The Financial Services Authority of the UK has published an executive summary of a review carried out by its internal audit division into its supervision of Northern Rock. It has also published the recommendations of this review as well as a high level summary of the Supervisory Enhancement Programme that it has undertaken in response to the Internal Audit Report.
It is possible that the executive summary is a somewhat sanitized version of the report, but I did not find anything interesting in it. It is always possible to criticize the original supervisory process with the benefit of hindsight; the published summary does not to my mind rise above this to any clear evidence of supervisory lapses. Moreover if it is true that “the supervision of Northern Rock was at the extreme end of the spectrum within the firms reviewed in respect of these failings and that its supervision did not reflect the general practice of supervision of high-impact firms at the FSA,” then it does not make sense to embark on a major supervisory enhancement.
The decision that in future, “High-impact firms will be a key area of supervisory focus, regardless of probability of failure” is also a little puzzling to me. Impact and probability of failure should jointly guide the supervisory effort and the decision does not make sense unless it is believed that it is not possible to make a reliable assessment of the probability of failure.