The Role of the BIS – The Basel Capital Accords Saunders & Allen, Chapter 3 Basel Committee, “Revised Framework,” June 2004. BIS I • Major Focus: distinguish credit risk of sovereign, bank and mortgage obligations from non-bank private sector or commercial loan obligations • Not to differentiate the credit risk exposure within the commercial load classification • Issue: regulatory capital arbitrage activities BIS II • To correct the mispricing inherent in BIS I • To incorporate more risk sensitive credit exposure measures into bank capital requirement • Key motivations – Structural change in credit markets – Remove inefficiencies in lending market – Correlation among economic cycle, debt levels, and a potential debt servicing crisis Part 1: Scope of Application Part 2: The First Pillar -Minimum Capital Requirements I. Calculation of minimum capital requirements II. Credit risk -The Standardized Approach III. Credit Risk -The Internal Ratings Based Approach IV. Credit Risk -Securitization Framework V. Operational Risk VI. Trading Book Issues (including Market risk) Part 3 The Second Pillar -Supervisory Review Process Part 4: The Third Pillar -Market Discipline Pillar 1 • A three step evolutionary paradigm – Standardized Model – Foundations Approach Internal Ratings-Based (IRB) Model – Advanced IRB Model • Regulatory Total Capital-unchanged total amount – Credit Risk Capital Requirement – Market Risk Capital Requirement – Operational Risk Capital Requirement Credit Risk The Standardized Approach • Based on External Credit Assessment Institutions (e.g., credit rating agencies) that must: – – – – – – Be objective Be independent Provide international access & transparency Offer full disclosure Have sufficient resources Be Credible Credit Risk – The Standardized Approach Claims on Sovereigns Claims on sovereigns and their central banks will be risk weighted as follows: Credit Assessment AAA to AA- A+ to A- BBB+ to BBB- BB+ to B- Below B- Unrated Risk Weight 0% 20% 50% 100% 150% 100% Claims on Banks There are two options for claims on banks. National supervisors will apply one option To all banks in their jurisdiction. No claim on an unrated bank may receive a risk weight Lower than that applied to claims on its sovereign of incorporation. Option 1 Credit assessment of Sovereign Risk weight under Option 1 AAA to AA- A+ to A- BBB+ to BBB- BB+ to B- Below B- Unrated 20% 50% 100% 100% 150% 100% Option 2 Credit assessment of Banks AAA to AA- A+ to A- BBB+ to BBB- BB+ to B- Below B- Unrated Risk weight under Option 2 20% 50% 50% 100% 150% 50% Risk weight for short-term claims22 under Option 2 20% 50% 100% 100% 150% 100% Short Term Exposures (e.g., commercial paper) A-1/P-1 A-2/P-2 20% 50% Risk Weight A-3/P-3 100% Others 150% Claims on corporate The table provided below illustrates the risk weighting of rated corporate claims, including claims on insurance companies. The standard risk weight for unrated claims on corporates will be 100%. No claim on an unrated corporate may be given a risk weight preferential to that assigned to its sovereign of incorporation. Credit Assessment Risk Weight AAA to AA20% A+ to A- BBB+ to BB- 50% 100% Below BB150% Unrated 100% Claims included in the regulatory retail portfolios Claims that may be considered as retail claims for regulatory capital purposes and included in a regulatory retail portfolio. Exposures included in such a portfolio may be risk-weighted at 75%. Regulatory Retail Portfolios • Exposure to individuals or small businesses • Revolving credit, credit card & overdrafts, lines of credit, personal term loans, small business facilities • Must be sufficiently granular (no single counterparty has > 0.20% of overall) • Maximum exposure to a single counterparty is less than 1 million euros. Claims secured by residential property Lending fully secured by mortgages on residential property that is or will be occupied by the borrower, or that is rented, will be risk weighted at 35%. Claim secured by commercial real estate In view of the experience in numerous countries that commercial property lending has been a recurring cause of troubled assets in the banking industry over the past few decades, mortgages on commercial real estate do not, in principle, justify other than a 100% weighting of the loans secured. Higher-risk categories The following claims will be risk weighted at 150% or higher: • Claims on sovereigns, PSEs, banks, and securities firms rated below B-. • Claims on corporates rated below BB-. • Past due loans. • Securitization tranches that are rated between BB+ and BB- will be risk weighted at 350%. Off-balance sheet items Off-balance sheet items under the standardized approach will be converted into credit exposure equivalents through the use of credit conversion factors (CCF). Commitments with an original maturity up to one year and commitments with an original maturity over one year will receive a CCF of 20% and 50%, respectively. However, any commitments that are unconditionally cancelable at any time by the bank without prior notice, or that effectively provide for automatic cancellation due to deterioration in a borrower’s creditworthiness, will receive a 0% CCF. The Standardized Approach – Credit Risk Mitigation Use either the simple approach or the comprehensive approach in the banking book. The trading book must use the comprehensive approach. 