Stress Testing as a catalyst for BCBS 239 – or vice versa?

Dr. Christian Thun Senior Director

September 8th, 2014

1

1

Independent provider of credit rating

opinions and related information for

nearly 100 years

Research, data, software, and related

professional services for financial risk

management

About Moody’s Analytics

Moody's Analytics operates independently of the credit ratings activities

of Moody's Investors Service. We do not comment on credit ratings or

potential rating changes, and no opinion or analysis you hear during this

presentation can be assumed to reflect those of the ratings agency.

Leading global provider of credit rating opinions, insight, and tools for credit risk

measurement and management

A number of factors have led to the fragmented IT infrastructure in risk management:

A lack of agreement between business lines and IT management on a long-term

strategy

Short-term financial considerations have led to budget reductions for IT infrastructure

projects.

Weak data governance processes contributed to inconsistent approaches to the

upgrading of systems. Similarly, the lack of a firm wide framework for data

management lead to inconsistencies across business units and/or regions.

Mergers and acquisitions have increased the number of legacy systems. Multiple

system platforms often contain their own unique data taxonomies, making aggregation

across products and business lines difficult.

The system fragmentation often requires a significant number of manual processes to

aggregate data firm wide. Some firms still require days or weeks to accurately and

completely aggregate risk exposures

2

Fragmented IT infrastructure in risk management

Source: Senior Supervisors Group, 2010

Principles for effective risk data aggregation and risk reporting

3

• Board and senior management should review and approve the bank’s group risk data aggregation and reporting framework

• A bank should establish integrated data taxonomies and architecture across the banking group

Governance and Infrastructure

• Banks should strive towards a single authoritative source for risk data for each type of risk

• Banks need to build their risk systems to produce aggregated risk data rapidly during times of stress/crisis for all critical risks

Risk Data Aggregation Capabilities

• Risk management reports should include exposure and position information for all significant risk areas

• Procedures should be in place to allow for rapid collection and analysis of risk data and timely dissemination of reports to all appropriate recipients

Risk Reporting Capabilities

• Supervisors may test a bank’s compliance with the Principles through occasional requests for information to be provided on selected risk issues within short deadlines

Supervisory Review, Tools and Cooperation

Source: Basel Committee on Banking Supervision, 2013 (BCBS 239)

Slow progress in implementing BCBS 239

4

Source: Basel Committee on Banking Supervision, 2013 (BCBS 268)

Risk data aggregation capabilities

Risk reporting practices

Modeling and data/infrastructure are recurrent pain points

5

Define Scenarios Data and

Infrastructure

Model the impact of

scenarios on key risk

parameters

Calculate Stressed

KPI

Reporting Management

actions

3 4 5 7 Define scope

and governance

1 2 6

• Shock selection:

• Regulatory (given)

• Bank-wide/

business-specific:

macroeconomic

(GDP, interest

rates, unemploy-

ment), budgeting/

planning; financial

markets, liquidity-

related (concen-

tration, reputation

risk..)

• Type of test:

• Sensitivity analysis

• Scenario analysis

• Reverse ST

• Validation of

severity, duration

of shocks and risk

transmission

channels

Descri

pti

on

o

f A

ctiv

itie

s

• Scope and

governance rules

of ST programme

Ou

tpu

t

• Define data and

data granularity

requirements

(financial internal,

macro/ default

/market data...)

• Define

infrastructure

requirements

• Data sourcing:

(financial internal,

macro/ default

/market data...)

• Compilation and

data formatting

• Data audit

• Enter stressed inputs

into software and run

the calculations to

obtain impact on:

Capital

• Regulatory capital ratio

(total RWA, RWA ratio)

• Stressed net income

• Economic capital ratio

• “Book” capital ratio

Liquidity and cash-flows

• Liquidity gap, cash-flows

and liquidity ratios

Market risk

• Stressed VAR

• Leverage ratio

• Aggregate and validate

results

Credit risk

• Model the impact of the

scenarios on the

incidence of default by

borrowers (by individual

balance sheets and by

portfolios)

• Model the incidence of

default to losses on

single obligors and on

loan portfolios (via

specific models for retail,

corporate, CRE, SME..)

