In this article, we discuss where CCAR and Basel III intersect, with a particular focus on the data, analytics, and reporting layers of a sound CCAR/Basel III IT architecture, and why banks should address both within an integrated platform to meet, and go beyond, regulatory compliance.
On September 24th, 2013, the Federal Reserve Board (FRB) published two interim rules that scheduled the long anticipated rendezvous between the Basel III rules and CCAR / DFAST requirements. For the CCAR institutions, forecasting capital under Basel III rules is required for the next submission in January 2014.1 And while the smaller DFAST banks get a reprieve, it is only until the 2015 submission.2 In the interim, forecasting risk-weighted assets (RWAs) under the Basel III regime is done using systems and processes already in place – many of which rely on spreadsheets and bits of programming code.
Longer term, however, it will be critical to design IT architecture that systematizes the CCAR process, while also addressing the Basel III rules. There are a number of areas where the regulations now overlap. Compliance with both sets of regulations alone is enough of a driving factor toward further automation of each, simultaneously. In the last two years, we have witnessed how the FRB’s objections to, or even conditional approval of, a capital plan can alter even a well-capitalized bank’s ability to distribute capital back to shareholders, while also curtailing any plans for growth in the near-term. While the industry has spent considerable time attempting to “check the compliance box” by focusing on short-term fixes, many have ignored the potential strategic benefits, including capital optimization and organizational efficiencies which, without an integrated IT platform, will be challenging to achieve.
After a period of uncertainty following the recent financial crisis, we now have a much clearer picture of the regulatory landscape, specifically when it comes to capital planning. The instructions for the Comprehensive Capital Analysis and Review (CCAR) and the recently published Final Rule for Basel III implementation from the FRB, provide banks with the green light to accelerate plans to architect systems that address both sets of regulations.3 Across the US, banks are working on automating the CCAR / DFAST process to make it streamlined and auditable and to lessen the burden on their staff. At most institutions, however, automation is in its infancy. Now is the time for those responsible for designing these solutions, whether they are from risk, finance, treasury, information technology, or a centralized stress testing function within the bank, to include both the CCAR and Basel III regulations in their planning and systems implementation. This includes bringing in the data and calculation engines necessary to calculate RWAs, as well as the reporting templates.
Both the CCAR and Basel III regulations begin and end with data and the management of that data. Compliance with both requires banks to compile, clean, and consolidate data from risk and finance systems to effectively facilitate its flow into the various models and reporting templates necessary to complete each exercise. The FRB’s highly anticipated best practice guidance, Capital Planning at Large Bank Holding Companies: Supervisory Expectations and Range of Current Practice published in August 2013, clearly articulates the importance of data to a bank’s management information system (MIS), as it relates to CCAR. In addition, the Basel Committee on Banking Supervision’s paper on Principles for effective risk data aggregation and risk reporting further establishes the vital role that data management plays in the process. Both papers advocate for building systems that can address both stress testing and Basel III.
In their review of Internal Controls at Large BHCs, as described in the aforementioned paper, the FRB details some of the positive practices exhibited by banks with a strong MIS in place for capital planning, including the ability to:
“…address its entire capital planning process, including the risk measurement and management systems used to produce input data, the models, and other techniques used to generate loss and revenue estimates; the aggregation and reporting framework used to produce reports to management and boards; and the process for making capital adequacy decisions.”4
As these capital adequacy decisions will now be based on the Basel III rules, banks can easily interpolate that designing an IT architecture which captures both processes may be looked upon favorably.
The Basel Committee on Banking Supervision’s guidance on data management is even more pointed:
“A bank’s risk data aggregation capabilities should be flexible and adaptable to meet ad hoc data requests, as needed, and to assess emerging risks. Adaptability will enable banks to conduct better risk management, including forecasting information, as well as to support stress testing and scenario analysis.”5
The first step toward achieving each of these best practices is to consolidate multiple risk and finance data sources into one centralized datamart. In many banks that have embarked on this path, a data warehouse, containing a vast number of data elements that are applicable to multiple processes, feeds into a more streamlined datamart for regulatory compliance purposes. This datamart itself contains a data model to which assets and other forms of data are mapped. As a source of foundational data or “golden source of truth,” it must include the granular attributes necessary for both CCAR and Basel III. These attributes include financial data on exposures, netting and collateral agreements, credit, market and operational risk-related parameters, and legal identifiers.
