Final draft RTS on the assessment methodology to authorize the use of AMA

Similar documents
EBA CP on Draft RTS on assessment methodologies for the Advanced Measurement Approaches for operational risk under Article 312 of CRR

CP ON DRAFT RTS ON ASSSESSMENT METHODOLOGY FOR IRB APPROACH EBA/CP/2014/ November Consultation Paper

Guidelines on PD estimation, LGD estimation and the treatment of defaulted exposures

Guidelines on PD estimation, LGD estimation and the treatment of defaulted exposures

ECB guide to internal models. Risk-type-specific chapters

4.0 The authority may allow credit institutions to use a combination of approaches in accordance with Section I.5 of this Appendix.

Guidance Note Capital Requirements Directive Operational Risk

Guideline. Capital Adequacy Requirements (CAR) Chapter 8 Operational Risk. Effective Date: November 2016 / January

Content. International and legal framework Mandate Structure of the draft RTS References Annex

ECB Guide on options and discretions available in Union law. Consolidated version

Final Report. Guidelines on the management of interest rate risk arising from non-trading book activities EBA/GL/2018/02.

Public consultation. on a draft ECB Guide on options and discretions available in Union law

Guidance consultation FSA REVIEWS OF CREDIT RISK MANAGEMENT BY CCPS. Financial Services Authority. July Dear Sirs

Guidelines on credit institutions credit risk management practices and accounting for expected credit losses

Measurement of Market Risk

Pillar 3 Disclosures. Invesco UK Limited

Advisory Guidelines of the Financial Supervision Authority. Requirements to the internal capital adequacy assessment process

Guidelines. on PD estimation, LGD estimation and the treatment of defaulted exposures EBA/GL/2017/16 20/11/2017

Scenario analysis. 10 th OpRisk Asia July 30, 2015 Singapore. Guntupalli Bharan Kumar

The Society of Actuaries in Ireland. Actuarial Standard of Practice INS-1, Actuarial Function Report

AMA Implementation: Where We Are and Outstanding Questions

RESERVE BANK OF MALAWI

Advanced Operational Risk Modelling

Guidelines on the application of the definition of default and RTS on the materiality threshold

on the management of interest rate risk arising from non-trading book activities

EBA FINAL draft Regulatory Technical Standards

ICAAP Q Saxo Bank A/S Saxo Bank Group

Guidance Note System of Governance - Insurance Transition to Governance Requirements established under the Solvency II Directive

GUIDELINES ON SIGNIFICANT RISK TRANSFER FOR SECURITISATION EBA/GL/2014/05. 7 July Guidelines

Solvency II Detailed guidance notes for dry run process. March 2010

ICAAP Q Saxo Bank A/S Saxo Bank Group

The French Banking Federation appreciates the opportunity to provide its views on the issues raised in the Basel Committee consultations.

INTERNATIONAL ASSOCIATION OF INSURANCE SUPERVISORS

COMMISSION DELEGATED REGULATION (EU) No /.. of

GUIDELINE ON ENTERPRISE RISK MANAGEMENT

EUROPEAN COMMISSION Directorate-General for Financial Stability, Financial Services and Capital Markets Union

Pillar 3 Disclosure (UK)

INTERNATIONAL ASSOCIATION OF INSURANCE SUPERVISORS

COMMISSION DELEGATED REGULATION (EU) /... of

NATIONAL BANK OF ROMANIA

Consultation Paper. Draft Guidelines On Significant Credit Risk Transfer relating to Article 243 and Article 244 of Regulation 575/2013

CEA proposed amendments, April 2008

Final Draft Regulatory Technical Standards

FUTURE BANK B.S.C. (c) PILLAR III QUALITATIVE DISCLOSURES 31 DECEMBER 2013 RISK MANAGEMENT

Risk Management. Credit Risk Management

Use of Internal Models for Determining Required Capital for Segregated Fund Risks (LICAT)

COMMISSION DELEGATED REGULATION (EU) No /.. of

Prudential Standard GOI 3 Risk Management and Internal Controls for Insurers

INTERNAL CAPITAL ADEQUACY ASSESSMENT PROCESS GUIDELINE. Nepal Rastra Bank Bank Supervision Department. August 2012 (updated July 2013)

COPYRIGHTED MATERIAL. Bank executives are in a difficult position. On the one hand their shareholders require an attractive

Santander response to the European Commission s Public Consultation on Credit Rating Agencies

