National Risk Committee (NRC) Semiannual Risk Perspective Fall 2015
NRC Risk Priorities and Actions Underwriting Strategic Risk Interest Rate Risk Cybersecurity Compliance Easing confirmed in examinations and surveys Effective strategic planning key to managing risk Impact of eventual rise in interest rates Operational resiliency impacts event recovery Compliance challenges continue with new regulations
Strategic Risk Key Risk Themes Implication: Anxiety for income Competitive pressures result in changed business models and increased risk taking and risk layering to meet competition and increase revenues via higher volume and yield Strategic sustainability, market niches, risk appetites, and merger/acquisition opportunities are continually being assessed Innovative products, services and processes often involve expanded reliance on third-party relationships, all which require sound risk management and effective planning Limited management succession and talent retention options 3
Credit Risk Key Risk Themes Implication: Easing underwriting standards and practices Credit risk building while traditional lagging credit quality metrics stabilize Competition resulting in eased underwriting across a variety of credit products, but particularly in auto and leveraged lending Weakening of underwriting standards also noted in C&I, CRE, asset based lending and multifamily Risk layering via increased collateral advance rates, waiving/loosening of guarantees and covenants, and more liberal repayment terms such as extended interest-only payments Increasing policy, underwriting, and collateral exceptions ALLL, capital and concentration risk management need to keep pace with increased loan growth and underwriting concessions 4 4
Operational Risk Key Risk Themes Implication: Systems not keeping pace with changes and threats Banks continue to be targets of coordinated, sophisticated and evolving cyberattacks. The OCC and the FFEIC are working to raise awareness and provide assessment tools Banks may not be adequately incorporating resiliency considerations into their overall governance processes, increasing their vulnerability Business models are under pressure as bankers launch new products, leverage technology, and increase reliance on automated controls Number, nature and complexity of foreign and domestic third-party relationships continue to expand, increasing concentration and risk management challenges Increased use of foreign central counterparties can expose banks to additional credit, liquidity, concentration, legal, and political risk 5
Compliance Risk Key Risk Themes Implication: Increased risk due to inadequate resources or expertise The new integrated mortgage disclosure requirements are expected to pose significant compliance challenges for some banks Some compliance programs have failed to evolve or incorporate appropriate controls into new products, services, regulatory changes and changing customer profiles Changing money laundering methods and growth in the volume and sophistication of electronic banking fraud challenge compliance risk managers Difficult to attract and retain compliance and BSA/AML expertise 6 6
Interest Rate Risk Key Risk Themes Implication: Vulnerability to rapidly rising interest rates The ongoing low interest rate environment continues to lay the foundation for future vulnerability The effect of a potential competitive environment on deposits, including the effect on liquidity, merits additional analysis and stress testing to support underlying assumptions Banks that extend asset maturities for yield could face significant earnings pressure and capital erosion, depending on the severity and timing of interest rate moves as well as changes in the yield curve Asset managers seeking to increase yields in client portfolios face similar reputation and compliance risks Diminished market liquidity and market depth could exacerbate liquidity concerns during a stress event that causes excessive volatility 7
NRC Watch List Exposure to oil- and gas-related sectors and firms Increasing loan concentrations in multifamily CRE and nondepository financial institution sectors The appropriateness of ALLL levels and methods given loan growth, easing in underwriting, and layering of credit risk Banks ability to exit balance-sheet positions because of declining market liquidity or depth Implementation of the new TILA-RESPA integrated mortgage disclosure requirements 8
Condition Large Banks Sound financial condition with continued positive trends in traditional asset quality metrics, liquidity, and capital Earnings and management of operational and compliance risk remains a challenge Top 5 MRA categories are credit, capital markets, BSA/AML, consumer compliance, and bank information technology Key Risks weaknesses and gaps within governance and ERM to heightened standards a high level of operational risk across a spectrum of activities an increasing volume and sophistication of cyber threats and IT vulnerabilities elevated consumer compliance and BSA/AML risks erosion of underwriting standards particularly in leveraged, auto and commercial loans and appropriateness of the ALLL weaknesses in model risk and third party risk management increased competition for retail deposits that could increase cost of funds pressure 9
Supervisory Priority Governance/oversight Large Banks Supervisory Action Assess feasibility and risks posed by business model and strategy changes. Identify substantive gaps in heightened standards compliance. Credit/underwriting Cyber/operational risk Compliance Review underwriting practices, especially for leveraged loans, indirect auto, nondepository financial institutions and some sectors of CRE. Continue to assess HELOC end-of-draw risk mitigation efforts. Assess information security/data protection, model risk and third-party risk management, and banks programs to assess and respond to cyber attacks. Focus on the adequacy of enterprise-wide compliance risk management, including BSA/AML and fair access programs. 10
Community and Midsize Banks Condition Satisfactory and improving as reflected in positive trends in traditional asset quality indicators Earnings pressures persist at many banks because of acute competition for quality lending opportunities and declining earning asset yields Top 5 MRA categories are credit, enterprise governance, information technology, BSA/AML, and consumer compliance Key Risks high strategic risk as banks adapt their business models board and management succession, retention of key staff easing of underwriting standards in high-growth loan products potential exposure to oil- and gas-related industries and firms expansion into new products/services without specialized management or skills increasing volume and sophistication of cyber threats increasing BSA/AML risk and reliance on third parties increased competition from larger banks for retail deposits and increasing exposure to IRR from instability in the deposit base change management necessary to meet new mortgage-related compliance rules 11
Community and Midsize Banks Supervisory Priority Strategy planning/ governance Credit underwriting Supervisory Action Assess business model and strategic changes, reinforce importance of sound corporate governance and strategic planning. Evaluate underwriting practices for easing in structure and terms on new or renewed loans in high growth products or concentrated portfolios. Assess HELOC end-of-draw risk mitigation efforts. Cyber/operational risk Compliance Interest rate risk Assess information security/data protection, model and third party risk management, and banks programs to assess and respond to cyber attacks. Focus on the adequacy of compliance risk management, including BSA/AML and fair access programs. Evaluate management of IRR with specific attention to deposit stability assumptions. 12
Questions? Related Links OCC Semiannual Risk Perspective for Fall 2015 (PDF) Remarks by Comptroller of the Currency Thomas J. Curry (PDF) 13