Lending Club, the largest P2P lending platform in the U.S., has seen its share price drop by more than 50 percent since December 10; the price per share on the NASDAQ Stock Market dropped from $14 to less than $7 (current price per share will vary). So what is the reason for such a precipitous decline in the share price of the world’s leading P2P lender, and what does it tell us about the P2P lending industry? The table below shows the company’s financial condition in Q3 2014 (the data available at IPO), and Q3 2015. Because Lending Club reports for Q4 of the preceding year only in February of the subsequent year, only Q3 2014 data were made available to the investors at the date of IPO, so we compared Q3 2014 indices with Q3 2015 indices. As the table above shows, the company’s business volume has doubled over the past year, and its net income has become positive. This is what makes the fintech sector so attractive: Because financial transactions can be conducted completely online, lenders’ net income margin can reach and exceed 30 percent. In my view, the share price fall has many causes that exist far from the company’s performance indices. Let’s explore the most important of these causes. The discovery that Ezubao, one of the largest P2P platforms in China, was in fact a classic Ponzi scheme, with approximately 95 percent of loan applications on the platform being false, has had a significant impact. The actions of the Ezubao management who have been arrested did material damage not only to the platform’s investors (according to the Chinese and American media reports, investors’ losses reached $7.6 billion), but also to the sector in general: In response to the news that Ezubao was a financial pyramid, Lending Club share prices fell 8 percent. Yirendai, a subsidiary of CreditEase and the first public P2P platform in China, suffered a 29 percent fall in share price because of the news. However, for companies like Lending Club, Prosper or Funding Circle, the risk of fraud is much lower thanks to a much more sophisticated regulatory environment. Where the SEC and FCA are closely monitoring the activities of P2P lenders, this was not true in Ezubao’s case. Furthermore, in the U.S., the maximum granted loan amount is $35,000 (compared to unlimited on the Ezubao platform), and the likes of Lending Club must maintain up-to-date data on the returns of loans granted through the platform. It is possible that when Santander recently announced it was selling around a billion loans purchased through Lending Club, it had a knock-on effect on share price. In reality, the situation in Santander has little to do with the P2P market: The bank had a very large consumer lending portfolio, and the bank incurred substantial losses from them, but these losses were not associated with the loans purchased through Lending Club. When news broke that JP Morgan had purchased Lending Club loans from Santander, and the transaction was carried out with a premium to par value of the loans, it confirmed that Santander lost no money from Lending Club loans. It appears that Lending Club loans are OK, but the bad taste still lingers, and Lending Club shares were impaired, despite the fact that nothing bad has happened. Quite the contrary: Lending Club’s credit quality turned out to be better than expected when issuing loans, because the loans issued at par were paid above par. Companies’ share price slump often attracts legal companies in the hope of making money from “investor rights protection.” Once Lending Club’s share price fell significantly below the IPO price, several legal companies immediately declared an investigation on the accuracy of Lending Club’s communications with its investors. A request from the California Department of Business Oversight regarding a number of platforms, such as Lending Club, Prosper, SoFi, CircleBack Lending, Affirm, Avant, OnDeck Capital, CAN Capital, Kabbage, Funding Circle, Bond Street, PayPal, Square and Fundbox, also serves for these legal companies as an indirect invitation to start an investigation. The reason for the request has not been disclosed, and no action has been taken by the regulator. In my opinion, such investigations against Lending Club (when even the subject of an investigation is not clear), will carry no long-term threat to the company business, and, in the end, lead nowhere (except for, perhaps, a boost to lawyers’ income). Nevertheless, the news, again, had a significant negative impact on Lending Club share price. In a recent two-month span, Lending Club raised its loan rates twice: Once caused by a rise in the U.S. Federal Reserve System rate, and once more in order to assess loan risks more precisely. The total raise for December and January made up 0.57 percent on the average among the loan grades (see more detailed in the table below). Analysis of the rise, by Lending Club advisors (largely misunderstood because there was no proper legend to the graph they provided), said defaults on a segment of Lending Club loans had actually accounted for 8 percent and not 4 percent, as expected. The fact that the purpose of the graph was to show that some of the loans have higher defaults compared to others, while in general Lending Club loans perform on track, was not properly addressed. That caused another 7 percent drop in Lending Club share price, although there is nothing to be afraid of as the loans actually perform as they should. Lending Club issued a clarification about that, but the bad taste lingered. During the last couple of months we’ve seen more and more posts that risks to the economy are growing and the P2P sector will be mostly affected. Even the former chairman of FSA, Adair Turner, warned in an interview about the risks of P2P lending during periods of economic instability. Though listening to ex bosses of FSA might be useful in some occasions, I prefer sticking to facts. Risk profile of P2P loans originated by Lending Club and Prosper are very much similar to risk profile of credit card loans. And as experience tells us (rather than assumptions), investing in P2P loans is profitable even in a recession. Overall, most fears about the company and the P2P sector are actually farfetched, and in the course of time, and with growing understanding of the sector by an increasing number of investors, these fears will be allayed. In my opinion, we can expect another year of considerable growth of business volumes and capitalization for such companies as Lending Club, Prosper and other P2P platforms. However, recent events have just led to a perfect storm, impacting the share price of one of the P2P sector’s leading stars.
