The Office of the Comptroller of the Currency (OCC) is seeking, until June 30, 2022, comments on the renewal of the information collection on the market risk capital rule. Comments are also being sought, on behalf of the US Agencies, for the renewal of the information collection titled “FFIEC Cybersecurity Assessment Tool,” for which the comment period ends on August 01, 2022; here, the US Agencies being referred to are the Board of Governors of the Federal Reserve System (FED), the Federal Deposit Insurance Corporation (FDIC), and the National Credit Union Administration (NCUA).
The information collection on market risk capital rule (12 CFR part 3, subpart F) applies to national banks and federal savings associations with significant exposure to market risk; this includes the national banks and federal savings associations with aggregate trading assets and trading liabilities equal to 10% or more of the quarter-end total assets, or USD 1 billion or more. The rule captures positions for which the market risk capital rule is appropriate, reduces procyclicality in market risk capital requirements, enhances risk-sensitivity of OCC's capital requirements by measuring risks that are not adequately captured under the requirements for credit risk;, and increases transparency through enhanced disclosures. The rule enhances risk-sensitivity and includes requirements for the public disclosure of certain qualitative and quantitative information about the market risk of national banks and federal savings associations. This information collection is necessary to ensure capital adequacy appropriate for the level of market risk. The estimated number of respondents for the information collection is 19.
The information collection on cybersecurity assessment necessitates a financial institution to identify its inherent cyber risk profile based on technologies and connection types, delivery channels, online or mobile products and technology services, organizational characteristics, and cyber threats it is likely to face. Once a financial institution identifies its inherent cyber risk profile, it can use the Assessment's maturity matrix to evaluate its level of cybersecurity preparedness based on its cyber risk management and oversight, threat intelligence and collaboration, cybersecurity controls, external dependency management, and cyber incident management and resiliency planning. A financial institution may use the matrix's maturity levels to identify opportunities for improving its cyber risk management based on its inherent risk profile. The Assessment also enables a financial institution to rapidly identify areas that could improve the financial institution's cyber response programs, as appropriate. Use of the Assessment by financial institutions is voluntary. OCC is requesting comments on renewal of this information collection, which was developed by the US Agencies, along with the other the Federal Financial Institutions Examination Council (FFIEC) members, to assist financial institutions of all sizes in assessing their inherent cyber risks and their risk management capabilities.
Keywords: Americas, US, Banking, Market Risk, Information Collection, Basel, Regulatory Capital, Reporting, Regtech, Cyber Risk, OCC, FFIEC, US Agencies
Previous ArticleHKMA Finalizes BCAR 2022, Issues Policy on Operational Resilience
The European Banking Authority (EBA) published its work program for 2023 as well as the technical package for phase 3 of version 3.2 of its reporting framework.
The Board of Governors of the Federal Reserve System (FED) announced a pilot climate scenario analysis exercise for six largest banks in the U.S.
The Bank for International Settlements (BIS) published a paper that studies impact of fintech lending on credit access for small businesses in U.S.
The Prudential Regulation Authority (PRA) issued the policy statement PS8/22 to amend the Own Funds and Eligible Liabilities (CRR) Part of the PRA Rulebook and update the supervisory statement SS7/13 titled "Definition of capital (CRR firms).
The European Banking Authority (EBA) launched the EU-wide transparency exercise for 2022, with results of the exercise expected to be published at the beginning of December, along with the annual Risk Assessment Report.
The Single Resolution Board (SRB) welcomed the adoption of the review of the Capital Requirements Regulation, or CRR, also known as the "CRR quick-fix."
The European Commission (EC) recently adopted the Delegated Regulation 2022/1622, which sets out the regulatory technical standards to specify the countries that constitute advanced economies for the purpose of specifying risk-weights for the sensitivities to equity.
The European Banking Authority (EBA) published the final draft regulatory technical standards specifying and, where relevant, calibrating the minimum performance-related triggers for simple.
The European Central Bank (ECB) is undertaking the integrated reporting framework (IReF) project to integrate statistical requirements for banks into a standardized reporting framework that would be applicable across the euro area and adopted by authorities in other EU member states.
The European Banking Authority (EBA) has been awarded the top European Standard for its environmental performance under the European Eco-Management and Audit Scheme (EMAS).