risk update GLOBAL - Risk Reward Limited May 2013.pdf · Risk Reward Limited, serving the banking...

riskupdateThe quarterly independent risk review for banks and financial institutions worldwide

GLOBAL

© Risk Reward Ltd UK. All rights reserved. Available by subscription only – not for sale or resale

‘No CreditorWorse Off’:ResolutionMechanismsUpdate

may

201

3Also in this issuen Black Swans Mean Business (Part II)n OTC Clearing Evaluation

(Part II)n Your Internal Audit: Is it Delivering

For You?n Understanding Model Validationn Islamic Finance: Unique Risk

Management Challenges and theImpact of Basel III

n The New Basel III Rules and itsImplications for US Banks

Global Risk Update 2013 – May

Index PAGE

‘No Creditor Worse Off’: Resolution 3Mechanisms Update

Black Swans Mean Business (Part II) 6

OTC Clearing Evaluation (Part II) 9

Your Internal Audit: Is it Delivering 13For You?

Understanding Model Validation 17

Islamic Finance: Unique Risk 21Management Challenges and the Impact of Basel III

The New Basel III Rules and its 25Implications for US Banks

Risk Reward Limited, serving the banking and financial servicessectors with risk consultancy and risk training in developed and

emerging markets since 2002. Risk Reward is registered with UKCompanies House no 4346234.

©Risk Reward Ltd UK 2013. All Rights Reserved.By subscription only - not for sale or resale

Designed by mfp – [email protected]

Sentiment is a word still on everyone’s lips. Are we seeing optimism for the futureor disappointed thinking past problems still haunting us? The recent crisis inCyprus has highlighted that solutions to the global debt crisis remain far off andare hard to achieve. That Cyprus, a relatively minor economy, was able to bring theentire global financial community into potential stress highlights why systemicrisk remains a major issue for everyone. What the Cyprus affair also demonstratedwas a stunning lack of maturity at key global and European bodies, allowingsolutions to be proposed which fundamentally undermine the banking industry tothe detriment of the global market.Will there be a solution to the crisis? It is clear to us that a ‘growth’ agendacombined with a carefully orchestrated ‘austerity’ programme directed towardsreducing the size of the public sector is the only real solution. Investing in growthwill enable debts to be sustainable and represents possibly the only real solution.In this issue of the GRU the importance of resolving banks is considered in anarticle by Spanish risk management specialist Flora Preito on resolutionmechanisms. (In the US new rules have also been produced on this subject – GRUsubscribers: please ask us for these available free of charge.) The second article isPart II in a series contributed by Anglo-Sri Lankan Atula Abeysekera on WhiteSwans where he recommends the use of financial risk management principles intocivil and national security risk management within the UK government; it isfollowed by Belgian Michel Dorval’s insightful review of OTC clearing. As to thelatter, we remain concerned at the impact on the market of these new requirementscould result in firms stopping hedging key risks at exactly the time when they areincreasing in importance. In our view the OTC rules being proposed (and also therules that derivatives that are not OTC cleared will also need collateral) both createadditional systemic risk and also increase the cost of traditional hedging renderingit no longer cost effective. This will create the next crisis as interest rates rise.Two key risk areas receiving increased attention are internal audit and models. Inan article looking at internal audit itself I report on some key IA issues recently‘discovered’ during internal audit projects among banks in EMEA, USA and Asianmarkets. CEOs, Audit Committee Heads and Heads of Internal Audit may wellconsider these findings rather more than just interesting and no doubt will start re-questioning their own approaches. Models are a particular concern. In their co-authored article Canadian Mark Dougherty and Russian Yan Fischman considerthe aspects of models, model risk and model validation as a required mitigant torisk and that using a bad model to confirm a bad model is not model validation.As I write Islamic finance is gaining new acceptance and incorporation by acts ofnational legislation this year in Egypt, Morocco and Turkey. Dutch risk and Islamicspecialist Dr Natalie Schoon’s article on the unique nature of risk management ofIslamic finance is therefore timely. She purports that perceived barriers such aslack of historic loss data and balance sheet size will no longer be challenges in thenear term due to, among other changes, the increased Islamic finance sectoractivity and possible shared databases.

Do you have an article you would like to submit to theGRU for publication? If so do contact us [email protected] (original workpreviously unpublished and from the authors onlyplease.) I hope you enjoy this issue and look forwardto receiving your comments.

Dennis Cox BSc, CFSI, FCAChief Executive Officer

PLEASE CIRCULATE TO:

n Chief Risk Officer

n Head of RiskManagement

n Head of Internal Audit

n Head of Operations

n Head of ALM

n Head of Treasury

TO THE EDITORDo you have risk issues inyour organisation or regionyou would like to share?

Email your thoughts to the Editor [email protected]

Global Risk Update, a regular journal coveringinsights and global risk issues of interest to thebanking, insurance and financial sectors indeveloped and emerging markets.

Available by subscription via the websitewww.riskrewardlimited.com. To unsubscribe pleaseemail to [email protected] and enterUNSUBSCRIBE in the subject field.

The current economic crisis inwhich banking institutions’failures have played such animportant role is being

accompanied by significanttransformations at the level ofregulatory frameworks. Theglobalization trend so prevalent inareas like banking supervision withBasel II and III (or accounting withIFRS) is also stepping in when dealingwith resolution mechanisms.

It is interesting to see how the effortsto provide prompt responses made byindividual countries to the newdemands imposed by the financialcrisis are taking place alongside the

initiatives promoted by supranationalinstitutions. The overall result is anevolving legal framework: the UKBanking Act (2009), the US Dodd-Frank Act (2010) and the GermanBank Restructuring Act (which cameinto effect in 2011). Similar laws inother countries have just been enactedin 2012, such as in Spain and Portugal,and it is envisaged that this trend willcontinue to develop and beimplemented over the coming monthsin other jurisdictions.

Systemic Risk

In order to understand what ishappening, it is necessary to call the

attention to the

systemic nature of this crisis. The IMF,in different papers and reports, hashighlighted the increasing systemicrisks imposed on the financial systemsas a consequence of the huge sizeacquired by some of these financialinstitutions with internationalpresence in financial markets andextensive linkages with other cross-border ones. The economic reasonswhich historically justified the need forthis type of financial institution suchas achieving economies of scale andthe need for competing in a globalenvironment were not accompaniedby similar transformations in terms ofregulation and supervision. If one addsto this the abandonment of atraditional business model towards

another in which revenues and feesare mostly derived from dealing

with sophisticatedfinancial products, not

always understoodby managers, the

final result is abank in crisis

which lacks ac l e a r

‘No Creditor WorseOff’: ResolutionMechanisms UpdateAuthor Flora Prieto, a senior risk management specialist based in Madrid, contributed thisupdate on the state of play concerning the development and implementation of resolutionmechanisms amongst various organizations particularly the BCBS, the FSB, the European Unionand the ECB.


3

strategic direction and which does nothave enough resources to cope withthe new circumstances. An analysis ofthe responses given by differentgovernments confirms the seriousnessof this crisis as well as itscharacterisation as a systemic one: dueto being applied, extensively, three outof the five commonly crisis resolutionpolicies: liquidity support,restructuring, asset purchases,significant guarantees andnationalisations.

The BCBS and Its TenRecommendations

The critical year in the developmentof resolution mechanisms was 2010. InMarch of that year, the BaselCommittee on Banking Supervision(BCBS) issued ten recommendationswhich have served as basic steppingstones for all further developments.Essentially, they insisted on the needfor any country of being capable ofmanaging a crisis situation in any typeof financial institution, emphasisingthe definition of frameworks whichwould allow for a coordinatedresolution process. This would bereflected in lower levels of complexityof the operations and in thereinforcement of risk mitigationmechanisms. Due to the significant

amount of cross-border activitiesundertaken by these institutions, itwas deemed advisable to mergenational resolution measures and inturn increase cooperation andinformation sharing. The pursued goalshould be a planned and well-organized resolution process as thefinal intention is that feasible parts ofthe business would ‘come back’ to besubject to market discipline.

The FSB’s 3 ResolutionRegimes

The Financial Stability Board has beenthe institution taking the lead in thisfield. Concerned with the Too-Big-To-Fail issue, has been paying a lot ofattention to G-SIFIs (GlobalSystemically Important FinancialInstitutions), asking in October 2010,when it made public the FSB-SIFIrecommendations, for an assessmentof each country’s capabilities formanaging resolution situations.

Up to then, there were three maintypes of resolution regimes:

n Special ones which allowedauthorities to take control of banksbefore or upon insolvency.

n Special administration ormanagement regimes whichallowed banking supervisors orauthorities to appoint special

officials in charge of implementingresolutions, getting into

forced liquidation ifnecessary and, finally,

n mixed regimes which combinedfeatures of the other two but withless power.

The measures developed by the FSBhave enjoyed the explicit support ofthe G-20. In the annual meetings heldby the superior authorities of thesecountries as well as in the periodicmeetings of their finance ministers andCentral Bank governors, since 2010,they have continuously endorsed theworks undertaken by the FSB whichhave been recently extended toinclude the D-SIBs (DomesticSystemically Important Banks).

In October 2011, the FinancialStability Board issued one of the mostimportant documents in this area ofresolution mechanisms. It defined thekey attributes of effective resolutionregimes for financial institutions ofwhich two are its main contributions:(1) it identifies up to twelve aspectswhich any resolution regime shoulddeal with. They comprise the scope,resolution authority and resolutionpowers, setting-off, netting,collateralisation and segregation ofclient assets, safeguards, funding offirms in resolution, legal frameworkconditions for cross-bordercooperation, crisis managementgroups, institution specific cross-border cooperation agreements,resolvability assessments, recoveryand resolution planning and access toinformation and information sharing;and (2) it characterises an effectiveresolution regime as that in whichthere is no severe systemic disruption,taxpayers are not exposed to a loss andthe hierarchy of claims is respected.

The FSB document insists on theimportance of applying the “nocreditors worse off” principle. Thistranslates, firstly, in the respect of thecreditors’ hierarchy. Equity wouldabsorb losses first and senior debtholders would assume losses oncesubordinated debt has been entirelywritten-off. Secondly, if creditors donot receive the minimum which wouldhave corresponded to them under thenational insolvency regime, theywould have the right to acompensation (known as the “nocreditor worse off than in liquidation”safeguard).

‘No Creditor Worse Off’: Resolution Mechanisms Update


4

The European Union Recoveryand Resolution Framework

The latest developments in theinternational arena have beenundertaken by the European Union. InJune 2012, The European Commissionmade public its Proposal for aDirective aimed to establish aframework for the recovery andresolution of credit institutions andinvestment firms. In this document,emphasis is placed upon thedevelopment of a framework whichwould consist of three main pillars:preparatory and preventive measures,early intervention and, finally,resolution powers and tools. It isconvened that by acting early, theescalation of the problems may beavoided. The proposed scheme ofintervention relies to a great extent inthe decisions adopted by resolutionauthorities. They may request theimplementation of specific actionssuch as, for example, the separation offunctions, setting limits on exposuresor imposing restrictions on newbusiness lines or products, if thesecontribute to the resolvability of these

institutions. The idea is that resolutionwould take place if there is no otheralternative and reasons of publicinterest justify it.

