Supervisory qualification to use the advanced approaches is a continuous and iterative process that begins when a bank's board of directors adopts an implementation plan and continues as the bank operates under the advanced approaches. Before a bank may use the advanced approaches for risk-based capital purposes, it must develop and adopt a written implementation plan, establish and maintain a comprehensive and sound planning and governance process to oversee the implementation efforts described in the plan, demonstrate to its primary Federal supervisor that it meets the qualification requirements in section 22 of the proposed rule, and complete a satisfactory "parallel run" (discussed below). A bank's primary Federal supervisor would be responsible, after consultation with other relevant supervisors, for evaluating the bank's initial and ongoing compliance with the qualification requirements for the advanced approaches.
The agencies will jointly issue supervisory guidance describing agency expectations for wholesale, retail, securitization, and equity exposures, as well as for operational risk.22 The agencies recognize that a consistent and transparent process to oversee implementation of the advanced approaches is crucial, and will consult with each other on significant issues raised during the implementation process.
Under the proposed rule, a bank preparing to implement the advanced approaches must adopt a written implementation plan, approved by its board of directors, describing in detail how the bank complies, or intends to comply, with the qualification requirements. A core bank must adopt a plan no later than six months after it meets a threshold criterion in section 1(b)(1) of the proposed rule. If a bank meets a threshold criterion on the effective date of the final rule, the bank would have to adopt a plan within six months of the effective date. Banks that do not meet a threshold criterion, but are nearing any criterion by direct growth or merger, would be expected to engage in ongoing dialogue with their primary Federal supervisor regarding implementation strategies to ensure their readiness to adopt the advanced approaches when a threshold criterion is reached. An opt-in bank may adopt an implementation plan at any time, but must adopt an implementation plan and notify its primary Federal supervisor in writing at least twelve months before it proposes to begin the first floor period (as discussed later in this section of the preamble).
In developing an implementation plan, a bank must assess its current state of readiness relative to the qualification requirements in this proposed rule and related supervisory guidance. This assessment would include a gap analysis that identifies where additional work is needed and a remediation or action plan that clearly sets forth how the bank intends to fill the gaps it has identified. The implementation plan must comprehensively address the qualification requirements for the bank and each of its consolidated subsidiaries (U.S. and foreign-based) with respect to all portfolios and exposures of the bank and each of its consolidated subsidiaries. The implementation plan must justify and support any proposed temporary or permanent exclusion of a business line, portfolio, or exposure from the advanced approaches. The business lines, portfolios, and exposures that the bank proposes to exclude from the advanced approaches must be, in the aggregate, immaterial to the bank. The implementation plan must include objective, measurable milestones (including delivery dates and a date when the bank's implementation of the advanced approaches will be fully operational). For core banks, the implementation plan must include an explicit first floor period start date that is no later than 36 months after the later of the effective date of the rule or the date the bank meets at least one of the threshold criteria.23 Further, the implementation plan must describe the resources that the bank has budgeted and are available to implement the plan.
During implementation of the advanced approaches, a bank would work closely with its primary Federal supervisor to ensure that its risk measurement and management systems are fully functional and reliable and are able to generate risk parameter estimates that can be used to calculate the risk-based capital ratios correctly under the advanced approaches. The implementation plan, including the gap analysis and action plan, will provide a basis for ongoing supervisory dialogue and review during this period. The primary Federal supervisor will assess a bank's progress relative to its implementation plan. To the extent that adjustments to target dates are needed, these adjustments would be made subject to the ongoing supervisory discussion between the bank and its primary Federal supervisor.
Once a bank has adopted its implementation plan, it must complete a satisfactory parallel run before it may use the advanced approaches to calculate its risk-based capital requirements. A satisfactory parallel run is a period of at least four consecutive calendar quarters during which the bank complies with all of the qualification requirements to the satisfaction of its primary Federal supervisor. During this period, the bank would continue to be subject to the general risk-based capital rules but would simultaneously calculate its risk-based capital ratios under the advanced approaches. During the parallel run period, a bank would report its risk-based capital ratios under both the general risk-based capital rules and the advanced approaches to its primary Federal supervisor through the supervisory process on a quarterly basis. The agencies will share this information with each other for calibration and other analytical purposes.
A bank's primary Federal supervisor would notify the bank of the date when it may begin to use the advanced approaches for risk-based capital purposes. A bank would not be permitted to begin using the advanced approaches for risk-based capital purposes until its primary Federal supervisor is satisfied that the bank fully complies with the qualification requirements, the bank has satisfactorily completed a parallel run, and the bank has an adequate process to ensure ongoing compliance with the qualification requirements.
