June 19, 2006
Transformation and the regulators
Over the last couple of months I have been speaking with a number of clients who are considering a transformation of their product lines and in some cases completely overhauling the banking group structure. In this article we are going to briefly look at the regulatory requirements that have to be met for such a metamorphosis in business offerings.
Specifically these banks are looking to cross sell on traditional product classes and perhaps seek out new companion facilities that they could offer to this existing customer base. Given their infrastructure nature, clientele demographics or market penetration they generally look to form symbiotic partnerships with other international entities so that they can quickly enter foreign markets. Sometimes the strategy is to broaden the balance sheet indiscriminately however in many cases the intention is to replicate their unique value offering elsewhere. They may be leaders in one market segment but inevitably reach a point of saturation in which to sustain a healthy level of growth they naturally embark on a complete transformation and of course successful businesses have the reserves or can attract mezzanine investors to realize such a vision.
These types of restructures are usually enterprise wide and often involve a change to the type of license being held and in some cases a complete merger between one or more institution may be the final outcome. All very exciting however the question that is always raised somewhere in the discussion is; what do we need to do with the regulators to ensure that new strategies we propose are endorsed and don’t attract the wrong kind attention. Then one has to question what the regulators are really looking for anyway?
Coincidently the Bank For International Settlements has recently (April 2006) just updated its Core Principles for Effective Banking Supervision that it has developed with fellow supervisors. The aim of this update is to supersede the 1997 mandate and BIS is currently seeking comments from the industry sector on this latest release. Importantly this document furnishes us with a good insight on what is required of any bank as it transforms and we are going to briefly discuss it here.
There are in fact 25 components that make up the core principles and for quick reference they have been listed below:
Principle 1: Objectives, Independence, Powers, Transparency and Cooperation
Principle 2: Permissible activities
Principle 3: Licensing Criteria
Principle 4: Transfer or significant ownership
Principle 5: Major Acquisitions
Principle 6: Capital Adequacy
Principle 7: Risk Management Process
Principle 8: Credit Risk
Principle 9: Problem Assets, provisions and reserves
Principle 10: Large exposure limits
Principle 11: Exposures to related parties
Principle 12: Country and transfer risks
Principle 13: Market Risk
Principle 14: Liquidity Risk
Principle 15: Operational Risk
Principle 16: Interest Rate Risk
Principle 17: Internal Control and Audit
Principle 18: Abuse of financial services
Principle 19: Supervisory Approach
Principle 20: Supervisory Techniques
Principle 21: Supervisory Reporting
Principle 22: Accounting and disclosure
Principle 23: Corrective and remedial powers of supervisors
Principle 24: Consolidated Supervision
Principle 25: Home-host relationships
Compliance aside, a major emphasis that should always be high on the planners agenda for these bank-wide transformations are principles 6, 7, 8, 9, 11, 12, 13, 14, 15, 16, 22, 25 as they are entirely risk focused or have heavy risk components. These will require the construction of a framework that consists of policies, methodologies and infrastructure and, will consume equal amounts of high budget and resource. Specifically the home-host relationship principle has been at the centre of contentions throughout the evolution of the Basel II accord and is an extremely complex piece of work. Principle 12, country risk has very few widely excepted benchmarking processes and isn’t formally written about enough to give senior managers that many options, so it can also be a bewildering activity to tackle as it lacks industry accepted guidelines.
From the regulator perspective, they are unlikely to forgo on quality of implementation for any principle and when banks leap outwards a special focus is likely to be applied to principle 14 and principle 6; the liquidity and capital adequacy of the bank. In fact the actually process of transformation will more than likely stress this ratio and banks that are going to engage in international relationships will need to establish an applicable Basel requirement if it doesn’t already exist. The supervisor of course has the power to impose a specific capital charge and/or limits on all material risk exposures if they deem there to be inherent risk during or after the amalgamation.
