Addressing Excessive Risk-Taking in the Financial Sector: A Corporate Governance Approach


Excessive corporate risk-taking by systemically important financial institutions (SIFIs) is widely seen as one of the primary causes of the global financial crisis. In response, an array of international reforms, under the auspices of the G20’s standard-setting bodies, has been adopted to try to curb that risk-taking. However, these reforms just impose substantive requirements, such as capital adequacy, and cannot by themselves prevent future systemic collapses. To complete the G20 financial reform agenda, SIFI managers should have a duty to society (a “public governance duty”) not to engage their firms in excessive risk-taking that leads to systemic externalities. Regulating governance in this way can help supplement the ongoing regulatory reforms and reduce the likelihood of systemic harm to the public.



Excessive corporate risk-taking by systemically important financial institutions (SIFIs)[1] is widely seen as one of the primary causes of the global financial crisis.[2] In response, an array of international reforms, under the auspices of the G20’s Financial Stability Board, has been adopted to curb excessive SIFI risk-taking. Such reforms include higher capital requirements for SIFIs, requiring SIFIs to tie management compensation to the firms’ long-term performance, and requiring SIFIs to maintain so called contingent capital, in which debt securities convert into equity upon specified conditions.[3] All these measures have the common feature of imposing substantive requirements on SIFIs. They can, therefore, be distinguished from regulating governance, an alternative approach which seeks to prevent systemic failures by reforming corporate governance.[4]

This policy brief argues that these types of substantive requirements are subject to important limitations and cannot by themselves adequately curb excessive SIFI risk-taking. Take, for example, capital adequacy requirements which have been imposed under the Basel Accords. The principal purpose of these requirements is to protect banks against unexpected losses, not to curb excessive risk-taking.[5] In addition to being prone to gaming, firm-specific capital requirements concern safety and soundness of individual banks and cannot therefore protect the integrity of the larger financial system.[6]

Other regulatory responses such as compensation reforms or contingent capital seek to align managerial and investor interests, implicitly assuming that the investors themselves would oppose excessively risky business ventures. This assumption is, however, flawed because a SIFI can engage in risk-taking ventures that have a positive expected value to their investors but a negative expected value to the public.[7] That is because much of the systemic harm from such a firm’s failure would be externalized onto the public, including ordinary citizens impacted by an economic collapse, causing widespread poverty and unemployment.[8] This misalignment between the corporate risk taking and public interest is created by corporate governance law, which requires managers of a firm to view the consequences of their firm’s actions, and thus the expected value of corporate risk-taking, only from the standpoint of the firm and its investors.[9]

Traditional corporate governance is sensible for firms that are not systemically important and for decisions made in the ordinary course of business, because managers cannot consider all small externalities in their decision making. It cannot be justified, however, in the context of systemic externalities which can impose significant economic harm on the broader public. To reduce systemic externalities, managers should have a duty to society (a “public governance duty”) not to engage their firms in excessive risk-taking that leads to those externalities. So long as it does not unduly weaken wealth-producing capacity, regulating governance in this way would help to align private and public interests.

In the context of finance, regulating governance has another important advantage over regulating substance.  Regulating substance often depends on regulators precisely understanding the financial “architecture”—the particular design and structure of financial firms, markets, and other related institutions— at the time the regulation is promulgated.[10] Because the financial architecture is constantly changing, that type of grounded regulation has value as long as it is updated to adapt to those changes. But ongoing financial monitoring and regulatory updating can be costly and is subject to political interference at each updating stage. As a result, financial regulation of substance usually lags financial innovation, causing unanticipated consequences such as rendering regulatory requirements obsolete and allowing innovations to escape regulatory scrutiny.[11] Regulating governance, in contrast, can overcome that regulatory time lag. If the firm is proposing to engage in a risky project that represents financial innovation, its managers either have or, to fulfill their governance duties, must try to obtain the most current information about the innovation and its consequences. Regulating governance in this way can therefore help supplement the regulation of substance.

