160 likes | 167 Views
This article discusses the critical challenge facing banks and regulators under Basel II and the importance of implementing Pillar 2 for improving risk management. It outlines the main objectives and principles of Pillar 2 and emphasizes the need for banks to assess their overall capital adequacy in relation to their risk profile. The article also highlights the inherent risks that Pillar 2 aims to address and the key factors involved in implementing effective risk management systems and controls.
E N D
The critical challenge facing banks and regulators under Basel II: improving risk management through implementation of Pillar 2 Simon Topping Hong Kong Monetary Authority 28 September 2004 GARP Asia Pacific Convention
Implementation of Basel II in Hong Kong • Hong Kong is one of the first jurisdictions to publish detailed implementation plans for Basel II • Re Pillar 1, we will allow institutions to choose between standardised approach, foundation IRB and advanced IRB for credit risk, and between basic indicator approach and standardised approach (not AMA) for operational risk; we will also allow smaller institutions to choose a “basic” approach • Institutions can now plan accordingly. The first big question is whether - and when – to adopt IRB • But focus is now shifting to a second key consideration – what plans to make in relation to “Pillar 2” risks
Main objectives of Pillar 2 • Ensure that banks have adequate capital to support all the material risks in their business • More comprehensive recognition of risk, including risks not covered (e.g. interest rate risk in the banking book) or not adequately covered (e.g. credit concentration risk) under Pillar 1 • Encourage banks to develop and use better risk management techniques • Focus on banks’ capital planning and risk management capabilities (not just on setting of capital)
Four Pillar 2 Principles • Principle 1 : Banks should have a process for assessing their overall capital adequacy in relation to their risk profile and a strategy for maintaining their capital levels (i.e. CAAP) • Principle 2 : Supervisors should review and evaluate banks’ internal capital adequacy assessments and strategies • Principle 3 : Supervisors should expect banks to operate above the minimum regulatory capital ratios and should have the ability to require so • Principle 4 : Supervisors should seek to intervene at early stage to prevent capital from falling below the minimum levels required to support the risk characteristics of a particular bank
Principle 1 • Banks should have a process for assessing their overall capital adequacy in relation to their risk profile and a strategy for maintaining their capital levels • Banks must be able to demonstrate that chosen internal capital targets are well founded and that these targets are consistent with their overall risk profile and current operating environment. In assessing capital adequacy, bank management needs to be mindful of the particular stage of the business cycle in which the bank is operating. Rigorous, forward-looking stress testing that identifies possible events or changes in market conditions that could adversely impact the bank should be performed. Bank management clearly bears primary responsibility for ensuring that the bank has adequate capital to support its risks
The five main features of a rigorous process for assessing capital adequacy • Board and senior management oversight • Sound capital assessment • Comprehensive assessment of risks • Monitoring and reporting • Internal control review
Fundamental elements of sound capital assessment • Policies and procedures designed to ensure that the bank identifies, measures, and reports all material risks • A process that relates capital to the level of risk • A process that states capital adequacy goals with respect to risk, taking account of the bank’s strategic focus and business plan • A process of internal controls, reviews and audit to ensure the integrity of the overall management process
Pillar 2 factors (1) • Risks not directly captured under Pillar 1 • Credit concentration risk • Interest rate risk in the banking book • Liquidity risk • Risks arising from portfolio analysis / aggregation (other than credit concentration risk) – e.g. aggressive credit expansion, rapid deterioration of asset quality etc. • Strategic / reputation risks • Business cycle risk
Pillar 2 factors (2) • Risks not fully captured under Pillar 1 • Residual operational risk (including legal risk) • Residual credit risk (e.g. ineffective credit risk mitigation) • Risks arising from securitisation / complex credit derivatives (e.g. insufficient risk transfer, market innovations, etc.) • Systems and controls • Risk management system • Policies, procedures and limits for managing inherent risks • Risk measurement, monitoring and reporting systems / processes to ensure compliance with established policies, procedures and limits
Pillar 2 factors (3) • Systems and controls (cont’d) • Internal control system and environment • Segregation of duties and responsibilities • Audit and compliance functions • Infrastructure to meet business needs • IT capability and reliability to support business initiatives • Competence, sufficiency and stability of key staff • Outsourcing arrangements • Other support systems • Anti-money laundering system / accounting system etc.
Pillar 2 factors (4) • Capital adequacy and capability to withstand risks • Adequacy and effectiveness of CAAP • Capital adequacy to meet current and future business needs and to withstand business cycles and adverse economic conditions • Quality of capital • Access to additional capital, particularly under stressed situations • Strength and availability of parental support, where applicable • Capital contingency plan
Pillar 2 factors (5) • Corporate governance • General compliance with corporate governance guidelines • Risk management knowledge and experience of the board and senior management • Awareness of the board and senior management in relation to risk management and control issues • Participation and involvement of the board and senior management in : • risk management processes • risk management development and enhancement • Responsiveness of the board and senior management to supervisory concerns in respect of risk management and control weaknesses
Conclusions • Planning for Pillar 2 is possibly even more challenging than for Pillar 1, as it is not simply a matter of choosing between a limited number of options • Rather, banks need to raise their awareness of risk and determine a long-term strategy for improving the identification, assessment and management of their risk • While improved risk management should bring its own rewards, it may also translate into lower regulatory capital requirements as the regulator’s degree of comfort with the bank’s risk management practices increases • Ultimately, a little further down the line, it should be banks themselves that decide how much capital they need, not regulators. But the process will have to be highly developed, systematic, and all-encompassing – quite a challenge