The Basel Capital Accord was designed to apply only to internationally active banks, which must calculate and apply capital adequacy ratios on a consolidated basis, including subsidiaries undertaking banking and financial business. Jurisdictions adopting the new capital adequacy framework would apply such ratios on a (Reference documents: International convergence of capital measurement and capital standards, July 1988; and International convergence of capital measurement and capital standards: a revised framework, June 2004.)
In respect to timing this is a long process and in some cases more than one regulator is going to be involved which complicates what would seem a straight forward audit, review, tick off and fee. In Principle 5 for example, the regulators can actually impede or prohibit the process if they deem the bank is engaging with a foreign entity in countries where secrecy laws or other regulations prohibit information flows deemed necessary for adequate consolidated supervision and these laws apply broadly to banks that even invest in institutions that aren’t financially regulated or holding a license. A bank intermingling with a non regulated entity might seem quite intriguing however it is actually quite common as companies such as brokerages, front office sales operators, financiers and other related firms often provide the transforming bank with valuable access to additional customers and that is a great target market for leveraging existing successful products abroad.
Finally for banks that are looking at creating these complex alliances, a special project team needs to be established to manage these principles, budget has to be set aside for transferring changes to liquidity during the process and the entire blueprint of the negotiation and final operating model needs to be readily available for regulators to peruse, so without doubt there is going to be a lot of delicate work ahead.
Posted by CausalEvents at 03:46 PM
| Comments (0)
June 10, 2006
A top ten focus list for AMA
A couple of days ago a client asked me to list the top issues that banks seem to come up against when constructing a Basel II operational risk framework, particularly when these institutions are striving towards meeting Advanced Measurement Approach. In this short article we are going to openly discuss some of the major issues facing banks that are trying to engage the construction of such a framework and while there are many differing conundrums for alternate banks globally, there is a common theme of say ten items that seem to be continually overlooked when Basel II projects are planned. This list is far from definitive but each item has factored more than once in general Basel II discussions I have had.
Let’s have a closer inspection at ten issues for building a Basel II operational risk framework:
Segmentation of Project Activities
Without doubt this would have to be the most common project planning misdemeanor facing a bank in the Basel II operational risk camp. Generally all risk frameworks whether they are measuring market, credit or operational, will consist of three parts. These parts are Policy, Methodologies and Infrastructure and while these parts are separate agendas for the framework they have lots of cross over activities. Failure to understand how campaigns from policy can be combined with specific business unit facing discussions for methodologies will result in the business units having to be revisited more often than required and is a major cause for escalating costs on the Basel II program.
Unable to integrate the Methodologies
Whether the institution selects Loss Data Approach, Risk Drivers and Controls Assessment or Scenario Analysis as their spearhead modeling technique, the Basel II project will be very much the same, the only difference lies in how the methodologies are combined in the capital calculation. Some of the key methodologies that are used include: Risk Registration, the capture of Loss Data, Integration of External Data, Scenario Analysis, Controlled Self Assessment and Risk Indicators. Many Basel II programs will address each one of these methodologies in a siloed manner without consideration of how variables are used from one methodology to the next. Indicators alone are powerful tools but when correlated with loss data have a certain level of accuracy and of course scenarios need to make sure they only address the tails. Scenario analysis that is detached from external and internal loss data often results in a list of events that have unjustifiable weights and a poor clarification on where the tail begins, certainly we don’t want scenarios to result in expected loss events being captured twice.
Homogeneous Risk Classifications
The estimation of capital is generally a stochastic exercise which relies on pure definitions for a good and accurate result. We all accept operational risk is a nebulous and heterogeneous risk classification but banks’ inability to classify events transparently exacerbate the confidence of exposure calculations, reduce the ability for the institution to benchmark and encourage capital disputes. Interestingly if every bank has a different definition of what comprises a fraud how useful is external data going to be in the risk calculation. What amazes me most is that while the accord has been quite prescriptive with the risk classifications in its annex VII, some operational risk teams seem to stubbornly go ahead wasting their time creating another incommensurable list of loss categories and their efforts are neither fruitful nor an efficient use of time.
