaller and simpler. Others suggest much, much higher capital levels. There is an important debate going on right now about those and other issues.

But, as everyone acknowledges, those types of more fundamental changes do not happen overnight. They often require years and years of diligent work. And they require reformers to overcome significant institutional inertia and intense lobbying.

There are areas, however, where we can make immediate, positive changes as regulators. And one of them is attitudinal.

In my opinion, regulators can and should be much, much more proactive. They need to focus more on the here and now, and the new, new products and services emerging in the markets. And we need to spend more time focused not only on what we are seeing as regulators today, but also what might be around the next corner lurking in the shadows.

Regulators should also, where appropriate, be more aggressive. They need to ask tougher questions to help lift the veil that shrouds these mammoth financial institutions. They need to probe deeper. They need engage in tough (but fair) enforcement that provides real deterrents to future bad conduct by individuals inside these massive firms.

More proactive work in this fashion will not solve the whole problem. But it’s a start.

I don’t mean to imply that the art of financial regulation is – as some may suggest – a futile endeavor. We shouldn’t simply resign ourselves to a financial system that forever careens from crisis to crisis.

Far from it.

But at the very least I know that turning a blind eye to this issue certainly will not solve the problem. That’s one of the reasons why it is so great getting to speak with all of you here today. Thank you.



Link to DFS Portal

About DFS

Contact DFS

Reports & Publications


Laws and Regs

Connect With DFS

DFS Facebook page

Follow NYDFS on Twitter