Basel iii Accord

The Basel iii Accord

The Basel III Accord is a comprehensive set of reform measures, developed by the Basel Committee on Banking Supervision ("Basel Committee").

The Basel Committee is the primary global standard-setter for the prudential regulation of banks, and provides a forum for cooperation on banking supervisory matters. Its mandate is to strengthen the regulation, supervision and practices of banks worldwide with the purpose of enhancing financial stability.

The Basel Committee is a Committee of the Bank for International Settlements (BIS), an international organisation which fosters international monetary and financial cooperation and serves as a bank for central banks. Established in 1930, the BIS is owned by 63 central banks, representing countries from around the world that together account for about 95% of world GDP.

The Basel Committee reports to the Group of Governors and Heads of Supervision (GHOS), and seeks the endorsement of GHOS for its major decisions and its work programme.

The Basel Committee's members come from Argentina, Australia, Belgium, Brazil, Canada, China, European Union, France, Germany, Hong Kong SAR, India, Indonesia, Italy, Japan, Korea, Luxembourg, Mexico, the Netherlands, Russia, Saudi Arabia, Singapore, South Africa, Spain, Sweden, Switzerland, Turkey, the United Kingdom, and the United States.

From 1993 to 2008 the total assets of a sample of what we call global systemically important banks saw a twelve-fold increase (increasing from $2.6 trillion to just over $30 trillion). But the capital funding these assets only increased seven-fold, (from $125 billion to $890 billion). Put differently, the average risk weight declined from 70% to below 40%.

The problem was that this reduction did not represent a genuine reduction in risk in the banking system. One of the main reasons the economic and financial crisis became so severe was that the banking sectors of many countries had built up excessive on and off-balance sheet leverage.

This was accompanied by a gradual erosion of the level and quality of the capital base. At the same time, many banks were holding insufficient liquidity buffers. The banking system therefore was not able to absorb the resulting systemic trading and credit losses nor could it cope with the reintermediation of large off-balance sheet exposures that had built up in the shadow banking system.

The crisis was further amplified by a procyclical deleveraging process and by the interconnectedness of systemic institutions through an array of complex transactions. During the most severe episode of the crisis, the market lost confidence in the solvency and liquidity of many banking institutions.

The weaknesses in the banking sector were rapidly transmitted to the rest of the financial system and the real economy, resulting in a massive contraction of liquidity and credit availability.

Ultimately the public sector had to step in with unprecedented injections of liquidity, capital support and guarantees, exposing taxpayers to large losses. The effect on banks, financial systems, and economies at the epicenter of the crisis was immediate.

However, the crisis also spread to a wider circle of countries around the globe. For these countries, the transmission channels were less direct, resulting from a severe contraction in global liquidity, cross-border credit availability and demand for exports.

Given the scope and speed with which the recent and previous crises have been transmitted around the globe as well as the unpredictable nature of future crises, it is critical that all countries raise the resilience of their banking sectors to both internal and external shocks.

The G20 Leaders at the Seoul Summit endorsed the Basel III framework and the Financial Stability Board’s (FSB) policy framework for reducing the moral hazard of systemically important financial institutions (SIFIs), including the work processes and timelines set out in the report submitted to the Summit.

SIFIs are financial institutions whose disorderly failure, because of their size, complexity, and systemic interconnectedness, would cause significant disruption to the wider financial system and economic activity.

We read in the final G20 Communique:

"We endorsed the landmark agreement reached by the Basel Committee on the new bank capital and liquidity framework, which increases the resilience of the global banking system by raising the quality, quantity and international consistency of bank capital and liquidity, constrains the build-up of leverage and maturity mismatches, and introduces capital buffers above the minimum requirements that can be drawn upon in bad times.

The framework includes an internationally harmonized leverage ratio to serve as a backstop to the risk-based capital measures. With this, we have achieved far-reaching reform of the global banking system.

The new standards will markedly reduce banks' incentive to take excessive risks, lower the likelihood and severity of future crises, and enable banks to withstand - without extraordinary government support - stresses of a magnitude associated with the recent financial crisis.

This will result in a banking system that can better support stable economic growth. We are committed to adopt and implement fully these standards within the agreed timeframe that is consistent with economic recovery and financial stability.

The new framework will be translated into our national laws and regulations, and will be implemented starting on January 1, 2013 and fully phased in by January 1, 2019."

To ensure visibility of the implementation of reforms, the Basel Committee has been regularly publishing information about members’ adoption of Basel III to keep all stakeholders and the markets informed, and to maintain peer pressure where necessary.

It is especially important that jurisdictions that are home to global systemically important banks (G-SIBs) make every effort to issue final regulations at the earliest possible opportunity. But simply issuing domestic rules is not enough to achieve what the G20 Leaders asked for: full, timely and consistent implementation of Basel III.