This EU document considers fourdifferent resolution mechanisms: saleof business, bridge institution, bail-inand asset separation. This last one isthe only which, compulsorily, shouldbe applied in conjunction with theothers, in order “to minimizecompetitive distortions and risks ofmoral hazard”. The basic principlerespected by this scheme is the “nocreditor worse off”.

Current Consultation Period

Different opinions have beenrequested from EU bodies about thisproposal of directive. The EuropeanCentral Bank (ECB) in November2012 expressed its desire for a quickadoption of it, as it advocates thecreation of a single EuropeanResolution mechanism. Despite this, itinsisted on the need for furtherclarifications, mainly oriented to insiston the fact that resolution purpose

should be the continuity of theessential functions performed by theentity, not its continuance as a failingorganization. The ECB called for thedefinition of the competent authoritywhich should be in charge ofdetermining if the bank has failed or islikely to fail. The other relevantopinion issued to date corresponds tothe European Economic and SocialCommittee which in December 2012expressed some concerns, particularlyin the areas of recourse to someresolution measures not tested beforewhen dealing with a systemic crisis,the need for maintainingconfidentiality about recovery plansand a clearer definition and stricterregulation of the powers granted toresolution authorities, in order toavoid potential conflicts with judicialones.

Editor’s Note: for more information about theissues and organizations referenced above pleasepost your queries on the GLOBAL RISKFORUM on LinkedIn or email Dennis Cox [email protected]

‘No Creditor Worse Off’: Resolution Mechanisms Update

5


REFERENCES• Basel Committee on Banking Supervision (2011). Resolution Policies and Frameworks – Progress so Far. [Online]. Available from: http://www.bis.org/publ/bcbs200.htm

(Accessed February 2013)• Claessens, S., Pazarbasioglu, C., Laeven, L., Dobler, M., Valencia, F., Nedelescu, O. and Seal, K. (2011). “Crisis Management and Resolution: Early Lessons from the

Financial Crisis”. IMF Staff Discussion Note, SDN/11/05. [Online]. Available from: http://www.imf.org/external/pubs/ft/sdn/2011/sdn1105.pdf (Accessed February 2013)

• European Central Bank (2013). Opinion on a Proposal for a Directive of The European Parliament and of The Council establishing a framework for the recovery andresolution of credit institutions and investment firms. Official Journal of the European Union, C 39, Feb. 12th. [Online]. Available from: http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:C:2013:039:0001:0024:EN:PDF (Accessed February 2013)

• European Commission (2012). Proposal for a Directive of The European Parliament and of The Council establishing a framework for the recovery and resolution of creditinstitutions and investment firms. . [Online]. Available from: http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=COM:2012:0280:FIN:EN:PDF (Accessed February 2013)

• European Economic and Social Committee (2013). Opinion on a Proposal for a Directive of The European Parliament and of The Council establishing a framework for therecovery and resolution of credit institutions and investment firms. Official Journal of the European Union, C 44, Feb. 15th. [Online]. Available from: http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:C:2013:044:0068:0075:EN:PDF (Accessed February 2013)

• Financial Stability Board (2011). Key Attributes of Effective Resolution Regimes for Financial Institutions. [Online]. Available from:http://www.financialstabilityboard.org/publications/r_111104cc.pdf (Accessed February 2013)

• G-20 (2012). Meeting of Finance Ministers and Central Bank Governors, February. [Online]. Available from: http://www.g20.org/documents/ (Accessed February 2013)• G-20 (2012). Meeting of Finance Ministers and Central Bank Governors, April. [Online]. Available from: http://www.g20.org/documents/ (Accessed February 2013)• Ötker-Robe, I., Narain, A., Ilyina, A. and Surti, J. (2011). “The Too-Important-to-Fail Conundrum: Impossible to Ignore and Difficult to Resolve”. IMF Staff Discussion

Note, SDN/11/12. [Online]. Available from: http://www.imf.org/external/pubs/ft/sdn/2011/sdn1112.pdf (Accessed February 2013)

Global Risk, Governance &Compliance Recruitment

Tel +44 (0)20 7638 5584 www.riskrewardsearch.comS E A R C H

White Swans

The key objective for managing risks in an uncertain worldis to reduce the risk of the ‘unknown’ risks in a cost effectiveway so that the ‘unknown’ tail becomes a more manageablephenomenon, as shown in Fig. 1 below.

Fig. 1 - High-level illustration of Bow Group proposals

An holistic governance structure and an enterprise-led riskmanagement culture are urgently required by governmentto proactively manage ‘unknown-unknown’ risks. This can,occasionally, create an opportunity from knowledge gained.

Government made a start by formulatingtheir thinking in the Corporate GovernanceGood Practices Code for centralGovernment Departments in July 2011.Unfortunately, much more needs to be doneand the world of business is not a bad placeto look for inspiration. We propose that theGovernment implement the followingchanges to (i) the way risk managementsystems are overseen and (ii) the quantitativecapabilities of the UK Government inmanaging risk.

Black Swans MeanBusiness (Part II)A Commercial Approach to Managing Civiland National Security RisksIn this second part of a 2-part article series on Black and White Swans, risk expert AtulaAbeysekera seeks to ensure principles of financial risk management are taken up by the UKGovernment as it reviews current civil and national security risk management. Originallypublished as a White Paper the Editors agreed that the nature and in our view strong, good riskpolicy recommendations herein warranted making this available to GRU subscribers as articles.We hope you agree.


6

Current

Available information Unavailable information

UnavailableinformationAvailable information

Proposed

Known byGovernment

Known by‘others’

Issues/risks

Issues/risks


Known byGovernment

Not known byGovernment

Not knownby

Government

1. Independent Oversight

The Office for Risk Management

To more proactively manage civil and national securityBlack Swan risks, the Government’s risk assessmentprocess needs to be challenged and overseen to a fargreater extent than it is currently. Such an ambition couldbe fulfilled by the creation of an independent office, whichwe will call the ‘Office for Risk Management’ (‘ORM’)with external expertise. This should be adjoined to theCabinet Office. The ORM should be chaired by a seniorindependent person with skills in risk management andcorporate governance and experience in Government andBusiness. It should consist of subject matter expertsrepresenting key disciplines. The ORM’s fundamentalroles would be to challenge the risk management at theheart of the Government and provide an advisory role tothe Prime Minister and the Cabinet. The model for theORM should be similar to the new Office of BudgetResponsibility (OBR) created by the CoalitionGovernment. The oversight of ORM can be by the PublicAccounts Committee and the budget would be similar tothat of OBR – by our estimations, a grant aided flat cashfunding allocation of £2 million per annum should besufficient.

Within the ORM, in accordance with best practice,specialist subgroups should be created. Each sub groupshould be responsible for challenging Governments’ riskassessments and providing independent feedback to thePrime Minister and the Cabinet. The ORM shouldproduce an annual report on risk management performanceof the Government. The sub groups can be created tobroadly mirror the NSC’s own sub committees such ascyber security; counter terrorism; hazards; resilience andcontingencies; nuclear; emerging powers; economic andcurrent hot spots (Syria, Afghanistan etc.). Following themodel used in Business, the ORM should be able toinstruct the Cabinet Office to perform specific stress testson predefined Black Swan events and independently assesstheir resilience. The ORM should also performindependent incident reviews on the activities ofCOBR(A).

Group think

The ORM would help to avoid ‘group think’ by bringing inmultidisciplinary external expertise from outside ofGovernment; a useful catalyst for encouraging outside-the-box thinking and for generating new ideas. The point washighlighted by the Science and Technology SelectCommittee in 2011, when they expressed concern over theexclusion of Government’s Chief Scientific Adviser(GCSA) in the National Risk Assessment (NRA) strategy,stating: “we consider that science should be at the heart ofthe NRA process and have recommended that the GSCAhave greater involvement. We urge the Government to dobetter at embedding scientific advice and an evidence-based approach in risk assessment and policy processesbefore emergencies occur”.

Risk Culture

One of the mandates of the ORM would be to promote andissue guidance on a new risk culture among civil servants.The culture should encourage the capture and escalation ofemerging risks at grass root level from departments, theiragencies and other public bodies, to better identify potentialand emerging Black Swans. This could be achieved by the'right' policies, procedures, training, remuneration andincentives to promote best practice risk behaviour and atthe same time encouraging creative and entrepreneurial riskdecision-making by civil servants.

Fig. 2 - The Targeted Approach

2. Quantitative Process Changes

Three Lines of Defence

We propose that the Government adapts best practice usedin multinational companies where a sound risk frameworkshould have three lines of defence, as described above andrepresented in Fig. 2. From a UK Government perspective,this would look like the following. The 1st level of defence(illustrated as the red ring in the fig. 2, above) is theGovernment department where the risk originated and isresponsible for managing that risk. The 2nd level of defence(the white ring) is the Civil Contingencies and NationalSecurity Secretariat’s efforts on risk mitigation, which wouldlikely operate out of the Cabinet Office. The 3rd level ofdefence (the blue ring) is the responsibility of the PrimeMinister and his Cabinet, supported by the newly formedindependent ORM. As with the Business approach, the riskcrystallises if all three levels are breached.

Cause

Horizon scanning is a methodical way of identifyingopportunities and threats that are starting to emerge. TheUK’s Foresight Horizon Scanning Centre, currently basedat the Department of Business Innovation and Skills, is agood starting point to gather information on andquantitatively analyse emerging Black Swans. We believe

Current

Available information Unavailable information

UnavailableinformationAvailable information

Proposed

Known byGovernment


Issues/risks

Issues/risks


Known byGovernment

Not known byGovernment

Not knownby

Government

Black Swans Mean Business (Part I1)

7


that the Foresight Horizon Scanning Centre should beexpanded, given its strategic importance, and movedpermanently to the newly-formed ORM. This will ensurethat the study of emerging risks is joined-up andcoordinated centrally.

Effect

We recommend that the UK Government could do more toimprove quantitative methodologies for aggregating risksacross the country. Expertise needs to be gained tounderstand correlations between risks, stress test modellingand scenario testing. Modelling techniques used byBusiness, such as ‘value at risk’ and ‘GARCH with dynamicconditional correlation’ could contribute to a betterunderstanding of risk interactions quantitatively.

In addition, a robust stress-testing program is needed tosimulate extreme events involving UK’s civil and nationalsecurity risks. The point of this exercise would be to design,using simulated scenarios of events that could significantlyimpact the country, effective contingency plans to mitigatethe effect of these risks. Such a programme could help theGovernment to prepare better for risks and create anopportunity to allocate resources in a more effective way.

Conclusions and Recommendations

Managing its civil and national security risk is one of thegreater challenges facing any government. Since, 2010 theUK Government has made some strides to firm up the wayit predicts and manages these risks. However, there is a greatdeal more it can be doing.

