Managing the Brexit Virus will be the next challenge..Lessons from IS practice

The BrExit referendum has exposed the complacency of international financial managers including India where we never had any serious discussion running into the BrExit poll on how it could affect the Indian corporate sector. Some of the Business Channels like CNBC TV discussed the likely impact of BrExit in the same tone as the Federal Rate hikes or RBI policy meetings and did not foresee the possibility of the poll going in favour of the Exit and the serious consequences that could follow.

Even yesterday the channels were taking a position that the result will be in favour of “Remain” and they were easily misled by the opinion polls and betting odds. What we saw today was therefore a disaster which was on the horizon but we could not foresee.

Most of the mutual funds who hold the money of the public must have absorbed the loss arising out of the 1000 point drop in the Sensex today in the early morning bloodbath. This could have a huge adverse impact on ordinary investors who trusted the expertise of the fund managers. It would be interesting if some body researches on the impact of BrExit on the mutual funds and how different fund managers managed the crisis.

In the later part of the day,  markets recovered slightly but there is no guarantee that on Monday the recovery will continue or we will see another drop.

One of the developments that may create a further drop on Monday could be the effect of the BrExit virus spreading to other countries in the EU and Germany, France, Austria, Denmark and other members calling for their own referendum to quit EU. Additionally, the possibility of Scotland trying to go out of Britain is another development that could  cause more concern.

From the look of it, the 4% difference in voting in favour of “leave” when 30% of voters did not vote, can cause a USSR kind of break up of the EU and cause multiple fissures of the Union in the next couple of years.

While we may not like such a fissure that appears illogical from the perspective of “Strength in Unity”, the possibility appears very high.

Just as we failed to analyze the probability of “Leave” voting in BrExit, we cannot afford to overlook the probability of EU breaking up into its several erstwhile independent countries. This is a “Risk” that needs to be identified, analyzed and mitigated.

Just as in Information Security management, where we often fail to identify “Risks”, and fall prey to a “Known Risk”, there is a possibility that we may underestimate or ignore the risk of EU break up and this could create another crisis on another day.

The BrExit was like a “Zero Day” risk which we failed to recognize but we cannot afford to do the same next time when Denmark or another country goes on a referendum.

I therefore urge RBI and SEBI to start planning for “EU Break up” and develop strategies to contain the risks.

Before the BrExit, I would have liked an “Advisory” from RBI that in the event of a BrExit “leave” vote, the British Pound would drop 8-10%, and any open position should be avoided. Similarly,  if SEBI could have announced closure of stock exchange today, probably the risk could have been contained.

However, neither RBI nor  SEBI anticipated the possibility and hence did not take any corrective action. Next time when such events occur, RBI and SEBI should be more pro-active and just as meteorology department broadcasts advisories for fishermen in times of expected weather disturbances, they should provide advisories on known events that could cause extreme volatility of the markets.

I must however appreciate some individual investment advisors who kept reminding that “There is No Trade on such uncertainties” though it might not have been taken note of by many.

Now we are at the fag end of June. The listed companies will be coming up with their quarterly results in the next fortnight and if any company has taken a hit on the foreign exchange front because of an uncovered open exchange position today, their quarterly results will be adversely affected.

Before this comes up as a surprise one by one next month, SEBI should make an assessment of the impact of uncovered Foreign Exchange exposure of all companies (mostly the IT companies with high exposure to the EU currencies) by calling for a report from all the listed companies. This is a strategy like the “Incident Report” that a CERT-In would ask after a zero day malware is detected.

Once any risk is detected, SEBI can ensure that the losses if any are allowed as an extraordinary loss which can be written off over the next three or four quarters instead of the first quarter itself.    This will be like the relief that was given to Banks in the NPA write off and would provide relief to the IT sector in particular.

At the same time, just as  anti Virus companies come up with special virus removal tools, RBI should come up with some special measures to even out the foreign exchange impact of the BrExit in the current quarter balance sheets of listed companies by providing hedging options in the form of specially structured “exchange cover instruments” to spread out the impact.

Hope RBI and SEBI will take the necessary action as otherwise  we must be prepared for another round of down trend in the market from the current levels not only through the next week which happens to the expiry week but also the first fortnight of July.

I presume that these are some lessons from the Information Security practice that Financial regulators can benefit from.

Naavi

About Vijayashankar Na

Naavi is a veteran Cyber Law specialist in India and is presently working from Bangalore as an Information Assurance Consultant. Pioneered concepts such as ITA 2008 compliance, Naavi is also the founder of Cyber Law College, a virtual Cyber Law Education institution. He now has been focusing on the projects such as Secure Digital India and Cyber Insurance
This entry was posted in Cyber Law. Bookmark the permalink.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.