In response to this call, in 2012 the Committee initiated what has become known as the Regulatory Consistency Assessment Programme (RCAP). The regular progress reports are simply one part of this programme, which assesses domestic regulations’ compliance with the Basel standards, and examines the outcomes at individual banks. The RCAP process will be fundamental to ensuring confidence in regulatory ratios and promoting a level playing field for internationally-operating banks.

It is inevitable that, as the Committee begins to review aspects of the regulatory framework in far more detail than it (or anyone else) has ever done in the past, there will be aspects of implementation that do not meet the G20’s aspiration: full, timely and consistent.

The financial crisis identified that, like the standards themselves, implementation of global standards was not as robust as it should have been. This could be classed as a failure by global standard setters.

To some extent, the criticism can be justified – not enough has been done in the past to ensure global agreements have been truly implemented by national authorities. However, just as the Committee has been determined to revise the Basel framework to fix the problems that emerged from the lessons of the crisis, the RCAP should be seen as demonstrating the Committee’s determination to also find implementation problems and fix them.

December 2017 - Finalization of the Basel III post-crisis regulatory reforms

The Basel III reforms complement the initial phase of the Basel III reforms announced in 2010.

The 2017 reforms seek to restore credibility in the calculation of risk weighted assets (RWAs) and improve the comparability of banks’ capital ratios.

RWAs are an estimate of risk that determines the minimum level of regulatory capital a bank must maintain to deal with unexpected losses.

A prudent and credible calculation of RWAs is an integral element of the risk-based capital framework.

The revisions seek to restore credibility in the calculation of risk-weighted assets (RWAs) and improve the comparability of banks’ capital ratios by:

• enhancing the robustness and risk sensitivity of the standardised approaches for credit risk, credit valuation adjustment (CVA) risk and operational risk;

• constraining the use of the internal model approaches, by placing limits on certain inputs used to calculate capital requirements under the internal ratings-based (IRB) approach for credit risk and by removing the use of the internal model approaches for CVA risk and for operational risk;

• introducing a leverage ratio buffer to further limit the leverage of global systemically important banks (G-SIBs); and

• replacing the existing Basel II output floor with a more robust risk-sensitive floor based on the Committee’s revised Basel III standardised approaches.

Credit risk

Credit risk accounts for the bulk of most banks’ risk-taking activities and hence their regulatory capital requirements. The standardised approach is used by the majority of banks around the world, including in non-Basel Committee jurisdictions. The Committee’s revisions to the standardised approach for credit risk enhance the regulatory framework by:

• improving its granularity and risk sensitivity. For example, the Basel II standardised approach assigns a flat risk weight to all residential mortgages. In the revised standardised approach mortgage risk weights depend on the loan-to-value (LTV) ratio of the mortgage;

• reducing mechanistic reliance on credit ratings, by requiring banks to conduct sufficient due diligence, and by developing a sufficiently granular non-ratings-based approach for jurisdictions that cannot or do not wish to rely on external credit ratings; and

• as a result, providing the foundation for a revised output floor to internally modelled capital requirements (to replace the existing Basel I floor) and related disclosure to enhance comparability across banks and restore a level playing field.

In summary, the key revisions are as follows:

• A more granular approach has been developed for unrated exposures to banks and corporates, and for rated exposures in jurisdictions where the use of credit ratings is permitted.

• For exposures to banks, some of the risk weights for rated exposures have been recalibrated. In addition, the risk-weighted treatment for unrated exposures is more granular than the existing flat risk weight. A standalone treatment for covered bonds has also been introduced.

• For exposures to corporates, a more granular look-up table has been developed. A specific risk weight applies to exposures to small and medium-sized enterprises (SMEs). In addition, the revised standardised approach includes a standalone treatment for exposures to project finance, object finance and commodities finance.

• For residential real estate exposures, more risk-sensitive approaches have been developed, whereby risk weights vary based on the LTV ratio of the mortgage (instead of the existing single risk weight) and in ways that better reflect differences in market structures.

• For retail exposures, a more granular treatment applies, which distinguishes between different types of retail exposures. For example, the regulatory retail portfolio distinguishes between revolving facilities (where credit is typically drawn upon) and transactors (where the facility is used to facilitate transactions rather than a source of credit).

• For commercial real estate exposures, approaches have been developed that are more risk sensitive than the flat risk weight which generally applies.

• For subordinated debt and equity exposures, a more granular risk weight treatment applies (relative to the current flat risk weight).

• For off-balance sheet items, the credit conversion factors (CCFs), which are used to determine the amount of an exposure to be risk-weighted, have been made more risk-sensitive, including the introduction of positive CCFs for unconditionally cancellable commitments (UCCs).

