blackice basel roadmap (final review)blackiceinc.com/.../2017/07/blackice-basel-roadmap.pdf ·...
TRANSCRIPT
BASEL ROADMAPBLACKICE INC. REFERENCE PRESENTATIONFEBRUARY 2017
BASEL ROADMAP BASICS
3
BASEL IMPLEMENTATION VS. BASEL COMPLIANCE
In order for an institution to successfully meet BCBS and regional SBV Basel regulations, two components are necessary:u Successful implementation and governance of a Basel Program; andu An ongoing accurate and comprehensive compliance self-assessment against Basel requirements.
An institution’s approach to manage a Basel Program is an input into the compliance self-assessment.
Governance
Resources
DeliverablesTesting
Approvals
Governance
Identify Measures of
Success
AssessmentReport
Monitor
Project Implementation Compliance Assessment
4
Basel II Capital Accord
1. Minimum Capital Requirements 2. Supervisory Review 3. Market Discipline
§ Improved Disclosure of Capital Structure
§ Improved Disclosure of Risk Measurement and Management Practices
§ Improved Disclosure of Risk Profile
§ Improved Disclosure of Capital Adequacy
The 3 Pillars of Basel II
§ Three different approaches to calculate minimum capital requirements for:ü Credit Risk ü Operational Riskü Market Risk (Two)
§ Compliance defined re. each approach
§ Incentives to move to more sophisticated risk management approaches
§ Self assessment for capital adequacy
§ Supervisory review
§ Expectation of higher capital than minimum
§ Intervention at an early stage as prevention
Data Business Process Regulatory DisclosureImplementation
Components
5
• Info Assessment• Data History /
Quality
• Risk Models & Ratings:• PD, EAD, LGD• Rating Scales
• Methodologies & Tools• Segmentations• Products / Markets
• Policies & Governance
• Systems & Processes
• Documentation
• Capital Testing
• Reporting
Basel II Capital Accord
1. Minimum Capital Requirements 2. Supervisory Review 3. Market Discipline
Data Business Process Regulatory Disclosure
Where To Start Along The Pillars – What’s in Place
StartingPoint
Process Tools
Org / People
6
KEY BASEL ASSESSMENTS & DELIVERABLES
The identification of key deliverables necessary to demonstrate adherence to Basel and SBV guidance will leverage a self-assessment against current activities versus end-state, and include the following six areas.
Governance & Policies
Internal & Regulatory Reporting
Impact to internal processes and resources
Implementation of Calculator
Impact to Source Systems
Identification of Data
OVERVIEW ROADMAP FOR BASEL II
8
• Customer Management
• Origination
• Underwriting
• Facility Management
• Collateral Management
• Collection / Recovery
• Portfolio Management
• Financial Management Reporting
• CRM & Packages
• Decision Support / Business Intelligence
• Data Warehousing / Data Management
• Sub-Ledger / Accounting Systems
• G/L & Financial Reporting
• Governance
• Subject Matter Experts
Scope For
Execution
ASSESS THE OPERATING ENVIRONMENT – IMPROVE WHAT IS ALREADY IN PLACE
Process Tools
Org / People
Areas of
Focus
Gaps
• Process• Systems• Data• Models• Organization
9
Governance
DataDefinitions
• Obligor• Exposure• Default
Processes& Systems
Underwriting
Sub-Ledger
Asset MgtCRM
Ratings & Models
PDLGD
EAD
PDLGD
EAD
Data
Data Architecture
Data Repository
Analytics& Reporting
Analytics
Reporting
ReportData
Resources &Management
Collect Data
Store Data
Model Data
PUT THINGS TOGETHER - HAVE A FRAMEWORK
1 0
Operational Risk
Data Processing
Functional Domains
Common Operational FrameworkM e t a d a t a
Pre-requisite Data Business Metadata
Data DeliveryData LayoutData Management
Enterprise Wide Model
Business Intelligence
Common ETL Layer
Reporting
Analytics
SpecificViews
Risk AnalyticsAnd Modeling
Financial Modeling Engine
Functional Modeling
A DATA ARCHITECTURE PERSPECTIVE IS CRITICAL
Core Banking
Credit Cards
Internal Source Systems
General Ledger
External Systems
External Ratings
Market Data
Source Traceability
Validation
ETL
Data Quality
Edit and Reload
Audit Trail
Warehouse Staging
ETL
Credit Risk
Market Risk
Market Risk Engine
Credit Risk Engine
Operational Risk Engine
1 1
• Exposure At Default
• Loss Given Default
• Probability of Default
• Stress Testing
• Effective Maturity
• Earnings At Risk
• Customer / Party Information
• Underwriting Scores / Credit Ratings
• Customer Facilities
• Account Balances
• Collection Transactions
• Loss Events
• Asset Classification / Product LinkagesG
ranu
lar D
ata
Cap
ture
dC
alcu
latio
ns