To provide for a smooth transition to the advanced approaches, the proposed rule would impose temporary limits on the amount by which a bank's risk-based capital requirements could decline over a period of at least three years (that is, at least four consecutive calendar quarters in each of the three transitional floor periods). Based on its assessment of the bank's ongoing compliance with the qualification requirements, a bank's primary Federal supervisor would determine when the bank is ready to move from one transitional floor period to the next period and, after the full transition has been completed, to move to stand-alone use of the advanced approaches. Table B sets forth the proposed transitional floor periods for banks moving to the advanced approaches:
|Transitional floor period||Transitional floor percentage|
|First floor period||95 percent|
|Second floor period||90 percent|
|Third floor period||85 percent|
During the transitional floor periods, a bank would calculate its risk-weighted assets under the general risk-based capital rules. Next, the bank would multiply this risk-weighted assets amount by the appropriate floor percentage in the table above. This product would be the bank's "floor-adjusted" risk-weighted assets. Third, the bank would calculate its tier 1 and total risk-based capital ratios using the definitions of tier 1 and tier 2 capital (and associated deductions and adjustments) in the general risk-based capital rules for the numerator values and floor-adjusted risk-weighted assets for the denominator values. These ratios would be referred to as the "floor-adjusted risk-based capital ratios."
The bank also would calculate its tier 1 and total risk-based capital ratios using the definitions and rules in this proposed rule. These ratios would be referred to as the "advanced approaches risk-based capital ratios." In addition, the bank would calculate a tier 1 leverage ratio using tier 1 capital as defined in this proposed rule for the numerator of the ratio.
During a bank's transitional floor periods, the bank would report all five regulatory capital ratios described above two floor-adjusted risk-based capital ratios, two advanced approaches risk-based capital ratios, and one leverage ratio. To determine its applicable capital category for PCA purposes and for all other regulatory and supervisory purposes, a bank's risk-based capital ratios during the transitional floor periods would be set equal to the lower of the respective floor-adjusted risk-based capital ratio and the advanced approaches risk-based capital ratio. During the transitional floor periods, a bank's tier 1 capital and tier 2 capital for all non-risk-based-capital supervisory and regulatory purposes (for example, lending limits and Regulation W quantitative limits) would be the bank's tier 1 capital and tier 2 capital as calculated under the advanced approaches.
Thus, for example, in order to be well capitalized under PCA, a bank would have to have a floor-adjusted tier 1 risk-based capital ratio and an advanced approaches tier 1 risk-based capital ratio of 6 percent or greater, a floor-adjusted total risk-based capital ratio and an advanced approaches total risk-based capital ratio of 10 percent or greater, and a tier 1 leverage ratio of 5 percent or greater (with tier 1 capital calculated under the advanced approaches). Although the PCA rules do not apply to BHCs, a BHC would be required to report all five of these regulatory capital ratios and would have to meet applicable supervisory and regulatory requirements using the lower of the respective floor-adjusted risk-based capital ratio and the advanced approaches risk-based capital ratio.
After a bank completes its transitional floor periods and its primary Federal supervisor determines the bank may begin using the advanced approaches with no further transitional floor, the bank would use its tier 1 and total risk-based capital ratios as calculated under the advanced approaches and its tier 1 leverage ratio calculated using the advanced approaches definition of tier 1 capital for PCA and all other supervisory and regulatory purposes.
The transitional floor calculations described above are linked to the general risk-based capital rules. As noted above, the agencies issued the Basel IA ANPR outlining possible modifications to those rules and are developing an NPR in this regard. The agencies are still considering the extent and nature of these modifications to the general risk-based capital rules and the scope of application of these modifications, including for banks that transition to the advanced approaches. The agencies expect banks that meet the threshold criteria in section 1(b)(1) of the proposed rule (that is, core banks) as of the effective date of the rule, and banks that opt-in pursuant to section 1(b)(2) at the earliest possible date, will use the general risk-based capital rules in place immediately before the rule becomes effective both during the parallel run and as a basis for the transitional floor calculations. Other changes to the general risk-based capital rules (outside the scope of the changes outlined in the Basel IA ANPR) may be considered by the agencies, as appropriate. Question 10: The agencies seek comment on this approach and on how and to what extent future modifications to the general risk-based capital rules should be incorporated into the transitional floor calculations for advanced approaches banks.
