APRA PAIRS Model

advertisement
Risk scoring:
Risk Based Supervision in
Practice
Ross Jones
Deputy Chairman, Australian Prudential Regulation Authority
President of International Organisation of Pension Supervisors (IOPS)
Outline
• Introduction
• Continuous supervision process
• Range of supervisory activities
• PAIRS model
 Framework
 Main risk areas for PAIRS assessment
 Net risk and significance weights
 Impact rating
• SOARS model (next session)
• Adapting PAIRS for pension funds
• Ensuring quality and consistency
Supervision process - APRA
Supervision Activities
• Prudential consultation
• Prudential reviews
• Targeted reviews
•Ad hoc meetings
Supervision Strategy
• Supervisory action plans
Risk Assessment
• Offsite analysis
• PAIRS Update
Supervisory Activities - APRA
•
Prudential reviews – on-site
•
Analysis of financial and other data
•
Superannuation funds with >$50M assets, data is
received on a quarterly and annual basis
•
Examination of exceptions and outliers
•
Analysis of other market and regulatory
information
PAIRS (Probability & Impact Rating System
•
Ratings tool used by APRA to determine the probability of failure of
a regulated institution and the potential impact on the financial
system of the failure.
•
Five probability rating categories: Low; Lower-Medium; UpperMedium; High; and Extreme.
•
Four impact rating categories (based on total assets): Low < $400m;
Medium - between $400m and $4.0bn; High - between $4.0bn and
$40bn; Extreme - above $40bn
•
APRA assesses the likelihood of an institution’s failure based on the
“inherent risk” of the institution, balanced by the “management
and controls” and the “capital support” available in the absence of
APRA intervention.
•
Rating is based on the accumulated knowledge from APRA’s onsite
reviews and offsite analysis
PAIRS Conceptual Framework
Descriptive Probability Rating
Rating Process
Probability Index
Supervisory
Attention Index
Measurement
Process
Impact Index
Descriptive Impact Rating
Supervisory
Stance
Main risk areas for PAIRS assessment
PAIRS
Board
Management
Risk Governance
Strategy & Planning
#
Liquidity Risk
Operational Risk
#
Credit Risk
NOTE - For DC
superannuation funds, the
Capital components do not
apply
# NOTE - Significant
risks for
superannuation funds
Mk & Investment Risk #
Insurance Risk
Capital - Coverage
Capital - Earnings
Capital – Access to Add
NOTE – guidance manuals
for supervisors on each
PAIRS component
Risk Mitigants - APRA
Risk Category
Principle Determinants Management + Control Assessment
Liquidity Risk
Awareness of liquidity risk by the Board
Liquidity management functions and committees (ALCO) in place
Policies and procedures relating to liquidity risk management
Limits in place and how they are reviewed and monitored
Scenario analysis and models used, including dependability of information sources
Reliability and extent of intra-group funding and standby facilities
Contingency arrangements in place
Operational Risk
The awareness of operational risk by the Board
Operational risk management functions and committees
Policies and procedures
Controls in place across the IT environment
Management of operational issues including administration, outsourcing arrangements, fraud
Business continuity and disaster recovery plans, including testing processes and back up
Credit Risk
The awareness of Credit Risk by the Board
The credit risk management framework, systems and delegations in place
Origination, security and collateral structures and valuation practices
Credit-related policies and procedures
Problem asset management including compliance with prudential requirements
Information systems and portfolio management
The role and functioning of independent credit review process
Market + Investment Risk
The awareness of maker an investment risk by the Board
Trading and investment functions, including segregation of responsibilities
ALCO and /or investment committees in place
Delegations and limits in place and how they are monitored and controlled
The process of reviewing and monitoring trading and /or investment strategies
Investment management and asset valuation practices
Market and investment policies and procedures including those relating to unit pricing
Models used, including underlying assumptions and stress analysis
The strength of management information systems
Independent review functions
Example – Module 7 - Operational risk
EXAMINE
• Nature & Complexity
• Internal & External
Fraud
• IT Systems
• Business Disruption
• Board & Management
Awareness
• Operational Risk
Management
Framework
• Outsourcing
Arrangements
• Administration
• Information
Technology
• Business Continuity
Management
• Project
Management (IT)
• New & Varied
Products
• Independent
Review of
Operational Risk
FEATURES WHERE
LOW OPERATIONAL
RISK
FEATURES WHERE
HIGH OPERATIONAL
RISK
• Simple legal &
organisational structure,
clear reporting lines
• No reliance on related
entities for core or
complementary
activities
• No outsourcing of major
business functions
• Simple products, low
transaction volumes
• IT systems are simple,
off-the-shelf, adaptable
• Minimal disaster threat
from external activities
• No reliance on a key
person
• Complex structure,
unclear reporting lines
• Extensive reliance for
core or complementary
activities on related
entities not wholly owned
within the same group
• Outsourcing to unrelated
third parties with history
of unresolved problems
• Complex business, many
products, high volume
• IT systems unable to meet
business needs, inherited
/ legacy systems
• Vulnerable to external
disaster
• Heavy reliance on one
person
Net risk and significance weightings
PAIRS Category
Inherent Risk
Management and
Control
Net Risk
Significance
Weight
Board
(0-4)
%
Management
(0-4)
%
Risk Governance
(0-4)
%
Strategy and Planning
(0-4)
(0-4)
(0-4)
%
Liquidity Risk
(0-4)
(0-4)
(0-4)
%
Operational Risk
(0-4)
(0-4)
(0-4)
%
Credit Risk
(0-4)
(0-4)
(0-4)
%
Market and Investment
Risk
(0-4)
(0-4)
(0-4)
%
Insurance Risk
(0-4)
(0-4)
(0-4)
%
Net Risk Total
(0-4)
100%
Coverage/ Surplus
(0-4)
%
Earnings
(0-4)
%
Access to Additional
Capital
(0-4)
%
Capital Support Total
(0-4)
100%
Overall Risk of Failure
(0-4)
Impact rating
Size, measured by assets under management, is the sole determinant of
impact
Asset ranges
$0 ≤ x < $400m
$400m ≤ x < $4b
$4b ≤ x < $40b
x ≥ $40b
Impact Rating
Low
Medium
High
Extreme
NOTE: Impact rating drives frequency of review
NOTE: Impact rating determines whether specialist risk experts join
supervision staff in review of institution
Outcome of PAIRS process = SOARS
Supervisory Approach
Normal
On going collection and analysis of data
supported by routine prudential reviews on
a cyclical basis.
Oversight
Significant increase in supervision intensity
however entity is not considered likely to
fail. More frequent information and visits.
Board and senior management given strong
signals of concern.
Mandated
Improvement
Entity produces and executes a
remediation plan. Transitional
classification. Either improve or exit the
industry.
Restructure
Entities have failed or are about to fail.
Full use of supervisory and legislative
powers to protect beneficiaries.
PAIRS & SOARS - quality and consistency

Dedicated support unit for supervisors

Predictive analysis tools

Portfolio reports and watch lists

Peer review and assessment

Reporting changes in assessment to top management in APRA

The combination of these four support levels and the reporting
framework leads to better risk assessments and strategy setting
practices in APRA and overall improvements in supervisory
judgements.
Consistency of Scores
Australia
•
•
•
Individual supervisor inputs scores for risk categories +
mitigants and decides on weightings
Guided by benchmarks / reference points
Supervisors may have to defend their ratings at a review panel
Thank You
• Questions?
Download