The CVA framework

The initial phase of Basel III reforms introduced a capital charge for potential mark-to-market losses of derivative instruments as a result of the deterioration in the creditworthiness of a counterparty.

This risk – known as CVA risk – was a major source of losses for banks during the global financial crisis, exceeding losses arising from outright defaults in some instances. The Committee has agreed to revise the CVA framework to:

• enhance its risk sensitivity: the current CVA framework does not cover an important driver of CVA risk, namely the exposure component of CVA. This component is directly related to the price of the transactions that are within the scope of application of the CVA risk capital charge.

As these prices are sensitive to variability in underlying market risk factors, the CVA also materially depends on those factors. The revised CVA framework takes into account the exposure component of CVA risk along with its associated hedges;

• strengthen its robustness: CVA is a complex risk, and is often more complex than the majority of the positions in banks’ trading books. Accordingly, the Committee is of the view that such a risk cannot be modelled by banks in a robust and prudent manner.

The revised framework removes the use of an internally modelled approach, and consists of:

(i) a standardised approach; and

(ii) a basic approach. In addition, a bank with an aggregate notional amount of non-centrally cleared derivatives less than or equal to €100 billion may calculate their CVA capital charge as a simple multiplier of its counterparty credit risk charge.

• improve its consistency: CVA risk is a form of market risk as it is realised through a change in the mark-to-market value of a bank’s exposures to its derivative counterparties.

As such, the standardised and basic approaches of the revised CVA framework have been designed and calibrated to be consistent with the approaches used in the revised market risk framework. In particular, the standardised CVA approach, like the market risk approaches, is based on fair value sensitivities to market risk factors and the basic approach is benchmarked to the standardised approach.

Operational risk

The financial crisis highlighted two main shortcomings with the existing operational risk framework.

First, capital requirements for operational risk proved insufficient to cover operational risk losses incurred by some banks.

Second, the nature of these losses – covering events such as misconduct, and inadequate systems and controls – highlighted the difficulty associated with using internal models to estimate capital requirements for operational risk.

The Committee has streamlined the operational risk framework. The advanced measurement approaches (AMA) for calculating operational risk capital requirements (which are based on banks’ internal models) and the existing three standardised approaches are replaced with a single risk-sensitive standardised approach to be used by all banks.

The new standardised approach for operational risk determines a bank’s operational risk capital requirements based on two components:

(i) a measure of a bank’s income; and

(ii) a measure of a bank’s historical losses.

Conceptually, it assumes:

(i) that operational risk increases at an increasing rate with a bank’s income; and

(ii) banks which have experienced greater operational risk losses historically are assumed to be more likely to experience operational risk losses in the future.

The leverage ratio complements the risk-weighted capital requirements by providing a safeguard against unsustainable levels of leverage and by mitigating gaming and model risk across both internal models and standardised risk measurement approaches.

The leverage ratio

To maintain the relative incentives provided by both capital constraints, the finalised Basel III reforms introduce a leverage ratio buffer for G-SIBs. Such an approach is consistent with the risk-weighted G-SIB buffer, which seeks to mitigate the externalities created by G-SIBs.

The leverage ratio G-SIB buffer must be met with Tier 1 capital and is set at 50% of a G-SIB’s risk weighted higher-loss absorbency requirements. For example, a G-SIB subject to a 2% risk-weighted higher-loss absorbency requirement would be subject to a 1% leverage ratio buffer requirement.

The leverage ratio buffer takes the form of a capital buffer akin to the capital buffers in the risk weighted framework. As such, the leverage ratio buffer will be divided into five ranges.

As is the case with the risk-weighted framework, capital distribution constraints will be imposed on a G-SIB that does not meet its leverage ratio buffer requirement. The distribution constraints imposed on a G-SIB will depend on its CET1 risk-weighted ratio and Tier 1 leverage ratio.

A G-SIB that meets:

(i) its CET1 risk-weighted requirements (defined as a 4.5% minimum requirement, a 2.5% capital conservation buffer and the G-SIB higher loss-absorbency requirement) and;

(ii) its Tier 1 leverage ratio requirement (defined as a 3% leverage ratio minimum requirement and the G-SIB leverage ratio buffer) will not be subject to distribution constraints.

A G-SIB that does not meet one of these requirements will be subject to the associated minimum capital conservation requirement (expressed as a percentage of earnings). A G-SIB that does not meet both requirements will be subject to the higher of the two associated conservation requirements.

What is next?

The finalisation of Basel III in December 2017 represents an important milestone for the Basel Committee’s response to the global financial crisis. The full set of Basel III reforms will help enhance the resilience of the banking system.

