Xem mẫu
- The critical challenge facing banks and
regulators under Basel II: improving
risk management through
implementation of Pillar 2
Simon Topping
Hong Kong Monetary Authority
28 September 2004
GARP Asia Pacific Convention
1
- Implementation of Basel II in Hong Kong
• Hong Kong is one of the first jurisdictions to publish
detailed implementation plans for Basel II
• Re Pillar 1, we will allow institutions to choose between
standardised approach, foundation IRB and advanced IRB
for credit risk, and between basic indicator approach and
standardised approach (not AMA) for operational risk; we
will also allow smaller institutions to choose a “basic”
approach
• Institutions can now plan accordingly. The first big
question is whether - and when – to adopt IRB
• But focus is now shifting to a second key consideration –
what plans to make in relation to “Pillar 2” risks
2
- Main objectives of Pillar 2
• Ensure that banks have adequate capital to support
all the material risks in their business
⇒More comprehensive recognition of risk, including
risks not covered (e.g. interest rate risk in the banking
book) or not adequately covered (e.g. credit
concentration risk) under Pillar 1
• Encourage banks to develop and use better risk
management techniques
⇒Focus on banks’ capital planning and risk
management capabilities (not just on setting of
capital)
3
- Four Pillar 2 Principles
• Principle 1 : Banks should have a process for assessing their
overall capital adequacy in relation to their risk profile and a
strategy for maintaining their capital levels (i.e. CAAP)
• Principle 2 : Supervisors should review and evaluate banks’
internal capital adequacy assessments and strategies
• Principle 3 : Supervisors should expect banks to operate
above the minimum regulatory capital ratios and should have
the ability to require so
• Principle 4 : Supervisors should seek to intervene at early
stage to prevent capital from falling below the minimum levels
required to support the risk characteristics of a particular bank
4
- Principle 1
• Banks should have a process for assessing their overall
capital adequacy in relation to their risk profile and a
strategy for maintaining their capital levels
• Banks must be able to demonstrate that chosen internal capital
targets are well founded and that these targets are consistent with
their overall risk profile and current operating environment. In
assessing capital adequacy, bank management needs to be
mindful of the particular stage of the business cycle in which the
bank is operating. Rigorous, forward-looking stress testing that
identifies possible events or changes in market conditions that
could adversely impact the bank should be performed. Bank
management clearly bears primary responsibility for ensuring
that the bank has adequate capital to support its risks
5
- The five main features of a rigorous process
for assessing capital adequacy
• Board and senior management oversight
• Sound capital assessment
• Comprehensive assessment of risks
• Monitoring and reporting
• Internal control review
6
- Fundamental elements of sound capital
assessment
• Policies and procedures designed to ensure that the bank
identifies, measures, and reports all material risks
• A process that relates capital to the level of risk
• A process that states capital adequacy goals with respect to
risk, taking account of the bank’s strategic focus and business
plan
• A process of internal controls, reviews and audit to ensure the
integrity of the overall management process
7
- Existing supervisory framework
Risk-based Process for setting
CAMEL rating system
supervision minimum CAR
To assess AIs' overall To assess AIs' overall To determine minimum
safety and soundness risk profile CAR for local AIs
Board and senior
management oversight
Risk management
Management No formal process
system
Comprehensive internal
controls
Inherent risks
Assets Factors for consideration
- CAMEL rating
Liquidity Direction of risk - Risk profile
- Parental support
Capital - Other relevant factors
specific to AI concerned
Earnings
8
COMPOSITE RATING RISK PROFILE MINIMUM CAR
- Enhanced supervisory framework
Process for setting
CAMEL rating system Risk-based supervision
minimum CAR
To assess AIs' overall To assess AIs' overall To determine minimum
safety and soundness risk profile CAR for local AIs
Board and senior Board and senior
management oversight management oversight
Risk management
Risk management system
system
Management Internal control system and
environment
Comprehensive internal
Infrastructure to meet
controls
business needs
Other support systems
Pillar 1 risks
(standardised at 8%)
Assets Inherent risks
Pillar 2 risks
(stress / scenario tests
and peer group comparison
to be incorporated)
Liquidity Direction of risk
Capital Capital adequacy and
capability to withstand
risks (stress and scenario
Earnings tests to be incorporated)
9
COMPOSITE RATING RISK PROFILE MINIMUM CAR
- Inherent Risks - Mapping between Pillars 1 & 2
Eight inhe re nt risks
unde r risk-ba se d Pilla r 1 risks Pilla r 2 risks
supe rvision
- Credit concentration risk
- Counterparty default risk - Portfolio risk (aggressive
expansion / deterioration
Credit risk
- Transaction risk in asset quality etc)
(e.g. through recognition of - Residual risk (from using
CRM) CRM / securitisation etc)
Trading risk arising from
Residual risk (e.g.