Banks' computation of risk-based capital requirements under both the general risk-based capital rules and the advanced approaches will help the agencies assess the impact of the advanced approaches on overall capital requirements, including whether the change in capital requirements relative to the general risk-based capital rules is consistent with the agencies' overall capital objectives. Question 11: The agencies seek comment on what other information should be considered in deciding whether those overall capital goals have been achieved.
The agencies are proposing to make 2008 the first possible year for a bank to conduct its parallel run and 2009-2011 the first possible years for the three transitional floor periods. Question 12: The agencies seek comment on this proposed timetable for implementing the advanced approaches in the United States.
Because the Basel II framework uses banks' estimates of certain key risk parameters to determine risk-based capital requirements, the advanced approaches would introduce greater complexity to the regulatory capital framework and would require banks using the advanced approaches to possess a high level of sophistication in risk measurement and risk management systems. As a result, the agencies propose to require each core or opt-in bank to meet the qualification requirements described in section 22 of the proposed rule to the satisfaction of its primary Federal supervisor for a period of at least four consecutive calendar quarters before using the advanced approaches to calculate its minimum risk-based capital requirements (subject to the transitional floors for at least an additional three years). The qualification requirements are written broadly to accommodate the many ways a bank may design and implement a robust internal credit and operational risk measurement and management system and to permit industry practice to evolve.
Many of the qualification requirements relate to a bank's advanced IRB systems. A bank's advanced IRB systems must incorporate five interdependent components in a framework for evaluating credit risk and measuring regulatory capital:
(i) A risk rating and segmentation system that assigns ratings to individual wholesale obligors and exposures and assigns individual retail exposures to segments;
(ii) A quantification process that translates the risk characteristics of wholesale obligors and exposures and segments of retail exposures into numerical risk parameters that are used as inputs to the IRB risk-based capital formulas;
(iii) An ongoing process that validates the accuracy of the rating assignments, segmentations, and risk parameters;
(iv) A data management and maintenance system that supports the advanced IRB systems; and
(v) Oversight and control mechanisms that ensure the advanced IRB systems are functioning effectively and producing accurate results.
One of the objectives of the proposed framework is to provide appropriate incentives for banks to develop and use better techniques for measuring and managing their risks. The proposed rule specifically requires a bank to have a rigorous process for assessing its overall capital adequacy in relation to its total risk profile and a comprehensive strategy for maintaining appropriate capital levels. Consistent with Pillar 2 of the New Accord, a bank's primary Federal supervisor will evaluate how well the bank is assessing its capital needs relative to its risks and, if deficiencies are identified, will take any necessary action to ensure that appropriate and prudent levels of capital are maintained.
A bank should address all of its material risks in its overall capital assessment process. Although not every risk can be measured precisely, the following risks, at a minimum, should be factored into a bank's capital assessment process: credit risk, market risk, operational risk, interest rate risk in the banking book, liquidity risk, concentration risk, reputational risk, and strategic risk. With regard to interest rate risk in the banking book, the agencies note that for some assets for example, a long-term mortgage loan interest rate risk may be as great as, or greater than, the credit risk of the asset. The agencies will continue to focus attention on exposures where interest rate risk may be significant and will foster sound interest rate risk measurement and management practices across banks. Additionally, because credit risk concentrations can pose substantial risk to a bank that might be managing individual credits in a satisfactory manner, a bank also should give proper attention to such concentrations.
Banks already are required to hold capital sufficient to meet their risk profiles, and existing rules allow Federal supervisors to require a bank to increase its capital if its current capital levels are deficient or some element of its business practices suggests the need for more capital. Existing supervisory guidance directs banks to meaningfully tie the identification, monitoring, and evaluation of risk to the determination of the bank's capital needs. Banks are expected to implement and continually update the fundamental elements of a sound internal capital adequacy analysis identifying and measuring all material risks, setting capital adequacy goals that relate to risk, and assessing conformity to the bank's stated objectives. The agencies expect that all banks operating under the advanced approaches would address specific assumptions embedded in the advanced approaches (such as diversification in credit portfolios), and would evaluate these banks, in part, on their ability to account for deviations from the underlying assumptions in their own portfolios.