[1] A systemically important financial institution (SIFI) can be broadly defined as a financial institution whose distress or failure could pose a significant risk of disruption to the smooth functioning of the financial system. No single measurement perfectly captures the systemic importance of a SIFI. Firms vary widely in their structure and operations and therefore in the nature and degree of risks they pose to the system. Size, interconnectedness, complexity of the governance and operations, and the strategic position in the market are among the factors that can indicate systemic importance. See H.M. Ennis & H.S. Malek, ‘Bank Risk of Failure and the Too-Big-to-Fail Policy’ (2005) at 21-22, online: http://www.richmondfed.org/publications/research/economic_quarterly/2005/spring/pdf/ennismalek.pdf; Basel Committee on Banking Supervision (BCBS), ‘Global Systemically Important Banks: Updated Assessment Methodology and the Higher Loss” (2013) at 4-8, online: https://www.bis.org/publ/bcbs255.pdf.

[2] See, e.g., Financial Crisis Inquiry Commission, The Financial Crisis Inquiry Report: Final Report of The National Commission On The Causes Of The Financial And Economic Crisis In The United States (2011) Xviii–Xix; High Level group on Financial Supervision in the EU Report (2009), 8-9.

[3] At the Cannes Summit, the G20 leaders endorsed a set of regulatory measures on SIFIs which reflect the greater risk that these institutions pose to the global financial system. Reforming national resolution regimes, higher capital requirements and more intensive supervision are among these measures. G20 leaders also reaffirmed their commitment to discouraging compensation practices that lead to excessive risk taking. At the G20’s direction, the FSB has developed international standards and best practices in all these areas. However, none of these measures have taken into account the governance distortions which lead to excessive risk taking in the first place. See, Cannes Summit Final Declaration , November 4, 2011, http://www.fsb.org/wp-content/uploads/g20_leaders_declaration_cannes_2011.pdf; FSB, Addressing SIFIs, http://www.fsb.org/what-we-do/policy-development/systematically-important-financial-institutions-sifis/.

[4] For a detailed discussion of the distinction between regulating substance and regulating governance, see Steven L. Schwarcz, Misalignment: Corporate Risk-Taking and Public Duty, 92:1 Notre Dame L. Rev. 1, 17-23 (2016).

[5] Anat R. Admati, The Missed Opportunity and Challenge of Capital Regulation, Nat’l. Inst. Econ. Rev. No. 235, Feb. 2016, at R4; Kern Alexander & Steven L. Schwarcz, The Macroprudential Quandary: Unsystematic Efforts To Reform Financial Regulation, in Reconceptualising Global Finance and Its Regulation 127, 136 (Ross Buckley et al. eds., 2016).

[6] On limitations of capital requirements, see, e.g., Alessio M. Pacces, The Future in Law & Finance 24 (Erasmus Univ. Rotterdam, Law Working Paper No. 217/2013, 2013) (observing that “higher capital requirements cannot stop banks from taking excessive risk”); Rainer Masera, Taking the Moral Hazard out of Banking: The Next Fundamental Step in Financial Reform, 64 PSL Q. Rev. 105, 109 (2011); Emilios Avgouleas, Bank Leverage Ratios and Financial Stability: A Micro- and Macroprudential Perspective, 16–17 (Levy Econ. Inst. Working Paper No. 849, 2015).

[7] Misalignment,  supra note 4, at 4.

[8] Steven L. Schwarcz, Systemic Risk, 97 Geo. L.J. 193, 198 (2008).

[9] See, e.g., Richard A. Brealey, Stewart C. Myers, & Franklin Allen, Principles of Corporate Finance 9–10 (10th ed. 2011); Board of Governors of the Federal Reserve System, Calibrating the GSIB Surcharge 1 (2015) (observing that systemically important financial institutions “themselves lack sufficient incentives to take precautions against their own failures”).

[10] Steven L. Schwarcz, Regulating Financial Change: A Functional Approach, 100 Minn. L. Rev. 1441, 1444 (2016).

[11] This occurred in 2008, for example, when the pre-crisis financial regulatory framework, which assumed the dominance of bank-intermediated funding, failed to adequately address a collapsing financial system in which the majority of funding had become non-bank intermediated.  Cf. Julia Black, Restructuring Global and EU Financial Regulation: Character, Capacities, and Learning, in Financial Regulation and Supervision: A Post-Crisis Analysis 3. 13 (Eddy Wymeersch et al. eds., 2012) (observing that “the system simply did not operate in the way that regulators, banks, and economists had thought it did.  If you do not understand how the system works, it is very hard to build in mechanisms either for managing risk or for ensuring the system’s resilience when those risks crystallize.”).