adverse mov ements in interest
Market risk vulnerability under stress and
rates, FX security and
,
scenario tests)
commodity prices
Interest rate risk in the trading Interest rate risk in the
Interest rate risk
book banking book
- Funding (cash) liquidity
risk
Liquidity risk
- Asset (market) liquidity
risk
Risk of loss resulting from Residual operational risk
Operational risk inadequate or failed internal (e.g. risk of loss resulting
(including legal risk) processes, people and from low-frequency, high-
systems / from external ev ents impact ev ents)
Risk due to:
- bad / imprudent or
inproperly implemented
Strategic risk business decisions or
strategies
- lack of response to
external changes
(industry, economic or IT)
Risk due to contagion,
negativ publicity or
e
Reputation risk
susceptibility to market 10
rumours
- Pillar 2 factors (1)
• Risks not directly captured under Pillar 1
– Credit concentration risk
– Interest rate risk in the banking book
– Liquidity risk
– Risks arising from portfolio analysis / aggregation (other
than credit concentration risk) – e.g. aggressive credit
expansion, rapid deterioration of asset quality etc.
– Strategic / reputation risks
– Business cycle risk
11
- Pillar 2 factors (2)
• Risks not fully captured under Pillar 1
– Residual operational risk (including legal risk)
– Residual credit risk (e.g. ineffective credit risk mitigation)
– Risks arising from securitisation / complex credit
derivatives (e.g. insufficient risk transfer, market
innovations, etc.)
• Systems and controls
– Risk management system
Policies, procedures and limits for managing inherent
risks
Risk measurement, monitoring and reporting systems /
processes to ensure compliance with established
policies, procedures and limits
12
- Pillar 2 factors (3)
• Systems and controls (cont’d)
– Internal control system and environment
Segregation of duties and responsibilities
Audit and compliance functions
– Infrastructure to meet business needs
IT capability and reliability to support business
initiatives
Competence, sufficiency and stability of key staff
Outsourcing arrangements
– Other support systems
Anti-money laundering system / accounting system
etc.
13
- Pillar 2 factors (4)
• Capital adequacy and capability to withstand risks
– Adequacy and effectiveness of CAAP
– Capital adequacy to meet current and future business needs
and to withstand business cycles and adverse economic
conditions
– Quality of capital
– Access to additional capital, particularly under stressed
situations
– Strength and availability of parental support, where applicable
– Capital contingency plan
14
- Pillar 2 factors (5)
• Corporate governance
– General compliance with corporate governance guidelines
– Risk management knowledge and experience of the board
and senior management
– Awareness of the board and senior management in relation to
risk management and control issues
– Participation and involvement of the board and senior
management in :
risk management processes
risk management development and enhancement
– Responsiveness of the board and senior management to
supervisory concerns in respect of risk management and
control weaknesses
15
- Conclusions
• Planning for Pillar 2 is possibly even more challenging than
for Pillar 1, as it is not simply a matter of choosing between a
limited number of options
• Rather, banks need to raise their awareness of risk and
determine a long-term strategy for improving the
identification, assessment and management of their risk
• While improved risk management should bring its own
rewards, it may also translate into lower regulatory capital
requirements as the regulator’s degree of comfort with the
bank’s risk management practices increases
• Ultimately, a little further down the line, it should be banks
themselves that decide how much capital they need, not
regulators. But the process will have to be highly developed,
systematic, and all-encompassing – quite a challenge 16
nguon tai.lieu . vn