Originally published by Intelligent Risk in February 2012
Although the concept of stress testing has been around since the early 1990s, its use by regulators and bank management took on renewed urgency after the collapse of Lehman Bros in 2008.
Stress tests increased in both scope and importance each time they were used throughout the global financial crisis, a trend that is likely to continue. To better understand stress testing practices, Moody’s Analytics surveyed 42 financial institutions in Europe during the summer of 2011. Moody’s Analytics analyzed the results to identify common patterns and practices and mapped the findings to a seven-step process to create a “Best Practice” perspective. Our findings are summarized in the chart provided, which also identifies key activities, outputs and frequencies. We provide related observations on each step below.
Regulators began using use stress tests in response to shortcomings in banks’ risk management practices and to increase their visibility into the global banking system at the systemic as well as institutional level. Looking forward, the European Banking Authority (EBA) will require annual stress tests from the largest European banks. In the US, the Federal Reserve Board issued a final rule in late November requiring U.S. bank holding companies with consolidated assets of $50 billion or more to submit annual capital plans for review.
Driven by these new regulatory requirements banks have invested significant resources to develop and implement stress test frameworks. Observed practices range from simple sensitivity tests of individual risk factors to complex macro-economic scenarios applied to multiple risk categories. The differences are driven both by the size of the organization and its business composition, but generally map to the following seven steps.
STRESS TESTING PROCESS
Step 1: Define scope and governance
Organizational silos, still dominant at many banks, make efficient enterprise-wide stress testing an ongoing challenge. However, banks with strong stress-testing practices share some common characteristics. Key among these are establishing dedicated teams tasked with defining objectives and governance guidelines and ensuring proper coordination among the business, risk and finance departments. Respondents indicated that such teams ranged in size from 3 to 20 people (based on bank size). Some such teams report to the Chief Risk Officer (CRO), others to the Chief Financial Officer (CFO); in both structures a direct relationship to the board is critical.
Step 2: Define scenarios using a multidisciplinary approach
Many banks use committees to define and review stress scenarios and to reinforce participation across the institutional boundaries. Some organisations have created departments focused on the sole task of developing and managing enterprise stress testing. Such groups typically use external scenarios (such as macro-economic shocks) as benchmarks that assist in developing specific internal scenarios. We consider this a best practice. Defining scenarios that are useful to business lines as well as the risk and finance functions require effective participation and cooperation of multiple teams and specialists. Additionally, embedding risk culture in decision-making across business units and functions, while essential, remains a challenge for many banks.
Step 3: Data and infrastructure
Institutions continue to struggle with data quality, availability and comprehensiveness despite significant investments in both capabilities and infrastructure in recent years. Legacy systems and silos that developed in the course of Basel II implementation hinder the flexibility required for effective stress- testing. Shifting and uncertain regulatory demands also complicates progress in this area.
Steps 4 & 5: Calculate stressed Key Performance Indicators (KPI’s)
Modelling the impact of macroeconomic scenarios on institutional cash-flows, income or economic capital, for example, requires both significant information and strong understanding of the business drivers. Quantitative measures such as probability of default (PD), exposure at default (EAD) and loss given default (LGD) are of particular interest to top management since they link stress testing directly to performance. Common implementation challenges include lack of internal skills, shortage of relevant resources, time constraints and a dearth of skilled personnel. Best practices identified by Moody’s Analytics include developing internal models using dedicated quantitative teams, using third-party models and services to accelerate the process, decrease internal workloads and fill gaps in key skills and capabilities.
Step 6: Reporting: Invest in efficient tools
Requirements for stress testing come from a variety of external and internal sources. These include national and supranational regulators, the board of directors, various committee and governance structures, as well as business line management. Such requirements will grow and evolve over time, making effective reporting an increasing consumer of both time and resources. Reporting tools that address regulatory requirements that can also be leveraged for business purposes will offer significant benefits and should be considered as best practice. At the same time, the lack of common standards for reporting means the size, degree of detail required and structure of reports will vary widely, so flexibility and the ability to adapt to changing requirements are critical capabilities.
Step 7: Action based on fully engaged senior management
Ultimately, stress testing must be part of the business planning process as well as the institution’s day-to-day risk management practice. Adjustments to asset-liability composition should align with management of concentration risk. Monitoring sensitive limits should provide useful input to risk appetite discussions. Yet 80% of surveyed financial institutions fail to integrate stress testing into the senior decision making process. Best practice in this area remains a work in progress.
In sum, investing in efficient tools, processes and systems should help banks turn what is perceived as a labour intensive, mainly regulatory exercise into an effective tool for business planning and risk management. Easier compliance with regulation and increased transparency in the marketplace should coincide with more confident decision-making.
About the Author
Dr. Christian Thun is a Senior Director responsible for the strategic positioning of Moody’s Analytics in Europe, Middle East and Africa. Over the years, he has held several roles in Moody’s from product development, sales, head of strategic planning and head of consulting services in which he worked with numerous financial institutions on Basel II, risk management and portfolio advisory projects becoming an internationally known expert on credit risk management. Before joining Moody’s in 2002 Mr. Thun was a team leader for the German risk consulting firm Baetge & Partner (an Oliver, Wyman affiliate) and worked in the investment banking and corporate credit division of Dresdner Bank in Frankfurt and London. He holds a PhD in Finance and has been a lecturer at the universities of Augsburg (Germany) and St. Gallen (Switzerland).