- What I’m about to describe is necessarily speculative, but it is rooted in the experience of the
The prices of AAA-rated CLO layers tumbled in March, before the Federal Reserve announced that its additional $2.3 trillion of lending would include loans to CLOs. (The program is controversial: Is the Fed really willing to prop up CLOs when so many previously healthy small businesses are struggling to pay their debts? As of mid-May, no such loans had been made.) Far from scaring off the big banks, the tumble inspired several of them to buy low: Citigroup acquired $2 billion of AAA CLOs during the dip, which it flipped for a $100 million profit when prices bounced back. Other banks, including Bank of America, reportedly bought lower layers of CLOs in May for about 20 cents on the dollar.
So while the banks restrict their CLO investments mostly to AAA‑rated layers, what they really own is exposure to tens of billions of dollars of high-risk debt. In those highly rated CLOs, you won’t find a single loan rated AAA, AA, or even A.
We are not in the midst of a conventional downturn. The two companies with the largest amount of outstanding debt on Fitch’s April list were Envision Healthcare, a medical-staffing company that, among other things, helps hospitals administer emergency-room care, and Intelsat, which provides satellite broadband access. Also added to the list was Hoffmaster, which makes products used by restaurants to package food for takeout. Companies you might have expected to weather the present economic storm are among those suffering most acutely as consumers not only tighten their belts, but also redefine what they consider necessary.
There is plenty of evidence that government is aware and interested — in recent years there has been a steady stream of proposed legislation in Congress, recommended standards and best practices from federal agencies and lengthy whitepapers from presidential commissions about IoT security.Lanier notes that there are a “myriad” of private-sector initiatives focused on both consumer and industrial IoT security, “including the Cyber Independent Testing Laboratory, UL Consumer Technology, Consumer Reports, the ioXt Alliance, the IoT Security Foundation, the Cloud Security Alliance IoT Working Group, and so on.”Under current conditions, the outlook for leveraged loans in a range of industries is truly grim. Companies such as AMC (nearly $2 billion of debt spread across 224 CLOs) and Party City ($719 million of debt in 183 CLOs) were in dire straits before social distancing. Now moviegoing and party-throwing are paused indefinitely — and may never come back to their pre-pandemic levels.
Banks do not publicly report which CLOs they hold, so we can’t know precisely which leveraged loans a given institution might be exposed to. But all you have to do is look at a list of leveraged borrowers to see the potential for trouble. Among the dozens of companies Fitch added to its list of “loans of concern” in April were AMC Entertainment, Bob’s Discount Furniture, California Pizza Kitchen, the Container Store, Lands’ End, Men’s Wearhouse, and Party City. These are all companies hard hit by the sort of belt-tightening that accompanies a conventional downturn.
Meanwhile, loan defaults are already happening. There were more in April than ever before. Several experts told me they expect more record-breaking months this summer. It will only get worse from there.
Which is why a number of experts have lobbied for government to mandate better IoT security, somewhat along the lines of mandating core safety features in cars, or the EU’s General Data Protection Regulation (GDPR) to protect online privacy.
Even before the pandemic struck, the credit-rating agencies may have been underestimating how vulnerable unrelated industries could be to the same economic forces. A 2017 article by John Griffin, of the University of Texas, and Jordan Nickerson, of Boston College, demonstrated that the default-correlation assumptions used to create a group of 136 CLOs should have been three to four times higher than they were, and the miscalculations resulted in much higher ratings than were warranted. “I’ve been concerned about AAA CLOs failing in the next crisis for several years,” Griffin told me in May. “This crisis is more horrifying than I anticipated.”
For the moment, the financial system seems relatively stable. Banks can still pay their debts and pass their regulatory capital tests. But recall that the previous crash took more than a year to unfold. The present is analogous not to the fall of 2008, when the U.S. was in full-blown crisis, but to the summer of 2007, when some securities were going underwater but no one yet knew what the upshot would be.
Lanier agrees. “It can be difficult to really convey to most ‘non-techie’ people the importance of the security of the entire product — the device, any apps, networking, supporting/backend services, and so on,” he said.
And even if vendors do provide security options, they are likely to be intimidating to the average user. Jennifer Janesko, senior consultant at Synopsys, said earlier this year about a list of security measures recommended by the FBI that, “the majority are not going to be actionable by the typical end user.”
How can the credit-rating agencies get away with this? The answer is “default correlation,” a measure of the likelihood of loans defaulting at the same time. The main reason CLOs have been so safe is the same reason CDOs seemed safe before 2008. Back then, the underlying loans were risky too, and everyone knew that some of them would default. But it seemed unlikely that many of them would default at the same time. The loans were spread across the entire country and among many lenders. Real-estate markets were thought to be local, not national, and the factors that typically lead people to default on their home loans — job loss, divorce, poor health — don’t all move in the same direction at the same time. Then housing prices fell 30 percent across the board and defaults skyrocketed.
For CLOs, the rating agencies determine the grades of the various layers by assessing both the risks of the leveraged loans and their default correlation. Even during a recession, different sectors of the economy, such as entertainment, health care, and retail, don’t necessarily move in lockstep. In theory, CLOs are constructed in such a way as to minimize the chances that all of the loans will be affected by a single event or chain of events. The rating agencies award high ratings to those layers that seem sufficiently diversified across industry and geography.
Why can’t government mandate certain core security features in IoT devices? So far there is no clear answer to that, and there is a divide among experts about whether that would be a good thing. Trowell, for one, is skeptical. “I’m not a fan of government standards,” he said. “They mean well but they can only check for stuff that has been done before and rarely keep up with the times. And there is a lot of infighting in creating those standards.”
- Date of publication:
- Sat, 11/21/2020 - 07:52
Click on the link - it will be copied to clipboard