The Basel Committee will continue to exercise its mandate to strengthen the regulation, supervision, and practices of banks worldwide. The agenda changes, but the purpose is constant – to safeguard and enhance financial stability.

The Basel Committee has agreed that jurisdictions may exercise national discretion in periods of exceptional macroeconomic circumstances to exempt central bank reserves from the leverage ratio exposure measure on a temporary basis.

Jurisdictions that exercise this discretion would be required to recalibrate the minimum leverage ratio requirement commensurately to offset the impact of excluding central bank reserves, and require their banks to disclose the impact of this exemption on their leverage ratios.

The Committee continues to monitor the impact of the Basel III leverage ratio’s treatment of client-cleared derivative transactions. It will review the impact of the leverage ratio on banks’ provision of clearing services and any consequent impact on the resilience of central counterparty clearing.

---

Scope and definitions.

This framework will be applied on a consolidated basis to internationally active banks. Consolidated supervision is the best means to provide supervisors with a comprehensive view of risks and to reduce opportunities for regulatory arbitrage.

The scope of application of the framework will include, on a fully consolidated basis, any holding company that is the parent entity within a banking group to ensure that it captures the risk of the whole banking group.

Banking groups are groups that engage predominantly in banking activities and, in some countries, a banking group may be registered as a bank.

A holding company that is a parent of a banking group may itself have a parent holding company. In some structures, this parent holding company may not be subject to this framework because it is not considered a parent of a banking group.

The framework will also apply to all internationally active banks at every tier within a banking group, also on a fully consolidated basis.

As an alternative to full sub-consolidation, the application of this framework to the stand-alone bank (ie on a basis that does not consolidate assets and liabilities of subsidiaries) would achieve the same objective, providing the full book value of any investments in subsidiaries and significant minority-owned stakes is deducted from the bank’s capital.

Further, to supplement consolidated supervision, it is essential to ensure that capital recognised in capital adequacy measures is adequately distributed amongst legal entities of a banking group. Accordingly, supervisors should test that individual banks are adequately capitalised on a stand-alone basis.

Banking, securities and other financial subsidiaries.

To the greatest extent possible, all banking and other relevant financial activities (both regulated and unregulated) conducted within a group containing an internationally active bank will be captured through consolidation. Thus, majority -owned or -controlled banking entities, securities entities (where subject to broadly similar regulation or where securities activities are deemed banking activities) and other financial entities should generally be fully consolidated.

“Financial activities” do not include insurance activities and “financial entities” do not include insurance entities.

Examples of the types of activities that financial entities might be involved in include financial leasing, issuing credit cards, portfolio management, investment advisory, custodial and safekeeping services and other similar activities that are ancillary to the business of banking.

There may be instances where it is not feasible or desirable to consolidate certain securities or other regulated financial entities. This would be only in cases where such holdings are acquired through debt previously contracted and held on a temporary basis, are subject to different regulation, or where non-consolidation for regulatory capital purposes is otherwise required by law. In such cases, it is imperative for the bank supervisor to obtain sufficient information from supervisors responsible for such entities.

If any majority-owned securities and other financial subsidiaries are not consolidated for capital purposes, all equity and other regulatory capital (or, if applicable, other total loss-absorbing capacity) investments in those entities attributable to the group will be deducted, and the assets and liabilities, as well as third-party capital investments in the subsidiary will be removed from the bank’s balance sheet.

Supervisors will ensure that an entity that is not consolidated and for which the capital investment is deducted meets regulatory capital requirements. Supervisors will monitor actions taken by the subsidiary to correct any capital shortfall and, if it is not corrected in a timely manner, the shortfall will also be deducted from the parent bank’s capital.

Significant minority investments in banking, securities and other financial entities, where control does not exist, will be excluded from the banking group’s capital by deduction of the equity and other regulatory investments. Alternatively, such investments might be, under certain conditions, consolidated on a pro rata basis.

For example, pro rata consolidation may be appropriate for joint ventures or where the supervisor is satisfied that the parent is legally or de facto expected to support the entity on a proportionate basis only and the other significant shareholders have the means and the willingness to proportionately support it. The threshold above which minority investments will be deemed significant and be thus either deducted or consolidated on a pro-rata basis is to be determined by national accounting and/or regulatory practices. As an example, the threshold for pro-rata inclusion in the European Union is defined as equity interests of between 20% and 50%.

---

Supervisory review process.

The Pillar 2 supervisory review process ensures that banks have adequate capital and liquidity to support all the risks in their business, especially with respect to risks not fully captured by the Pillar 1 process, and encourages good risk management.

The supervisory review process of the Framework is intended not only to ensure that banks have adequate capital and liquidity to support all the risks in their business, but also to encourage banks to develop and use better risk management techniques in monitoring and managing their risks.