The underlying data used to calculate the CCAR results, along with RWAs, is often similar. This data can be more efficiently validated, and the reports more seamlessly reconciled, if one source of granular data is the foundation for both tasks. Today, such validation tasks are done with a lot of human intervention using largely spreadsheets. The use of a single regulatory compliance datamart can dramatically decrease costs by reducing the number of redundant systems, thereby streamlining the time required to validate one set of data instead of two, as well as to validate each set of data. Down the line, additional time will be saved when reconciling multiple reports from a single data source. Finally, the data model should contain the edit checks necessary to move the process forward with a clean, validated set of data. Once a centralized data source for regulatory capital purposes has been realized, banks can begin to achieve the FRB’s and the BIS’ objectives for strong MIS as it relates to capital planning. Going further, they can shift their main focus away from data management and to the analytics necessary to advance their capital plan.
An integrated risk and finance platform, which addresses both CCAR and Basel III, will need to feature automated processes to calculate both RWAs and the stressed outputs from various models. The models will include those necessary to complete the different components of the CCAR process, including loss estimation, PPNR, ALLL, and NCO. Credit models that drive PDs, LGDs, and EADs for the calculation of RWAs (for those banks utilizing the Advanced Approach), should operate within the same infrastructure, in part, to avoid any potential miscalculation. Ideally, the underlying data layer is consistently utilized for these models, which are then run to produce baseline and stressed metrics. As with the data layer, banks should consider the benefits of including not only the loss estimation and PPNR models necessary for the CCAR exercise, but the automated RWA calculation engines for Basel III as well.
RWA projections now play a more prominent role in the revised CCAR guidelines. Banks will be required to offer more detailed information about the assumptions they use for the projections. The required information will include: income statement projections, components of on and off-balance sheet projections, and the underlying risk attributes of a bank’s exposures. A controlled IT architecture that includes the data, models, and reporting templates to address these requests from the FRB will allow a bank to efficiently comply with regulatory guidance, while freeing resources to handle an advanced analysis for capital planning and stress testing.
Pro-forma RWA calculations are a key component of the capital planning exercise within CCAR. Along with the existing assets on a bank’s current balance sheet, a model that produces RWAs for new business volumes is essential to completing the exercise. These new assets need to apply instrument-level Probability of Default (PD) and Loss Given Default (LGD) measures, along with instrument maturity, to arrive at the proper RWA calculation. A platform that includes RWA calculation engines alongside the bank’s CCAR models, will more seamlessly and accurately produce these EL measures, resulting in a more effective capital planning process. Using an automated framework that produces RWAs on the bank’s existing portfolio, while also being able to stress this output, will also greatly enhance this effort.
The Basel III standardized approach in the US will necessitate a more detailed set of RWA calculations for US Banks. The introduction of the Simplified Supervisory Formula Approach (SSFA) for calculating RWAs for structured securities is one example of how banks will have to develop more precise methods for calculating their capital charges. Credit risk mitigation efforts, allowing for optimization of the bank’s capital base, will also play a more important role. The ability to accurately and efficiently allocate capital eligibility criteria and collateral, as well as to calculate capital deductions, will be of even greater importance as banks look to optimize capital under the new set of rules. This is particularly important in light of the requirements for reporting (and stress testing) at different legal entity levels (a holding company in relation to a bank). Once RWAs are calculated using these and other mitigation techniques, the same set of optimized RWAs can be used within the stress testing exercise as part of ICAAP and CCAR/DFAST. Finally, the rules themselves, some of which are more complex than those introduced through the Basel I standardized approach, will evolve over time. An integrated platform, which can maintain updates to the rules, while allowing for a high level of capital optimization and stress testing, will help banks to more efficiently and effectively manage their capital planning process.
When considering an automated project for capital planning and stress testing, a number of banks are starting with the regulatory reports necessary for the CCAR submission. This top-down approach needs to consider how many of the required reports take into account baseline RWAs, along with projections across the nine-quarter horizon. There will be downstream impacts on how the data and calculation engines will need to come together to accurately populate the templates. CCAR features a number of reports that take Basel III directly into account (see Table 1).