In making corporate decisions, managers currently have a duty to the firm and its investors. To reduce systemic externalities, this policy brief recommends that managers should also have a public governance duty not to engage their firms in excessive risk-taking that leads to those externalities. Because only SIFIs, by definition, could engage in risk-taking that leads to systemic externalities, the public governance duty should apply only to managers of those firms.[1]

To fulfil this duty, SIFIs managers should assess and balance the public costs and private benefits of a risk-taking activity. Although a range of approaches is possible, this policy brief offers two examples of how managers can fulfil their duty: one subjective and the other more objective and ministerial.  Managers following a subjective approach will assess and balance the costs and benefits of a risk-taking activity the same way that they consider and balance the relevant costs and benefits of any other corporate governance decisions. Their assessment and reasoning might, but would not necessarily, be documented or explained.

While managers may prefer the subjective approach as it would not change their current behavior, this approach has three important drawbacks. First, given the serious social and economic consequences of a systemic collapse for the public, the decision-making process to mitigate systemic ham should be more transparent. Second, managers following a subjective approach may view private returns more favorably than mitigating systemic harm. Third, while courts do not usually second guess the decision of managers, a subjective approach can be seen as increasing the risk of litigation. To that extent, managers themselves may prefer a more objective approach which offers greater clarity on how the public governance duty should be exercised.[2]

Now consider, how to draft a possible objective approach, using the generic example of a SIFI engaging in a risky project that can be profitable. The benefits of this project would be its expected value to the firm’s investors (usually shareholders), and the public costs of the project would be the expected value of its systemic costs. In principle, the managers should have sufficient information or at least much more information than third parties about valuing the chance of the project being successful, the value to investors from that success, the loss from the project’s failure, and the chance of the firm failing as a result of the project’s failure. In contrast, valuing the systemic costs of a firm’s failure should be seen as a public choice, which could be based, for example, on the estimated costs of a government bailout to avoid a systemic failure. National governments could perform this estimate as part of the process of SIFI designation and thereafter periodically update it.[3]

To ensure that the balancing does not unduly weaken corporate wealth-producing capacity, it should be designed to yield an economically efficient result. From a strict economic efficiency standpoint, the project would be Kaldor-Hicks efficient if its expected value to investors exceeds the expected value of its systemic costs.[4] As a public policy matter, however, simple Kaldor-Hicks efficiency may be insufficient because the magnitude and harmful consequences of a systemic collapse, if it occurs, could be devastating. Thus, it may be appropriate to establish a margin of safety, for example by requiring that the expected value to investors considerably exceeds the expected value of systemic costs.[5]

Implementation and Enforcement

A public governance duty could be legally imposed in different ways. For example, national courts in G20 jurisdictions could create such a duty through judicial decisions, or national legislatures could amend their corporation laws to require such a duty. Given that changes in corporate governance law can have profound public policy implications and ultimately change the fabric of capitalism that a society chooses to embrace, this policy brief prefers that G20 leaders call for legislative reform in member jurisdictions, allowing for an open public debate on relevant social and political factors.[6] The appendix to this policy brief proposes model language for legislating a public governance duty, which could be used as the starting premise for G20 leaders and their national constituencies.

The next question is who should enforce the public governance duty? Traditionally corporate governance law has relied on shareholder derivative actions as the primary enforcement mechanism. Shareholders, however, would likely have no interest in suing managers for systemic economic harm. Thus, governments by default should have the right to enforce the public duty. To facilitate better monitoring, regulation implementing the public duty should also include whistleblower incentives, including anti-retaliation protection for managers or others involved in the risk assessments who inform national authorities of their firms’ non-compliance and possibly also monetary awards. Operational-level grievance mechanisms that operate independently from management and are directly accessible to a broader range of stakeholders, such as employees, might provide another important avenue for enforcing the public governance duty.[7]

Appendix: Model Regulatory Language for a Public Governance Duty

Public Governance Duty Act


(a) This Act may be cited as the “Public Governance Duty Act.”