The supervisory review process recognises the responsibility of bank management in developing an internal capital assessment process and setting capital targets that are commensurate with the bank’s risk profile and control environment. In the Framework, bank management continues to bear responsibility for ensuring that the bank has adequate capital to support its risks beyond the core minimum requirements.

Supervisors are expected to evaluate how well banks are assessing their capital needs relative to their risks and to intervene, where appropriate. This interaction is intended to foster an active dialogue between banks and supervisors such that when deficiencies are identified, prompt and decisive action can be taken to reduce risk or restore capital. Accordingly, supervisors may wish to adopt an approach to focus more intensely on those banks with risk profiles or operational experience that warrants such attention.

The Committee recognises the relationship that exists between the amount of capital held by the bank against its risks and the strength and effectiveness of the bank’s risk management and internal control processes. However, increased capital should not be viewed as the only option for addressing increased risks confronting the bank. Other means for addressing risk, such as strengthening risk management, applying internal limits, strengthening the level of provisions and reserves, and improving internal controls, must also be considered. Furthermore, capital should not be regarded as a substitute for addressing fundamentally inadequate control or risk management processes.

There are three main areas that might be particularly suited to treatment under Pillar 2: risks considered under Pillar 1 that are not fully captured by the Pillar 1 process (eg credit concentration risk); those factors not taken into account by the Pillar 1 process (eg interest rate risk in the banking book, business and strategic risk); and factors external to the bank (eg business cycle effects). A further important aspect of Pillar 2 is the assessment of compliance with the minimum standards and disclosure requirements of the more advanced methods in Pillar 1. Supervisors must ensure that these requirements are being met, both as qualifying criteria and on a continuing basis.

The four key principles.

Principle 1: Banks should have a process for assessing their overall capital adequacy in relation to their risk profile and a strategy for maintaining their capital levels.

Principle 2: Supervisors should review and evaluate banks’ internal capital adequacy assessments and strategies, as well as their ability to monitor and ensure their compliance with regulatory capital ratios. Supervisors should take appropriate supervisory action if they are not satisfied with the result of this process.

Principle 3: Supervisors should expect banks to operate above the minimum regulatory capital ratios and should have the ability to require banks to hold capital in excess of the minimum.

Principle 4: Supervisors should seek to intervene at an early stage to prevent capital from falling below the minimum levels required to support the risk characteristics of a particular bank and should require rapid remedial action if capital is not maintained or restored.

Principle 1 – banks’ process for assessing capital adequacy.

Banks must be able to demonstrate that chosen internal capital targets are well founded and that these targets are consistent with their overall risk profile and current operating environment. In assessing capital adequacy, bank management needs to be mindful of the particular stage of the business cycle in which the bank is operating. Rigorous, forward-looking stress testing that identifies possible events or changes in market conditions that could adversely impact the bank should be performed. Bank management clearly bears primary responsibility for ensuring that the bank has adequate capital to support its risks.

The five main features of a rigorous process are as follows:

(1) board and senior management oversight;

(2) sound capital assessment;

(3) comprehensive assessment of risks;

(4) monitoring and reporting; and

(5) internal control review.

Board and senior management oversight.

This refers to a management structure composed of a board of directors and senior management. The Committee is aware that there are significant differences in legislative and regulatory frameworks across countries as regards the functions of the board of directors and senior management. In some countries, the board has the main, if not exclusive, function of supervising the executive body (senior management, general management) so as to ensure that the latter fulfils its tasks. For this reason, in some cases, it is known as a supervisory board. This means that the board has no executive functions. In other countries, by contrast, the board has a broader competence in that it lays down the general framework for the management of the bank. Owing to these differences, the notions of the board of directors and senior management are used in this section not to identify legal constructs but rather to label two decision-making functions within a bank.

A sound risk management process is the foundation for an effective assessment of the adequacy of a bank’s capital position. Bank management is responsible for understanding the nature and level of risk being taken by the bank and how this risk relates to adequate capital levels. It is also responsible for ensuring that the formality and sophistication of the risk management processes are appropriate in light of the risk profile and business plan.

The analysis of a bank’s current and future capital requirements in relation to its strategic objectives is a vital element of the strategic planning process. The strategic plan should clearly outline the bank’s capital needs, anticipated capital expenditures, desirable capital level, and external capital sources. Senior management and the board should view capital planning as a crucial element in being able to achieve its desired strategic objectives.

The bank’s board of directors has responsibility for setting the bank’s tolerance for risks. It should also ensure that management establishes a framework for assessing the various risks, develops a system to relate risk to the bank’s capital level, and establishes a method for monitoring compliance with internal policies. It is likewise important that the board of directors adopts and supports strong internal controls and written policies and procedures and ensures that management effectively communicates these throughout the organisation.