News Article | April 17, 2016
LEED User Groups are USGBC-hosted peer networks that are spearheading greater adoption of the LEED rating system within the industrial facilities, retail and restaurant, hospitality and venues and commercial real estate industries. LEED User Group Insights shares challenges, opportunities and best practices for the design, construction and operation of green buildings in these key sectors. LEED User Group: Industrial Facilities (LUGIF) was the first of four User Groups developed to foster collaboration among USGBC members. Eight of the current members have been with LUGIF since it launched in 2012, and although these companies help maintain the group’s focus and momentum, they’re consistently looking for new collaborators to add variety and depth to the conversation—so you can imagine the excitement when LUGIF onboarded six fantastic new members this quarter. Welcome, Diageo, EMSI, FCA (Fiat-Chrysler), Mars, Liberty Property Trust and Toyota Motor Sales! These new members represent valuable variety by bringing fresh perspectives from the automotive and food/beverage manufacturing sectors and commercial real estate asset management, as well as an increased international focus. Even though these members present variety, it quickly became clear that they also share the common values and priorities for collaboration of all LUGIF members. LUGIF is a perfect example of the value of collaboration—when members participate and contribute readily, everyone benefits from the collective ideas, action and partnerships; they really get more out of it than they put in. Here are some of the tenets of collaboration that all LEED User Group members commit to:
News Article | February 3, 2016
Fiat Chrysler Automobiles (FCA) aims to ensure that its latest generation of diesel vehicles are as eco-friendly as they can be, after the company wrapped up an internal review of its cars. In the aftermath of the Volkswagen AG scandal, the Italian-American carmaker states that it will make calibrations and fine tunings to its cars. The company pointed out that its initiative is a "voluntary measure not mandated or requested by any regulatory authorities." In other words, FCA will improve its products out of the goodness of its heart. In the press release, FCA underlines [pdf] that all its cars are in line with current emission regulations and that starting with Apr. 2016, it will implement new pollution settings. More specifically, FCA vehicles will get an upgraded filtering technology dubbed selective catalytic reduction. One of the motivations for the improvements is that the company wants its cars to withstand new European testing procedures. Also, FAC wants to test its cars in conditions that are closer to the real driving environment. On Wednesday, the European Parliament is called to rule on a compromise plan for the new rules. The backlash that followed Volkswagen's emissions scandal in September last year caused legislators in Europe to be on their toes. The Wednesday vote concerns the regulation of real-world emissions of nitrogen oxides that exceed permissible discharges. The current proposal is that emission be allowed to top permissible discharges by 110 percent between September 2017 and January 2020, and by 50 percent more, after 2020. In spite of being backed by the European Automobile Manufacturers' Association, by EU's industrial-policy chief and by EU governments, the environment committee of the assembly considers that the proposal should be vetoed. FCA supports the new regulations, noting that the rules provide "clarity for customers and the industry." Late last year, the Insurance Institute for Highway Safety handed out its annual Top Safety Pick and Top Safety Pick+ awards, featuring more than 61 car models. Even if the majority of the awards went to Japanese and German automakers, there was one notable exception. Fiat Chrysler is the only U.S. car manufacturer that got commended by the road safety organization.
