Mall Shooting Highlights Folly of Single Asset CMBS Ratings

On Black Friday, the Destiny USA Shopping Mall in Syracuse, New York was evacuated after a shooting in the food court. The following day, a knife fight broke out in the mall’s entertainment complex, adding to shoppers’ apprehension about visiting. This apprehension should be shared by holders of Commercial Mortgage Backed Securities (CMBS) collateralized solely by Destiny USA loans, including owners of $215 million in AAA-rated senior notes. While one short-lived catastrophic event will not lead directly to bond defaults, the outbreaks of violence at an already troubled mega-mall cast a harsh light on rating agency decisions to assign their highest grades to structured notes wholly lacking the protection afforded by diversification.

As Marc reported previously, rating agencies have repeatedly assigned top ratings to CMBS secured by mortgages on only a single shopping mall. These shopping mall deals are a subcategory of so-called Single Asset / Single Borrower (SASB) CMBS. Buyers of AAA-rated SASB securities are protected from adverse performance only by overcollateralization – the fact that subordinated bonds will take the first hit when underlying loans fail to pay interest and principal in full and on time.

In the case of the Destiny Mall deal, JPCMM 2014-DSTY, the S&P and KBRA AAA-rated tranche accounts for half of the $430 million deal (excluding interest only securities). A credit event that forces a write-down of the underlying mortgages by more than 50% will trigger losses on the AAA notes.

While unlikely, such an event is hardly unimaginable, especially given the large number of dead malls dotting the American landscape. Isolated shooting and stabbing incidents – even at the height of the shopping season – probably won’t deliver a large blow to Destiny USA, but if the mall gains a reputation for danger, shoppers will inevitably begin to avoid it. In a weak environment for brick and mortar retail, reduced foot traffic could trigger store closures, leading to a downward spiral of fewer retailers and fewer shoppers.

Without diversification, the senior CMBS notes are vulnerable to default under these circumstances. Facing such a highly plausible default scenario, the senior notes do not justify a rating of AAA – an ultra-safe category for which default should be virtually unimaginable. S&P, for example, claims it expects AAA bonds to have a default probability of 0.15% over any 5-year period.

Why would any rating agency believe a single property, even with multiple businesses on this single property, should have such certainty that a loss of greater than 50% of asset value is virtually impossible? KBRA, for example, acknowledges the low diversity of SASB CMBS but asserts implicitly that its stress assumptions for net cash flow and capitalization rate are sufficient nonetheless.  Yet the stresses at the AAA level apparently do not permit the model to reach 50% loss. Et voila, it’s possible to reach the AAA rating with 50% or lower LTV.

While S&P and KBRA maintain AAA ratings on Destiny USA mall bonds, two other rating agencies take a more critical view of the facility. Both Moody’s and Fitch rate municipal bonds supported by mall revenues. In June, Moody’s downgraded these securities to Ba2 – a speculative rating – citing Destiny’s challenging operating environment. Fitch also downgraded the bonds to BBB concluding that “a recent trend of weaker performance … is likely to reduce the mall's value.”

The top ratings from S&P and KBRA are even harder to comprehend since the CMBS are subordinated to the municipal bonds to which Moody’s and Fitch assign the much lower ratings of Ba2 and BBB, respectively. These municipals are secured by “Payments In Lieu of Taxes” (PILOT) from the mall. According to the Official Statement for these PILOT bonds: “The 2014 CMBS Mortgage securing the 2014 CMBS Loan is subordinate to the PILOT Mortgages securing the PILOT Bonds (Page 4).”

AAA ratings for CMBS bonds that are subordinate to Ba2/BBB municipal securities are very hard to fathom. The distinction of CMBS versus municipal bonds is irrelevant since Dodd Frank’s Universal Rating Symbols mandate requires that rating agencies maintain equivalent meaning of rating symbols across different asset classes. 

A dozen years after the financial crisis, rating agencies remain a weak link in the financial system. We don’t know when the next financial storm will occur or what it might look like, but overrated commercial mortgages are clearly a vulnerability. Before the clouds start gathering, rating agencies should take a harder, more skeptical look at deals collateralized by shopping malls and those collateralized by pools lacking in diversity.

--------------------------------------------

This piece was written by Marc Joffe and Joe Pimbley, who both consult for PF2.  Marc Joffe is a Senior Policy Analyst at the Reason Foundation. Joe Pimbley is the Editor of the Journal of Derivatives.