Liquidity risk

• Model the impact of

scenarios on key liquidity

risk parameters

Market risk

• Model market risk to

estimate the impact on

P&L

• Consolidation of ST

results (capital and

liquidity)

• Formatting and

auditing

• Internal reporting to

management (to

Board, ALCO, and

other Committees)

• Public disclosures

to local regulator or

other bodies (EBA,

FMI…)

• ICAAP & ILAA

reporting

• Calculate risk

exposure and

compare with risk

appetite (modify

planning and

limits, reduce

concentration..)

• Liquidity

planning and

asset growth

limits adjustments

• Bank-wide/

business specific

actions

• Lobbying actions

• Contribute to

contingency

funding plan

• Validation,

benchmarking,

iteration

• Scenarios

(regulator’s

and/or

idiosyncratic)

• Stressed PD, EAD, LGD

• Stressed cash-flows

• Stressed financials (loan

loss provisions, interest

income, refinancing

costs..)

• Stressed EcCap /

RegCap/BookCap

• Liquidity gap and

ratios

• Stressed VaR

• Risk appetite and

limit

management

process

• Reporting and

disclosed

information

(internally and

externally)

• Scope of stress

testing

• Regulatory only

• Business-specific:

Group/LOB ST ;

• Risks to stress:

credit, liquidity,

interest rates/FX,

performance..

• Define the risk

factors : credit (PD,

LGD, rating, EAD),

liquidity1, ALM2,

operational..

• Governance of

stress testing

(ownership,

contributions,

frequency of tests,

reporting process,

reporting lines..)

• Data input into

models and/or

platforms

Fre

qu

en

cy

• Yearly / Quarterly

• Market and macro-

data: ongoing

• Internal financial

data and liquidity

positions : monthly

• Stressed PD, EAD, LGD:

from quarterly to yearly

• Stressed liquidity risk

parameters, stressed

cash-flows and

financials: monthly

• Stressed capital and

leverage ratio: quarterly

to yearly

• Stressed cash-flows:

monthly 2

• Stressed VaR: daily

• Internal reporting:

quarterly to yearly

• Reporting to Board/

Committees and

disclosures:

quarterly, ad-hoc

• Yearly / Quarterly

or ad-hoc

• Yearly

Defining Stress Scenarios

Home Price Index - Dwellings, (Index 1997=100, SA)

Unemployment Rate, (%, SA) GDP at Market Prices, q/q % change

4

8

12

16

20

24

28

32

36

Anchor Global Recession Client-Specific Baseline

-2

-1

0

1

2

3

4

5

6

7

Anchor Global Recession Client-specific Baseline

Consumer Price Index, y/y % change

125

150

175

200

225

250

275

Anchor Global Recession Client-specific Baseline

-5.0

-4.0

-3.0

-2.0

-1.0

0.0

1.0

2.0

3.0

4.0

Anchor Global Recession

Client-Specific Baseline

Conditional loss distribution under a stress scenario

Accurate Free from material mistakes, errors & omissions

Recording is adequate and consistent

High level of confidence

Credibility/confidence shown though usage in decision making process

Complete Allows recognition of main homogenous risk groups

Sufficient granularity to identify trends and full understanding of underlying

risks

Sufficient historical information available

Appropriate Suitable for purpose

No biases and that it is fit for purpose

Relevant to portfolio of risks of the bank

Timely Most current information available

Accessible without delay when required (e.g. by supervisor)

No unnecessary delay due to infrastructure constraints

8

Requirements for stress testing data

9

Data quality at the intersection of stress testing and BCBS 239

BCBS

239

Stress

Testing

accurate

timely

appropriate

complete

Data Problems – A bank’s perspective

Current Position Challenges

Data

Integrity/

Processes

Poor data quality

Errors in the past

Business logic not transparent

No common data taxonomy /

metadata model

Improving Data quality

Targeting critical data sets

Data cleansing /deduping

Overall structure of processes

Defining data dictionary and metadata model

Indentifying systemic issues – though null

fields and duplicate and profile checks

Underlying

Systems

Multiple systems (potentially

hundreds!)