OF RISK AND CAPITAL FOR BANKS USING ADVANCED SYSTEMS

Collective Allowances - Sound Credit Risk Assessment and Valuation Practices for Financial Instruments at Amortized Cost

Solvency II Insights for North American Insurers. CAS Centennial Meeting Damon Paisley Bill VonSeggern November 10, 2014

EBA/RTS/2013/07 05 December EBA FINAL draft Regulatory Technical Standards

Guideline. Earthquake Exposure Sound Practices. I. Purpose and Scope. No: B-9 Date: February 2013

INTERNAL CAPITAL ADEQUACY ASSESSMENT PROCESS MODULE

CEBS Public Consultation on Liquidity Cost Benefit Allocation (CP 36) Presentation at Public Hearing 1 June 2010, London Dominique Laboureix

ECB Guide to the internal liquidity adequacy assessment process (ILAAP)

Guidelines on the management of interest rate risk arising from nontrading (EBA/GL/2015/08)

Capital Management 4Q Saxo Bank A/S Saxo Bank Group

BERMUDA MONETARY AUTHORITY THE INSURANCE CODE OF CONDUCT FEBRUARY 2010

External Data as an Element for AMA

EBF response to the EBA consultation on prudent valuation

Pillar 3 Regulatory Disclosure (UK)

I. Scenario Analysis Perspectives & Principles

Official Journal of the European Union L 341. Legislation. Non-legislative acts. Volume December English edition. Contents REGULATIONS

Supervisory Review and Evaluation Process (SREP) Credit institutions

Quantitative and Qualitative Disclosures about Market Risk.

DECISION ON RISK MANAGEMENT BY BANKS

Structured ScenarioS

References: Articles to , to and of the AMF General Regulation

ESMA-EBA Principles for Benchmark-Setting Processes in the EU

COMMISSION DELEGATED REGULATION (EU) No /.. of

PRA RULEBOOK CRR FIRMS INSTRUMENT 2013

Corporate Governance of Federally-Regulated Financial Institutions

PRE CONFERENCE WORKSHOP 3

COMMISSION DELEGATED REGULATION (EU) /... of

Consultation Paper. Draft Regulatory Technical Standards

BERMUDA INSURANCE (GROUP SUPERVISION) RULES 2011 BR 76 / 2011

BERMUDA MONETARY AUTHORITY GUIDELINES ON STRESS TESTING FOR THE BERMUDA BANKING SECTOR

IAIS: Enterprise Risk Management for Capital Adequacy & Solvency Purposes. George Brady. IAIS Deputy Secretary General

TD BANK INTERNATIONAL S.A.

STATE BANK OF PAKISTAN BANKING POLICY & REGULATIONS DEPARTMENT

Report on Internal Control

EBA/CP/2015/ November Consultation Paper

A discussion of Basel II and operational risk in the context of risk perspectives

[ANNEX H-1. Investment firms with limited licence

Pillar 3 Disclosures Year ended 31 st December 2017

Defining the Internal Model for Risk & Capital Management under the Solvency II Directive

DECISION ON RISK MANAGEMENT BY BANKS

Guidance on leveraged transactions

Operational Risk Management: Regulatory Framework and Operational Impact

Consultation paper on CEBS s Guidelines on Liquidity Cost Benefit Allocation

EBA: LATEST DEVELOPMENTS REGARDING TECHNICAL ASPECTS OF IRRBB. January 2018

CRR IV - Article 194 CRR IV Principles governing the eligibility of credit risk mitigation techniques legal opinion

Guidelines on the treatment of CVA risk under the supervisory review and evaluation process (SREP) 27 January 2016 Public Hearing, London

EBA/CP/2013/ Consultation Paper

Consultation Paper. Draft Regulatory Technical Standards

EBA/GL/2013/ Guidelines

Transcription:

Management Solutions 2015. All rights reserved. Final draft RTS on the assessment methodology to authorize the use of AMA European Banking Authority www.managementsolutions.com Research and Development Management Solutions 2015. All rights reserved. June Page 20151

Content Introduction Executive summary Detail Next steps Management Solutions 2015. All rights reserved. Page 2