The world of Business, and in particular, the financial world,has seen considerably more progress than the public sectorin this respect. But rather than lament this point, theGovernment should actively seek to replicate best practicetechniques in risk management, which could have anenormous value impact on both the UK’s finances and thelife of the nation. As a starting point for this process ofreform, we make the following policy recommendations:

1. Setting up of an Office for Risk Management (ORM).This would be structured as an enlarged base for the UK’sForesight Horizon Scanning Centre.

2. Bringing in external experts to advise the ORM, which

should have the effect of reducing ‘group think’ withinthe Government’s risk management processes.

3. Encouraging a ‘risk culture’ across GovernmentDepartments by introducing training in risk managementfrom outside practitioners.

4. Introducing ‘best practice’ risk management structuresfrom Business, including the ‘three lines of defence’approach.

5. Introducing quantitative risk modelling strategies to boththe ORM and Government Departments. Thesetechniques are currently widely used by banks, withstartling results, and should be replicated by Governmentin managing Black Swan risk. It is essential that theGovernment acts to reform its risk managementframework. The policy proposals put forward in thispaper and summarised above are a pragmatic and costeffective way of achieving meaningful results for thecountry. The Government must act swiftly, as what is atstake is nothing short of the life of the nation and thesecurity of our citizens.

Essential Reading

Taleb, Nassim Nicholas, The Black Swan (London: Random HousePublishing, 2008)

US Department of Defense Briefing,12 February 2002: transcript of thenSecretary of State, Donald Rumsfeld:http://www.defense.gov/transcripts/transcript.aspx?transcriptid=2636

A Strong Britain in an Age of Uncertainty: The UK National SecurityStrategy (October 2010: The United Kingdom Stationary Office): http://www.direct.gov.uk/prod_consum_dg/groups/dg_digitalassets/@dg/@en/documents/digitalasset/dg_91639.pdf?CID=PDF&PLA=furl&CRE=nationalsecuritystrategy

Global Risks 2012: 7th Edition (Geneva: World Economic Forum, 2012):http://www3.weforum.org/docs/WEF_GlobalRisks_Report_2012.pdf

AcknowledgementsThe author is grateful for the co-operation of UK Government Ministers andthe support of the Risk Management community in producing this paper.

The author can be reached via Ms Joanna [email protected]

Black Swans Mean Business (Part 1I)


8

Corporate Funding ConsultantsGlobal Solutions for International Clients

tel +44 (0)20 7382 8787 www.nivencapital.com

As described in the previous issue of Global RiskUpdate, politicians in the US and Europe tooknote of the G-20 Pittsburgh Summit by creatingthe Dodd-Frank Act and the European Market

Infrastructure Regulation (EMIR) respectively.

The approach in the US was to pass a complex reform law(now referred to as the Dodd-Frank Act) in Congress. Havingapproved the Dodd-Frank Act, the two major regulators, theSecurities and Exchanges Commission (SEC) and theCommodities and Futures Trading Commission (CFTC) have

been busy turning what was a 2,300 page law, into practicalrules to be implemented by banks and financial institutions.

Similarly, in Europe the political process has just ended andthe final text of EMIR will be published soon. As in the US,this must then be translated into practical rules by theEuropean Securities and Markets Authority (ES MA).

It is worth noting that EMIR and MiFID II together set outthe EU’s regulatory approach to derivatives contracts. EMIRcovers the clearing obligations for OTC derivatives, as well

OTC Clearing Evaluation of theEMIR and Dodd-FrankRegulations –The US versusEuropeMichel Dorval is a global market specialist at Misys and leads the thought leadership team. Inthis second article concerning OTC Clearing he delved deeper into the differences between theEMIR regulation and the Dodd-Frank Act and also possible impact on IT.


9

as the reporting of all derivatives contracts to traderepositories, while MiFID II covers the obligation to ensurethat only derivatives with an appropriate level of liquidityare traded on trading venues

Asian regulators, meanwhile, have been slower to rule onimplementing OTC Clearing, so it is technically possible forfinancial institutions to avoid stricter regulation in Europeand the US by moving a portion of their business to Asia,given the global nature of OTC derivatives, even thoughthis goes against G-20 guidelines.

This chapter explains the different components of OTCclearing and compares Europe with the US approach.

Timetable

Given the tight timeframe (in particular in the EU with ESMA’s advice due to be presented only three months beforethe end of 2012), firms that will be affected need to prepare(if they have not already done so), for the new regulatoryregime that will shape the OTC derivative markets for theyears to come.

Clearing obligation: Scope

In general terms, in both the US and Europe the clearingobligation will apply across the five main derivative assetclasses (interest rate, equity, credit, commodity and foreignexchange).

Clearing: Exemptions

During the clearing process, product and participantexemptions can occur. The differences between US andEuropean regulators are noted below. Unlike the US , theEU (EMIR) does not expressly provide exemption forforeign exchange derivatives or options on equity.

Regarding participants, both Dodd-Frank and EMIR haveidentified specific instances for exemptions.

Trading venue

In the US , there is as yet not much guidance about how theSEF requirement will work. Current CFTC proposals willrequire transactions to be executed through an order bookor ‘request for quote’ system. In Europe, EMIR and MIFIDII are not aligned as regards the trading venue.

Margin requirements

Neither the US nor the EU provides transparency as to howmargin requirements are calculated. With regards to EMIR,it is possible that only cash and government bonds will beeligible as collateral for such purposes; not corporate bondsor equity.

REGULATOR: Time-line

EMIR Dodd-Frank Act

The obligation to comply The obligation to complywith the rules from ES MA with the rules from theis intended to be in force CFTC and SEC is intendedfrom January 1st 2013 to be in force by the end

of September 2012

REGULATOR: Scope

EMIR Dodd-Frank Act

OTC derivatives: credit, OTC derivatives: credit,interest rate, foreign interest rate, foreignexchange, equity exchange, equityfrom January 1st 2013 to be in force by the endand commodities. and commodities.

REGULATOR: Product exemptions

EMIR Dodd-Frank Act

No product exemptions OTC options on equity,foreign exchange, derivatives like FX swapsand FX forwards.

REGULATOR: Trading venue

EMIR Dodd-Frank Act

Trading venue can be Trading on a swap orregulated markets (e.g. security-based swapthe London Stock execution facility (SEF)Exchange); multilateraltrading facilities (MTFs),such as BATS/Chi-X); andorganized trading facilities(OTFs) – a new kind oftrading venue introducedin MiFID II )

REGULATOR: Cleared OTC derivatives

EMIR Dodd-Frank Act

Initial margin as well as Initial margin as well asdaily variation margin daily variation marginrequirements. This will be requirements. This will bedone by CCP. done by CCP.

REGULATOR: Un-cleared OTC derivatives

EMIR Dodd-Frank Act

Daily margin calculation Calculation of initial andand segregated exchange variation margin, althoughof collateral mark-tomarket no regulatory proposal to(or where this is hold collateral from thenot possible, swap dealer.mark-to-model)

OTC Clearing Evaluation of the EMIR and Dodd-Frank Regulations –The US versus Europe


10

Reporting to trade repositories

To address concerns that regulators do not have a full pictureof the exposure of the firms they regulate, and about thepossible systemic implications that these may pose, anumber of trade repositories have already been established,with others in the process of doing so.

These essentially form a central database, where informationon positions is collected. Both US and EU proposals requirereporting of full trade data within one day of execution. Thiscould result in compressed time periods for negotiatingtrade confirmations.

A Checklist for Compliance with OTC Clearing

In this chapter we will analyze in more detail therequirements for banks to integrate their existing front-to-back solution to other platforms. In the OTC Clearingframework, this involves connecting with newintermediaries, such as banks, clearing members/brokers andCCPs.

Connectivity to key players

An affirmation platform in the OTC clearing model providespost-trade execution functionality such as trade matching,affirmation, confirmation and trade reconciliation. Theseplatforms also send trades to CMs and CCPs, as well as toTRs, where necessary. It is therefore crucial that each bankbuilds an interface between their capital markets solutionand an affirmation platform.

This interaction is dynamic in the sense that the interfaceneeds to follow up possible post-release processes, such asamendments and cancellations, in the capital marketssolution. The data mapping required includes static mappingfor trade economic data that doesn’t change, and dynamic

mapping to handle data that does change (such as thirdparties, floating rates and so on), error handling (technicaland business errors, recovery…) and reconciliation.

Connectivity also means the ability to connect to differentsources for position and trade information in order tocapture all the data points that have a bearing on how theinstrument is traded. This part of data managementdefinitely has an impact on the ability to accurately calculaterisk exposure, profit and loss and to carry out reporting.

For clearing members in particular, connectivity also meansthe requirement to connect to CCPs. This is crucial for theexchange of various flows, such as a request for collateral orfor valuation details.

Flexible and advanced calculation engine

Clearing members and CCPs are required to calculate initialmargin (IM). In the case of banks, it is very difficult to re-compute the IM requirement.

The following process must therefore be followed:

n The IM requirement is calculated and sent by the clearingmember/clearing broker to its clients

n The client receives a report (FP ML, XML, FI X…) andis asked to settle the collateral required to cover the IM

n The client can cover the IM in cash or securities. It istechnically very difficult (if not impossible) for the banksto re-compute the IM requirements; but the client cansimulate the initial margin by using the tools provided bythe clearing houses.

REGULATOR: Reporting to trade repositories

EMIR Dodd-Frank Act

All derivatives need to be All swaps need to bereported. This includes reported. This includesOTC and exchangetraded OTC and exchange-tradedinstruments. instruments.

All transactions, All transactions,modifications and modifications andterminations to all terminations to aEU counterparties fall US -controlling parentwithin scope. entity, or entity in the

US are in scope.

The details of these The time gap fortransactions must be transactions that needreported no later than to be reported variesthe working day after the between 15 minutesconclusion, modification and one day.or termination of thecontract.

11



Clearing members and CCPs need a system to calculate IMon an intra-day basis, based on a VaR methodology where allcleared transactions are included in the IM calculation, anda separate collateral service to assess the collateral available.The difference is calculated to derive a margin callinstruction or novation.

In the case of the End of Day (EOD) process, the workflowis just the same. Clearing members and CCPs are requiredto calculate EOD, although this is not mandatory for bankswho are allowed to simply import the EOD:

n The EOD report is calculated and sent by the clearingmember/clearing broker to their clients;

n The client receives a report (FP ML, XML, FI X…) andis requested to settle the EOD netting flow.

A ‘trade offset’ is the process being developed by the CCPto reduce the overall number of trades being transacted withthe same counterparty. This process should identify tradesthat can be compressed. All participants verify the proposedtrades. Once the ‘unwind’ proposal is accepted by all partiesinvolved, the CCP calculates the margin impact and, wherenecessary, asks for additional margin cover. Once satisfied,the CCP declares the trades terminated and processes anydeletions.

Configurable, rules-based workflow

To ensure a smooth integration between internal andexternal services, a configurable rules-based workflow isrequired. A graphical representation of the workflow-basedrules will make it easier to maintain this configuration (figure6).