Lawsuits "Without Merit"

Theranos

Hero-turned-villain Elizabeth Holmes is once again the talk of the town, with HBO's documentary Out for Blood in Silicon Valley bringing her into our living rooms.  (A feature film, Bad Blood, will be coming soon, starring Jennifer Lawrence.)

Back in 2015, Forbes listed Holmes as one of America's Richest Self-Made Women, with a net worth of $4.5 billion.  Now, Holmes' net worth is closer to zero, and she awaits her day in court -- facing fraud charges -- while Theranos, the $9 or $10 billion company she "built" is now defunct.  (Dollar numbers based on valuations/private fundraisings at its peak.)

1MDB

Meanwhile on the other side of the world former Malaysian Prime Minister Najib's trial has begun.  

Most of the charges laid against him concern the siphoning of monies (billions!) from the state development fund, 1MDB.  Some of those monies are alleged to have found their way back to Najib and his wife.  Much of the rest seems to have been spent, and often wasted, by the energetic and now notorious Jho Low, who bought yachts and houses, bottles of Cristal, jewelry (for models), threw parties and otherwise lived the life of the rich and famous alongside his good friends Jamie Foxx, Leo Di Caprio, Paris Hilton, Pharrell Williams and other celebs.

But some of the 1MDB monies also found their way to Goldman Sachs and its prized individuals. (Goldman would confer honors on those individuals.)  Goldman Sachs partner Tim Leissner has since pleaded guilty to bribery and money laundering.  While Goldman made (an outrageous) ~$600 million out of the 1MDB issuances, Leissner pocketed some $40 million + just for himself.  Good work if you can get it.

Cases Without Merit

Bringing this all together, what's interesting about Elizabeth Holmes and Goldman Sachs is that the allegations made against them are "without merit" -- they assure us.

In May 2016, when Theranos was hit with class action lawsuits, Theranos was quick to explain to the press that: "The lawsuit filed today against Theranos is without merit," she wrote in an email. "The company will vigorously defend itself against these claims."

When Partner Fund Management LP, a hedge fund based in San Francisco, sued Theranos in October 2016 for a "series of lies" and material misstatements, Theranos told the Wall Street Journal that this lawsuit “is without merit and Theranos will fight it vigorously. The company is very appreciative of its strong investor base that understands and continues to support the company’s mission.”

Walgreens also sued.  You can predict this one: Walgreen's lawsuit, too, was "without merit."

Back in 2015, when suspicion was cast on the extraordinary fees being paid to Goldman, and the nature of their conduct warranting these fees, a Goldman Sachs spokesperson was quick to justify them, explaining: "These transactions were individually tailored financing solutions, the fee and commissions for which reflected the underwriting risks assumed by Goldman Sachs on each series of bonds, as well as other prevailing conditions at the time, including spreads of credit benchmarks, hedging costs, and general market conditions."

When the Malaysian authorities filed criminal charges against Goldman, in December 2018, Goldman was quick to dismiss them, reassuring its shareholders. “We believe these charges are misdirected and we will vigorously defend them and look forward to the opportunity to present our case. The firm continues to cooperate with all authorities investigating these matters," the bank said in a statement.

Other Lawsuits Without Merit

Some cases, of course, have no merit.  Others have merit. 

But the question we ask is what confidence shareholders can draw from prepared, public statements made by companies that the lawsuits against them have no merit?  If companies roll out a standard defense, reassuring shareholders that no major liability lies before them, can shareholders be assured that this is a truthful statement, as opposed to simply a negotiating technique?

Holmes and Goldman might well successfully defend the actions against them.  Who knows - stranger things have happened.  (The Theranos and 1MDB sagas, themselves, are pretty out-there as occurrences go!)

But whether they win or not, Theranos is done and dusted: it has been shut down.  Goldman, meanwhile, has suffered significant fallout in its Malaysian operations: Goldman is struggling to get any share deals done, and has reportedly dropped to 18th in the local M&A deal rankings. And Mubadala, the Abu Dhabi state investment fund, has reportedly ceased doing any new business with Goldman. 

We pulled together an enlightening list of some (handsome) settlements entered into by financial institutions in the near aftermath of dismissing cases against them as being meritless -- and having promised to vigorously defend them -- only to settle for large amounts, sometimes soon thereafter. (emphasis added)

Lloyd v. Google

If it were simply a play, Shakespeare might have called it "Privacy, or What You Will."