Introduction The EBA has published final RTS setting out quantitative and qualitative requirements under which the competent authorities may permit institutions to use the AMA for the calculation of own funds requirements for operational risk The CRR allows competent authorities to permit the use Advanced Measurement Approaches (AMA) for the calculation of own funds requirements for operational risk to those entities that meet certain quantitative and qualitative requirements. In this regard, the CRR contains a mandate addressed to the EBA to specify the assessment methodology under which the competent authorities may permit institutions to use the AMA. To carry out this mandate, the EBA has published final RTS specifying the qualitative and quantitative requirements that shall be considered by competent authorities, which will replace the former guidelines published by the CEBS. These RTS are aimed at ensuring that the operational risk measurement systems are based on a well-founded methodology, are effective in capturing institutions actual and potential operational risk, are reliable and robust in generating AMA regulatory capital requirements and are comparable across institutions. The following is an analysis of the requirements that shall be considered by competent authorities under the RTS of the EBA. Management Solutions 2015. All rights reserved. Page 3

Content Introduction Executive summary Detail Next steps Management Solutions 2015. All rights reserved. Page 4

Executive summary The document published by the EBA is divided into three main sections: scope of operational risk, qualitative standards and quantitative standards Scope of application Regulatory context The RTS are addressed to competent authorities. Institutions that are likely to obtain an approval authorization for the use of AMA are those within the scope of application of the CRR. Directive 2013/36/EU (CRD IV) and Regulation 575/2013 (CRR). Guidelines on the scope of operational risk and operational risk loss, CEBS. Operational Risk Supervisory Guidelines for the Advanced Measurement Approaches, BCBS. Main content Scope of operational risk Qualitative standards Quantitative standards Definition of operational risk, which includes: o Legal risk o Model risk o Financial transactions risk Governance: senior management involvement, reporting, etc. Use Test: internal purposes, integration in the day-to-day risk management process, etc. Audit and internal validation: audit and internal validation functions and governance. Data quality and IT infrastructure. Use of the 4 elements: internal data, external data, scenario analysis and business environment and internal control factors. Core modeling assumptions of the measurement system. Expected loss and correlation. Capital allocation. Insurance and other risk transfer mechanisms. Next steps The RTS will enter into force on the twentieth day following that of its publication in the Official Journal. For institutions using AMA, or for institutions which have already applied for a permission to use AMA, these RTS shall apply from one year after its entry into force. Management Solutions 2015. All rights reserved. Page 5

Content Introduction Executive summary Detail Next steps Management Solutions 2015. All rights reserved. Page 6

Detail Scope of operational risk The scope of operational risk includes events and losses that are related to legal risk, model risk, and financial transactions risk Scope of operational risk Scope Competent authorities shall verify that institutions identify, collect and treat data on operational risk events and losses related to legal risk, model risk, and financial transactions risk (including those related to market risk). Risk type: Events and losses: Legal risk Breach of rules (legislative provisions, contractual arrangements or internal rules) resulting in legal proceedings (judicial or out of court). Model risk Financial transactions risk Improper definition of a model and its characteristics. Errors in the implementation of a selected model. Incorrect mark-to-market valuations and risk measurement. Use of a model for a purpose for which it was not intended, including manipulation of the parameters. Inappropriate monitoring of model performance. Failures and errors during the execution of orders. Errors in classification due to data entry errors or the software used. Loss of data on the data flow from the front to the middle and back offices. Errors related to the transaction amount, maturities, etc. Technical unavailability of access to the market. Unauthorised positions taken in excess of allocated limits. Management Solutions 2015. All rights reserved. Page 7

Detail Qualitative standards The qualitative standards on governance are related to the operational risk management process and management function, as well as to senior management involvement and reporting requirements Governance of operational risk 1 2 3 Governance Management process Management function Senior management involvement Competent authorities shall verify that institutions comply with the following aspects: 1. The management process (identification, measurement, monitoring) for operational risk is appropriate. 2. The operational risk management function is independent. 3. The senior management involvement with operational risk is active and consistent. 4. The reporting of the operational risk is regular, timely and sufficient. The management body: o Approves the operational risk management process, the governance of operational risk and the risk measurement system, which are revised at least on an annual basis. o Defines the operational risk tolerance in a written statement, including both quantitative and qualitative measures, and it monitors the institution s performance against the risk tolerance. Institutions have an on-going process to identify, assess and measure operational risk. It undertakes certain tasks (e.g. those related to the risk management process) separately from the institution's business lines. Not responsible for the audit function. Headed by the Chief Risk Officer, who meets certain requirements (appropriately experienced, involved in the elaboration of the operational risk tolerance, sufficient budget, etc.). It implements the governance and management framework approved by the management body. It has been delegated the task of developing policies and procedures for managing operational risk. 4 Reporting The reports include all material aspects of operational risk management and are distributed to appropriate levels of management, and ad hoc reports are used in case of certain deficiencies. The senior management receives at least quarterly reports. Management Solutions 2015. All rights reserved. Page 8