Monitoring dashboards and blotters can help to identifyexceptions when they occur. These should also be flexibleenough to perform controls such as eligibility checks.Flexibility is required because deal data comes from everyCCP and evolves over time. For clearing members it is quitea challenge to incorporate this level of flexibility into thecontrol definition.

n If all controls are passed, the trade is accepted forclearing and the CCP proceeds with the novation

n If one of the controls fails, the trade is not accepted forclearing or follows a different workflow (a clearingconsent request to the CMs, in some cases)

Figure 6: Configurable, rules-based workflow

Reporting

Reporting is a cornerstone of the OTC Clearing Reform; itis fundamental to achieving the transparency being sought.The system must deliver the ability to report on all datapoints, captured at a contract, trade and positional level.

An open relational database schema is required to allow forflexible reporting requirements that will potentially changeover time. It should be possible to run all reports in real-time to reflect the most up to date view of positions andtrades within the system; so these can be linked to marginand cost of carry reports.

Conclusion

The credit crunch certainly exposed the weak points in theOTC derivative markets: lack of transparency, counterpartycredit risk and operational risk.

The initial reaction of the politicians, followed by theregulators, was to push standard OTC derivative contractsto an exchange or electronic trading platform, to be clearedthrough central counterparties (CCPs).

The effect of this will be that bilateral clearing will graduallydisappear, to be replaced by a CCP that will intervenebetween the two counterparties in a transaction designed tomanage the counterparty risk.

Different players have a role in the CCP workflow to finalizethe derivative transaction: the affirmation platform thatprovides post-trade execution functionality; the traderepository that makes it possible to see a firm’s underlyingposition and exposure from a central vantage point; and theclearing members that act as a liaison point between buyersand the CCP for all post-trade functions, including dailymargin management.

With the implementation of OTC Clearing reforms atdifferent stages in different regions, this paper focusedspecifically on Europe (EMIR) and the US (Dodd-Frank), toshow the overlaps and highlight some differences inapproach, for example in exceptions, time-line and reportingrequirements.

The challenge facing the different players now is how tointegrate these requirements into their business systems,where topics like connectivity, calculation engines,configurable rule-based workflow and specific reportingrequirements are top of the agenda for organizationsneeding to comply with the OTC clearing framework.

Above all, it is a question of time. This transformation of thecapital markets is happening at speed. With a deadline setby the G-20 of 31 December 2012, the players involvedneed to have their preparations well under way to be part ofthe new regime.

The author can be reached via Ms Joanna [email protected]

Semantic API (Java)

Business API

Reporting to client

Eligibility Checks

Send ClearingNotification

NovationProcess

IM Calculation

Collateral Availability

Settlement

Margin Call



12

Banking and other regulations are always looking formore things for the internal auditors to do. Internalaudit is the third line of defence and even has itsown paper from the Bank for International

Settlements (BIS). Generally the bank’s Board and financialregulators rely upon the internal audit function to provideindependent assurance as to the operations of the firm,notifying where there are weaknesses and ensuring thatmanagement design and implement appropriate solutions.

These days many CEOs and Heads of Audit Committeesare questioning whether their internal audit function actuallyis any good. Does it do what the Board and regulationsexpect them to do? Do they do it well? Is this functionbeing independently assessed? Who is auditing theauditors?

The Objectives of an Independent IAAssessment

An independent assessment of internal audit will providesenior management with the assurance that the internal auditfunction actually achieves its objectives; that it conducts itswork with rigour and understanding efficiently andcompetently; that it reports appropriately and provides theindependent assurance that is required; and that it is up todate and has the skills that it needs to achieve its objectives.

Of course your IA function achieves this, you say.However our experience has been that in many cases auditfunctions, even of major firms, could be significantlyimproved and could deliver a better, more complete andmore efficient service. This is not a sales pitch – theregulators are putting the pressure on the banks andfinancial institutions and results are not being achieved totheir satisfaction. An independent review of the internalaudit function is an imperative to commercial viabilitythese days, too.

The real question for any firm is what should such a reviewfocus on? If it needs to add value to the business it needsto do a thorough and efficient job. Many internal auditfunctions are still only partly embracing the risk basedapproach and few fully appreciate the value that they couldadd. Some of the problems are common and these couldeasily be addressed by a thorough review of the function.

These include ensuring the following:

Completeness of the Audit Universe

There is an obligation on internal audit to audit the entireinstitution and all of its subsidiaries, yet we often find thatsignificant gaps in the audit universe occur. Audit universeshave generally been built over a period of time. They arehistoric documents added to from time to time but notalways systematically updated to ensure it is aligned to theprevailing structures and business of the firm.

The audit universe needs to cover all of the operations ofthe business, all of its structures and committees and all ofits outsourced relationships. The failure to ensure that all

Your Internal Audit:Is It Delivering forYou?Global Risk Update Editor in-Chief Dennis Cox in this article looks at the key challenges thatface internal audit and considers why it is important to review the function on a regular basis.


13

committees are addressed in the audit universe is a commonweakness. Another interesting area is finance. Many internalaudit functions work in the mistaken belief that they do notneed to review finance since that is the role of the externalauditors. This in some cases springs from amisunderstanding of the role of the external auditor by theinternal auditor.

External audit undertakes work to establish that theaccounts of the firm show a true and fair view of thebusiness. To better appreciate the issue we should perhapssay fairly fair and fairly true since there is no requirement toprofess accuracy. The auditors look at the annual reportingprocess and how the financial statements are prepared andthen conduct such work as they require to achieve the levelof assurance that is needed. They do not look at people’sroles or the efficiency of systems, nor do they look ataccounting procedures leading to reporting at period endsother than the year end unless requested to do so. Sincethe preparation of the annual accounts is an exercise that isvery different to the monthly cycle of financial reportingthey can provide the Board with almost no assurance relativeto internal financial reporting processes performedthroughout the year.

It is therefore important that the internal auditors work inthis area.

They will need to know the controls over accounting thatoperate throughout the year, not just at the year end. Theywill need to verify management accounting systems andcontrols as well as budgeting and capital management. Thatthese matters are either not addressed or are only receivinglimited attention is clearly a concern.

The Limited Audit Assignment Scope

There are many problems found here starting with askills shortage: Often the internal auditors conclude thatthey do not have the skills to undertake certain tasks, forexample, the legal department or mathematical modelling.Where this is the case we find that the internal auditors willconduct work in ‘known’ areas excluding all of the areaswhere they are not comfortable due to limited expertise.They generally do not state in their audit reports that certainareas have not been addressed with the result that the Boardand its subsidiary Audit Committee will incorrectly assumethat such matters have been addressed. By failing tospecifically highlight the weakness in the audit approach theaudit function is not letting the senior management have theopportunity to consider whether additional audit workshould be commissioned or additional skilled resourcesacquired by internal audit.

Time: When an audit commences there is often a broadscope agreed for the assignment. This may be driven by theaudit committee, the limited resources or ignorance as to

the real size of the assignment. In such cases the internalauditor has a problem – too many things to do and

too little time to do them. They will then cutcorners or start to exclude specific areas. That

areas have not been addressed is rarelymentioned in the audit report and the area

does not then get addressed in asubsequent audit. It just gets

forgotten.

Reporting: Too many auditfunctions are focussed on whatmight best be described as‘process auditing’, that is,taking procedures from theprocedures manuals andensuring that they arecomplied with by therelevant staff. Such auditsoften ignore supervision andmanagement focussing allactivity at the lowest levelsonly. There is, of course,nothing wrong with doing

this but it is what may bemissed that is the problem.

Structure: If there is a regionalstructure to a multi-branch retail

bank then the business is typicallymanaged through central and/or

regional management. If branch auditsdo not include an examination of the

Your Internal Audit: Is It Delivering for You?


14

centralised management functions then audit results arelikely to focus on how branches are actually functioningrather than how they should be functioning. This rendersthe audit findings of limited benefit and results in keybusiness areas not being properly addressed. It could evencause duplicate controls that are not cost effective to beimplemented.

Process: The process-based audit rarely extends beyond amain computer system. Such audits conclude whethersystems inputs are complete and accurate which is valuableinformation. That is not the problem. Again it is not whatis done it is what is not done that is the concern. Wheninformation is extracted from a computer system and usedin reporting purposes it is often manipulated in userdeveloped tools via applications such as Word, Excel andAccess. In many firms all reporting relies on such userdeveloped applications yet the process audit fails to get tothis level of detail and address possible control weaknessesand reporting errors to which such applications are prone.From our experience audit committee papers rarely have thelevel of rigour that senior management would expect.

Contentious Issues

The internal auditor is invariably in a difficult position.His/her role is to assess parts of the business to the best oftheir ability often where they are not expert. Of course theydo their best but if there is a contentious issue will theyreally deal with it raising it to the right level and ensuringthat it is dealt with effectively?

From our experience we often find relevant issues that havebeen identified by the auditors and appear within the auditfiles but are not in the final report. What happens in suchcases is that the audit findings are challenged by the businessunit and if the auditor is not entirely confident in the

respective subject matter, they are dropped. In other casesthe finding is not one for the head of the business unit toaddress who asks for it to be deleted from their report neverto appear again.

The Head of Internal Audit is crucial in this regard. If theauditors believe they have a relevant issue the finding shouldbe kept in the audit report and accept business unitmanagement’s disagreement thereby enabling seniormanagement to draw their own conclusions on theseriousness of the issue. Failing to report in this way doesnot enable senior management to manage and support auditas necessary. Separate sections for findings that needmultiple or different levels of response is a good practice.

Auditing Judgement

Following on from the above concern is the issue of auditingthe judgements exercised by management. Audit functionsmay decide that judgement is not within their scope, yet theBoard and regulators are increasingly looking for the internalauditors to include a review of judgement in their audits.

There are many areas within a business where judgement iskey to the work that the firm conducts such as creditunderwriting, investing, strategy and law. Without assessingjudgement the audit becomes little more than a review ofthe processes conducted. Of course there are always twoapproaches that could be taken: in the first approach theauditor seeks to establish that the person exercisingjudgement has reliable and complete information on whichto base a decision. If they had such information then theauditor would conclude that they have achieved theirobjective.



15

The second approach is increasingly that the expectation ofthe Board and the regulator is that the auditor should assessthe decision made, seeing that it is properly justified andappears reasonable in the circumstances. Failing to achievethis part of the internal audit scope undermines the truevalue of the audit. The auditing of judgement is oftenavoided due to the risk of the expert questioning theknowledge of the auditor. Asking the expert to justify theirdecision, documenting it adequately and justifying whyother choices were rejected is all part of efficientmanagement. The auditor is only asking the questionssenior management would ask and the audit findings maywell be illuminating.

Auditing Efficiency

We have all seen audit findings that have not been properlythought through but the cost of implementing the proposedcontrol vastly exceeds the risk that is being addressed.Auditors may consider that they only need to focus on

whether procedures are conducted and offset therisk, not whether their recommendations are

really adding value to the firm itself.