(a) Except as otherwise specifically provided in this Act, the following definitions shall apply:

(1) The term “business judgment rule” means the legal presumption that a firm’s managers should not be personally liable for harm caused by negligent decisions made in good faith and without conflicts of interest.

(2) The term “director” means a member of a systemically important firm’s board of directors or such other senior manager who shares or otherwise has ultimate responsibility to manage the firm.

(3) The term “fail” means that a firm admits in writing its inability to pay its debts; or makes a general assignment for the benefit of creditors; or becomes subject to a bankruptcy, insolvency, winding-up, liquidation, or other similar case or proceeding; or otherwise ceases normal business operations due to financial distress.

(4) The term “public governance duty” has the meaning set forth in Section 3(a) of this Act.

(5) The term “systemically important firm” means a firm that has been designated as systemically important by [name of applicable governmental body that is authorized to make that designation].


(a) THE PUBLIC GOVERNANCE DUTY.  In addition to the duties a director may have to shareholders or other stakeholders, each director of a systemically important firm has a duty (“public governance duty”) not to engage the firm in risk-taking that, viewed at the time of such risk-taking and either itself or in combination with other factors of which such director is or should be aware, could reasonably cause the firm to fail unless such director (1) first performs one of the processes set forth in subsection (b) of this Section and (2) based thereon, determines that the firm should engage in that risk-taking.

(b) PROCESS.  For each risk-taking described in subsection (a) of this Section, a director shall perform the process described in either subsection (b)(1) or subsection (b)(2) of this Section.

(1) The director shall assess and balance the benefits and costs of such risk-taking, including potential systemic harm to the public, in the manner such director would lawfully assess and balance any other relevant benefits and costs when making a corporate governance decision;

(2) The director shall assess and balance the benefits and costs of such risk-taking, including potential systemic harm to the public, according to the following methodology: […]


(a) LIABILITY.  A director who violates the public governance duty shall be liable for up to [$250,000] per risk-taking.

(b) PUBLIC ENFORCEMENT.  [Name of applicable governmental agency that is authorized to enforce this Act] (the “Agency”) may enforce this Act by [insert appropriate administrative and/or judicial legal actions that may be taken to impose liability or to restrain a risk-taking for which a director has violated the public governance duty].

(c) PRIVATE ENFORCEMENT.  A person may bring a civil action to enforce this Act on behalf of and in the name of the Agency.

(1) A copy of the complaint and written disclosure of substantially all material evidence and information the person possesses shall be served on the Agency.  The complaint shall be filed in camera, shall remain under seal, and shall not be served on the defendant until the Agency elects whether to intervene and proceed with the action.

(2) The Agency shall elect whether to intervene and proceed with the action within sixty days after it receives both the complaint and the material evidence and information referenced in subsection (c)(1) of this Section.  Before the expiration of that sixty-day period, the Agency shall (A) proceed with the action, in which case the action shall be conducted by the Agency, or (B) notify the court that it declines to take over the action, in which case the person initiating the action shall have the right to conduct the action.

(3) If the Agency proceeds with the action, it shall have full responsibility for prosecuting the action, and shall not be bound by any act of the person bringing the action.  Such person, however, shall receive at least [fifteen percent but not more than thirty percent] of the proceeds of the action or settlement thereof, depending upon the extent to which the Agency determines such person substantially contributed to the prosecution of the action.

(4) If the initiating person conducts the action because the Agency declined to take it over, such person shall have the right to the proceeds of the action or settlement thereof.  However, if the action is dismissed or the defendant otherwise prevails, the court may require such person to pay the defendant’s reasonable attorneys’ fees and expenses if the court finds that the action was clearly frivolous, clearly vexatious, or brought primarily for purposes of harassment.


(a) DEFENSES.  This Act shall not restrict the availability of the business judgment rule as a defense to liability, provided a director claiming that defense either (A) uses at least slight care when performing the public governance duty or (B) in good faith performs the process set forth in § 3(b)(2) of this Act.