1. The simple approach In the simple approach the risk weighting of the collateral instrument collateralizing or partially collateralizing the exposure is substituted for the risk weighting of the counterparty (subject to a 20% floor). 2. The comprehensive approach Calculation of capital requirement For a collateralized transaction, the exposure amount after risk mitigation is calculated as follows: E* = max {0, [E x (1 + He) – C x (1 – Hc – Hfx)]} where: E* = the exposure value after risk mitigation E = current value of the exposure He = haircut appropriate to the exposure C = the current value of the collateral received Hc = haircut appropriate to the collateral Hfx = haircut appropriate for currency mismatch between the collateral and exposure The exposure amount after risk mitigation will be multiplied by the risk of the counterparty to obtain the risk-weighted asset amount for the collateralized transaction. Haircuts can be either established by the supervisor or the bank’s own estimates of volatility: Own estimates for haircut The calculation of the exposure E* for banks using their internal market risk model will be the following: E* = max {0, [ΣE – ΣC) + (VaR output from internal market risk model x multiplier)]} The multiplier ranges between 1 and 1.33 depending on annual backtesting of the bank’s own estimate of volatility. Exceptions = daily volatility – VaR estimate Green Light (multiplier=1) if exceptions <99; Red light (multiplier=1.33) if exceptions >200; Yellow light (multiplier between 1-1.33) if between 100-199 exceptions. Credit Risk – The Internal Ratings-Based Approach Foundation and advanced approaches Under the foundation approach, as a general rule, banks provide their own estimated of PD and rely on supervisory estimates for other risk components. Under the advanced approach, banks provide more of their own estimates of PD, LGD and EAD, and their own calculation of M, subject to meeting minimum standards. For both the foundation and advanced approaches, banks must always use the risk-weight functions provided in this Framework for the purpose of deriving capital requirements. Assessment of Standardized Model • Insufficient risk sensitivity in the proposed risk buckets • Issue of “unrated” risk bucket • Tying capital requirements to external rating – Heterogeneity within each rating class – Rating may be lagging indicator – May lead to regulatory attempts to influence rating agencies – Risk of rating shopping – Loss of bank’s private information. Assessment of Standardized Model • Inconsistency in concept: attributes the function of assessing and monitoring credit risk to external rating agencies – banks are “delegated monitors.” – Should use standalone firm ratings, not related to specific debt issues with protective features – Ratings are pro-cyclical. Systemic risk increases as downgrades occur in recessions requiring additional capital at cyclical trough. IRB Models • Two Approach – Foundation IRB Approach – Advanced IRB Approach • Establish an internal rating model to classify the credit risk exposure of each activity • Calibrated to a 99.9% VAR • Foundation IRB Approach – PD – estimates of 1 year probability of default – EAD – exposure at default IRB • Advanced IRB approach – PD, EAD – LGD – loss given default – M – maturity • Computes risk weights by incorporating estimates of PD, EAD, LGD and M • Model assumes that average default correlation among borrowers is 10-20% IRB • Five elements to any IRB approach – – – – Internal rating model Risk components Risk weight function Minimum requirements of eligibility to apply the IRB approach – Supervisory reviews of compliance with the minimum requirement Risk Components of the IRB Approach • PD – Probability of default – Internal Ratings based on historical experience or credit scoring model – Lower bound 3 basis points – no 0% risk weight • EAD – Loan’s exposure at default – allows netting. – Nominal (book) among for on-balance-sheet transactions (1) Amount by which regulatory capital would be reduced if the exposure were written off fully; and (2) any additional specific provisions or write-offs. Risk Components of the IRB Approach (Continued) • LGD = Loss Given Default Under the Foundation Approach: – 45% for senior claims not secured – 75% for subordinated claims – For secured claims, use the comprehensive approach under the standardized model to calculate the LGD as follows: LGD* = LGD x (E*/E) where LGD is the senior unsecured exposure (45%) E is the current value of the exposure E* is the exposure value after risk mitigation. • LGD Under the Advanced Approach is the bank’s internal estimate of actual LGD. Risk Components of the IRB Approach (Continued) • Effective Maturity = M For the foundation approach, the effective maturity is 2.5 years For the advanced approach, the effective maturity is the greater of either one year or the cash flow weighted time to maturity: t * CFt / CFt t t Where CFt is the cash flow contractually payable at time t. June 2004 Proposals: Risk-weighted assets for corporate, sovereign, and bank exposures (UL) Formula