Clearly the Board is seeking assurancethat the procedures operated by thefirm are cost effective and not anonerous and unnecessary burden. Werarely see audit functionsrecommending that controls that donot add value should be removed.While it is understandable that thereis a degree of reticence due to theenhanced risk of being wrong, byfailing to address such issues theauditors are doing themselves and

the Board an injustice.Efficiency auditing

should be

conducted by internal audit just as it is within other sectorsand as required by the new standards promulgated by theBank for International Settlements.

The Audit Reports

The audit report is the key document prepared by theinternal audit function. It documents the improvements thatthe internal auditors have identified as a result of their workin the interests of the business. We find many problems inpractice as described below.

Executive summaries often have little to do with the contentof the audit report itself. The executive summary is not theplace to introduce new recommendations. It has neither anaction section nor a follow up. The summary should reflectand be referenced into the key matters within the auditreport.

It is often all too evident that different teams have produceddifferent sections of the report using different formats.Failure to standardise actually means that the variouscommittees will question the quality of a function that couldnot even follow a standard set of processes.

The quality of an audit report is not related to its length.Voluminous background is not read by senior managementand is known by the business unit, so who is it for? Makingthe report shorter and ‘punchier’ will gain greater attentionand highlight internal audit’s ability to focus on key mattersof real importance.

These are just a few of the issues we have identified inpractice, often leading to a major changes within the internalaudit function being required to enhance the value it adds tothe firm. Risk-based auditing is not just about reducing thelevel of audit work; rather it ensures that the firm gets thegreatest return on the resources it invests in internalauditing. By spending more time auditing those areas wherethe risks are greater, the incidence of unexpected losses canbe reduced and efficiency of the business improved whilealso strengthening the risk and control environments. TheBank for International Settlements has recommended that afirm should commission a review of the internal auditfunction periodically. Such a review can add tremendousvalue to the business and should be conducted at least everythree years.

Dennis Cox, CEO, Risk Reward Ltd, was formerly Senior Audit ManagerHSBC (Global) for eight years covering more than 25 country internalaudits leading a 20-person team.

The author invites your comments via email [email protected]



16

In recent years the financialservices industry has becomeincreasingly reliant on models tohelp manage risk. The Advanced

Approach to risk analysis requirescreation of models for each risk typeused for the determination of capitalrequirements under the Basel IICapital Accord (banking and financialinstitutions) and for the “internalmodel’ under the Solvency IIDirective (insurance).

What is a Model? Why do weuse them?

Models allow us to reason about thingswe do not know. The US FederalReserve defines a model as “aquantitative method, system orapproach that applies statistical,economic, financial or mathematicaltheories, techniques and assumptionsto process input data into quantitativeestimates. Some inputs to a modelcould be partially or wholly qualitativeor based on expert judgment.” Amodel is a simplified picture of the realworld. Or, said another way, a modelmakes a series of simplifyingassumptions to describe theinterrelationships among variables for

risk analysis purposes. A model is adeliberate and often crudesimplification of reality. The ultimategoal of a model is to improve thequality of decision-making, analyzebusiness strategies, identify and

measure risk, improve capital andliquidity planning and moreimportantly, creating the environmentfor properly meeting regulatory,financial and public disclosurereporting requirements.

While models are used for manypurposes, the remainder of this articlewill focus primarily on models used forrisk management and reserve capitaldetermination processes.

What is Model Risk?

“Model risk” refers to the exposurethat arises when a risk model is createdwhich has embedded errors and/orlimitations in one or more of itsdimensions such as the underlyingtheory, code and/or inputs whenmeasured against its design objectivesor/and intended business uses, orwhen management does not interpretthe results of the model correctly(misinterpretation is something thatcan also amplify model risk), whichleads to incorrect estimates of the riskthat the entity faces.

Or, said another way, the primaryconcern related to model risk is wherethe model fails to capture reality as, bytheir nature, models are asimplification of the real world andmodel risk exists where thesimplifications materially impact theresults of the model relative to the realworld. Thus, business decisions are

UnderstandingModel Validation Yan Fishman is a senior Business Analysis and Software Development Professional specialisingin the computer assisted solutions for the financial institutions. He has had a leading positionin the development of a mortgage control system for a major Savings and Loan Corporation,as well as designing, developing and implementing computer based Credit risk models for thevariety of the major bank business lines. Mr. Fishman is an I.S.P (The Information SystemsProfessional of Canada) and ITCP/ IP3P (Information Technology Certified Professional alignedwith the International Professional Practice Partnership). Mark Dougherty is an internationalSenior Corporate Governance and Risk Management professional and Chartered ProfessionalAccountant (CPA)/Certified Management Accountant (CMA). For over 25 years, he hasimplemented regulatory initiatives to establish industry-leading standards in Basel II, preparationfor Solvency II, Sarbanes-Oxley (SOX) in Banking and Insurance in Risk Management.

In this article, the authors describe the essentials needed to understand model validation as partof risk management and in particular what are the key principles and the core components ofmodel validation, the model validation framework, key assessment criteria, tools, models and riskmanagement systems, documentation and a reminder that it is required by regulators.


17

World is suddenerthan we fancy it.

World is crazier andmore of it than we

think,Incorrigibly plural.

From ‘Snow’By Louis MacNeice

(1907-1963)

being made based on incorrect ormisunderstood outputs. Model riskincreases with the degree of modelcomplexity and with the increase inmodel usage inside a financialorganization.

An effective solution to mitigatemodel risk is model validation.

“Model validation” is an independentreview of both the models themselvesand the governance structuresurrounding them to ensure that themodel is suitable for the uses to whichit is put and that it functions asintended and can be demonstrated todo so. The model must be subjectedto critical analysis by objective andwell informed parties that can identifyits limitations and capable ofsuggesting ways of modelimprovement. No part of a modelshould remain unchallenged.

Basel II requires model validation byway of independent reviews to validatemodels used within the financialinstitution (FI). Under the Basel IIAccord, financial institutions arerequired to have sound, independentmodel validation programs. UnderSolvency II, the firm must establishgovernance and validation processesto ensure that the ‘internal Model’ (asdefined by the firm) is properlyvalidated and used appropriately incompliance with the Directive.

Objectives of Validation ofRisk and Capital Models

The primary objective of validation isto obtain ongoing affirmation (positiveassertion), through testing andanalysis, that the risk and capitalmodels:

n Produces appropriate, accurate,consistent, reliable and meaningfulCapital-related information, with akey focus on capital requirement(regulatory and economic) andother key uses.

n Remains appropriate and fit forpurpose (i.e., on-goingappropriateness of itsspecifications).

n Continues to be compliant to theregulatory approval for the model(i.e., capital requirements).

Key Principles in theValidation of Models

The firm must establish governanceand validation processes to ensure thatthe risk and capital models areproperly designed, developed, tested,implemented, validated and usedappropriately in the FI in compliancewith its authorized use.

There are a number of key principlesthat provide guidance in the validationof models, they are:

n The financial institution (FI) hasprimary responsibility forvalidation.

n Validation is fundamentally aboutassessing the predictive ability of aFI’s risk estimates and the use ofratings in credit/market/operationalrisk etc. processes.

n Validation is an iterative process. n There is no single validation

method. n Validation should encompass both

quantitative and qualitativeelements.

n Validation processes and outcomesshould be subject to independentreview.

Core Components of ModelValidation

The three core components of ModelValidation are:

1. Conceptual and TheoreticalSoundness

n Review of design objectives andintended business uses

n Review of Conceptual andTheoretical Soundness of modelassumptions, inputs, outputs,functions and overall methodology.

n “Developmental Evidence” – Focusis on design and construction.• Can the model be expected to

work as intended?• Consistency between model

and business objectives.• Using statistics vs. expert

judgment.n A consistent assessment of two

dimensions of model risk: • Model error potential (i.e.

potential errors in estimation). • Impact of model errors (i.e.

what is “bottom line” impact oferrors).

Understanding Model Validation


18

2. Model Operations(Compliance)

n Confirmation of model operation:on-going monitoring of model andsurrounding processes, which mayinclude:• Key Performance Indicators.• Exceptions monitoring (i.e.

Overrides).• Verification of “replicability”,

appropriate use of model, dataintegrity.

• Investigation in whether theeffects of changes in modelenvironment necessitate modeladjustment, redevelopment oreven replacement.

• Validation of any extension of amodel beyond its original scope.

3. Outcome Analysis(Performance Testing)

n Review of the IM’s historical andrelative performance, including:• Back-testing – Predicted versus

realized outcomes. • Benchmarking - Uses alternative

models, methodology or data todraw inferences about thesuitability of the predictedestimates, risk factors, orsegmentations prior toobservation of actual

• Other methodsn Importance of tolerance levels and

remedial action policy

Model Validation Framework

In the case of risk and capital models,the financial institution needs to have aregular cycle of model validation thatwill involve the assessment of manyareas including the performancemodels, reviewing the on-goingappropriateness of its methodologyand for testing the results againstexperience. The model validationprocess should include an effectivestatistical process for validating themodel that allows a demonstration thatthe resulting capital requirements areappropriate. A proportionate approachneeds be taken as not all validationtools will be applied to all componentsof the model at the most granular level.Validation should be independent frommodel development and use. It shouldbe done by staff not responsible formodel development and use and nothaving a stake in model validity.

For capital-related models, modelvalidation should apply to theconsolidated group level and for thoselegal entities that are subject tosupervisory review by their respectivelocal regulators.

Generally, each material component ofthe risk and capital models should bevalidated at least annually. Significantchanges in the external environmentmay necessitate additional ad hocchecks on the validity of the model.The proportionality principle shall beobserved in considering howfrequently the model shall bevalidated. Some of the models andtools that are used as part of the modelvalidation process may be run more orless frequently than annually.

The following are the key assessmentareas for model validation:

n Data – Ensure that the data, usedwithin the model, is complete,accurate and appropriate. Also,need to consider the data qualitydimensions of: relevance, timelinessand consistency.

n Assumptions – Ensure that theassumptions, used in the model, arerealistic, suitable, justifiable andappropriate. The key assumptionsunderlying the model are thosevariables which are important to thebusiness and / or have a significantimpact on the model’s results.

n Method – Ensure that theselected methods, used in themodel, are based on adequate,applicable and relevant actuarialand statistical techniques. Thisincludes ensuring that thewritten policy andprocedures statements thatdetail the key elements ofthe model continue toprovide the requiredguidance.

n Expert Judgement – Ensurethat the expert judgement, used asinput into the model, is justifiable.Expert judgement can take anumber of forms, including:replacing of or complementingdata, deciding how to use theavailable data and the selection ofassumptions.

n External Models andExternal Data – Ensure that theexternal models, where used, andtheir generated data, used in themodel, are suitable and sufficient.As well as ensure that the externaldata sources, used in the model, aresuitable and sufficient. Externalmodels and Data that is used withinthe model needs to be consistentwith the standards andrequirements.

n Model outputs – Ensure that theoutputs, of the model, arecomplete, accurate, timely andmeet the stated (e.g., regulatory)requirements. Including, ensurethat the model meets the needs ofits various stakeholders, withdifferent data requirementsdepending on their particular areaof interest and focus, and that theManagement Information remainswidely used, and plays an importantrole, in the management of thefirm. The granularity of the modeloutput needs to reflect the levels ofdetail in risk and capitalmanagement and decision-makingprocesses

n Documentation – Ensure thatthe documentation effectivelysupports the model and is regulatorycompliant. The design and



19

operational details of the modelneeds to be documented. Thedocumentation also needs to providea detailed outline of the theory andassumptions underlying the model.The documentation should provideinformation on the intended use ofthe model and define the model’soperational limits.