Within the reporting layer, reconciliation is one of the more challenging tasks to overcome. The CCAR reports can be complex and must be reconciled with the FR Y-9C, the FFIEC 031/041, and the FFIEC 101 (Basel). In addition, the FR Y-14Q report, detailing the RWAs for a defined quarter, will be compared to the previous year’s FR Y-14A submission, which shows the RWA forecast that was produced the year before. Any differences in these reports can be highlighted and explained more efficiently, if they are produced from the same platform. Due to the complexities inherent in not only populating the various reporting templates for CCAR with baseline and forecasted RWAs, but also in reconciling a number of the reports with one another, banks should choose a solution which can offer an integrated approach to data, analytics, and regulatory reporting. Such a solution can have added benefits as some institutions are beginning to think about a return on RWA when integrating the budgeting process into the CCAR process.
The days of regulatory uncertainty, as it applies to stress testing and capital planning in the US, are over. Banks can now move from a “fire drill” stage as it relates to the CCAR exercise, to one in which an IT architecture can be enhanced and leveraged to meet multiple regulatory requirements, while also deriving business value in terms of more efficient capital planning and optimization. As financial institutions look to build out the automated infrastructure necessary to support CCAR and Basel III, it will be important to architect the data, analytical, and reporting layers so that they directly support both sets of rules. Once achieved, banks will be able to more efficiently comply with both sets of regulations, utilizing a sustainable, repeatable process that provides a measure of relief for a bank's personnel. The results will also include an accurate and optimized description of the bank's risk profile and capital – in good times and in bad.
1 Covered CCAR institutions include banks with over $50bn in assets, foreign-owned institutions with over $50bn in assets and Systemically Important Financial Institutions (SIFIs.)
2 Smaller DFAST banks are those with more than $10bn and less than $50bn in assets.
3 The Federal Reserve Board, Federal Reserve Board approves final rule to help ensure banks maintain strong capital positions, July 2, 2013. www.federalreserve.gov/bcreg20130702a.pdf
4 The Federal Reserve Board, Capital Planning at Large Bank Holding Companies: Supervisory Expectations and Range of Current Practice, August 2013.
5 Basel Committee on Banking Supervision, Consultative Document: Principles for effective risk data aggregation and risk reporting. Issued for comment by September 28, 2012, retrieved on October 18, 2013.
Senior Director, Manager, Regulatory and Accounting Solutions Team
Anna manages the Regulatory and Accounting Solutions team in the Americas. The team is responsible for solutions structuring, leveraging Moody’s Analytics products and services focusing on impairment, stress testing, capital planning solutions and credit risk management. Her primary focus is on financial institutions.
Explores how North American financial institutions can leverage stress testing regulations to add value to their business, for compliance and beyond.
Previous ArticleModeling the Entire Balance Sheet of a Bank
Next ArticleModeling and Stressing the Interest Rates Swap Curve
Moody’s Analytics Sponsorship: SFIG Vegas 2019
February 24, 2019 WebPage
Moody's Analytics is pleased to be a sponsor and exhibitor at the Opal Summit CLO Conference in Dana Point, California
November 28, 2018 WebPage
In this video, Anna Krayn discusses her observations on how institutions can prepare for CECL implementation, including improvements to technology and processes and conducting quantitative impact studies.
October 2017 WebPage Anna Krayn
What are Some of the Biggest CECL Implementation Challenges You are Observing in the Industry Today?
In this video, Anna Krayn explains the key challenges institutions are facing with data, modeling, governance, and technology due to the new CECL accounting standard.
October 2017 WebPage Anna Krayn
In this presentation, Anna Krayn and Masha Muzyka discuss the importance of accounting for risk differentiation and rank ordering for pass-rated loans, common flaws of risk rating systems and the potential financial impact on ALLL.
In this webinar, Anna Krayn and Masha Muzyka discuss the importance of accounting for risk differentiation and rank ordering for pass-rated loans, common flaws of risk rating systems and the potential financial impact on ALLL.
The FASB's new impairment standards won't take effect until 2020, but institutions should start planning now. This presentation outlines key considerations for early CECL preparation, including: main challenges; expectations of auditors, regulators, and investors; planning in firms of varying sizes; and how to get started.
September 2017 Pdf Anna Krayn