340 likes | 360 Views
The Intersection of, and the linkages between Credit, Operational and Other Material Risks. BIS/ FSI March 12, Bali. Fooled by what we (fail to) see. What we perceive is often clouded by what we expect
E N D
The Intersection of, and the linkages between Credit, Operational and Other Material Risks BIS/ FSI March 12, Bali
Fooled by what we (fail to) see • What we perceive is often clouded by what we expect • Failing to see what now seems obvious (sub-prime mortgages, Ninja loans, Single Delta Traders with 55 billion EUR exposure) • Preparing to win the previous war
Agenda • Methodological developments in ORM vs CRM • Governance developments in ORM vs CRM • Supervisory treatment of ORM vs CRM • Relevance of distinctions between risk types for Pillar one, two and three • Relevance of distinctions between risk types for Economic Capital
ORM CRM Counterparties Limits Exposure Tenor Processes People Systems External Events 1. Methodological developments in ORM vs CRM Object of analysis: The analysis in CRM appears to be in Amounts and Probabilities. The analysis in ORM appears to be in soft quality terms: HML, RAG etc”
A set of tools with a specific and well defined purpose A mathematical exact way to compute capital Ingredients no longer recognisable post process Methodological developments in ORM vs CRM
Typical modelling issues for ORM • Comparability of data across the organization • Continuity of Loss Data • Assuring completeness of loss data • Predictive value of internal losses
Typical modelling issues for CRM • What looks uniform may not be • Models can be overfitted • Appropriateness of models (e.g. scoring SMEs or new countries) • AAA is not always AAA • Data Quality
Dealing with Change is a problem for ORM and CRM • Organisational change • Inflation • Currency movements • Environmental change (e.g. technological change) • Business change
Methodological developments in ORM vs CRM What CRM can take from ORM: • Source data at many levels • Model data at many levels • Use external data to augment internal data • Use many modelling techniques: Actuarial VaR models, Neural Networks, Baysian Belief Systems, Extreme Value Theory
Methodological developments in ORM vs CRM What ORM can take from CRM: • Quantify methods (e.g. application scorecards) • PIT and TTC analysis • Use relative measures (AA+, AA, BBB) • Tie relative measures to hard reference points (PDs) • Stress testing • Back testing
Agenda • Methodological developments in ORM vs CRM • Governance developments in ORM vs CRM • Supervisory treatment of ORM vs CRM • Relevance of distinctions between risk types for Pillar one, two and three • Relevance of distinctions between risk types for Economic Capital
ORM CRM Strict authorities Tiered approvals Specialists domain High frequency Implied responsibility Business is sovereign Consensus decisions Low frequency 2. Governance developments in ORM vs CRM Governance style: The Governance in CRM is built around Limit setting The Governance in ORM is built around consensus assessments
Governance issues for ORM and CRM • Transparency • Accountability • Keeping all focused on the end goal • Safeguard in hazardous circumstances
Governance developments in ORM vs CRM What CRM can take from ORM: • All major business decisions require ORM analysis. (Note: This assumes little a priori certainty) • ORM requires decisions are made by business using ORM information • ORM permeates throughout the organisation
Governance developments in ORM vs CRM What ORM can take from CRM: • Strictness of language • Clarity in CRM concepts (EAD, UAD, LGD, UCR) • Uniformity in reporting • Limit setting by assigned staff • Limit monitoring by assigned staff • Committee structure by exposure / limits
Agenda • Methodological developments in ORM vs CRM • Governance developments in ORM vs CRM • Supervisory treatment of ORM vs CRM • Relevance of distinctions between risk types for Pillar one, two and three • Relevance of distinctions between risk types for Economic Capital
3. Supervisiory treatment of ORM and CRM In June 2006, the FSA published a consultative paper called “Strengthening Capital Standards” (06/3) On IRB it mentions: 19.4 “The draft Handbook text requires the‘governing body’or a‘designated committee’and senior management to approve all material aspects of the rating and estimation process.” On AMA it mentions: 19.14: “… we highlighted that the draft Handbook text and the CRD do not include explicit requirements for senior executives to approve and understand the standardised approach (TSA) or AMA models.”