Tools used in Model Validation

The following are some of the keytools for model validation:

n Back-testing – Testing of themodel results against experience,including an assessment ofdiscrepancies between the range ofoutputs from the model and actualrealisations or justified comparabledata.

n Sensitivity Analysis – Varyingindividual model parameters toassess the impact on capital.

n Stability Analysis – This is usedto test the robustness of the model,for e.g. a change of inputs shouldnot produce model outputscontrary to expectations or a re-runof the model with different randomnumbers should not producematerially different results. This islinked to Sensitivity Analysis.

n Scenario & Stress Testing –An assessment of the impact of asingle event (stress) or combinationof events (scenario) on how resultsmay look under various conditionsin order to identify possiblelimitations in the model.

n Reverse Stress Testing –Determination of the level of losswhich would lead to insolvency (orfailure to deliver the plan) and workbackwards to determine thescenario(s) which might lead tothat level of loss.

n Benchmarking – Comparison ofa model, either in total or part, withpeers and / or available academicliterature and research.

n Analysis of Change – Analysisof how the results of the modelhave changed from one period tothe next, including underlyingdrivers.

n Thematic Reviews – Reviewsof key aspects of the model inorder to gain comfort over thetheoretical basis of the model. Thismay include the mathematicalframework and whether the modelreflects the correct risk drivers.

Models and the RiskManagement Systems

Financial Institutions must ensure thatthe models they are using aresupported by risk managementsystems that are conceptually soundand implemented with integrity.Qualitative criteria include:

n There is an independent risk unitwho provide a governance roleover models

n The FI’s internal risk measurementand capital model must be closelyintegrated into the day-to-day riskmanagement process of theinstitution

n Institutions should have a routine inplace for ensuring compliance with adocumented set of internal policies,controls and procedures concerningthe risk measurement system and

n An independent review of the riskmeasurement system should becarried out regularly by the bank'sown internal auditing process (bestis once a year).

Documentation of Models

An important component of the firm’smodel control framework is thestandards for the required supportingdocumentation for models.

The documentation standards include:(1) sufficient detail to understand theway in which models are validated and(2) clarity around acceptableoperating thresholds of the models.Additionally, models are required to beperiodically reviewed to assess theirongoing appropriateness of approachgiven changes in the underlyingmarket conditions and/or generallyaccepted valuation methodologies andthis must be documented.

Standards should include that:documentation is clear, thorough andcomplete, incorporating assumptions,underlying theory, test data, modelstructure, justifications for model andparameter selection, model results andthe validation criteria for an effectivemodel.

Other Considerations

There is a need to embed models intodecision-making processes. Executive/Senior management needs tounderstand and support the risk

models’ parameters used in thedecision-making process (e.g., forprovisioning, limit approval, etc.).

The use of models is an importantvehicle to measure and monitor risksacross the bank, enhance riskmanagement and ultimately determinecapital requirements. These need to beestablished (embedded) into theregular processes of the firm. .

As a component of good corporategovernance, the bank shouldendeavour to achieve segregation ofduties between model development,model operation and model validation.

Summary

The banking industry has becomeincreasingly reliant on models (i.e.,risk models) to help monitor, measureand manage risk.

The goal of a risk model is toimprove the quality of decision-making, reduce the decision risk, and,more importantly, favorably influenceor even shape the future internally-based environment.

“Model risk” arises when a model iscreated with embedded errors in oneor more dimensions such as theunderlying theory, code and/or inputsor when management does notinterpret the results of the modelcorrectly, which leads to incorrectestimates of the risk that theinstitution faces.

This results in business decisionsbeing made based on incorrect ormisunderstood outputs.

An effective solution to help mitigatemodel risk is model governance andvalidation.

Model validation is an independentreview of both the models themselvesand the governance structuresurrounding them.

Under the Basel II Accord and theSolvency II Directive, financialinstitutions are required to havesound, independent model validationprograms in place.

The authors invite comments and feedback viaemail to [email protected]



20

The ethicalf r a m e w o r kg o v e r n i n gIslamic Finance

prohibits gambling,speculation and interest.Although at first glancethis sounds like a riskmanager’s dream, it doesnot mean that an Islamicbank runs little to no riskat all.

Like other banks, Islamicbanks face risks inherentto the financial industry,and they have to abide bythe same rules as othersfor the calculation ofregulatory capital.However, Islamic banksalso have their own set ofunique risk managementchallenges.

Since the Islamic financialindustry is comparatively young and the balance sheet sizeof the average Islamic bank is relatively small, issuesassociated with the calculation of regulatory capital are inpart similar to those faced by small, locally operating,conventional European and North American banks.However, because of the transaction structures they employ,Islamic banks face higher charges for regulatory capitalunder the Basel III capital accord.

There are, in fact, a few Islamic Finance-specific issues thatneed to be taken into consideration when contemplating thepotential impact of the Basel III implementation at Islamic

banks. This article will examine those issues and will alsoexplore other factors that distinguish Islamic banks from arisk management perspective.

Islamic Banking: History, Growth andProhibitions

Though Islamic finance remains a relatively young industry(the Islamic Development Bank, the first Islamic Bank, wasestablished in Jeddah in 1972), it has grown significantly andhas branched out into new geographic regions. For example,there are now a total of 24 financial institutions offering

Islamic Finance: Unique RiskManagement Challenges andthe Impact of Basel IIIAuthor Dr Natalie Schoon, CFA, CAMS is an internationally recognised expert in riskmanagement and Islamic banking and finance. Her early career in Islamic finance began inBahrain, Kuwait and Dubai in the 1990s which led to roles at Bank of London and the MiddleEast, Barclays Capital, ABN AMRO and Gulf International Bank. She has earned a PhD (thesisin Residual Income Models and Valuation of Conventional and Islamic Banks) a depth oftechnical knowledge, both Islamic products and risk, and is an accredited trainer to the IslamicFinance Qualification (Lebanon-UK). In 2010 she became a Visiting Fellow at the ICMA Centre,Henley Business School at the University of Reading (UK). This article was submitted fromKabul where Dr Schoon is consulting to develop an Islamic financial services infrastructure foran agricultural lender in Afghanistan.


21


22

Islamic financial services in the UK,1 including three UK-based banks that are wholly compliant with Sharia’a – or theprinciples of Islamic law.

Globally, after a fairly slow start, the Islamic Finance industryhas grown at a rate of 15% to 20% per annum over the past10 years, and is expected to continue to grow at a similarrate for some time to come. Islamic financial products areoffered using three different distribution channels:(1) Islamic windows of conventional banks;(2) Islamic branches of conventional banks;or (3) fully Sharia’a-compliant Islamic banks.

Although the first two distribution channels are currentlythe most popular, the number of fully Sharia’a-compliantbanks is increasing rapidly.

Like every other aspect of Muslim life, Islamic banking isgoverned by the Sharia’a and the interpretation of this law(Fiqh). Together, these provide the ethical frameworkoutlining the essence of economic well-being and thedevelopment of individuals. This framework does notspecifically apply to Islamic banks, but to life and businessgenerally. Fairness, honesty, avoidance of hoarding andavoidance of tort are an integral part of the Sharia’a law, butso are the prohibition of riba, gharar and maysir.

In brief, these prohibitions are defined as follows:

Riba (or usury) is the predetermined interest collected bya lender, which the lender receives over and above theprincipal amount it has lent out.

Gharar (or gambling) is the sale of a probable item whoseexistence or characteristics are not certain. A traditionalexample of gharar is the sale of any of the animals from aherd without specifying a particular one. In the context ofIslamic Finance, a more current example is advising acustomer to buy shares in a company that is the subject ofa takeover bid on the grounds that the share price is likelyto increase.

Maysir (or speculation) is an event in which there is apossibility of total loss to one party. Maysir has elements ofgharar, but not every gharar is maysir.

In the context of the Sharia’a framework, money is seen asnothing more than a means to facilitate trade (rather than astore of value). Consequently, in combination with theaforementioned prohibitions, it is not possible for Islamicbanks to provide financing in a similar fashion toconventional banks. Instead, other structures are applied inwhich the bank often plays a much larger role in thefinancing structure and becomes a partner in the project tobe financed – rather than just a provider of money.

As defined in the accounting, auditing and governancestandards for Islamic financial Institutions,2 Islamic banks arefounded on the concept of profit sharing and loss bearing,which is consistent with the Islamic concept that “profit isfor those who bear risk.” Profits are distributed per a ratiodefined in the contract, and any losses are distributedequally depending on the share in the project a party holds.

Islamic FinancialProducts – Quick Reference

Islamic financial products work on the basis that the bankand the customer share the risk of investments on agreedterms. Profits are distributed based on negotiated terms;risk is distributed based on the share of the ownership.Islamic Financial products typically have an underlyingasset that requires financing. Six of the main transactiontypes are specified below.

MurabahaDeferred sale of goods at cost plus an agreed profit markup under which a party (the seller) purchases goods at costprice from a supplier and sells the goods to another (thebuyer) at cost price plus an agreed mark-up. Murabaha hasa variety of applications and is often used as a financingarrangement for instance for receivables and workingcapital financing.

Commodity Murabaha Deferred sale of commodities at cost plus an agreed profitmark-up under which a party (the seller) purchasescommodities at cost price from a supplier and sells thecommodities to another (the buyer) at cost price plus anagreed mark-up. Commodity Murabaha has a variety ofapplications and is often used for liquidity managementpurposes such as working capital financing.

IjaraBilateral contract allowing the transfer of the usufructwhich basically equates to an operational lease in whichthe bank leases the asset to a client. Ijara takes on differentstructures depending on the specific financingrequirements of the counterparty.

MusharakaPartnership of two or more owners of a property held incommon. Partners do not have to own a proportional sharein the property. Any profits and losses are sharedaccording to the terms of the contract. Ownership of theunderlying property can be transferred gradually duringthe term of the contract (Diminishing Musharaka). TheMusharaka structure is for instance used for mortgages anddevelopment financing.

MudarabaPartnership contract in which a capital owner (Rab al Maal)enters into a Mudaraba contract with a partner (Mudarib)to undertake a specific business or project. The Mudaribprovides the labour or expertise to undertake a businessor activity. Profits are shared on a pre-agreed ratio butlosses are borne by the Rab al Maal only.