for derivation of risk-weighted assets The derivation of risk-weighted assets is dependent on estimates of the PD, LGD, EAD and, in some cases, effective maturity (M), for a given exposure. Correlation (R) = 0.12 x (1 – EXP (-50 x PD)) / (1 – EXP (-50)) + 0.24 x [1 – (1 – EXP(-50 x PD))/(1 – EXP(-50))] Maturity adjustment (b) = (0.11852 – 0.05478 x In (PD))^2 Capital requirement (K) = [LGD x N [(1 – R)^-0.5 x G (PD) + (R/(1-R))^0.5 x G (0.999)] – PD x LGD] x (1 – 1.5 x b)^ -1 x (1 +(M – 2.5) x b) Risk-weighted assets (RWA) = K x 12.5 x EAD $ Capital Requirement = 8% x RWA Foundation IRB Approach: January 2001 Proposals • RW = risk weight on corporate obligations – Calibrated to 8% capital requirement for loan with 3 yr. maturity, PD=0.7%, and LGD=50%. – RW = (LGD/50) • BRW – BRW = benchmark risk weight (Figure 3.1) BRW = 976.5 x N(1.118 x G(PD)+1.288) x (1+.0470 x (1-PD)/PD0.44) • RWA – Risk-weighted assets – RWA = RW • EAD (3.2) Figure 3.1 Proposed IRB risk w eights for hypothetical corporate exposure having LGD equal to 50 percent. Source: Bank of International Settlements, “The Internal Ratings-Based Approach” (2001). 700 600 500 400 300 200 100 0 0 5 10 PD (Percent) 15 20 (ii) Firm-size adjustments for small- and medium-sized entities (SME) Under the IRB approach for corporate credits, banks will be permitted to separately distinguish exposures to SME borrowers (defined as corporate exposures where the reported sales for the consolidated group of which the firm is a part is less than €50 million) from those to large firms. A firm-size adjustment (i.e., 0.04 x (1- (S-5)/45)) is made to the corporate risk weight formula for exposures to SME borrowers. S is expressed as total annual sales in millions of euros with values of S falling in the range of equal to or less than €5 million will be treated as if they were equivalent to € million for the purposes of the firm-size adjustment for SME borrowers. Correlation (R) = 0.12 x (1 – EXP (-50 x PD)) / (1 – EXP(-50)) + 0.24 x [1 – EXP(-50 x PD))/(1 – EXP(-50))] – 0.04 x (1 – (S-5)/45) (iii) Risk weights for specialized lending Supervisory categories and UL risk weights for other SL exposures Strong Good Satisfactory Weak Default 70% 90% 115% 250% 0% Strong Good Satisfactory Weak Default BBB- or Better BB+ or BB BB- or B+ B to C- Not applicable Risk weights for HVCRE Supervisory categories and UL risk weights for high-volatility commercial real estate Strong Good Satisfactory Weak Default 95% 120% 140% 250% 0% Rules for Retail Exposures (i) Residential mortgage exposures Correlation (R) = 0.15 Capital requirement (K) = LGD x N[(1 – R)^-0.5 x G(PD) + (R / (1 – R))^0.5 x G(0.999)] – PD x LGD Risk-weighted assets = K x 12.5 x EAD The capital requirement (K) for a defaulted exposure is equal to the greater of zero and the difference between its LGD and the bank’s best estimate of expected loss. The risk-weighted asset amount for the defaulted exposure is the product of K, 12.5, and the EAD. (ii) Qualifying revolving retail exposures Correlation (R) = 0.04 Capital requirement (K) = LGD x N[(1 – R)^-0.5 x G(PD) + (R / (1 – R))^0.5 x G(0.999)] – PD x LGD Risk-weighted assets = K x 12.5 x EAD (iii) Other retail exposures For all other retail exposures that are not in default, risk weights are assigned based on the following function, which also allows correlation to vary with PD: Correlation (R) = 0.03 x (1 – EXP(-35 x PD)) / (1 – EXP(-35)) + 0.16 x [1 – (1 – EXP(-35 x PD))/(1 – EXP(-35))] Capital requirement (K) = LGD x N[(1 – R)^-0.5 x G(PD) + (R / (1 – R))^0.5 x G(0.999)] – PD x LGD Risk – weighted assets = K x 12.5 x EAD Illustrative IRB Risk Weights The following tables provide illustrative risk weights calculated for four asset classes types under the internal ratings-based (IRB) approach to credit risk. Each set of risk weights for unexpected loss (UL) was produced using the appropriate risk-weight function of the risk-weight functions. The inputs used to calculate the illustrative risk weights include measures of the PD, LGD, and an assumed effective maturity (M) of 2.5 years. A firm-size adjustment applies to exposures made to small- and mediumsized entity (SME) borrowers (defined as corporate exposures where the reported sales for the consolidated group of which the firm is a part is less than €50 million). Accordingly, the firm size adjustment was made in determining the second set of risk weights provided in column two given that the turnover of the firm receiving the exposure is assumed to be €5 million Illustrative IRB Risk Weights for UL Asset Class: LGD: Maturity: 2.5 Turnover (millions of €) Corporate Exposures (Big) (SME) 45% 45% 50 Residential Mortgages 45% 25% Other Retail Exposures 45% 85% Qualifying Revolving Retail Exposures 45% 85% 5 PD: 0.03% 0.05% 0.10% 0.25% 0.40% 0.50% 0.75% 1.00% 1.30% 1.50% 2.00% 2.50% 3.00% 4.00% 5.00% 6.00% 10.00% 15.00% 20.00% 14.44% 19.65% 29.65% 49.47% 62.72% 69.61% 82.78% 92.32% 100.95% 105.59% 114.86% 122.16% 128.44% 139.58% 149.86% 159.61% 193.09% 221.54% 238.23% 11.30% 15.39% 23.30% 39.01% 49.49% 54.91% 65.14% 72.40% 78.77% 82.11% 88.55% 93.43% 97.58% 105.04% 112.27% 119.48% 146.51% 171.91% 188.42% 4.15% 6.23% 10.69% 21.30% 29.94% 35.08% 46.46% 56.40% 67.00% 