Data To Be Collected Must Be Organized In A
Functional Model
CustomersAssets
TransactionsAgreements
Products
LocationsOrganization
Finance
Enterprise Risk Data Model
Data Dictionary
Implementation Considerations
• Pre-defined Basel II data model available with Data Dictionary
• Mapping data to source systems will require the most effort
• Documentation & Data SME’s – critical to the process
PUTTING DATA TOGETHER – THE DATA MODEL
Operational Risk
Enterprise Wide Model
Credit RiskMarket Risk
1 2
GOVERNANCE & POLICIES
u Creation of new polices such as:- Risk Management Framework- Risk Appetite Framework- Stress Testing Policy- Economic Capital- ICAAP Manual- Line of Business Lending Practices- Data Governance- Operational Risk Framework- Model Validation Policy- Liquidity Risk Management Policy- Trading and Non-Trading Standards- Capital Markets Risk Management Framework- Business Continuity Management- Anti-money Laundering- Recovery Plan- Roles and Accountabilities
1 3
BASEL II PROGRAM ORGANIZATION
PortfolioFacilitator(3)
Program Control Office
TechnologyIndustry/ Regulatory Regulat-
ions
Special Projects(2)
Executive Sponsorship
Third Party Advisors
Core Advisory Group(1)
Basel Executive Steering Committee
PMO Leadership
Regulatory Business Technology
Denotes core Basel Project Management Office resources
Denotes individual work streams for project execution and other content expertise
Market RiskCredit Risk
RetailCorporates,Sovereignsand Banks
Securitiz-Ation Trading
Room
Non -TradingEquities
IRRBB Market Risk
Smalland
MediumEnterprises
PortfolioFacilitator(3)
Operational Risk & Other Work Streams
MarketDiscipline
OperationalRisk
Internal Audit
PortfolioFacilitator(3)
PortfolioFacilitator
PortfolioFacilitator(3)
Notes:1. A subset of the Basel Executive Steering Committee that meets
more regularly and is able to address urgent high-level issues 2. Includes Business Management, Communications and other
special projects (e.g., Data Governance, Security, Program Integration Testing, Reconciliation and Adjustments and Reporting cycle, etc.)
3. Portfolio Facilitators report into PMO Special Projects
EXAMPLES OF CREDIT RISK PROJECT SCOPE
1 5
SAMPLE PROJECT: IMPLEMENTATION OF RWA ENGINE
► Obtain/ develop data mapping/ reference data mapping specification/ technical and infrastructure specification from client which data source (at account level, i.e. loan, investment, trade finance, guarantee …)
► Develop configuration and configuration specification for RWA calculation. Configuration will contain but not limited to the following information:
§ Mapping logic from core banking/source systems to engine for credit risk, market risk and operational risk
§ Calculation specification
► Complete ETL process based on Data Mapping Specification and Reference Data Mapping Specification
► Deploy RWA Engine and generate SBV reports/ Pillar 3 reports
► Perform SIT&UAT
► Final deployment and post implementation support
► Build operational model for consolidation process (Roles and Responsibilities for ongoing process)
Key activities
► Generate RWA, capital requirements for market risk and operational risk and CAR► Generate Dashboard to satisfy SBV disclosure requirement and/or Pillar 3 disclosure requirements
Initiative Objectives
Deliverables
► Data mapping/ reference data mapping specification/ technical and infrastructure specification
► Configuration and configuration specification
► RWA engine and dashboard for reporting
► Selected management reports and operational model
Others
► Project duration: 6 months
► Key benefit:
§ RWA engine
§ Improve data mapping/ reference data mapping specification/ technical and infrastructure specification
§ Dashboard for SBV disclosure and Pillar 3 disclosure
§ Better CAR management
► Minimum Human resource requirements
§ Basel team:
o 1 Manager
o 4-5 Senior/staff
§ IT team:
o 1 Manager
o 1-2 Senior
§ Finance/ accounting team:
o 1 Manager
o 1 Senior
§ Business unit (if needed)
1 6
SAMPLE PROJECT: CONSTRUCT AND COMPLETE ALL POLICY, PROCEDURE FOR CREDIT RISK MANAGEMENT
► Strategies/ Policies for credit risk are needed to be built/ completed:
§ RWA calculation (built when implementing RWA solution project)
§ Strategy/ Risk appetite (built during implementing ICAAP project)
§ Credit risk management policies, e.g. credit rating policy, credit authorization, credit risk assessment, special borrowing policy, real estate lending