SukukDocument or certificate evidencing (part) ownership ofan underlying asset. Profit is depending on theperformance of the underlying asset. Typically referred toas an Islamic Bond

Islamic Finance: Unique Risk Management Challenges and the Impact of Basel III

The bank or financier partners with the company orindividual seeking financing; the bank therefore holds (part)of the title to the underlying assets as well, depending on itsdegree of ownership.

Risks in Islamic Banks

The absence of interest in Islamic Finance means that Islamicbanks are not subject to interest-rate risk. However, thisdoes not mean Islamic banks are subject to lower levels ofrisk than conventional banks.

Like conventional banks, Islamic banks incur liquidity,credit, settlement, leverage, operational and businessrisk. Additionally, Islamic banks also incur risks that are notcommon in conventional banks, such as 3:

n Fiduciary Risk. Specifically, risk related to the natureof the Mudaraba contract, which places liability for losseson the Mudarib (or agent) in the case of malfeasance,negligence or breach of contract on the part of themanagement of the Mudaraba.

n Displaced Commercial Risk. This risk type isrelated to the common practice among Islamic banks to“smooth” the financial returns to investment accountholders by varying the percentage of profit taken as theMudarib share, which can be compared to anarrangement or agency fee.

Because the Islamic Finance industry is immature and hometo an increasing number of start-up banks, Islamic banks nowmust contend with infrastructure development challengesand other problematic issues facing banks of similar (small)size.

Capital Adequacy and Minimum CapitalRequirements

Capital adequacy is a measure of the financial strengthof a bank or securities firm, typically expressedas a ration of its capital to its risk weightedassets. The Basel III capital accordprovides local regulatory bodies witha framework to determine this.Banks are required to hold aminimum level of capital toprevent overlending and toensure that every bank hassufficient funds in case any ofits counterparties defaultwithout endangeringdepositors, the bankingsystem or the economy.

The Basel III accordspecifies a number ofadditions to the BaselII accord designed tolimit the likelihood

and impact of a future financial crisis. It requires banks tohold more and higher quality capital against their RiskWeighted Assets than before. Furthermore, the Basel IIIaccord looks to ensure that there is sufficient liquidity in thefinancial system, and in addition it introduces measures toreduce excess leverage.

Many of the conventional banks currently struggle to meetthe new capital ratio, which is largely due to the fact thatunder the new rules a minimum of 7 per cent of the bank’sRWA needs to be core tier one capital as opposed to 2 percent under the previous rules. This in combination with anarrowing of the definition of liabilities that can be classifiedas core tier one, results in significant requirements foradditional capital.

Liquidity

Liquidity, or the lack thereof, is one of the common factorsin a financial crisis. In order to enhance the short-termresilience to liquidity risk, the Basel III accord introducedthe Liquidity Coverage Ratio (LCR). Banks need tomaintain a level of unencumbered high quality liquid assetsthat can easily be converted into cash sufficient to meet theirliquidity needs for a 30 calendar day liquidity stress scenario.Meeting the LCR is expected to be a significant challengefor banks in general, but potentially more so for Islamicfinancial institutions. Due to a lack of available liquidityinstruments in the market, Islamic banks typically hold alarge cash balance which, although it fulfils any liquidityrequirements is undesirable from a profitability perspective.The limited range of liquidity instruments that is available issubject to large haircuts due to the jurisdiction of the issuers,which are typically Middle Eastern and Asian governmentsor government affiliated institutions. The prohibition oninterest means that many of the high liquid quality assets arenot accessible to Islamic banks.



23

Balance Sheet Size and Loss Data History

Although the Islamic financial industry has grownsubstantially over the past decade, it remains very smallwhen compared to the overall financial sector. Indeed, thesize of an individual Islamic bank is typically not largeenough to justify the investment required for the AdvancedRisk Measurement approaches. As mentioned earlier, this isnot a problem that is exclusive to Islamic banks, but thesmallness of the Islamic financial industry makes it moredifficult to lobby for changes in regulatory policy, such asBasel II.

The absence of significant amounts of loss data is one of theproblems that hinder smaller sized banks that need tocomply with Basel II. Islamic banks – most of which haveonly recently been established and which have not seen acomplete economic cycle yet --don’t have a long enoughhistory and hence cannot meet the Basel II requirement forseven years of loss data.

Although this is also a problem for any other start-up bank,conventional European and North American banks have theopportunity to join one of the established dataconsortiums – such as the Pan European Credit DataConsortium (PECDC) or the North American Loan LossDatabase (NALLD) – to gain access to a larger data set witha longer history of loss data. To date, no loss database forIslamic Finance has been established.

Troublesome Transaction Types

The Basel Committee on Banking Supervision (BCBS) hastaken the stance that banks should not hold significantequity positions in companies they finance. This istroublesome for Islamic banks, because Mudaraba andMusharaka transactions that are based on profit-sharingprinciples are deemed to be similar to holding equity froma regulatory perspective.

The underlying principle of the BCBS’s stance on equityholding is that the risk a bank takes increases whenownership and the provision of debt funding are in the samehands. As a result of this belief, banks that hold equitypositions in the companies they finance (e.g., as inMudaraba and Musharaka transactions) are heavilypenalized. Specifically, under the Basel II standards oncapital adequacy, transactions that are based on the profitsharing and loss bearing mode carry a rather significant riskweight of 400%.

Future Forecast

Given the strong growth in Islamic finance, balance sheetsize and lack of loss data are not expected to remain issuesfor many banks in the long run. Moreover, ensuring the useof robust internal counterparty rating systems should havea positive impact on the risk management process and thelevel of capital required at Islamic banks.

The structure of Mudaraba and Musharaka transactions arecapital intensive – and are therefore more expensive fromthe bank's perspective. Consequently, Islamic banks should

take the cost of capital into consideration when they areadvising clients and when they are developing newtransaction types in the future. In fact, one of the questionsthat must be addressed as part of the advisory function of anIslamic bank is whether the client’s interest can be servedequally well with structures separate from the Mudaraba andMusharaka.

Although it could be argued that the chances of default willdecrease in any Mudaraba or Musharaka transaction, due tothe stronger link between a bank and its counterparty, thecounterargument presented by the BCBS and the resultinghigher capital charge for equity products is equally valid.

The Islamic Financial Services Board (IFSB) has workedclosely with the BCBS in the past and will continue to workwith that committee to seek regulatory improvements forIslamic banks in the future. However, given that Basel II hasonly recently been finalized, no immediate changes to theaccord’s regulatory capital treatment of Mudaraba andMusharaka transactions are expected.

Looking at longer-term developments, problematic issuesrelated to Islamic banks’ lack of historical loss data couldpotentially be resolved through the development of a lossexperience database, such as those set up by member banksof the EPCDC and NALLD.

While this would not resolve the issue concerning the lengthof time over which an Islamic bank can track data, it wouldat least enhance the quantity of loss history data.

Data sharing in the financial sector is a sensitive point, andsuch a project will need to be managed by a trustworthythird party. Following the selection of this third party isselection and the creation of a comprehensive loss databasefor Islamic Finance, Islamic banks will have the ability tostart designing advanced risk measurement models thatwould otherwise remain out of reach.

By far the largest challenge, however, is the requirementfor high quality liquid assets and how Islamic banks will beable to fulfil this requirement without hampering theirprofitability and ability to compete.

NOTES:1. All of these firms, including the Sharia’a-compliant banks, are regulated

by the Financial Services Authority, which means they must follow thesame rules as every other UK bank under the FSA’s “no obstacles, nospecial favors “ policy.

2. AAOIFI (2002) Accounting, Auditing and Governance Standards forIslamic Financial Institutions, Accounting and Auditing Organisationfor Islamic Financial Institutions, Bahrain.

3. Archer, S., and R.A.A. Karim (2006) On Capital Structure, RiskSharing and Capital Adequacy in Islamic Banks, International Journalof Theoretical and Applied Finance, Vol. 9, No. 3 (2006) 269-280.

The author invites feedback and comment whilst she is in Kabul via email to Ms Joanna Kraska [email protected]



24

As expected this month theUS Board of Governors ofthe Federal Reserve Board(FRB) announced its

adoption of a revised version of theBasel III Accord for implementation inthe United States.

The Fed believes that by using BaselIII, which is the internationalregulatory capital framework, as afoundation and with additionalsupporting provisions using its own“made in the USA” rules it can buildgreater confidence in the bankingsystem. (Basel III was issued by theBasel Committee on BankingSupervision which is a committee ofthe Bank for International Settlements(BIS)).

Basel III is an internationalagreement designed to

improve stability in the bankingindustry in the aftermath of the 2007-09 financial crisis by addressingshortcomings in capital requirementsand other matters, particularly forlarger, internationally active bankingorganizations.

The determination of capital is animportant one for banks as the result ofadditional capital requirements meansincreased costs as well as limitingbanks’ ability for further growth. When

banks are requiredto hold more

capital, thenthere is

e i t h e rless

The New Basel III Rulesand its Implications forUS Banks Mark Dougherty, is a Banker, Big Four Certified Accountant and Senior Corporate Governanceand Risk Management Professional with over 20 years financial services experience, particularlyfifteen years in Risk Management leading all aspects of Credit, Market, Liquidity, Reputationaland Operational Risks initiatives for multi-billion dollar banks and insurance companies. Since2007, Mark has worked in the UK and Europe as an independent consultant for a number offinancial services firms including Europe-Arab Bank and Virgin Money Bank. In 2012, Markjoined Risk Reward Ltd UK as Director of Risk and Internal Audit. Recent and on-goingassignments include providing training to the British Bankers’ Association’s Risk Managementseries of courses in London for global banks on Bank Capital Management, Bank Internal Auditfor ABN AMRO Bank, ING Group & Rabobank and others.


money available for giving out loans orhigher interest rates need to becharged to borrowers.

The Basel III capital rules bringsignificant changes to the US financialsystem by ensuring the maintenance ofstrong capital positions and otherrelated enhancements.

More specifically, the FRB approvedthe "Final Capital Rule" (final rule)which increases bank regulatorycapital requirements and implementsdefined elements of the Basel IIIcapital reforms in the U.S. as well ascertain other changes required by theDodd-Frank Wall Street Reform andConsumer Protection Act (whichcovers derivatives, proprietarytrading – the Volcker Rule-, consumerlending, etc.). Together, theserequirements are in many waystougher than those in most otherjurisdictions worldwide as thecombined impact of all theseAmerican regulatory changes is verysignificant.

The Final Capital Rule

The Federal Reserve has taken a strictoversight approach with the Big Banksby introducing new capital and risk-related requirements as part of thisoverriding effort to make the financialsystem safer. In addition, even tougherregulations are being put in place forU.S. global systemically importantbanks and for other large banks inAmerica.

The Final Capital Rule includesregulations to assess risk-based capitalsurcharges and to impose additionalspecified capital requirements. Thefinal rule establishes an integratedregulatory capital framework requiringbanking organizations to hold moreand higher quality capital, which actsas a financial cushion to absorb losses,while reducing the incentive for firmsto take excessive risks. The goal is toensure that banks will be better able towithstand periods of financial stress,thus contributing to the overall healthof the U.S. economy.

Under the final rule, minimumrequirements will increase for both thequantity and quality of capital held bybanking organizations. Consistentwith the third international Baselframework, the rule includes a newminimum ratio of common equity tier1 capital to risk-weighted assets of 4.5percent and a common equity tier 1capital conservation buffer of 2.5percent of risk-weighted assets thatwill apply to all supervised financialinstitutions. The rule also raises theminimum ratio of tier 1 capital to risk-weighted assets from 4 percent to 6percent. On the quality of capital side,the final rule emphasizes commonequity tier 1 capital, the most loss-absorbing form of capital, andimplements strict eligibility criteria forregulatory capital instruments.

The Final Rule adopts the capitalconservation buffer for all bankingorganizations, as well as another, known

as a “countercyclical capital buffer,” foradvanced approaches bankingorganizations (ranging between 0 to 2.5percent). The capital conservationbuffer is intended to ensure thatinstitutions are able to absorb losses instress periods lasting for a number ofyears. One the other hand, thecountercyclical capital buffer’s goal isto achieve the broader macro-prudential goal of protecting thebanking sector and the real economyfrom the system-wide risks stemmingfrom the boom-bust evolution suchthat a buffer is required during periodsof excessive credit growth and isreleased in an economic downturn.

To help prevent an excessive build-upof leverage on institutions’ balancesheets, the final rule introduces a newnon-risk based leverage ratio tosupplement the risk-based capitalframework. The leverage ratio’spurpose is to counter the build up ofextreme on- and off-balance sheetleverage. Therefore, in addition to therisk-weighted capital rules, a minimumleverage ratio of 4 percent will applyto all banks, with a supplementary 3percent for the “advancedapproaches” firms — the largest, mostinternationally active banks. Thus,with the new supplementary leverageratio, the final US-based leverage ratiois significantly higher than theminimum original Basel III leverageratio. In addition, for the largest, mostinternationally active bankingorganizations, the final rule includes anew minimum supplementary leverage

The New Basel III Rules and its Implications for US Banks


26

(sometimes called gearing) ratio thattakes into account off-balance sheetexposures.

The final rule also improves themethodology for calculating risk-weighted assets to enhance risksensitivity. Banks and regulators userisk weighting to assign different levelsof risk to various classes of assets--riskier assets require higher capitalcushions and less risky assets requiresmaller capital cushions.

Applicability

The Final Rule generally applies to allU.S. banking organizations (includingnational and state-chartered banks,federal and state-chartered thrifts,bank holding companies, and savingsand loan holding companies), subjectto the a few specifically identifiedexceptions.

The Final Capital Rule has specialprovisions and timelines forcommunity banking organizations.

Start Dates and Timetable

The final rule is effective as of January1, 2014, with an initial mandatorycompliance date of January 1, 2014 formost banking organizations subject tothe advanced approaches risk-basedcapital rule, and January 1, 2015 for allother banking organizations subject toU.S. risk-based and leverage capitalrequirements.

More specifically, there aretwo main start dates:

January 1, 2014 – For advancedapproaches banking organizations(generally those withconsolidated total assets ofat least $250 billion orconsolidated total on-balance sheetf o r e i g nexposuresof atleast

$10 billion), this is the start date forcompliance with the revisedminimum regulatory capital ratiosand for determining risk-weightedassets under the “advancedapproach.”

January 1, 2015 – For non-advanced approaches bankingorganizations and covered SLHCs,this is the start date for compliancewith the revised minimumregulatory capital ratios and fordetermining risk-weighted assetsunder the “standardized approach.”

Basel III generally gives bankingorganizations a choice between twomethods for calculating risk-weightedassets, which comprise thedenominator of a bankingorganization’s risk-based capital ratios.One is the “standardized approach”that permits them to measure creditrisk using metrics and risk-weightingsprescribed by regulation. Another isthe “advanced approach” (or internalratings-based approach) that allowsbanking organizations to use theirinternal models and ratings systems tomeasure credit risk, subject toregulatory approval. The Final Rulerequires that the standardizedapproach will serve as the “floor”(mandated by the CollinsAmendment) with respect to anyleverage and risk-based capitalrequirements that the FSBmay impose onb a n k i n gorganizationsand non-bank

Systemically Important FinancialInstitutions (SIFI).

The Fed has eased the regulatoryburden up on some requirements thatwould have been tough on communitybanks. Community banks will alsohave a longer transition period to meetthe new requirements.

There are a number of different startdates and transitional arrangements inthe “U.S. Basel III”.

Other Issues

Interestingly, the Fed has added morerules aimed at big US banks such thatthese new requirements go beyondthe international Basel IIIrequirements as many believe that thethird accord by the Basel Committeedid not go far enough in terms ofprotecting the financial system.

Importantly, the Federal DepositInsurance Corporation (FDIC), theOffice of the Comptroller of theCurrency (OCC) and the FRB havecoordinated their adoption of the US-based revised version of Basel III.

The Financial Stability OversightCouncil (FSOC) has alsomandated



27

that insurers will also be subject to thesame new increased Tier 1 capitalbuffer where they have beendesignated as “systemicallyimportant”.

Conclusion

Overall, the Final Rule attempts tocodify the U.S. banking agencies’regulatory capital rules, which havepreviously resided in variousregulations, into a single harmonized

integrated and heightened regulatoryframework using the internationalBasel III Accord as its base.

The Final Rule replaces the generalrisk-based capital rules of the differentbanking agencies that currently applyto banking organizations with a singleintegrated regulatory capitalframework that emphasizes not onlyhigher capital cushions for banks toabsorb losses but also more stringentcriteria for what qualifies as regulatory

capital. There are also additional newstandards in other areas such asleverage.

With these new requirements, the USlooks to build greater confidence in itsfinancial and banking system. Allbanks should review their controls,processes and business models in thelight of these changes to ensure thatthey will are able to outpace theircompetitors on the opportunities andthreats that will develop.



28

2 DayExecutiveSeminars in2013:New YorkSeptember 23 - 24 ChicagoSeptember 26 - 27 CharlotteSeptember 30 –October 1 San FranciscoOctober 3 – 4 DallasOctober 7 - 8 Miami October 10 – 11

This interactive ExecutiveSeminar is led by bankerswith experienceimplementing Basel II & III.It considers what US banksneed to do and how theyneed to change as a resultof these new rules.

NEW SeminarThe Challenge andImplications of Basel IIIfor US Banks

5 ReasonsWhy You Should AttendThis Practical Seminar:

n Hear from bankers withexperience ofimplementing Basel II & III rules intobanks

n Understand the impactand the challenges ofUS Basel III, not just the rules

n Gain a balanced rules-to-business perspectiveon what this reallymeans for US banks

n Learn how other banksare changing and whatthey are doing to meetthese challenges

n Benefit from clear take-away messages forimmediateimplementation intoyour bank.

Price per person$1,995

Register atwww.riskrewardlimited.com/us-basel-III-how-will-you-cope

email – Joanna Kraska [email protected]

By Phone – (917) 310-1334 EST

Public Training CoursesAPRM Risk Management Certificate and Training

This learning programme is at an introductory to intermediate level designed toexpose candidates to the key components of risk management and provide practical

examples and tools. This classroom course is designed to provide a broad overview of risk management for thefinancial services sector from experienced Risk Reward riskmanagement professionals who offer essential, practical advicegained in international financial markets and major institutions.

At the end of this course delegates will gain an understanding of:Familiarity with the concept of risk management and its place in thebusiness, organisation or system; Concepts of risk managementtechniques in a non-quantitative framework; How 'governance' fitsinto the concept of risk management; The concepts of risk andreturn; familiarity with the financial instruments used in riskmanagement; Interest rate risk and hedging; Asset-liabilitymanagement; Enterprise, Credit, Market, Liquidity and Operational Risk Management; How performance canbe measured; Industry standards and best practices of financial risk manage ment; The positive role that riskmanagement can play.

Accredited Training to Certificates and Diplomas

Formed in 1992 by London Stock Exchange practitioners, the CISI now has more than40,000 members in 89 countries. More than 40,000 examinations have been sat in 49

countries, covering a range of vocational qualifications. Increasingly regulators, banks, stock exchanges, andbrokerage houses are seeking qualifications among to deal effectively with stresses and pressures to maintain highlevels of professionalism, integrity and competence especially when interacting with retail consumers. Trainingto internationally recognised and respected standards is among those responses, whether seasoned professionals,recent market entrants or new graduates.

The CISI is the UK’s largest and most widely respected professional body for the Securities and Investmentindustry. CISI Diplomas and Certificates are included in the UK’s Financial Services Skills Council's list ofAppropriate Exam -inations and arerecognised for all majoractivities.

2013 Public Courses – PRMIABudapest Aug 20-22 Oct 7-9Cairo Aug 31 - Sep 2 Nov 18-20Casablanca Sep 9-11 Oct 28-30Dubai Sep 22-24 Nov 10-12Istanbul Jul 1-3 Nov 12-14Johannesburg Aug 12-14 Nov 5-7London Sep 16-18 Nov 11-14Moscow Sep 9-11 Oct 21-23

2013 Public Courses London Budapest Dubai Johannesburg SingaporeGlobal Financial Compliance Aug 12-14 Sep 16-18 Sep 23-25 Sep 16-18 Aug 27-29Certificate Oct 21-23 Nov 11-13 Nov 11-13 Nov 11-13 Nov 26-28Global Operations Management Jul 1-4Diploma Oct 7-10Operational Risk Certificate Aug 12-14 Sep 24-26 Jul 1-3 Sep 2-4 Aug 12-14

Nov 12-14 Dec 2-4 Oct 7-9 Nov 4-6 Nov 6-8Risk in Financial Services Sep 17-19 Jul 1-3 Jul 2-4 Aug 7-9 Aug 7-9Certificate Dec 3-5 Oct 15-17 Oct 21-23 Nov 19-21 Nov 19-21

For more information about training to all our accredited qualifications (ACAMS, CII,CISI, ICAEW, IIA, and PRMIA) or to book or ask for an in-house quote please emailJoanna Kraska at [email protected] or telephone +44 (0) 20 7638 5558.www.riskrewardlimited.com/public-course-calendar

Alternative dates and locations are available.

Alternative dates and locations are available.

60 Moorgate1st Floor

London EC2R 6ELUnited Kingdom

Office hours: London (GMT)09.00am – 19.00pm Monday – Friday

telephone: +44 (0)20 7638 5558fax: +44 (0)20 7638 5571

email: [email protected]: www.riskrewardlimited.com

Dennis Cox – CEOtelephone: +44 (0)20 7638 5558email: [email protected]

Lisette Mermod – New Yorktelephone: 1-917-310-1334email: [email protected]

Joanna Kraska – Public Relationstelephone: +44 (0)20 7638 5558email: [email protected]

For further information please contact:

risk update GLOBAL - Risk Reward Limited May 2013.pdf · Risk Reward Limited, serving the banking...

Documents

Transcript of risk update GLOBAL - Risk Reward Limited May 2013.pdf · Risk Reward Limited, serving the banking...