Policy and Treatment of risk
Project teams that assign too much of their budget to the infrastructure (software systems and databases) component will find that additional work will have to be planned during deployment to ensure policy is aligned to the business unit measurement methodologies. Risk is not about software and policy describes when an operational risk has occurred, what a near miss is, how both of these should be treated and how the outcomes should be recorded. Very few banks seem to include a serious piece of work around policy design and its associated education campaigns. The result is inconsistent view of exposure from one year to the next and staff will be able to game that system. Sadly how these institutions back test their risk facilities is a mystery to them as much as it must be to the regulator and I am sure overtime they end up having to revisit this piece of work to be in any kind of position to plan strategic improvements in consideration of operational exposure.
Business Unit Mapping
If the risk register is the central domain for operational risk, then Unit Mapping must be a conduit for capital. It isn’t directly stipulated in the ‘AMA qualification moiety’ of the accord however I suppose it is assumed that if standard approaches require lines of business to be established that theme would apply to Advanced Measurement Approach. What granular level should these capital boundaries be set at seems to confuse many operational risk analysts. If the level is too broad, an inherent issue with top down approaches to operational risk, there is a threat that the maps will not furnish a good understanding of causality and then management improvements won’t be tied to a potential event for capital reduction. If on the other hand the maps are a microcosm, the cost of maintaining those maps against the value they return is totally skewed.
Business Unit Reporting
Basel II and operational risk is not about generating OpVar numbers. In reality some of the assessments that are carried out require business unit input however these very same people won’t be able to see how an OpVar number applies to their exposure unless this is reported to them in fashion that translates to exposures they can monitor and controls they can influence. If the operational risk economic capital calculation uses the more actuarial techniques of extreme value theory, the Basel II program must be able to translate the results into management activities for the business unit otherwise they are going to be unlikely to accept and sign off on the results that are displayed to them.
Central Facilities
I have debated business continuity exposures born from systemic faults inherent in a banks central facilities in an earlier article on this journal however while this seems very obvious to most analysts, measuring such exposures is a minefield of complexities. It requires specific focus in its own right, particularly as the cause for an event and its impacts will inevitability lie across capital boundaries.
Factoring Change into the Capital Equation
As with central facilities, factoring change into the capital equation seems to feature in only a small handful of Basel II frameworks. This is concerning because as institutions change, back testing exercises are going to be very long winded and the ability for an institution to use its operational risk capital in the design of sound strategy will be diminished. Again change management needs specific metrics and a transparent approach to measuring exposure for a close proximity of loss to be accounted for.
Demarcation Exercises
Operational risk may be novel to the Basel accord but it certainly isn’t new to banks and has always featured in some way in the capital tiers. One common trend I have been witnessing is the propensity for the credit risk team to throw their loss events over the fence now that there is formal bias for them to do so. While operational risk should account for such losses, definitions need to be clearly established to treat credit events that contain some operational exposure. Specifically paragraph 673 of the Basel Accord makes mention to this however very few institutions that I have visited are taking steps to resolve capital arbitrage between the core disciplines market – operational, credit – operational and credit – market.
Accounting for Insurance
In paragraph 667 of the Basel Accord the recognition of insurance attracts a further 20% reduction of capital against the operational risk capital charge. But for this value to be ascertained banks need to carry out an exercise of attaching insurance to potential loss estimates and centrally modeling the gaps of under or over insurance, the time line before insurance is paid and specifically what events insurance covers for each asset type in turn. With some of the larger banking groups spanning diverse fields of banking (retail, insurance, wholesale, brokerage etc) and multiple geographic locations, the complexity of this exercise should not be underestimated.
So there we have a top ten hit list, please accept this is as not determinative and that priorities between banks will differ, certainly it shows the extensibility of Basel II should not be taken lightly and I hope that this text stimulates some thought.
Posted by CausalEvents at 07:53 PM
| Comments (2)