73.45% 87.95% 100.64% 111.99% 131.63% 148.22% 162.52% 204.41% 235.72% 253.12% 2.30% 3.46% 5.94% 11.83% 16.64% 19.49% 25.81% 31.33% 37.22% 40.80% 48.85% 55.91% 62.22% 73.13% 82.35% 90.29% 113.56% 130.96% 140.62% 4.45% 6.63% 11.16% 21.15% 28.42% 32.36% 40.10% 45.77% 50.80% 53.37% 57.99% 60.90% 62.79% 65.01% 66.42% 67.73% 75.54% 88.60% 100.28% 8.41% 12.52% 21.08% 39.96% 53.69% 61.13% 75.74% 86.46% 95.95% 100.81% 109.81% 115.03% 118.61% 122.80% 125.45% 127.94% 142.69% 167.36% 189.41% 0.98% 1.51% 2.71% 5.76% 8.41% 10.04% 13.80% 17.22% 21.02% 23.40% 28.92% 33.98% 38.66% 47.16% 54.75% 61.61% 83.89% 103.89% 117.99% 1.85% 2.86% 5.12% 10.88% 15.88% 18.97% 26.06% 32.53% 39.70% 44.19% 54.63% 64.18% 73.03% 89.08% 103.41% 116.37% 158.47% 196.23% 222.86% Assessment of IRB Model • BIS II is a great improvement over BIS I in its sophistication in measuring credit risk • Moves regulatory capital in the direction of economic capital • Far from an integrated portfolio management approach to credit risk measure • Capital requirements are likely to be higher than economically necessary when considering actual portfolio correlation Assessment (cont.) • Foundation IRB – correlations inversely related to PD: not empirically observed. • Advanced IRB contains properties that may distort bank incentives to manage their credit risk exposure – Maturity adjustment – Penalized increases in LGD more than increase in PD Operational Risk Definition of operation risk Operational risk is defined as the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events. This definition includes legal risk, but excludes strategic and reputational risk. Legal risk includes, but is not limited to, exposure to fines, penalties, or punitive damages resulting from supervisory actions, as well as private settlements. The measurement methodologies The framework outlined below presents three methods for calculating operational risk capital charges in a continuum of increasing sophistication and risk sensitivity: (i) the Basic Indicator Approach; (ii) the Standardized Approach; and (iii) Advanced Measurement Approaches (AMA). The Basic Indicator Approach Banks using the Basic Indicator Approach must hold capital for operational risk equal to the average over the previous three years of a fixed percentage (denoted alpha) of positive annual gross income. Figures for any year in which annual gross income is negative or zero should be excluded from both the numerator and denominator when calculating the average. The charge may be expressed as follows: KBIA = [Σ(GI1…3 x )]/n where KBIA= the capital charge under the Basic Indicator Approach GI = annual gross income, where positive, over the previous three years n = number of the previous three years for which gross income is positive = 15%, which is set by the Committee, relating the industry wide level of required capital to the industry wide level of the indicator. Gross income is defined as net interest income plus net non-interest income. It is intended that this measure should: (i) be gross of any provisions (e.g., for unpaid interest); (ii) be gross of operating expenses, including fees paid to outsourcing service providers, (iii) exclude realized profits/losses form the sale of securities in the banking book, and (iv) exclude extraordinary or irregular items as well as income derived from insurance 2. The Standardized Approach In the Standardized Approach, banks’ activities are divided into eight business lines: corporate finance, trading & sales, retail banking, commercial banking, payment & settlement, agency services, asset management, and retail brokerage. Within each business line, gross income is a broad indicator that serves as a proxy for the scale of business operations and thus the likely scale of operational risk exposure within each of these business lines. The capital charge for each business line is calculated by multiplying gross income by a factor (denoted beta) assigned to that business line. Beta serves as a proxy for the industry-wide relationship between the operational risk loss experience for a given business line and the aggregate level of gross income for that business line. It should be noted that in the Standardized Approach gross income is measured for each business line, not the whole institution, i.e., corporate finance, the indicator is the gross income generated in the corporate finance business line. The total capital charge is calculated as the three-year average of the simple summation of the regulatory capital charges across each of the business lines in each year. In any given year, negative capital charges (resulting form negative gross income) in any business line may offset positive capital charges in other business lines without limit. However, where the aggregate capital charge across all business lines within a given year is negative, then the input to the numerator for that year will be zero. The total capital charge my be expressed as: KTSA = {Σyears 1-3 max[Σ(GI1-8 x 1-8),0]}/3 where KTSA = the capital charge under the Standardized Approach GI1-8 = annual gross income in a given year, as defined above in the Basic Indicator Approach, for each of the eight business lines. 