Sound capital assessment.

Fundamental elements of sound capital assessment include:

(1) policies and procedures designed to ensure that the bank identifies, measures, and reports all material risks;

(2) a process that relates capital to the level of risk;

(3) a process that states capital adequacy goals with respect to risk, taking account of the bank’s strategic focus and business plan; and

(4) a process of internal controls, reviews and audit to ensure the integrity of the overall management process.

Comprehensive assessment of risks.

All material risks faced by the bank should be addressed in the capital assessment process. While the Committee recognises that not all risks can be measured precisely, a process should be developed to estimate risks. Therefore, the following risk exposures, which by no means constitute a comprehensive list of all risks, should be considered.

Credit risk: Banks should have methodologies that enable them to assess the credit risk involved in exposures to individual borrowers or counterparties as well as at the portfolio level. Banks should assess exposures, regardless of whether they are rated or unrated, and determine whether the risk weights applied to such exposures, under the Standardised Approach, are appropriate for their inherent risk. In those instances where a bank determines that the inherent risk of such an exposure, particularly if it is unrated, is significantly higher than that implied by the risk weight to which it is assigned, the bank should consider the higher degree of credit risk in the evaluation of its overall capital adequacy. For more sophisticated banks, the credit review assessment of capital adequacy, at a minimum, should cover four areas:

(1) risk-rating systems,

(2) portfolio analysis / aggregation,

(3) securitisation / complex credit derivatives, and

(4) large exposures and risk concentrations.

Internal risk ratings are an important tool in monitoring credit risk. Internal risk ratings should be adequate to support the identification and measurement of risk from all credit exposures, and should be integrated into an institution’s overall analysis of credit risk and capital adequacy. The ratings system should provide detailed ratings for all assets, not only for criticised or problem assets. Loan loss reserves should be included in the credit risk assessment for capital adequacy.

The analysis of credit risk should adequately identify any weaknesses at the portfolio level, including any concentrations of risk. It should also adequately take into consideration the risks involved in managing credit concentrations and other portfolio issues through such mechanisms as securitisation programmes and complex credit derivatives. Further, the analysis of counterparty credit risk should include consideration of public evaluation of the supervisor’s compliance with the Core Principles for Effective Banking Supervision (BCP).

Operational risk: the Committee believes that similar rigour should be applied to the management of operational risk, as is done for the management of other significant banking risks. The failure to properly manage operational risk can result in a misstatement of an institution’s risk/return profile and expose the institution to significant losses.

A bank should develop a framework for managing operational risk and evaluate the adequacy of capital given this framework. The framework should cover the bank’s appetite and tolerance for operational risk, as specified through the policies for managing this risk, including the extent and manner in which operational risk is transferred outside the bank. It should also include policies outlining the bank’s approach to identifying, assessing, monitoring and controlling/mitigating the risk.

Market risk: banks should have methodologies that enable them to assess and actively manage all material market risks, wherever they arise, at position, desk, business line and firm-wide level. For more sophisticated banks, their assessment of internal capital adequacy for market risk, at a minimum, should be based on both value-at-risk (VaR) modelling and stress testing, including an assessment of concentration risk and the assessment of illiquidity under stressful market scenarios, although all firms’ assessments should include stress testing appropriate to their trading activity.

VaR is an important tool in monitoring aggregate market risk exposures and provides a common metric for comparing the risk being run by different desks and business lines. A bank’s VaR model should be adequate to identify and measure risks arising from all its trading activities and should be integrated into the bank’s overall internal capital assessment as well as subject to rigorous ongoing validation. A VaR model estimates should be sensitive to changes in the trading book risk profile.

Banks must supplement their VaR model with stress tests (factor shocks or integrated scenarios whether historic or hypothetical) and other appropriate risk management techniques. In the bank’s internal capital assessment it must demonstrate that it has enough capital to not only meet the minimum capital requirements but also to withstand a range of severe but plausible market shocks. In particular, it must factor in, where appropriate:

(1) illiquidity / gapping of prices;

(2) concentrated positions (in relation to market turnover);

(3) one-way markets;

(4) non-linear products / deep out-of-the-money positions;

(5) events and jumps-to-default;

(6) significant shifts in correlations; and

(7) other risks that may not be appropriately captured in VaR (eg recovery rate uncertainty, implied correlations or skew risk).