On Friday, the Wall Street Journal broke just the latest story, its lens aimed on Facebook, concerning the all-too-fluid movement of smartphone users' information from (other) apps to Facebook.

"It is already known that many smartphone apps send information to Facebook about when users open them, and sometimes what they do inside. Previously unreported is how at least 11 popular apps, totaling tens of millions of downloads, have also been sharing sensitive data entered by users. The findings alarmed some privacy experts who reviewed the Journal’s testing."

According to the WSJ's tests, heart-rate monitoring apps were sharing users' hearts rates with Facebook.  And period-and-ovulation tracking apps "told Facebook when a user was having her period..."  (As you might have guessed, much or all of this intra-app sharing reportedly occurred without the user's consent - the apps share the information with Facebook, but do not share the with their users that they will share their information with Facebook.  And so, consumers come to realize that they are the product, not the customer.)

Why would Facebook care to know?  One answer is that if Facebook understands its users better, it can send them more targeted advertising.  If you're known to be pregnant, you're perhaps more likely to click on diaper or baby-crib adverts.  (This is, ostensibly, a benefit to Facebook's users, who enjoy receiving advertisements more likely to be of interest to them.  Ostensibly!)

Lloyd v. Google

The "key" to your online data - unsecured

Over the last few months, we have been researching an interesting lawsuit (and ruling) out of London.  The lens in that case was focused on Google, but many of the issues were similar.

In the Google matter, Google was alleged to have found a way around Apple's safety guards, imposing its own third-party cookies on Apple users' iPhone devices - so that Google could track iPhone user's web activities.

When looking into online privacy-related actions in the UK, at least 3 interesting similar examples came to light, in each case with the U.K. Information Commissioner’s Office (the ICO) leading the charge in fining entities:

1. ICO fined the Leave.EU campaign for “serious breaches of electronic marketing laws” during the 2016 Brexit referendum. The ICO found a significant relationship (e.g., overlapping directors) to exist between Leave.EU and an insurance company Eldon Insurance Services Ltd (“Eldon”). Commissioner Denham noted that it “is deeply concerning that sensitive personal data gathered for political purposes was later used for insurance purposes and vice versa. It should never have happened.” Eldon would, for example, pitch Leave.EU campaign supporters by way of email newsletters offering “10% off” for Leave.EU supporters. Leave.EU did little, if anything, to protect the acquired data when sharing it with Eldon (which trades as GoSkippy Insurance). “It was confirmed that there is no formal contract in place between Leave.EU and GoSkippy to provide direct marketing, and that the inclusion was an informal arrangement.


2. ICO found that Emma’s Diary (a website that provides pregnancy and related advice to mothers and mothers-to-be) illegally collected and sold personal information on over one million people to Experian Marketing Services, a branch of the consumer credit rating agency, “specifically for use by the Labour Party.” 


3. ICO fined Facebook £500,000 for serious violations of data protection law – the maximum fine allowable under the applicable laws at the time the incidents occurred. The ICO determined that “between 2007 and 2014, Facebook processed the personal information of users unfairly by allowing application developers access to their information without sufficiently clear and informed consent ....” According to Commissioner Denham, “Facebook failed to sufficiently protect the privacy of its users before, during and after the unlawful processing of this data.” The personal information of over one million users was harvested and consequently “put at risk of further misuse.” 

Putting the ICO fines and the Lloyd v. Google case itself together, we see at least one common theme and outcome: people’s social information (often personal/private) is clearly being mixed with their financial and political interests, whether they are aware of it or not.

We have also gone back to the late 1800s and early 1900s to quote the revered jurist Louis Brandeis.  In his famous dissent, in Olmstead, he defined the “right to be let alone” as “the most comprehensive of rights, and the right most valued by civilized men.” Olmstead v. United States, 277 U.S. 438 (1928).  

------------

Our analysis of the London High Court's ruling in Lloyd v. Google is now available to be reviewed by anyone interested.  We have sought to add a data market analysis to the commentary, so that readers can easily come to terms with how one might value personal data (and in an effort to make it an engaging read!). 

For our prior coverage of consumer data markets, click the "Consumer Data Markets" label on the right hand panel of this blog.