print logo

Why We Need Principles-Based Regulation

Tuesday, May 22, 2012

Instead of regulating the boundaries between what is approved and what is forbidden, perhaps we should lay out broad but well-defined principles that businesses are expected to follow.

Recently, large trading losses at JP Morgan have revived the question of how to regulate financial institutions. I believe that this would best be done using a very different approach than what regulators traditionally employ.

When we think of regulation, we think of specific rules that spell out the boundaries between what is approved and what is forbidden. For example, requiring credit card issuers to give 45 days notice prior to a rate increase. I call this bright-line regulation (BLR).

What I want to propose is an alternative approach, called principles-based regulation (PBR). With PBR, legislation would lay out broad but well-defined principles that businesses are expected to follow. Administrative agencies would audit businesses to identify strengths and weaknesses in their systems for applying those principles, and they would punish weaknesses by imposing fines. Finally, the Department of Justice would prosecute corporate leaders who flagrantly violate principles or who are negligent in ensuring compliance with those principles.

The banks will always be savvier than the consumers and nimbler than the regulators, so bright-line regulation is bound to fail.

As a quick Google search for “principles-based regulation” will show, this is not an original idea. For example, James Surowiecki wrote skeptically about the approach as advocated in April 2008 by Henry Paulson, then Treasury Secretary, with Surowiecki sniffing, “But the best principles in the world won’t help much if those in charge aren’t willing to enforce them.”

Regulated industries are always ready to complain about the cost of complying with bright-line regulations. However, I have the opposite objection. Particularly when it comes to the financial sector, compliance with BLR is far too easy. The bankers are always able to outmaneuver the regulators, staying within the letter of the rules while mocking their spirit.


Below, I will give three specific examples of misbehavior by financial firms. If PBR had been in place, there would have been different outcomes in these cases. Either the firms would have been in alignment with the principles, in which case the misbehavior would never have taken place, or else the CEOs and other responsible executives would have been prosecuted and sent to prison.

1.    The Consumer Is Not Protected

In 1999, Fast Company published a story on the marketing innovations of Capital One, which at the time was focused on the credit card business. Customers making routine inquiries about their credit cards were treated to marketing pitches. In one example, a customer with a mere $200 credit limit was talked into paying $59.95 a year for a service to help her check her credit report. As the article pointed out, this is a service of no value to someone with only a $200 credit limit.

Capital One violated a principle of consumer protection. I would articulate that principle as saying that no business should sell a consumer a product knowing that the consumer has no chance of benefiting from that product. This particular violation is made more severe by the fact that the customer likely was unsophisticated and of modest means.

Under principles-based regulation, there can be no excuse for leaving the taxpayers holding the bag for Freddie Mac's ill-advised foray into low-doc mortgages.

The BLR approach to consumer protection is to outlaw certain products and practices and to mandate certain forms of disclosure. However, subject to what is specified in the rules, pretty much anything goes. The banks will always be savvier than the consumers and nimbler than the regulators, so BLR is bound to fail.

2.    Reckless Mortgage Lending

In 2004, Freddie Mac's CEO was warned by its chief risk officer about the dangers of mortgage loans without proper documentation. Less than 15 years earlier, a similar outbreak of “low-doc” lending was snuffed out by a joint effort by the leaders of Freddie Mac and Fannie Mae. In the more recent case, not only did Freddie Mac choose to follow the market rather than lead it, the CEO fired the chief risk officer.1

The principle here is that any financial institution that enjoys a government guarantee has a responsibility to behave prudently. Even if Freddie Mac had determined that participating in the high-risk mortgage market was a business necessity, it should have strengthened its capital position and increased its loan loss provisions in order to comply with the principle of prudent behavior. Under PBR, there can be no excuse for leaving the taxpayers holding the bag for Freddie Mac's ill-advised foray into low-doc mortgages.

3. Fiduciary Irresponsibility

Last year, the failed financial firm MF Global was accused of having taken money from customers' accounts for its own transactions, with $1.2 billion not accounted for. CEO Jon Corzine famously testified that he does not know where that money is.2

The principle here is that the chief executive of a company has a fiduciary responsibility to make certain that systems are in place to protect customers' funds. Under PBR, there would be no doubt that Corzine would be guilty and personally liable. Only if a rogue employee found an ingenious way to evade internal controls would a CEO be able to blame the employee.

Holding Executives Accountable

Let me stress that PBR as I envision it would incorporate personal liability for executives. Insurance policies that cover executives in the case of “errors and omissions” would not be operative in this case.

The possibility of spending time behind bars would introduce some downside into executive misbehavior.

In any event, there is no insurance protection against a term in prison. The possibility of spending time behind bars would introduce some downside into executive misbehavior. Under the current system, when executives engage in wrongful behavior and do not get caught, they earn super-enormous sums; when they do get caught, they get… enormous sums.