The stress tests applied by a bank and, in particular, the calibration of those tests (e.g. the parameters of the shocks or types of events considered) should be reconciled back to a clear statement setting out the premise upon which the bank’ s internal capital assessment is based (eg ensuring there is adequate capital to manage the traded portfolios within stated limits through what may be a prolonged period of market stress and illiquidity, or that there is adequate capital to ensure that, over a given time horizon to a specified confidence level, all positions can be liquidated or the risk hedged in an orderly fashion). The market shocks applied in the tests must reflect the nature of portfolios and the time it could take to hedge out or manage risks under severe market conditions.

Concentration risk should be pro-actively managed and assessed by firms and concentrated positions should be routinely reported to senior management.

Banks should design their risk management systems, including the VaR methodology and stress tests, to properly measure the material risks in instruments they trade as well as the trading strategies they pursue. As their instruments and trading strategies change, the VaR methodologies and stress tests should also evolve to accommodate the changes.

Banks must demonstrate how they combine their risk measurement approaches to arrive at the overall internal capital for market risk.

Interest rate risk in the banking book: the measurement process should include all material interest rate positions of the bank and consider all relevant repricing and maturity data. Such information will generally include current balance and contractual rate of interest associated with the instruments and portfolios, principal payments, interest reset dates, maturities, the rate index used for repricing, and contractual interest rate ceilings or floors for adjustable-rate items. The system should also have well-documented assumptions and techniques.

Regardless of the type and level of complexity of the measurement system used, bank management should ensure the adequacy and completeness of the system. Because the quality and reliability of the measurement system is largely dependent on the quality of the data and various assumptions used in the model, management should give particular attention to these items.

Liquidity risk: liquidity is crucial to the ongoing viability of any banking organisation. Banks’ capital positions can have an effect on their ability to obtain liquidity, especially in a crisis. Each bank must have adequate systems for measuring, monitoring and controlling liquidity risk. Banks should evaluate the adequacy of capital given their own liquidity profile and the liquidity of the markets in which they operate.

Other risks: although the Committee recognises that “other” risks, such as reputational and strategic risk, are not easily measurable, it expects industry to further develop techniques for managing all aspects of these risks.

Monitoring and reporting.

The bank should establish an adequate system for monitoring and reporting risk exposures and assessing how the bank’s changing risk profile affects the need for capital. The bank’s senior management or board of directors should, on a regular basis, receive reports on the bank’s risk profile and capital needs. These reports should allow senior management to:

(1) evaluate the level and trend of material risks and their effect on capital levels;

(2) evaluate the sensitivity and reasonableness of key assumptions used in the capital assessment measurement system;

(3) determine that the bank holds sufficient capital against the various risks and is in compliance with established capital adequacy goals; and

(4) assess its future capital requirements based on the bank’s reported risk profile and make necessary adjustments to the bank’s strategic plan accordingly.

Internal control review.

The bank’s internal control structure is essential to the capital assessment process. Effective control of the capital assessment process includes an independent review and, where appropriate, the involvement of internal or external audits. The bank’s board of directors has a responsibility to ensure that management establishes a system for assessing the various risks, develops a system to relate risk to the bank’s capital level, and establishes a method for monitoring compliance with internal policies. The board should regularly verify whether its system of internal controls is adequate to ensure well-ordered and prudent conduct of business.

The bank should conduct periodic reviews of its risk management process to ensure its integrity, accuracy, and reasonableness. Areas that should be reviewed include:

(1) appropriateness of the bank’s capital assessment process given the nature, scope and complexity of its activities;

(2) identification of large exposures and risk concentrations;

(3) accuracy and completeness of data inputs into the bank’s assessment process;

(4) reasonableness and validity of scenarios used in the assessment process; and

(5) stress testing and analysis of assumptions and inputs.

Principle 2 – supervisory review of banks’ internal capital adequacy assessments

The supervisory authorities should regularly review the process by which a bank assesses its capital adequacy, risk position, resulting capital levels, and quality of capital held. Supervisors should also evaluate the degree to which a bank has in place a sound internal process to assess capital adequacy. The emphasis of the review should be on the quality of the bank’s risk management and controls and should not result in supervisors functioning as bank management. The periodic review can involve some combination of:

(1) on-site examinations or inspections;

(2) off-site review;

(3) discussions with bank management;

(4) review of work done by external auditors (provided it is adequately focused on the necessary capital issues); and

(5) periodic reporting.

The substantial impact that errors in the methodology or assumptions of formal analyses can have on resulting capital requirements requires a detailed review by supervisors of each bank’s internal analysis.

Supervisors should assess the degree to which internal targets and processes incorporate the full range of material risks faced by the bank. Supervisors should also review the adequacy of risk measures used in assessing internal capital adequacy and the extent to which these risk measures are also used operationally in setting limits, evaluating business line performance, and evaluating and controlling risks more generally. Supervisors should consider the results of sensitivity analyses and stress tests conducted by the institution and how these results relate to capital plans.