1-8 = a fixed percentage, set by the Committee, relating the level of required capital to the level of the gross income for each of the eight business lines. The values of the betas are detailed below Business Lines Corporate finance (1) Trading and sales (2) Retail banking (3) Commercial banking (4) Payment and settlement 5) Agency services (6) Asset management (7) Retail brokerage (8) Beta Factors 18% 18% 12% 15% 18% 15% 12% 12% Standardized Approach Mapping of Business Lines Level 1 Level 2 Activity Groups Corporate Finance Corporate Finance Municipal/Gov’t Finance Mergers and acquisitions, underwriting, privatizations, securitization, research, debt (gov’t, high yield), equity, syndications, IPO, secondary private placements Merchant Banking Advisory Services Trading & Sales Retail Banking Sales Market Making Proprietary Positions Treasury Fixed income, equity, foreign exchanges, commodities, credit, funding, own position securities, lending and repos, brokerage, debt, prime brokerage Retail Banking Retail lending and deposits, banking services, trust and estates Private Banking Private lending and deposits, banking services, trust and estates, investment advice Card Services Merchant/commercial/corporate cards, private labels and retail Mapping of Business Lines cont’d…….. Commercial Banking Commercial Banking Project finance, real estate, export finance, trade finance, factoring, leasing, lending, guarantees, bills of exchange Payment & Settlement External Clients Payments and collections, funds transfer, clearing and settlement Agency Services Custody Escrow, depository receipts, securities lending (customers) corporate actions Corporate Agency Issuer and paying agents Corporate Trust Asset Management Retail Brokerage Discretionary Fund Pooled, segregated, retail, institutional, closed, open, private equity Non-Discretionary Fund Management Pooled, segregated, retail, institutional, closed, open Retail Brokerage Execution and full service The Alternative Standardized Approach (upon supervisory discretion) Under the ASA, the operational risk capital charge/methodology is the same as for the Standardized Approach except for two business lines – retail banking and commercial banking. For these business lines, loans and advances – multiplied by a fixed factor ‘m’ – replaces gross income as the exposure indicator. The betas for retail and commercial banking are unchanged from the Standardized Approach. The ASA operational risk capital charge for retail banking (with the same basic formula for commercial banking) can be expressed as: KRB = RB x m x LARB Where KRB is the capital charge for the retail banking business line RB is the beta for the retail banking business line LARB is total outstanding retail loans and advances (non-risk weighted and gross of provisions), averaged over the past three years m is 0.035 For the purposes of the ASA, total loans and advances in the retail banking business line consists of the total drawn amounts in the following credit portfolios: retail, SMEs treated as retail, and purchased retail receivables. For commercial banking, total loans and advances consists of the drawn amounts in the following credit portfolios: corporate, sovereign, bank, specialized lending, SMEs treated as corporate and purchased corporate receivables. The book value of securities held in the banking book should also be included. Under the ASA, banks may aggregate retail and commercial banking (if they wish to) using a beta of 15%. Similarly, those banks that are unable to disaggregate their gross income into the other six business lines can aggregate the total gross income for these six business lines using a beta of 18%. As under the Standardized Approach, the total capital charge for the ASA is calculated as the simple summation of the regulatory capital charges across each of the eight business lines. 3. Advanced Measurement Approaches (AMA) Under the AMA, the regulatory capital requirement will equal the risk measure generated by the bank’s internal operational risk measurement system quantitative and qualitative criteria. Use of the AMA is subject to supervisory approval. Quantitative Standards AMA soundness standard Given the continuing evolution of analytical approaches for operational risk, the Committee is not specifying the approach or distributional assumptions used to generate the operational risk measure for regulatory capital purposes. However, a bank must be able to demonstrate that its approach captures potentially severe ‘tail’ loss events. Whatever approach is used, a bank must demonstrate that its operational risk measure meets a soundness standard comparable to that of the internal ratings-based approach for credit risk, (i.e., comparable to a one year holding period and a 99.9th percentile confidence interval) Quantitative Standards cont’d……. The Committee recognizes that the AMA soundness standard provides significant flexibility to banks in the development of an operational risk measurement and management system. However, in the development of these systems, banks must have and maintain rigorous procedures for operational risk model development and independent model validation. Prior to implementation, the Committee will review evolving industry practices regarding