The National Highway Traffic Safety Administration said in documents posted online Saturday that it's ending a five-month investigation into the vulnerabilities of automotive radios. The agency also said last summer's recall of 1.4 million Jeep, Chrysler, Dodge and Ram vehicles closed the opening that allowed hackers to remotely take over a Jeep Cherokee. The hack by security experts Charlie Miller and Chris Valasek touched off the investigation in July and raised fears that millions of cars and trucks could be vulnerable. They were able to change the Cherokee's speed and control the brakes, radio, windshield wipers and transmission through the Uconnect infotainment system. The hackers informed Fiat Chrysler of their findings and detailed them at a cyber conference, triggering the investigation. But the fear of widespread vulnerability to hackers appears to be unfounded. NHTSA investigators said in documents that similar radios made by Harman International went to Volkswagen, Audi and Bentley, but that those vehicles have safety systems that would stop hackers. "Based on a thorough review of technical information supplied during the course of this investigation, there does not appear to be a reason to suspect that the infotainment head units Harman supplied to other vehicle manufacturers contain the vulnerabilities identified by FCA," NHTSA said in the documents. In addition, the agency said Sprint, Fiat Chrysler's wireless provider, blocked access to a radio communications port that was unintentionally left open. The FCA recall also included software changes that thwarted hackers, the agency said. "Third party security evaluation and regression testing identified vulnerabilities that were either remedied by Sprint or through updates to the FCA Uconnect software," the agency said. NHTSA also checked 30 consumer complaints to the company and the agency but could not confirm that hackers caused any of the reported problems. Explore further: Fiat Chrysler says it has a software fix to prevent hacking
News Article | January 8, 2016
Even though a quarter of the encrypted web is about to be broken, over half of login pages for UK online banking sites are insecure. That's according to a survey of banks, building societies, and foreign banks operating in the UK carried out by Mike Kemp, co-founder of security company Xiphos Research. “In this day and age, financial organizations shouldn't actually be operating, utilizing, certificate instances with known cryptographic flaws,” Kemp told Motherboard in a phone interview. In all, Kemp examined the state of the login pages for 84 sites. Out of 22 UK-owned banks, 50 percent had insecure pages. When it came to foreign banks operating in the UK, 79 percent had pages suffering from vulnerabilities. And of 37 UK building societies, 51 percent had insecure logins. Kent conducted the research in a pretty basic way: by just pasting the respective URLs into SSLLabs, a widely-used online tool which returns an overview of the sites support for protocols, its certificate, encryption strength, and many other variables. Anything that didn't hit an "A" grade, was deemed insecure, Kemp said. And it turns out many of the sites were subject to a wide range of problems. Eight suffered from POODLE, a vulnerability allowing an attacker to access data in an encrypted web session. Four were vulnerable to susceptible to the CRIME attack, which a hacker can deploy to hijack user sessions, and steal data. Kemp also found 26 sites where Transport Layer Security (TLS) 1.2, a more up to date method for securing traffic, was unsupported, and 35 supported the Rivest Cipher 4 (RC4), a stream cipher which, when combined with older protocols, can be used to downgrade the encryption of traffic. But perhaps most worryingly of all, 36 of the sites used SHA-1, a hashing function used for securing data that researchers have repeatedly warned is susceptible to attack. Google, following the lead of Microsoft and Mozilla, will soon block SHA-1 connections from its browser, ultimately deprecating the standard by July 2016. As browser vendors quicken their SHA-1 exit, “banks should be responding in kind,” Kemp said. For an attacker to make use of some of these attacks, they generally have to be on the same network as the target, in, say, an internet cafe. “If you're on the same network segment as somebody who is using one of these resources, then you can potentially intercept and manipulate data in some instances,” Kemp said, who added “We're not talking trivial tasks that can be accomplished by a 14 year old.” Kemp reported his findings to the Financial Conduct Authority (FCA), an independent body that reports to the Treasury, and which, amongst other things, ensures that “the financial industry is run with integrity.” The FCA wouldn't provide Kemp with any contacts at affected banks to pass the information onto. So Kemp sent the data to the National Crime Agency (NCA), in the hope of getting the information to those who should see it. An FCA spokesperson told Motherboard in an email “I'm afraid this isn’t something we can comment on.” An NCA spokesperson, meanwhile, wrote "We do not routinely confirm or deny specific communication with other organisations. We work closely with a range of partners, including those in the banking sector, sharing relevant information, guidance and assistance to help mitigate the threat posed by cyber crime." Regardless, banks really should be bringing the security of their login pages up to scratch. In other studies, researchers have found that mobile apps used for accessing online banking can also be insecure. “This is an industry sector that allegedly prides itself on its security posture,” Kemp added. Maybe that posture is pretty disingenuous, all things considered.