ECB Examines ICAAP Practices of Banks in EU

ECB acknowledges that many banks have made a considerable effort toward improving their ICAAPs over recent years and that they have made clear progress. This is reflected in the report by providing examples of good ICAAP practices observed in banks included in the analysis sample. A further observation of the positive developments seen in banks was that some ICAAP areas are broadly established across banks. For instance, all banks in the sample have risk identification processes, produce capital adequacy statements, and conduct stress-testing and capital planning, including adverse scenarios. The analysis also revealed several ICAAP areas that are less developed, all of which meriting attention, as weak practices in those areas could undermine the overall effectiveness of the ICAAPs. The report presents following main conclusions of the analysis in line with the seven principles under the ICAAP guide:

• ICAAP governance—The analysis reveals that, though banks have improved with regard to the format and content of the capital adequacy statement, there is still room for improvement in striking the right balance between comprehensiveness (including factoring in the uncertainties stemming from ICAAP weaknesses) and management body accountability. 
• ICAAP integration—It was observed that many banks integrate the ICAAP into their overall management framework, for example, by using their internal limit systems and management reporting. However, weaknesses have been identified with respect to the connection between the ICAAP and other strategic processes such as the internal liquidity adequacy assessment process (ILAAP) as well as the use of the ICAAP for decision-making. Additional areas for improvement are the use of effective and sufficiently granular limit systems and adequately frequent and detailed reports to the management body.
• ICAAP perspectives—With regard to the implementation of the two ICAAP perspectives, room for improvement exists under both the normative as well as the economic perspectives, with attention being needed on the latter perspective. Many banks still either have not fully elaborated their economic perspective or do not explicitly follow a continuity approach under this perspective. Another area where improvement is warranted under both perspectives is the internal definition of minimum capital adequacy thresholds. 
• Risk identification—Processes for the identification of material risks are established and regularly performed. For many banks, however, there is room for improvement regarding forward-looking, pro-active risk identification, the use of a “gross approach,” and the concepts used for deciding on materiality with regard to both the scope of material entities and risk types.
• Internal capital—More than half of the banks do not have an elaborated approach for properly defining their internal capital. 
• ICAAP risk quantification methodologies—Banks mainly rely on regulatory approaches and on statistical models for quantifying risks under the economic perspective. While most banks do adjust their regulatory methodologies, in a number of cases regulatory methodologies are directly applied without making any adjustments, meaning without tailoring them to the bank’s individual risk profile. There are also some concerns regarding statistical models, as they are only capable of capturing situations that were previously factored into their design and reflected in the input data used. Other issues observed, such as inadequate holding periods applied to market risk positions in combination with insufficient data histories, for example, may lead to a material underestimation of risk. Another issue identified is that many banks need to align their risk quantifications with the different underlying natures of the two ICAAP perspectives and clearly distinguish between balance sheet/profit and loss impacts under the normative perspective and economic value impacts under the economic perspective. 
• Stress-testing—On the positive side, all banks are performing internal stress tests that are forward-looking over a sufficiently long time horizon. While internal stress-testing under the normative perspective is well-established, stress-testing is underdeveloped under the economic perspective. The number of scenarios and the frequency of the review and the application of these scenarios are heterogeneous, with a tendency toward applying a few scenarios only. Likewise, the severity level underlying the adverse scenarios appears to be too low, which is also reflected in low levels of common equity tier 1 depletion. Overall, the stress-testing programs at many banks do not seem to foster a well-informed and timely reaction to changes in their risk situation and to upcoming threats, as also triggered by underdeveloped ad hoc stress-testing capabilities and insufficient monitoring of upcoming threats.

Overall, the analysis revealed that several banks do not have elaborated data quality frameworks in place, including data quality controls. Linked to this finding is the analysis outcome that, at many banks, there is no strong connection between their ICAAPs and BCBS 239. Therefore, banks are encouraged to accelerate the improvement of their data quality frameworks and underlying IT infrastructures, by, for example, taking into account the BCBS 239 principles, particularly given that experience shows that material improvements in data quality may take some time.

Related Link: Report (PDF)

Keywords: Europe, EU, Banking, ICAAP, ILAAP, Stress Testing, Regulatory Capital, Governance, BCBS 239, Basel, ECB