Multiple technologies

Multiple locations

Legacy systems

Manual / desktop systems

Controls/consistency

Automating validations

Reducing manual data transfer

Improving granularity of data (e.g. asset data)

Third Party Interactions – e.g. asset

managers

Governance Ill defined processes and future

roadmap

Lack of documentation

Security, auditabilty and lineage

issues

Data governance policy

Data definitions

Consistent control framework for automated

interfaces

Data Extraction Data

Profiling/Quality

Cleansing &

Deduping

Data

Standardization

Quality

Monitoring

Enrichment

Extract data from

the various

source systems

Make use of data

profiling

techniques

This is a dual

process –

cleansing &

deduping

Execute a series

of data quality

checks/rules

against the data

Keep track of

data quality over

time.

Enhance the

value of internally

held data

Policy

Loans

Customer

Asset

Finance

Modelling

Risk

Utilize , logic

algorithms &

rules (both

general and

specific to the

banking industry)

to produce a

picture of the

overall data

quality

1. Identify and

modify corrupt or

inaccurate data a

& remove or

modify

incomplete,

incorrect,

inaccurate data

2. Retain only one

unique instance

of the data

There are a

number of tools

that include many

thousands of pre-

built data quality

rules ( both

general & industry

specific) & these

are then

enhanced with a

number of user

defined rules.

Ongoing data

quality program

within the context

of a data

governance

framework

Use software to

auto-correct the

variations based

on pre-defined

business rules

Enhance the

value of internally

held data by

appending related

attributes from

external sources

(for example,

consumer

demographic

attributes or

geographic data

Data Quality Process

ETL Tools

Load to

Profiling Tools

Identify

inaccuracies

/errors

Clean-Up

Data

Enrich

Value

Ongoing

Monitoring Improve

Quality

Comparison of a typical versus a leaner, more efficient stress

testing process

12

G-SIBs

D-SIBs

Regional Banks

Local Banks

13

Stress testing will accelerate the adaptation of BCBS 239

BC

BS

239

14 14

© 2014 Moody’s Analytics, Inc. and/or its licensors and affiliates (collectively, “MOODY’S”). All rights reserved. ALL INFORMATION CONTAINED HEREIN IS PROTECTED BY COPYRIGHT LAW AND NONE OF SUCH INFORMATION MAY BE

COPIED OR OTHERWISE REPRODUCED, REPACKAGED, FURTHER TRANSMITTED, TRANSFERRED, DISSEMINATED, REDISTRIBUTED OR RESOLD, OR STORED FOR SUBSEQUENT USE FOR ANY SUCH PURPOSE, IN WHOLE OR IN PART, IN ANY FORM OR MANNER OR BY ANY MEANS WHATSOEVER, BY ANY PERSON WITHOUT MOODY’S PRIOR WRITTEN CONSENT. All information contained herein is obtained by MOODY’S from Fuentes believed by it to be accurate

and reliable. Because of the possibility of human or mechanical error as well as other factors, however, all information contained herein is provided “AS IS” without warranty of any kind. Under no circumstances shall MOODY’S have any liability to any

person or entity for (a) any loss or damage in whole or in part caused by, resulting from, or relating to, any error (negligent or otherwise) or other circumstance or contingency within or outside the control of MOODY’S or any of its directors, officers,

employees or agents in connection with the procurement, collection, compilation, analysis, interpretation, communication, publication or delivery of any such information, or (b) any direct, indirect, special, consequential, compensatory or incidental

damages whatsoever (including without limitation, lost profits), even if MOODY’S is advised in advance of the possibility of such damages, resulting from the use of or inability to use, any such information. The ratings, financial reporting analysis, projections, and other observations, if any, constituting part of the information contained herein are, and must be construed solely as, statements of opinion and not statements of fact or recommendations to purchase, sell or hold any securities. NO

WARRANTY, EXPRESS OR IMPLIED, AS TO THE ACCURACY, TIMELINESS, COMPLETENESS, MERCHANTABILITY OR FITNESS FOR ANY PARTICULAR PURPOSE OF ANY SUCH RATING OR OTHER OPINION OR INFORMATION IS

GIVEN OR MADE BY MOODY’S IN ANY FORM OR MANNER WHATSOEVER. Each rating or other opinion must be weighed solely as one factor in any investment decision made by or on behalf of any user of the information contained herein, and

each such user must accordingly make its own study and evaluation of each security and of each issuer and guarantor of, and each provider of credit support for, each security that it may consider purchasing, holding, or selling.

Thank you for your time!