§ Portfolio management (built during implementing project to build comprehensive policy for loan portfolio management)
§ Early warning system (built during implementing early warning system project)
§ Credit rating system and modelling (PD, LGD, EAD) (built during implementing related projects)
§ Stress-testing (built during implementing stress-testing project)
► Build guidance and process accompanied to these mentioned policies
Key activities
► Enhance current existing policies and build new policies for credit risk management to comply with Basel II
Initiative Objectives
Deliverables
► Roadmap for development and enhancement of all policies and procedures to support Credit Risk Management
► Official documentation for Credit Risk Policies and Procedures
Others
► Project duration: 6 months and continuance process
► Key benefit:
§ Give BOD, Senior Management, and all staff fundamental understanding and control of credit risk management
§ Basis for all related projects to be planned and implemented
§ Increase/ enhance bank’s capability of understanding and managing Credit Risk
► Minimum Human resource requirements
§ 1 manager
§ 1 senior officer and 3 staffs from credit risk department
§ 1-2 senior officer from wholesale department
§ 1-2 senior officer from retail department
ICAAP
1 8
THE ICAAP USE TEST
Yes No
Board
RMC/AC
CRC/GCC/SET
StressTesting
RiskAppetiteCapitalPlan
Enterprise-wide
Financial& EconomicRegulatory
Governace&Controls InternalCapitalAdequacyAssessmentProcess(ICAAP)
CapitalPlan
RegulatoryReviews
Financial&StrategicPlanLiquidityManagement
BSRAProcess
RiskManagementFinance/Treasury
Internal&ExternalA
udit
(RiskAppetitemetrics,P&L,RequiredandAvailableCapital,StressImpacts,Liquiditymetrics,Limits)Aggregation,LinkagesandReporting
Policiesa
ndProcedu
res
ICAAPSelf-AssessmentPackage(SAP)
Reconcile
Stress
CRC/ALCo/RMC
CRC/ALCo/RMC
MPRC/CMRC/CC/IC Credit Market Oper'l Other Liquidity OtherVetting/Validation Concentration/Diversification VaR Limits StressTesting
CRC/ALCo/RMC
NIAP,RSA,RLR
Environmentalscans Credit Market Oper'l OtherRisks EmergingRisksMitigationBusinessReviews
(RM)
Financial&
StrategicPlans
RiskMeasurement,Monitoring&Reporting
Economic
Capital(EC)
(Finance)
Testing
Regulatory
Capital(RC)
(Finance/RM) (RM)
CapitalPlan
RegulatoryReviews
RiskIdentification
Internal&ExternalA
udit
Policiesa
ndProcedu
res
Reconcile
(Treasury)
&Liquidity
Stress
CapitalAdequate?0
10
20
RC ICAAP Tier1
1 9
ICAAP RISKS THAT NEED TO BE ASSESSED
2 0
RISK APPETITE FRAMEWORK
The Enterprise Risk Appetite Framework (RAF) sets out the Bank’s overall approach to risk appetite and provides a common understanding among stakeholders of how risk appetite is established, managed and governed. It supports the establishment and ongoing effectiveness of the Bank’s Risk Appetite Statement (RAS), associated metrics and limits, and sets out the roles and responsibilities in the governance process. The RAS articulates the aggregate level and types of risk the Bank is willing to assume, or to avoid, in pursuit of its strategy and business objectives and sets the basic goals and measurement metrics, which defines tolerance levels for various risks.
As shown in the diagram below, a risk appetite is informed by the Bank’s vision, mission, and values as well as strategy and objectives; it also considers risk capacity and associated constraints. Risk appetite is articulated in the Bank’s RAS which includes qualitative and quantitative elements as well as limits to define the level of risks the Bank is willing to take on in pursuing its strategic objectives for business growth and shareholder return. The RAS supports a Enterprise Risk Management Framework which sets out the Bank’s approach to risk management, and is in turn supported by risk limits, policies, standards, procedures, processes and controls.
2 1
CAPITAL MANAGEMENT AND PLANNING
Basel II requires Banks to take a number of factors into account for capital planning: u Capital adequacyu Impacts of planned capital activities on overall capital levels and business mixu Consistency of capital plans with strategic plans u Consistency with the risk profile and current and prospective operating environmentu Risk / Return tradeoffu Net income and its variabilityu Forward looking stress tests and scenariosu The business cycle and potential adverse changes in market conditions
2 2
ENTERPRISE-WIDE STRESS TESTING
Basel II requires Banks to conduct stress testing to help assess capital adequacy and risk appetite.
