On July 24, the Federal Reserve Board announced a consent order and a $268.5 million fine against UBS, which acquired Credit Suisse in June 2023, for Credit Suisse’s “misconduct” that involved “unsafe and unsound counterparty credit risk management practices” with Archegos.
In addition to the Federal Reserve Board, the Bank of England’s Prudential Regulation Authority (PRA) issued a record fine of 87 million pounds (US$112 million) for what it called “significant failures in risk management and governance” between Jan. 1, 2020 and March 31, 2021, also in relation to Archegos.
In a third related enforcement action, the Swiss Financial Market Supervisory Authority (FINMA) found that Credit Suisse had “seriously and systematically violated financial market law in the context of its business relationship with the Archegos family office.” Under its enforcement action, FINMA ordered UBS to take corrective measures.
FINMA further announced it has “opened enforcement proceedings against a former Credit Suisse manager.” FINMA said it will not identify this person or provide details of the proceedings.
Investigations’ Findings
In March 2021, several investment banks incurred significant losses from the collapse of Archegos. Credit Suisse suffered the largest loss of $5.5 billion. According to the PRA, Credit Suisse’ risk management oversight and practices were “symptomatic of an unsound risk culture within the business line that failed to balance considerations of risk against commercial reward appropriately.”
“Broadly, this resulted in a failure by Credit Suisse to address the risk arising from Archegos’ portfolio,” the PRA added. “Credit Suisse had failed to learn from past similar experiences and had insufficiently addressed concerns previously raised by the PRA.”
The case marked the first time an enforcement investigation by the PRA found breaches of four of its fundamental rules:
- Rule 2, which requires that a firm conduct its business with due skill, care, and diligence;
- Rule 3, which requires that a firm act in a prudent manner;
- Rule 5, which requires that a firm have effective risk strategies and risk management systems; and
- Rule 6, which requires that a firm organize and control its affairs responsibly and effectively.
According to PRA, these breaches resulted in Credit Suisse failing to:
- Instill a culture within the investment banking division that appropriately balanced the considerations of risk against commercial reward;
- Evaluate and take due account of the risks to Credit Suisse, and the Credit Suisse group, arising from their exposures to Archegos’ portfolio;
- Appropriately escalate the risks within Archegos’ portfolio;
- Take sufficient steps to implement an effective risk mitigation strategy regarding Archegos’ portfolio; and
- Have a governance framework that adequately scrutinized or discussed the risks posed to Credit Suisse by Archegos’ portfolio.
“Credit Suisse’s failures to manage risks effectively were extremely serious and created a major threat to the safety and soundness of the firm,” said Deputy Governor for Prudential Regulation and Chief Executive Officer Sam Woods, adding that the “seriousness and widespread nature of those failures” led to the record fine.
Risk Management Measures
Under the Federal Reserve’s enforcement action, Credit Suisse must now improve its counterparty credit risk management practices and address additional “longstanding deficiencies in other risk management programs at Credit Suisse’s U.S. operations,” the Federal Reserve said.
Among the risk management practices the bank must implement includes:
- Stronger corporate governance oversight by both the board and senior management;
- Establishment of a remediation office that, in part, is designed to assist “business and control functions in developing solutions to address the root causes of supervisory deficiencies identified by the Federal Reserve.”
- Conducting and documenting an assessment of the U.S. operations’ credit and counterparty risk management program; and
- Strengthening the U.S. operations’ liquidity and operations’ risk management programs.
Bank Response
In a press release responding to the global resolution, the bank stated, “UBS will implement its operational and risk management discipline and its culture across the combined organization. It has already begun implementing its risk framework, including actions addressing these regulatory findings, across Credit Suisse. UBS intends to resolve Credit Suisse’s outstanding litigation and regulatory matters in the best interest of its stakeholders, including investors, clients, and employees.”
Jaclyn Jaeger is a contributing editor at Compliance Chief 360° and a freelance business writer based in Manchester, New Hampshire.