Detail Qualitative standards Institutions should use the AMA for internal purposes, so as to enhance operational risk management, organization and control. Moreover, the AMA output should be robust compared to the output obtained under the regulatory regime previously applicable Use test Use test Competent authorities shall verify that institutions comply with the requirements related to the uses of the AMA, integration into the day-to-day management, contribution to the risk management, and to organization and control, and the comparison of the AMA with the previous regulatory regimes. Detail of the aspects to be verified by competent authorities: Uses of the AMA Integration into the day-to-day management Risk management Organization and control Previous regulatory regimes The operational risk measurement system is used to manage risk across different business lines, and also for the purposes of the internal capital adequacy assessment (ICAAP). The operational risk measurement system is embedded within the various entities of the group. The operational risk management system is integrated into the day-to-day management and updated regularly as more experience in management and quantification of operational risk is gained. The operational risk measurement system contributes to the regular and prompt reporting of information that fully reflects the nature and operational risk profile. Institutions use the information from the system to take remedial actions for improving processes. There is communication within the institution regarding the definition of operational risk tolerance and the relationship between the institution s business strategy and its operational risk management. The operational risk measurement system increases transparency. Institutions calculate, before and after being granted the permission to use the AMA, their own funds requirements for operational risk under both the AMA and the regulatory regime previously applicable, at least quarterly Institutions demonstrate the stability and robustness of the AMA output. Management Solutions 2015. All rights reserved. Page 9

Detail Qualitative standards The RTS also specify the requirements that the audit and internal validation functions should meet in order to ensure the effectiveness of the risk measurement processes. Moreover, some requirements regarding data quality and IT infrastructure are included Audit and internal validation / Data quality and IT infrastructure Audit and internal validation Competent authorities shall verify that the audit and internal validation functions carry out their tasks regarding the operational risk management, and that the audit and internal validation governance is of a high quality. Audit and internal validation functioning The internal validation function provides a reasoned and well-informed opinion on whether the operational risk management system works as predicted. The audit function verifies the integrity of the operational risk policies and procedures. Governance Audit programs for reviewing the AMA framework cover all significant activities that could expose the institution to operational risk, including outsourced activities. The internal validation techniques are proportionate to the changing market and operating conditions. Data quality and IT infrastructure Competent authorities shall verify that the quality of the data used in the AMA framework is maintained over time and that the institution ensures an appropriate performance of the IT infrastructure. Data quality IT infrastructure Institutions have data to build and track its operational risk history. Data quality dimensions are appropriate to provide effective support to the operational risk measurement system (complete, relevant, timely, correct, accurate and consistent). Institutions have appropriate documentation for the design and maintenance of the databases. The IT infrastructure (system development life cycle-sdlc) ensures sound and proper performance of project management, risk management, governance, systems modelling, quality assurance in all activities, etc. Management Solutions 2015. All rights reserved. Page 10

Detail Quantitative standards CAs shall verify that institutions have internal documentation specifying how the four elements of AMA are gathered, combined and/or weighted, and that the institution has a clear understanding of how each of the four elements influences the AMA own funds requirements Use of the four elements of AMA Detail of the aspects competent authorities shall verify: 1 Internal data Institutions consider within the scope of operational risk pending losses, material uncollected revenues and timing losses, apart from the usual loss items. Institutions have defined gross loss, recovery and recovery except insurance. For each individual loss, institutions are able to define the date of occurrence, the date of discovery and the date of accounting. 2 External data Institutions have a data filtering process in place, which allows the selection of relevant data regardless of the loss amount. Institutions adopt a data scaling process involving the adjustment of loss amounts to fit the institutions business activities, nature and risk profile. 3 Scenario analysis Institutions have in place a robust governance framework (clearly defined, well documented, credible and reliable estimates, etc.), irrespective of whether the scenario is used for evaluating high severity events (low frequency) or the overall operational risk exposure. 4 Business environment and Internal Control Factor The institutions business environment and internal control factors (BEICF) are forward looking and reflect potential sources for operational risk. Institutions have clear policy guidelines that limit the magnitude of reductions in the AMA own fund requirements due to BEICF adjustments. Management Solutions 2015. All rights reserved. Page 11