credible and consistent estimates of potential operational losses. It will also review accumulated data, and the level of capital requirements estimated by the AMA, and may refine its proposals if appropriate. Any internal operational risk measurement system must be consistent with the scope of operational risk defined by the Committee. Supervisors will require the bank to calculated its regulatory capital requirements as the sum of expected loss (EL) and unexpected loss (UL), unless the bank can demonstrate that it is adequately capturing EL in its internal business practices. AMA Detailed Loss Event Type Classification Event-Type Category (Level 1) Definition Categories (Level 2) Activity Examples (Level 3) Internal fraud Losses due to acts of a type intended to defraud misappropriate property or circumvent regulations, the law or company policy, excluding diversity/discrimination events, which involves at least one internal party Unauthorized Activity Transactions not reported (intentional) Transaction type unauthorized (w/monetary loss) Mismarking of position (intentional) Theft and Fraud Fraud/credit fraud/worthless deposits Theft/extortion/embezzlement/robbery Misappropriation of assets Malicious destruction of assets Forgery Check kiting Smuggling Account take-over/impersonation/etc Tax non-compliance/evasion (wilful) Bribes/kickbacks Insider trading (not on firm’s account) Theft and Fraud Theft/Robbery Forgery Check kiting System Security Hacking damage Theft of information (w/monetary loss) External fraud Losses due to acts of a type intended to defraud, misappropriate property or circumvent the law, by a third party Detailed Loss Event cont’d……. Employment Practices and Workplace Safety Clients, Products & Business Practices Losses arising from acts inconsistent with employment, health or safety laws or agreements, from payment of personal injury claims, or from diversity/discrimination events Losses arising from an unintentional or negligent failure to meet a professional obligation to specific clients (including fiduciary and suitability requirements), or from the nature or design of a product Employee Relations Compensation, benefit, termination issues Organized labour activity Safe Environment General liability (slip and fall, etc) Employee health & safety rules events Workers Compensation Diversity & Discrimination All discrimination types Suitability, Disclosure & Fiduciary Fiduciary breaches/ guideline violations Suitability/disclosure issues (KYC, etc) Retail customer disclosure violations Breach of privacy Aggressive sales Account churning Misuse of confidential information Lender liability Detailed Loss Event cont’d……. Event-Type Category (Level 1) Definition Categories (Level 2) Activity Examples (Level 3) Improper Bus or Mkt Practices Antitrust Improper trade/market practices Market manipulation Insider Trading (on firm’s account) Unlicensed activity Money Laundering Product flaws Product defects (unauthorized, etc) Model errors Selection, Sponsorship & Exposure Failure to investigate client per guidelines Exceeding client exposure limits Advisory Activities Disputes over performance of advisory activities Damage to Physical Assets Losses arising form loss or damage to physical assets from natural disaster or other events Disasters and other events Natural disaster losses Human losses form external sources (terrorism, vandalism) Business disruption and system failures Losses arising from disruption of business or system failures Systems Hardware Software Telecommunications Utility outage/disruptions Detailed Loss Event cont’d……… Execution, Delivery & Process Management Losses from failed transaction processing or process management, from relations with trade counterparties and vendors Transaction Capture, Execution & Maintenance Miscommunication Data entry, maintenance or loading error Missed deadline or responsibility Model/system misoperation Accounting error/entity attribution error Other task misperformance Delivery failure Collateral management failure Reference Data Maintenance Failed mandatory reporting obligation Inaccurate external report (loss incurred) Monitoring & Reporting Client permissions/disclaimers missing Legal doc. missing/incomplete Customer Intake & Documentation Customer/Client Account Management Unapproved access given to accts. Incorrect client records (loss incurred) Negligent loss or damage of client assets Non-client counterparty misperformance Misc non-client counterparty disputes Outsourcing Vendor disputes Trade Counterparties Vendors & Suppliers Data Sources Internal data Internally generated operational risk measures used for regulatory capital purposes must be based on a minimum five-year observation period of internal loss data, whether the internal loss data is used directly to build the loss measure or to validate it. When the bank first moves to the AMA, a three-year historical data window is acceptable. External data A bank’s operational risk measurement system must use relevant external data (either public data and/or pooled industry data), especially when there is reason to believe that the bank is exposed to infrequent, yet potentially severe, losses. These external data should include data on actual loss amounts, information on the scale of business operations where the event occurred, information on the causes and circumstances of the loss events. Scenario analysis A bank must use scenario analysis of expert opinion in conjunction with external data to evaluate its exposure to high-severity events. This approach draws on the knowledge of experienced business managers and risk management experts to derive reasoned assessments of plausible severe loses. For instance, these expert assessments could be expressed as parameters of an assumed statistical loss distribution. In addition, scenario analysis should be used to assess the impact of deviations from the correlation assumptions embedded in the bank’s operational risk measurement framework, in particular, to evaluate potential losses arising from multiple simultaneous operational risk loss events. Over time, such assessments need to be validated and reassessed through comparison to actual loss experience to ensure their reasonableness. Risk mitigation Under the AMA, a bank will be allowed to recognize the risk mitigating impact of insurance in the measures of operational risk used for regulatory minimum capital requirements. The recognition of insurance mitigation will be limited to 20% of the total operational risk capital charge calculated under the AMA A bank’s ability to take advantage of such risk mitigation will depend on compliance with the following criteria: • The insurance provider has a minimum claims paying ability rating of A (or equivalent). • The insurance policy must have an initial term of no less than one year. For policies with a residual term of less than one year, the bank must make appropriate haircuts reflecting the declining residual term of the policy, up to a full 100% haircut for policies with a residual term of 90 days or less. • The insurance policy has a minimum notice period for cancellation of 90 days. • The insurance policy has no exclusions or limitations triggered by supervisory actions or, in the case of a failed bank, that preclude the bank, receiver or liquidator from recovering for damages suffered or expenses incurred by the bank, except in respect of events occurring after the initiation of receivership or liquidation proceedings in respect of the bank, provided that the insurance policy may exclude any fine, penalty, or punitive damages resulting form supervisory actions. • The risk mitigation calculations must reflect the bank’s insurance coverage in a manner that is transparent in its relationship to, and consistent with, the actual likelihood and impact of loss used in the bank’s overall determination of its operational risk capital. • The insurance is provided by a third-party entity. In the case of insurance through captives and affiliates, the exposure has to be laid off to an independent third-party entity, for example through re-insurance, that meets the eligibility criteria. • The framework for recognizing insurance is well reasoned and documented. • The bank discloses a description of its use of insurance for the purpose of mitigating operational risk. The Second Pillar – Supervisory Review Process There are three main areas that might be particularly suited to treatment under Pillar 2: risks considered under Pillar 1 that are not fully captured by the Pillar 1 process (e.g., credit concentration risk); those factors not taken into account by the Pillar 1 process (e.g., bank (e.g., business cycle effects). A further important aspect of Pillar 2 is the assessment of compliance with the minimum standards and disclosure requirements of the more advanced methods in Pillar 1, in particular the IRB framework for credit risk and the Advanced Measurement Approaches for operational risk. Supervisors must endure that these requirements are being met, both as qualifying criteria and on a continuing basis. Four Key Principles of Supervisory Review Principle 1: Banks should have a process for assessing their overall capital adequacy in relation to their risk profile and strategy for maintaining their capital levels. The five main features of a rigorous process are as follows: • Board and senior management oversight; • Sound capital assessment; • Comprehensive assessment of risks; • Monitoring and reporting; and • Internal control review Principle 2: Supervisors should review and evaluate banks’ internal capital adequacy assessments and strategies, as well as their ability to monitor and ensure their compliance with regulatory capital ratios. Supervisors should take appropriate supervisory action if they are not satisfied with the result of this process. The supervisory authorities should regularly review the process by which a bank assesses its capital adequacy, risk position, resulting capital levels, and quality of capital held. Supervisors should also evaluate the degree to which a bank has in place a sound internal process to assess capital adequacy. The emphasis of the review should be on the quality of the bank’s risk management and controls and should not result in supervisors functioning as bank management. Principle 3: Supervisors should expect banks to operate above the minimum regulatory capital ratios and should have the ability to require banks to hold capital in excess of the minimum. Principle 4: Supervisors should seek to intervene at an early stage to prevent capital from falling below the minimum levels required to support the risk characteristics of a particular bank and should require rapid remedial action if capital is not maintained or restored. Specific issues to be addressed under the supervisor review process Interest rate risk in the banking book The revised guidance on interest rate risk recognizes banks’ internal systems as the principal tool for the measurement of interest rate risk in the banking book and the supervisory response. To facilitate supervisors’ monitoring of interest rate risk exposures across institutions, banks would have to provide the results of their internal measurement systems, expressed in terms of economic value relative to capital, using a standardized interest rate shock. Credit concentration risk Credit risk concentrations, by their nature, are based on common or correlated risk factors, which, in times of stress, have an adverse effect on the creditworthiness of each of the individual counterparties making up the concentration. Such concentrations are not addressed in the Pillar 1 capital charge for credit risk. Banks should have in place effective internal policies, systems and controls to identify, measure, monitor, and control their credit risk concentrations. Banks should explicitly consider the extent of their credit risk concentrations in their assessment of capital adequacy under Pillar 2. These policies should cover the different forms credit risk concentrations to which a bank may be exposed. Such concentrations include: • Significant exposures to an individual counterparty or group of related counterparties. In many jurisdictions, supervisors define a limit of exposures of this nature, commonly referred to as a large exposure limit. Banks might also establish an aggregate limit for the management and control of all of its large exposures as a group; • Credit exposures to counterparties in the same economic sector or geographic region; • Credit exposures to counterparties whose financial performance is department on the same activity or commodity; and • Indirect credit exposures form a bank’s CRM activities (e.g., exposure to a single collateral type or to credit protection provided by a single counterparty). The Third Pillar – Market Discipline Guiding principles The purpose of Pillar 3 – market discipline is to complement the minimum capital requirements (Pillar 1) and the supervisory review process (Pillar 2). The Committee aims to encourage market discipline by developing a set of disclosure requirements which will allow market participants to assess key pieces of information on the scope of application, capital, risk exposures, risk assessment processes, and hence the capital adequacy of the institution. The Committee believes that such disclosures have particular relevance under the Framework, where reliance on internal methodologies gives banks more discretion in assessing capital requirements Frequency The disclosures set out in Pillar 3 should be made on a semi-annual basis Capital Adequacy Qualitative disclosures (a) A summary discussion of the bank’s approach to assessing the adequacy of its capital to support current and future activities. Quantitative disclosures (b) Capital requirements for credit risk: • Portfolios subject to standardized or simplified standardized approach, disclosed separately for each portfolio; • Portfolios subject to the IRB approaches, disclosed separately for each portfolio under the foundation IRB approach and for each portfolio under the advanced IRB approach: • Corporate (including SL not subject to supervisory slotting criteria), sovereign and bank; • Residential mortgage; • Qualifying revolving retail; and • Other retail; • Securitization exposures (c) Capital requirements for equity exposures in the IRB approach: • Equity portfolios subject to the market-based approaches • Equity portfolios subject to simple risk weight method; and • Equities in the banking book under the internal models approach (for banks using IMA for banking book equity exposures). • Equity portfolios subject to PD/LGD approaches. Capital Adequacy Cont’d….. (d) Capital requirements for market risk • Standardized approach; • Internal models approach – Trading book. (e) Capital requirements for operational risk: • Basic indicator approach; • Standardized approach; • Advanced measurement approach (AMA). (f) Total and Tier 1 capital ratio: • For the top consolidated group; and • For significant bank subsidiaries (stand alone or sub-consolidated depending on how the Framework is applied). Operational Risk (a) In addition to the general qualitative disclosure requirement, the approach(es) for operational risk capital assessment for which the bank qualifies. (b) Description of the AMA, if used by the bank, including a discussion of relevant internal and external factors considered in the bank’s measurement approach. In the case of partial use, the scope and coverage of the different approaches used. (c) For banks using the AMA, a description of the use of insurance for the purpose of mitigating operational risk. Qualitative disclosures