Supervisors should review the bank’s processes to determine that:

(1) target levels of capital chosen are comprehensive and relevant to the current operating environment;

(2) these levels are properly monitored and reviewed by senior management; and

(3) the composition of capital is appropriate for the nature and scale of the bank’ s business.

Supervisors should also consider the extent to which the bank has provided for unexpected events in setting its capital levels. This analysis should cover a wide range of external conditions and scenarios, and the sophistication of techniques and stress tests used should be commensurate with the bank’s activities.

Supervisors should consider the quality of the bank’s management information reporting and systems, the manner in which business risks and activities are aggregated, and management’s record in responding to emerging or changing risks.

In all instances, the capital level at an individual bank should be determined according to the bank’s risk profile and adequacy of its risk management process and internal controls. External factors such as business cycle effects and the macroeconomic environment should also be considered.

In order for certain internal methodologies, credit risk mitigation techniques and asset securitisations to be recognised for regulatory capital purposes, banks will need to meet a number of requirements, including risk management standards and disclosures. In particular, banks will be required to disclose features of their internal methodologies used in calculating minimum capital requirements. As part of the supervisory review process, supervisors must ensure that these conditions are being met on an ongoing basis.

The Committee regards this review of minimum standards and qualifying criteria as an integral part of the supervisory review process under Principle 2. In setting the minimum criteria the Committee has considered current industry practice and so anticipates that these minimum standards will provide supervisors with a useful set of benchmarks that are aligned with bank management expectations for effective risk management and capital allocation.

There is also an important role for supervisory review of compliance with certain conditions and requirements set for standardised approaches. In this context, there will be a particular need to ensure that use of various instruments that can reduce Pillar 1 capital requirements are utilised and understood as part of a sound, tested, and properly documented risk management process.

Having carried out the review process described above, supervisors should take appropriate action if they are not satisfied with the results of the bank’s own risk assessment and capital allocation. Supervisors should consider a range of actions, such as those set out under Principles 3 and 4 below.

Principle 3 – banks should operate above minimum regulatory capital ratios.

Pillar 1 capital requirements will include a buffer for uncertainties surrounding the Pillar 1 regime that affect the banking population as a whole. Bank-specific uncertainties will be treated under Pillar 2. It is anticipated that such buffers under Pillar 1 will be set to provide reasonable assurance that a bank with good internal systems and controls, a well-diversified risk profile and a business profile well covered by the Pillar 1 regime, and which operates with capital equal to Pillar 1 requirements, will meet the minimum goals for soundness embodied in Pillar 1. However, supervisors will need to consider whether the particular features of the markets for which they are responsible are adequately covered. Supervisors will typically require (or encourage) banks to operate with a buffer, over and above the Pillar 1 standard. Banks should maintain this buffer for a combination of the following:

(1) Pillar 1 minimums are anticipated to be set to achieve a level of bank creditworthiness in markets that is below the level of creditworthiness sought by many banks for their own reasons. For example, most international banks appear to prefer to be highly rated by internationally recognised rating agencies. Thus, banks are likely to choose to operate above Pillar 1 minimums for competitive reasons.

(2) In the normal course of business, the type and volume of activities will change, as will the different risk exposures, causing fluctuations in the overall capital ratio.

(3) It may be costly for banks to raise additional capital, especially if this needs to be done quickly or at a time when market conditions are unfavourable.

(4) For banks to fall below minimum regulatory capital requirements is a serious matter. It may place banks in breach of the relevant law and/or prompt nondiscretionary corrective action on the part of supervisors.

(5) There may be risks, either specific to individual banks, or more generally to an economy at large, that are not taken into account in Pillar 1.

There are several means available to supervisors for ensuring that individual banks are operating with adequate levels of capital. Among other methods, the supervisor may set trigger and target capital ratios or define categories above minimum ratios (eg well capitalised and adequately capitalised) for identifying the capitalisation level of the bank.

Principle 4 – early supervisory intervention.

Supervisors should consider a range of options if they become concerned that a bank is not meeting the requirements embodied in the supervisory principles outlined above. These actions may include intensifying the monitoring of the bank, restricting the payment of dividends, requiring the bank to prepare and implement a satisfactory capital adequacy restoration plan, and requiring the bank to raise additional capital immediately. Supervisors should have the discretion to use the tools best suited to the circumstances of the bank and its operating environment.

The permanent solution to banks’ difficulties is not always increased capital. However, some of the required measures (such as improving systems and controls) may take a period of time to implement. Therefore, increased capital might be used as an interim measure while permanent measures to improve the bank’s position are being put in place. Once these permanent measures have been put in place and have been seen by supervisors to be effective, the interim increase in capital requirements can be removed.

---