Supervisory treatment of ORM vs CRM The Basel accord shows an interesting split in attention to the risk types. Below, the number of pages on CRM and ORM in the final text of the Accord CRM ORM Pillar 1 122 12 Pillar 3 7 0.3
Supervision, seen from a bank’s point of view • Prescription vs Institutional freedom • Focus should be on compliance to minimal standards and the use test • Supervision based only on quantitative loss data (as seems to happen in ORM) is giving perverse incentives
Supervisory treatment of ORM vs CRM What CRM can take from ORM: • Letting 100 flowers bloom can lead to a field of tulips • By broadening the scope, adjacent risks can be captured too • Scenarios are crucial • Question: Is 5 years of history enough?
Supervisory treatment of ORM vs CRM What ORM can take from CRM: • Different regimes for different circumstances • Prescription does not kill the cat • Model validation is a crucial step • The use test is well embedded in CRM practice • A Question: Is 7 years of history necessary?
Agenda • Methodological developments in ORM vs CRM • Governance developments in ORM vs CRM • Supervisory treatment of ORM vs CRM • Relevance of distinctions between risk types for Pillar one, two and three • Relevance of distinctions between risk types for Economic Capital
4) Relevance of distinctions between risk types for Pillar 1, 2, 3 • Accuracy over uniformity • Completeness can be achieved though integration • Pillar 2 is a problem for banks • Pillar 3 is not yet established enough
What do we see in Pillar 2? • Should Risk types be distinct under pillar 2? • What is the correct time horizon? • Are confidence levels too high? • Note that smooth curves are rarely observed • EL is not well established
ICAAP looks across risk types • Should Risk types be distinct under pillar 2? • What is the correct time horizon? • Are confidence levels too high? • Note that smooth curves are rarely observed • EL is not well established
Pillar 3 example Many banks are now reporting extensively on Risk in their annual reports. A non-representative sample of 8 major banks (US and EU based global banks) related to the relative number of pages on Risk in the Annual report 2000 2006 Avg % <1% 5% Minimum % 0% 1% Maximum % 3% 8%
Relevance of distinctions between risk types for Pillar 1, 2, 3 What CRM can take from ORM: • ORM is too new to have much experience with regulatory reporting in different circumstances • Weak in Pillar 1; Can be a source for Pillar 2 due to the ICAAP requirements; Pillar 3 not developed
Relevance of distinctions between risk types for Pillar 1, 2, 3 What ORM can take from CRM: • A long history of regulatory reporting • Clear focus on what the CRM domain entails • Definition of Appetite • Strong focus on Pillar 1, Less focus on Pillar 2 (although liquidity risk is flavour of the month), Few issues yet in Pillar 3
Agenda • Methodological developments in ORM vs CRM • Governance developments in ORM vs CRM • Supervisory treatment of ORM vs CRM • Relevance of distinctions between risk types for Pillar one, two and three • Relevance of distinctions between risk types for Economic Capital
Economic Capital Credit Risk Market Risk Operational Risk Business Risk Other Risk Relevance of distinctions between risk types for EC Economic capital is held to cover unexpected losses • Loans and Leases • Commitments • Letters of Credit • Bonds, etc. • All Financial Instruments • Trading Activities • Principal Investing • Other Real Estate Owned • Residual Values • Fixed Assets • Servicing rights, and • Joint Ventures • Inadequate or failed internal processes, people and systems • External events • Revenue volatility • The degree of operating leverage, and • The pre-tax profit margin
Common issues with EC • Does the EC calculation truly reflect serious downturns? • Can we scale external data to our own institution? How about using External Ratings? • Should one use also circumstantial information • How to ensure consistency over time
Relevance of distinctions between risk types for EC What ORM can take from CRM: • Capital calculations can de used in decisions • Risk is not a fixed amount but should be adjusted frequently • PL and NPL concepts
Relevance of distinctions between risk types for EC What CRM can take from ORM: • EC is not about isolated risks. EC should be for all risks. Boundaries between risk types can be useful, but are also artificial