Stress and scenario analysis are useful in assessing economic downturns and business cycle impacts.
Comprehensive stress testing should be embedded into the risk management framework of the organization.
A Board approved Stress Testing policy is necessary to ensure the required standards and procedures exist to satisfy regulatoryrequirements under Pillar II of the Basel II Revised Framework and help test the adequacy of capital during stressed businessconditions. This involves the use of various techniques to assess the potential vulnerability to “stressed” business conditions.
Key principles of the policy and for effective enterprise-wide stress testing include:u Stress testing should be integrated into the firms’ risk management framework including limits, risk appetite assessment
and capital management/planning;u Stress tests should be plausible and measure the effect of extreme moves in risk factors;u Comprehensive stress testing should include multivariate analysis, sensitivity and scenario based tests. Stress tests should
include scenarios that stress several factors at the same time because in reality, when stress events occur they are more likely to involve adverse moves in several risk factors;
u Stress scenarios should cover on- and off-balance sheet positions of all major portfolios in the trading book and the banking book. They should also reflect specific risk characteristics of the portfolios. All related risk factors should be identified and stressed;
u Comprehensive documentation for scenario development, selection of risk factors, translation of scenarios into impacts on risk factors and parameters, and remedial actions when pre-established limits are exceeded;
u Stress testing should be consistent with activities for Recovery and Resolution planning.
2 3
ENTERPRISE-WIDE STRESS TESTING
While stress testing may be well developed, it is often done in isolation for specific risk types and portfolios. The challenge is integrating this on an enterprise-wide basis.
Process:u Economics to provide guidance on a handful of variables (such as GDP, inflation, unemployment rate, short term interest
rates, stock market movement etc) for specific macro economic events (Recession, Pandemic, Inflation Escalation, etc.).u Individual Work Streams to arrive at risk factor shocks relevant to their portfolios based on general direction from
Economics. Work streams also to have their own portfolio specific scenarios and will develop procedures, processes and the technology infrastructure to enable calculation of stress results.
u Stressed loss and capital calculations to target initially a one year time horizon in order to enable aggregation and comparison against capital. This time horizon will then be extended as experience develops in line with the risks in the portfolios.
u Consolidation of Stress testing results across the enterprise for analysis and reporting to Senior Management to take place on a best effort basis until systems allow for regular and timely runs.
u Results produced by each business group to include losses and changes required in Economic and Regulatory capital.
COMPLIANCE SELF ASSESSMENT
2 5
BLACKICE SOLUTION - GCD
The Governance & Compliance Database (GCD™) is an application that allows financial institutions to assess adherence to Minimum Regulatory Requirements, guidance defined by the regulator or to requirements specific to the institution (e.g., internal expectations, policies, industry best practices etc.).
It facilitates the capture of compliance information to meet regulatory, Board and Senior management responsibilities including:u Gap assessments; u Compliance status;u Commentary evidence and supporting artifacts.
The primary benefit for a regulator is that the GCD™provides a view to an institution’s assessment, and provides a consistent approach to allow the comparison of assessments across multiple institutions.
The GCD™ also mitigates the risk and challenges often faced by regulators in completing their regulatory oversight.
2 6
INTERPLAY OF THE THREE BASEL PILLARS
While the three Pillars are independent they interact in the following ways:u Pillar I calculations are tested by the ICAAP process in Pillar II for completeness and congruence of risks and capital.
- Stress testing is an example of such a Pillar II test.u Pillar I will also provide a new feedback loop with Pillar II, for example based upon unexpected credit migrations relative to
prior expectations.u Feedback from public disclosure from Pillar III will inform Pillar II discussions as to conservatism and provide benchmarking
opportunities that do not exist today.
Various forums will communicate and allow an understanding of the impacts of these feedback loops including:u The Risk Management Committee of the Board.u The Senior Executive Team.u Balance Sheet Measurement, Monitoring and Control, especially with respect to the capital planning process. u A Models and Parameter Risk Committee.
This presentation and content are property of BlackIce Enterprise Risk Management Inc. and may not be reproduced or copied without express consent.
BlackIce Enterprise Risk Management Inc.#310 – 207 West Hastings St.Vancouver BC, Canada V6B 1H7
Visit Us at www.blackiceinc.comContact at [email protected]