(b) INSURANCE.  A director who violates the public governance duty shall be personally liable for at least [ten][8] percent of any liability award or settlement against such director.  Such personal liability may not be reimbursed, indemnified, or otherwise directly or indirectly paid or hedged by insurance (including directors and officers liability insurance) or any other means.


(a) Each employee of a systemically important firm shall have the right, and each director of such a firm shall have the obligation, to report to the Agency any violation or potential violation of the public governance duty of which such employee or director has knowledge and to assist the Agency in an investigation of such violation.

(b) An employee or director who acts in accordance with subsection (a) of this Section, (1) shall not, on account of such action, be liable to any person under any law, rule, or regulation or under any contract or other agreement, and (2) may not, on account of such action, be discharged, demoted, suspended, threatened, or harassed, directly or indirectly, or in any other manner discriminated against, by such employee’s or director’s firm or by any other person.

(c) If the Agency finds, after notice and a hearing, that a director has willfully violated such director’s obligation under subsection (a) of this Section, it may impose a civil penalty against such director of up to [$20,000].[9]


[1] Although this policy brief focuses on reducing excessive risk-taking that causes systemic economic externalities, excessive risk-taking can also cause other significant externalities, including social and environmental harm, including climate change. For example, since the 1950s, the number of weather-related catastrophes, such as storms and floods, has increased six-fold, with total losses increasing five-fold since the 1980s to around $170 billion today. A 2015 study by the Economist Intelligence Unit estimated that a 6°C rise in average temperature could cause $43 trillion of losses worldwide. See The Economist Intelligence Unit, “The Cost of Inaction: Recognizing the Value at Risk from Climate Change” (2015) at 4, online: https://www.eiuperspectives.economist.com/sites/default/files/The%20cost%20of%20inaction_0.pdf.

[2] Misaligment, supra note 4, at 32.

[3]  A detailed discussion of how managers should assess and balance the costs and benefits can be found in Misalignment supra note 4, at 32-37. Although the benefits of a project could include stakeholders other than shareholders, such as employees or suppliers, those benefits would be more diffuse and harder to quantify. Pragmatically, it makes sense to begin thinking about assessing benefits by limiting the scope to shareholder benefits.

[4] Kaldor-Hicks efficiency is the practical standard used by economists.  Robin Paul Malloy, Law in a Market Context: An Introduction to Market Concepts in Legal Reasoning 190 (2004).  A project is Kaldor-Hicks efficient if its overall benefits exceed its overall costs, regardless of who bears the costs and who gets the benefits.  Id.  Kaldor-Hicks efficiency implicitly assumes that the distribution of benefits and costs is not controlled by the party—in our case, a firm’s managers—also controlling the decision whether to engage in the project.  Id. at 190–91.  But those managers do not completely control the distribution of benefits; the public usually benefits, at least indirectly, from corporate risk-taking that benefits investors.

[5] See Cass R. Sunstein, Beyond the Precautionary Principle, 151 U. Pa. L. Rev. 1003, 1014 (2003) (discussing this form of the precautionary principle, under which “[r]egulation should include a margin of safety, limiting activities below the level at which adverse effects have not been found or predicted”.

[6] Robert Yalden, Canadian Mergers and Acquisitions at the Crossroads: The Regulation of Defence Strategies After BCE, 55 Can. Bus. L.J. 389, 410 (2014).

[7] United Nations Guiding Principles on Business and Human Rights (2011) at 31-35, online: http://www.ohchr.org/Documents/Publications/GuidingPrinciplesBusinessHR_EN.pdf.

[8] This number is merely suggested.

[9] This number is merely suggested.

Latest Policy Briefs

Register for Updates

Would you like to receive updates on the Global Solutions Initiative, upcoming events, G7 and G20-related developments and the future of multilateralism? Then subscribe here!

1 You hereby agree that the personal data provided may be used for the purpose of updates on the Global Solutions Initiative by the Global Solutions Initiative Foundation gemeinnützige GmbH. Your consent is revocable at any time (by e-mail to contact@global-solutions-initiative.org or to the contact data given in the imprint). The update is sent in accordance with the privacy policy and to advertise the Global Solutions Initiative’s own products and services.