ECB Examines ICAAP Practices of Banks in EU
ECB published report that presents a summary of the analysis conducted on the internal capital adequacy assessment process (ICAAP) practices of a sample of 37 "significant" banks. The analysis underlines areas in which practices of banks appear to be further developed and the areas in which additional work is warranted across banks, as per the ECB opinion. The analysis identified three key improvement areas to allow the ICAAPs to effectively foster continuity of banks: data on which the ICAAP is based, economic ICAAP perspective, and stress testing. In conclusion, ECB encourages banks to accelerate the improvement of their data quality frameworks while taking into account the BCBS 239 principles.
ECB acknowledges that many banks have made a considerable effort toward improving their ICAAPs over recent years and that they have made clear progress. This is reflected in the report by providing examples of good ICAAP practices observed in banks included in the analysis sample. A further observation of the positive developments seen in banks was that some ICAAP areas are broadly established across banks. For instance, all banks in the sample have risk identification processes, produce capital adequacy statements, and conduct stress-testing and capital planning, including adverse scenarios. The analysis also revealed several ICAAP areas that are less developed, all of which meriting attention, as weak practices in those areas could undermine the overall effectiveness of the ICAAPs. The report presents following main conclusions of the analysis in line with the seven principles under the ICAAP guide:
- ICAAP governance—The analysis reveals that, though banks have improved with regard to the format and content of the capital adequacy statement, there is still room for improvement in striking the right balance between comprehensiveness (including factoring in the uncertainties stemming from ICAAP weaknesses) and management body accountability.
- ICAAP integration—It was observed that many banks integrate the ICAAP into their overall management framework, for example, by using their internal limit systems and management reporting. However, weaknesses have been identified with respect to the connection between the ICAAP and other strategic processes such as the internal liquidity adequacy assessment process (ILAAP) as well as the use of the ICAAP for decision-making. Additional areas for improvement are the use of effective and sufficiently granular limit systems and adequately frequent and detailed reports to the management body.
- ICAAP perspectives—With regard to the implementation of the two ICAAP perspectives, room for improvement exists under both the normative as well as the economic perspectives, with attention being needed on the latter perspective. Many banks still either have not fully elaborated their economic perspective or do not explicitly follow a continuity approach under this perspective. Another area where improvement is warranted under both perspectives is the internal definition of minimum capital adequacy thresholds.
- Risk identification—Processes for the identification of material risks are established and regularly performed. For many banks, however, there is room for improvement regarding forward-looking, pro-active risk identification, the use of a “gross approach,” and the concepts used for deciding on materiality with regard to both the scope of material entities and risk types.
- Internal capital—More than half of the banks do not have an elaborated approach for properly defining their internal capital.
- ICAAP risk quantification methodologies—Banks mainly rely on regulatory approaches and on statistical models for quantifying risks under the economic perspective. While most banks do adjust their regulatory methodologies, in a number of cases regulatory methodologies are directly applied without making any adjustments, meaning without tailoring them to the bank’s individual risk profile. There are also some concerns regarding statistical models, as they are only capable of capturing situations that were previously factored into their design and reflected in the input data used. Other issues observed, such as inadequate holding periods applied to market risk positions in combination with insufficient data histories, for example, may lead to a material underestimation of risk. Another issue identified is that many banks need to align their risk quantifications with the different underlying natures of the two ICAAP perspectives and clearly distinguish between balance sheet/profit and loss impacts under the normative perspective and economic value impacts under the economic perspective.
- Stress-testing—On the positive side, all banks are performing internal stress tests that are forward-looking over a sufficiently long time horizon. While internal stress-testing under the normative perspective is well-established, stress-testing is underdeveloped under the economic perspective. The number of scenarios and the frequency of the review and the application of these scenarios are heterogeneous, with a tendency toward applying a few scenarios only. Likewise, the severity level underlying the adverse scenarios appears to be too low, which is also reflected in low levels of common equity tier 1 depletion. Overall, the stress-testing programs at many banks do not seem to foster a well-informed and timely reaction to changes in their risk situation and to upcoming threats, as also triggered by underdeveloped ad hoc stress-testing capabilities and insufficient monitoring of upcoming threats.
Overall, the analysis revealed that several banks do not have elaborated data quality frameworks in place, including data quality controls. Linked to this finding is the analysis outcome that, at many banks, there is no strong connection between their ICAAPs and BCBS 239. Therefore, banks are encouraged to accelerate the improvement of their data quality frameworks and underlying IT infrastructures, by, for example, taking into account the BCBS 239 principles, particularly given that experience shows that material improvements in data quality may take some time.
Related Link: Report (PDF)
Keywords: Europe, EU, Banking, ICAAP, ILAAP, Stress Testing, Regulatory Capital, Governance, BCBS 239, Basel, ECB
Featured Experts

María Cañamero
Skilled market researcher; growth strategist; successful go-to-market campaign developer

Nicolas Degruson
Works with financial institutions, regulatory experts, business analysts, product managers, and software engineers to drive regulatory solutions across the globe.

Patrycja Oleksza
Applies proficiency and knowledge to regulatory capital and reporting analysis and coordinates business and product strategies in the banking technology area
Previous Article
EBA Guidance on Impact of CRR Quick-Fix on Reporting and DisclosuresNext Article
EC Proposes to Amend Rules for Financial BenchmarksRelated Articles
OSFI Discusses Benchmark Rate Transition, Sets Out Work Priorities
The Office of the Superintendent of Financial Institutions (OSFI) published the strategic plan for 2022-2025 and the departmental plan for 2022-23.
EBA Proposes Standards to Support Secondary NPL Markets
The European Banking Authority (EBA) is consulting, until August 31, 2022, on the draft implementing technical standards specifying requirements for the information that sellers of non-performing loans (NPLs) shall provide to prospective buyers.
EU Confirms Agreement on Rules on Cybersecurity and Banking Resolution
The European Council and the Parliament reached an agreement on the revised Directive on security of network and information systems (NIS2 Directive).
EBA Issues Standards for Crowdfunding Service Providers Under ECSPR
The European Banking Authority (EBA) published the final draft regulatory technical standards specifying information that crowdfunding service providers shall provide to investors on the calculation of credit scores and prices of crowdfunding offers.
EU Confirms Agreement on Rules on Cybersecurity and Banking Resolution
The European Securities and Markets Authority (ESMA) published a paper that examines the systemic risk posed by increasing use of cloud services, along with the potential policy options to mitigate this risk.
EC Consults on PSD2 and Open Finance; EU Reaches Agreement on DORA
The European Commission (EC) published a public consultation on the review of revised payment services directive (PSD2) and open finance.
EC Mandates ESAs to Propose Amendments to SFDR Technical Standards
The European Commission (EC) has issued two letters mandating the European Supervisory Authorities (ESAs) to jointly propose amendments to the regulatory technical standards under Sustainable Finance Disclosure Regulation or SFDR.
EBA Examines Supervisory Practices, Issues Deposits Reporting Template
The European Banking Authority (EBA) published its annual report on convergence of supervisory practices for 2021. Additionally, following a request from the European Commission (EC),
US Agency Publications Address Basel, Reporting, and CECL Developments
The Farm Credit Administration published, in the Federal Register, the final rule on implementation of the Current Expected Credit Losses (CECL) methodology for allowances
SEC Extends Comment Period on Climate Risk Disclosures
The U.S. Securities and Exchange Commission (SEC) looks set to intensify focus on crypto-assets and cyber risk and extended the comment period on the proposed rules to enhance and standardize climate-related disclosures for investors.