OSFI Consults on Operational Risk Capital Data Management Expectations
OSFI published two documents to consult on the management of operational risk capital data for institutions required, or for those applying, to use the Basel III standardized approach for operational risk capital in Canada. The documents set out data maintenance expectations for institutions using the standardized approach for operational risk data and an assessment tool for the operational risk capital data. OSFI also proposed to rescind the existing governance and data maintenance implementation notes for the standardized approach/advanced measurement approach institutions as well as the self-assessment template on implementation of the revised Capital Adequacy Requirements (CAR) guideline in 2023. These would be replaced by the aforementioned proposed data maintenance expectations and the related assessment tool. The comment period for this consultation ends on July 30, 2021.
The document on data maintenance expectations outlines data management principles that OSFI expects institutions using the standardized approach to adhere to, which include the BCBS principles for effective risk data integration and risk data reporting. These principles include governance, data architecture and IT infrastructure, accuracy and integrity, completeness, timeliness, adaptability, accuracy, comprehensiveness, clarity and usefulness, frequency, and distribution. In addition, OSFI expects that data used in the calculation of operational risk capital institutions will have:
- Documentation outlining the end-to-end systems and data flows, including key controls for critical failure points, to support the data management processes required to calculate operational risk capital
- Established policies and documented procedures for the storage, retention, and archiving, including, where applicable, the procedures for logical/physical deletion of loss data and destruction of data storage media and peripherals
- Processes to maintain backups of relevant data files/stores and databases in a manner that can facilitate ready retrieval in the event of information calls on the institutions’ compliance and ongoing supervisory assessments
- Processes to ensure that the electronic versions of all relevant data are accessible in a format that provides flexibility to enable searching, aggregation and reporting
These criteria should be used in assessing, both initially and on an ongoing basis, an institution’s data used in the calculation of operational risk capital. OSFI will consider the institution’s risk profile and complexity when assessing its compliance with these criteria. Additional details on the OSFI expectations can be found in the assessment tool. The assessment tool summarizes the detailed expectations based on Chapter 3 of the draft CAR guideline, Aggregation and Risk Reporting (RDARR) principles, and the data maintenance expectations. Together, the data maintenance expectations and assessment tool aim to ensure that institutions effectively manage the current and historical operational risk capital data.
In this context, OSFI has reviewed the existing implementation notes and self-assessment templates for institutions using standardized approach/advanced measurement approach, in light of the new requirements for the Basel III standardized approach. The regulator found that many of the qualifying requirements for standardized approach/advanced measurement approach (for example: scenario analysis, external data, business environment, and internal control factors) are not part of the new standardized approach, which uses internal operational loss data as a direct input as part of the capital charge calculation. Moreover, many of the operational risk management expectations found in the implementation notes have been updated and incorporated into other Basel standards as well as OSFI guidance (for example, Guideline E-21 on operational risk management and the corporate governance guideline). Thus, OSFI is proposing to rescind the existing governance and data maintenance implementation notes for the standardized approach/advanced measurement approach institutions as well as the self-assessment template, upon implementation of the revised Capital Adequacy Requirements guideline in 2023.
Related Links
Comment Due Date: July 30, 2021
Keywords: Americas, Canada, Banking, Operational Risk, CAR Guideline, Standardized Approach, Reporting, Basel, Regulatory Capital, Data Assessment Tool, OSFI
Featured Experts
María Cañamero
Skilled market researcher; growth strategist; successful go-to-market campaign developer
Nicolas Degruson
Works with financial institutions, regulatory experts, business analysts, product managers, and software engineers to drive regulatory solutions across the globe.
Patrycja Oleksza
Applies proficiency and knowledge to regulatory capital and reporting analysis and coordinates business and product strategies in the banking technology area
Previous Article
NGFS on Addressing Financial Stability Issues from Biodiversity LossRelated Articles
BIS and Central Banks Experiment with GenAI to Assess Climate Risks
A recent report from the Bank for International Settlements (BIS) Innovation Hub details Project Gaia, a collaboration between the BIS Innovation Hub Eurosystem Center and certain central banks in Europe
Nearly 25% G-SIBs Commit to Adopting TNFD Nature-Related Disclosures
Nature-related risks are increasing in severity and frequency, affecting businesses, capital providers, financial systems, and economies.
Singapore to Mandate Climate Disclosures from FY2025
Singapore recently took a significant step toward turning climate ambition into action, with the introduction of mandatory climate-related disclosures for listed and large non-listed companies
SEC Finalizes Climate-Related Disclosures Rule
The U.S. Securities and Exchange Commission (SEC) has finalized the long-awaited rule that mandates climate-related disclosures for domestic and foreign publicly listed companies in the U.S.
EBA Proposes Standards Related to Standardized Credit Risk Approach
The European Banking Authority (EBA) has been taking significant steps toward implementing the Basel III framework and strengthening the regulatory framework for credit institutions in the EU
US Regulators Release Stress Test Scenarios for Banks
The U.S. regulators recently released baseline and severely adverse scenarios, along with other details, for stress testing the banks in 2024. The relevant U.S. banking regulators are the Federal Reserve Bank (FED), the Federal Deposit Insurance Corporation (FDIC), and the Office of the Comptroller of the Currency (OCC).
Asian Governments Aim for Interoperability in AI Governance Frameworks
The regulatory landscape for artificial intelligence (AI), including the generative kind, is evolving rapidly, with governments and regulators aiming to address the challenges and opportunities presented by this transformative technology.
EBA Proposes Operational Risk Standards Under Final Basel III Package
The European Union (EU) has been working on the final elements of Basel III standards, with endorsement of the Banking Package and the publication of the European Banking Authority (EBA) roadmap on Basel III implementation in December 2023.
EFRAG Proposes XBRL Taxonomy and Standard for Listed SMEs Under ESRS
The European Financial Reporting Advisory Group (EFRAG), which plays a crucial role in shaping corporate reporting standards in European Union (EU), is seeking comments, until May 21, 2024, on the Exposure Draft ESRS for listed SMEs.
ECB to Expand Climate Change Work in 2024-2025
Banking regulators worldwide are increasingly focusing on addressing, monitoring, and supervising the institutions' exposure to climate and environmental risks.