PBR is the only hope for getting government-backed institutions to be managed prudently. With the bright-line regulation of the Basel risk-based capital standards, banks piled into AAA-rated mortgage securities. The massive Dodd-Frank legislation tweaked a few parameters but left the basic game in place: Banks will still try to find the riskiest structure of assets and capital that the regulations permit.

The Role of Regulators

Under PBR, an important tool of regulation would be random management audits conducted by the regulatory agency. The audit would grade the company's systems for aligning its actions to the various principles.

Consider the example of consumer protection. As noted above, one principle would be that no consumer should be sold a product or service unless that consumer has a chance of deriving some benefit from it. A regulatory auditor would want proof that: the business has an executive who is accountable for adherence to this principle; the business has a set of policies for making decisions consistent with this principle; front-line employees are trained in procedures that ensure that these  policies are carried out; and the business has its own auditing procedures in place to ensure adherence to the principle.

Audit grades would be made public. Perhaps findings of unusually effective business practices would earn rewards. Certainly, findings of gaps or weaknesses would result in fines, which would escalate if the weaknesses were not addressed in a timely manner.

Regulated industries are always ready to complain about the cost of complying with bright-line regulations. However, I have the opposite objection.

As with any regulatory approach, principles-based regulation must be well executed in order to work. A key element is that the principles should have clear meaning. They cannot be vague, as in the United Kingdom, where one finds principles like “A firm must observe proper standards of market conduct” or “A firm must conduct its business with integrity.”3 To me, those are not principles. They are just glittering generalities that offer no concrete guidance to a firm.

Businesses often use internal mission statements and lists of principles as a tool to align employees with the goals of top management. However, in many instances, the statements are so general that they have no implications for any particular way of conducting business. The truly meaningful statements of corporate philosophy are those that provide strong signals of what type of business directions the firm will and will not take. Similarly, for PBR to work, the principles have to clarify rather than obfuscate. Legislative commentary should include specific examples of conduct that falls outside of the principles, in order to provide further guidance.

One way to test the strength of a principle is to ask, “Could we audit to test compliance with this principle?” I do not see how you can audit against “must observe proper standards of market conduct” or “conduct its business with integrity.” The terms need to be better defined.

Principles-based regulation is not a cure-all. There are many regulatory problems that are better addressed with bright-line regulation. For example, the algorithm for calculating the Annual Percentage Rate of interest should be standardized and clearly specified by regulators. And any regulatory system will have gaps and flaws. After all, those who design and implement regulations are as human as the people who run the businesses that they regulate. But in an increasingly complex and fast-paced market environment, there are likely to be many regulatory issues where principles-based regulation will prove to be more robust.

Arnold Kling is a member of the Financial Markets Working Group at the Mercatus Center of George Mason University. He writes for econlog, part of the Library of Economics and Liberty.

FURTHER READING: Kling also writes “The Case for an Executive Re-Organization,” “Economics: A Million Mutinies Now,” and “The Political Implications of Ignoring Our Own Ignorance.” AEI’s Shadow Financial Regulatory Committee reports on “Regulation of Money Market Mutual Funds and Systemic Risk.” David Shaywitz contributes “Road not Taken: The Unrecognized Harm of Excessive Regulation.” Peter J. Wallison discusses “Magical Thinking: The Latest Regulation from the Financial Stability Oversight Council.”


1. See Charles Duhigg, “At Freddie Mac, Chief Discarded Warning Signs,” New York Times, August 5, 2008.

2. See, for example, “Corzine Can't Find Missing IMF Global Money,” U.S. News and World Report, December 8, 2011.

3. See Peter J. Wallison, “Fad or Reform,” AEI Online, June 11, 2007.

Image by Rob Green / Bergman Group

Most Viewed Articles

3-D Printing: Challenges and Opportunities By Michael M. Rosen 10/19/2014
With physical copying now approaching digital copying in terms of ease, cost, and convenience, how ...
Government Sponsors Truthy Study of Twitter By Babette Boliek 10/21/2014
The debate over the National Science Foundation study of Twitter is getting off track. The sole issue ...
Why Privilege Nonprofits? By Arnold Kling 10/17/2014
People on the right view nonprofits as a civil-society bulwark against big government. People on ...
Chinese Check: Forging New Identities in Hong Kong and Taiwan By Michael Mazza 10/14/2014
In both Hong Kong and Taiwan, residents are identifying less and less as Chinese, a trend that ...
The Origins and Traditions of Columbus Day By Amy Kass and Leon Kass 10/10/2014
Columbus Day is a most unusual American holiday and has become a day 'to celebrate not only an ...