Detail Quantitative standards The RTS also establish quantitative standards related to core modelling assumptions of the operational risk measurement system Core modeling assumptions of the operational risk measurement system Detail of the aspects competent authorities shall verify: Building calculation Data set Institutions apply gross loss amounts or gross loss amount after all recoveries except insurance, use the date of discovery or the date of accounting, apply minims modelling thresholds, employ appropriate adjustments rates on the data where inflation and deflation effects are material, group loss caused by multiple events into the calculation data set as a single loss, etc. Granularity Identification of loss distributions Determination of aggregated loss distributions Institutions classify operational risk categories based on homogeneous, independent and stationary data. The level of granularity of the operational risk categories is realistic and is reviewed regularly. The process for the selection of the loss distribution contains Exploratory Data Analysis (EDA) for each operational risk category, appropriate techniques for the estimation of parameters and appropriate tools for evaluating the appropriateness of distributions, especially in the tail. Institutions consider the positive skewness and leptokurtosis; where the data are much dispersed in the tail, empirical curves are not used but sub-exponential are used; institutions have in place methodologies to reduce the variability of estimates of parameters, etc. The techniques elaborated by the institution ensure appropriate levels of precision and stability of the risk measures. Irrespective of the techniques used (Monte Carlo, Fourier Transform, etc.), institutions adopt criteria that mitigate errors and proved measures of the magnitude of these errors. Management Solutions 2015. All rights reserved. Page 12

Detail Quantitative standards The EBA also sets out specific requirements that competent authorities should verify related to the process for estimate the expected loss. In addition, institutions should consider any form of linear or non-linear dependence Expected loss and correlation Expected losses Competent authorities shall verify that: The methodology for the estimate of EL is consistent with the operational risk measurement system, and that the EL estimation process is done by operational risk category and is consistent over time. Institutions use statistics that are less influenced by extreme losses. The maximum offset for EL applied by an institution is bound by the total EL, and that the maximum offset for EL in each operational risk category is bound by the relevant EL applied tot that category. The offsets the institutions allow for EL in each operational risk category are capital substitutes, or otherwise are available to cover EL with high degree of certainty over the one-year period. Institutions clearly document how the EL is measured and captured. Correlation Competent authorities shall verify that an institution carefully considers any form of linear or non-linear dependence, across two or more operational risk categories or within an operational risk category. In particular, they shall verify that: Institutions support their correlation assumptions on an appropriate combination of empirical data analysis and expert judgement. That losses within each operational risk category are independent of each other; or in case that is not possible, dependent losses are aggregated together. Institutions carefully consider dependence between tail events, and they do not base the dependence structure on Gaussian or Normal-like distributions. Assumptions regarding dependence used by institutions are conservative. Institutions properly justify the dependence assumptions they use and that they use regularly perform sensitivity analysis with the view to assessing the effect of the dependence assumptions of its AMA own funds requirements. Management Solutions 2015. All rights reserved. Page 13

Detail Quantitative standards Finally, the RTS establish specific quantitative requirements related to capital allocation mechanisms. Similarly, institutions should meet certain requirements about insurance and other risk transfer mechanisms Asignación del capital y seguros Capital allocation Competent authorities shall verify that: The allocation takes into account potential differences in risk and quality of operational risk management between the parts of the group to which the own funds are allocated. There is no foreseen practical or legal impediment to the prompt transfer of own funds repayments of liabilities. The own funds allocation from the consolidated group level to the parts of the group involved in the operational risk measurement system relies on risk sensitive methodologies. Insurance The competent authorities shall verify that: The insurance provider meets the authorization requirement of the CRR. The insurance is provided via a third party. The institution avoids the multiple counting of risk mitigation techniques. The risk mitigation calculation reflects the insurance coverage. In this regard, the insurance coverage relates to the institution s operational risk profile and uses a sophisticated risk mitigation calculation. The institution s methodology for recognizing insurance captures all the relevant elements through discounts or haircuts. Management Solutions 2015. All rights reserved. Page 14

Índice Introduction Executive summary Detail Next steps Management Solutions 2015. All rights reserved. Page 15

Next steps The RTS shall enter into force on the twentieth day following that of its publication in the Official Journal. Nonetheless, for institutions using AMA, or for institutions which have already applied for a permission to use AMA, these RTS shall apply from one year after its entry into force Next steps Next steps The RTS will enter into force on the twentieth day following that of its publication in the Official Journal of the European Union. For institutions using AMA, or for institutions which have already applied for a permission to use AMA, these RTS shall apply from one year after its entry into force. Management Solutions 2015. All rights reserved. Page 16

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback