Building a Stress Testing Framework to combine internal and regulatory stress tests to gain a full view of risks 12 th November 2019 1 Information classification: Confidential
Disclaimer This presentation has been prepared solely by the author and contains the thoughts and insights of the author. 2
Overview • This presentation outlines 2 key aspects to building a framework to combine regulatory and internal stress tests, to gain a full view of risks. • The framework fundamentals that must be in place to undertake, approach and combine internal and external stress tests ST Framework • Regulatory considerations • Board & senior management engagement • Risk inventory Stress test reconciliation • Planning an all risks view for stakeholders Full view of risks • Incorporating new risks in the Stress Testing plans • Planning, risk Identification & Mitigation Information classification: Confidential
1. Framework Fundamentals The following lists out the basic building blocks that make up a Stress Testing Framework. ASPECT Questions IMPORTANCE OF STRESS TESTING What is it and why is it important? USAGE/LINKAGE TO ENTERPRISE RISK & The part that Stress Testing plays in identifying risks and Risk Appetite setting RISK APPETITE FRAMEWORKS Usage includes capital adequacy assessment, strategic decision making etc RISK TYPES covered eg Capital adequacy risk (covering Credit , Market Operational, P/L etc) Liquidity risk Earnings volatility risk Strategic risk Regulatory risk SCOPE Regulatory stress tests (ICAAP/ILAAP/ RRP) Internal stress tests (Budget) Group-wide stress tests (ACS 2020, EBA 2020 etc) Legal entity stress tests ROLES & RESPONSIBILITIES & OPERATING How is the institution organised to undertake stress testing? MODEL Role of Board 3LoD Which functions are in each LoD? End to end Process Controls over Planning, Scenario setting, Execution, Governance and Reporting GOVERNANCE What are the governance arrangements in place to review, challenge and approve the ST results? RISK ASSESSMENT What is the process for assessing identified business/ portfolio/ regulatory etc risks for inclusion in the stress test? RELATED POLICIES What other policies should also be considered eg Model Risk policy, EUDA policy? APPROVAL Who approves the framework? 4 4 Information classification: Confidential
2. Regulatory Fundamentals • The Stress Testing function must regularly self assess adherence to regulatory guidelines and ensure it has plans in place to address the identified shortfalls • Note the emphasis on risk identification and risk management below BIS Egs • ST should form an integral part of the overall governance and risk management culture of the bank BIS Principles 2009 • ST ensures promotion of risk identification & control • Infrastructure should be robust but flexible to modify stress tests and levels of granularity BCBS • Stress testing frameworks should have clearly articulated and formally adopted objectives • Stress testing frameworks should include an effective governance structure • Stress testing should be used as a risk management tool and to inform business decisions • Stress testing frameworks should capture material and relevant risks and apply stresses that are BCBS guidance sufficiently severe October 2018 • Resources and organisational structures should be adequate to meet the objectives of the stress - 9 overarching testing framework principles (with c 100 • Stress tests should be supported by accurate and sufficiently granular data and by robust IT systems sub principles) • Models and methodologies to assess the impacts of scenarios and sensitivities should be fit for purpose • Stress testing models, results and frameworks should be subject to challenge and regular review • Stress testing practices and findings should be communicated within and across jurisdictions EBA Egs: • ST covers all material risks and, in particular, allows the identification of emerging vulnerabilities that Regulatory principles/ could potentially be further assessed even in the same stress testing exercise standards eg EBA • Stress tests should take into account all types of material risk having regard to both the on- and off- guidelines, local balance-sheet assets and liabilities of an institution regulatory guidance • Stress tests should capture risks at various levels in an institution. 5 Information classification: Confidential
3. Board & senior management Fundamentals • The key to a successful integrated approach to stress testing is to ensure the Board and senior management are engaged and actively sponsor/ buy in to the types of stress testing and risk coverage undertaken Stress Testing function focus Outcomes Aspect • Articulated responsibilities • Obtain Board meeting Terms of Reference Responsibilities and objectives with • Understand who comes within remit of Understanding of the Board’s (including respect to Stress testing Senior Manager regime and how their NEDs) and senior management objectives are set with respect to Stress responsibilities regarding Stress Testing Testing • Stress Testing plans Annual Plan defined and • Define stakeholder audience and Preparation and presentation of the Annual communicated to Stress testing plan to Board and senior frequency of update appropriate audiences at Execs agreed frequency • Regulatory expectations of the Board’s • Board Challenge/ Approval Board Approval involvement and fulfilment of its of the Stress Testing Board approval of Stress testing Framework and Stress results responsibilities framework/ major results • Consistency of understanding leading to • Devise suitable Stress testing Education fuller engagement Education briefings and ensure rolled out as • Observed ability to fulfil Board/ NED and senior management appropriate education on stress testing required roles and responsibilities eg degree 6 of Board level debate Information classification: Confidential
4. Risk Inventory/ Stress Test Reconciliation Risk Inventory Sub-risks ICAAP ILAAP REG STRESSES Other Follow-ups Credit …….. ü Included …….. ü etc Market etc Operational (inc Fraud) Conduct Pension Capital Adequacy Funding & Liquidity Regulatory Compliance AML Reputational Other Balance Intangible assets Eg: Attention Sheet risks Eg Intra-group needed on … Etc Information classification: Confidential
5. Planning an all risks view/ insight to stakeholders • An all risks view of stress testing is best served by identifying all activities/ stakeholders (both internal and external) and • Bringing together regular insightful Consolidated MI/ Reporting incorporating answers to the ‘So what ?‘ question ‘Silo’ Activity Usage Benefits Stakeholders Capital adequacy Sufficiency and • ICAAP Regulatory deliverables • Board efficiency of capital • Focus on more/less capital intensive businesses • Regulators • Capital planning/ optimisation • Businesses • Treasury Liquidity adequacy Short term • ILAAP Regulatory deliverables • Ratings survivability • Focus on more/less liquidity intensive businesses Agencies/Investors • Liquidity planning Budget planning Testing credibility of • Credibility of target financial ratios the Strategic plan • Informs Dividend decisioning Risk Appetite setting Credit, Earnings • Short term and medium term profitability and Volatility, portfolios business focus and products Acquisitions & Disposals Decisioning • Alignment with strategy Reverse Stress Testing Recovery & • Scenarios that break the business model/ bank and Resolution Planning extent of Management Actions to bring it back Lessons Learnt Self improvement on • Better stakeholder added value on future exercises • Board each exercise • More transparent risk coverage • Businesses • Treasury Forward looking risk All risks enterprise • Informs perspectives of ‘Whats over the hill and radar wide view around the corner?’ eg new risks/ new stress tests Consolidated dashboard Integrated Stress • An easy to read risk radar to enable Board and testing (internal) businesses to identify risks and make timely Reporting decisions 8 8 Information classification: Confidential
6. Incorporating new risks in the Stress Testing plans Processes Plan & Run Stress Test xxx Identify risks covered in Stress test xxx. Execute Stress test. Analyse/Report Provide insight in to risk management; Are all relevant identified Balance results sheet and P/L risks suitably stressed?? Update Stress Board/ exec Board and executive challenge of the results Test Annual plan discussion (identifying risks covered) Follow up Consequences of the results/ follow up actions actions/ issues What risks did we not cover eg Intragroup? What new/ modified Identification of stress tests are required? What further insight does the Board new risks need? Assess materiality of risks/ Undertake formal lessons learnt process Assess Lessons Learnt and feed back into future stress test plans materiality 9 Information classification: Confidential
Recommend
More recommend