As noted, each core or opt-in bank would apply the advanced approaches for risk-based capital purposes at the consolidated top-tier legal entity level (that is, either the top-tier BHC or top-tier DI that is a core or opt-in bank) and at the level of each DI that is a subsidiary of such a top-tier legal entity. Thus, each bank that applies the advanced approaches must have an appropriate infrastructure with risk measurement and management processes that meet the proposed rule's qualification requirements and that are appropriate given the bank's size and level of complexity. Regardless of whether the systems and models that generate the risk parameters necessary for calculating a bank's risk-based capital requirements are located at any affiliate of the bank, each legal entity that applies the advanced approaches must ensure that the risk parameters (that is, PD, ELGD, LGD, EAD, and M) and reference data used to determine its risk-based capital requirements are representative of its own credit and operational risk exposures.
The proposed rule also requires that the systems and processes that an advanced approaches bank uses for risk-based capital purposes must be sufficiently consistent with the bank's internal risk management processes and management information reporting systems such that data from the latter processes and systems can be used to verify the reasonableness of the inputs the bank uses for risk-based capital purposes.
To implement the IRB framework, a bank must have internal risk rating and segmentation systems that accurately and reliably differentiate between degrees of credit risk for wholesale and retail exposures. As described below, wholesale exposures include most credit exposures to companies, sovereigns, and governmental entities, as well as some exposures to individuals. Retail exposures include most credit exposures to individuals and small businesses that are managed as part of a segment of exposures with homogeneous risk characteristics. Together, wholesale and retail exposures cover most credit exposures of banks.
To differentiate among degrees of credit risk, a bank must be able to make meaningful and consistent distinctions among credit exposures along two dimensions default risk and loss severity in the event of a default. In addition, a bank must be able to assign wholesale obligors to rating grades that approximately reflect likelihood of default and must be able to assign wholesale exposures to rating grades (or ELGD and LGD estimates) that approximately reflect the loss severity expected in the event of default. As discussed below, the proposed rule requires banks to treat wholesale exposures differently from retail exposures when differentiating among degrees of credit risk.
For wholesale exposures, a bank must have an internal risk rating system that indicates the likelihood of default of each individual obligor and may use an internal risk rating system that indicates the economic loss rate upon default of each individual exposure.24 A bank would assign an internal risk rating to each wholesale obligor, which should reflect the obligor's PD that is, its long-run average one-year default rate over a reasonable mix of economic conditions. PD is defined in more detail below.
In determining an obligor rating, a bank should consider key obligor attributes, including both quantitative and qualitative factors that could affect the obligor's default risk. From a quantitative perspective, this could include an assessment of the obligor's historic and projected financial performance, trends in key financial performance ratios, financial contingencies, industry risk, and the obligor's position in the industry. On the qualitative side, this could include an assessment of the quality of the obligor's financial reporting, non-financial contingencies (for example, labor problems and environmental issues), and the quality of the obligor's management based on an evaluation of management's ability to make realistic projections, management's track record in meeting projections, and management's ability to effectively deal with changes in the economy and the competitive environment.
A bank must assign each legal entity wholesale obligor to a single rating grade. Accordingly, if a single wholesale exposure of the bank to an obligor triggers the proposed rule's definition of default, all of the bank's wholesale exposures to that obligor are in default for risk-based capital purposes. In addition, a bank may not consider the value of collateral pledged to support a particular wholesale exposure (or any other exposure-specific characteristics) when assigning a rating to the obligor of the exposure, even in the context of nonrecourse loans and other loans underwritten primarily based on the operating income or cash flows from real estate collateral. A bank may, of course, consider all available financial information about the obligor including, where applicable, the total operating income or cash flows from all of the obligor's projects or businesses when assigning an obligor rating. Question13: The agencies seek comment on this aspect of the proposed rule and on any circumstances under which it would be appropriate to assign different obligor ratings to different exposures to the same obligor (for example, income-producing property lending or exposures involving transfer risk).
A bank's rating system must have at least seven discrete (non-overlapping) obligor grades for non-defaulted obligors and at least one obligor grade for defaulted obligors. The agencies believe that because the risk-based capital requirement of a wholesale exposure is directly linked to its obligor rating grade, a bank must have at least seven non-overlapping obligor grades to sufficiently differentiate the creditworthiness of non-defaulted wholesale obligors.
A bank would capture the estimated loss severity upon default for a wholesale exposure either by directly assigning an ELGD and LGD estimate to the exposure or by grouping the exposure with other wholesale exposures into loss severity rating grades (reflecting the bank's estimate of the ELGD or LGD of the exposure). The LGD of an exposure is an estimate of the economic loss rate on the exposure, taking into account related material costs and recoveries, in the event of the obligor's default during a period of economic downturn conditions. LGD is described in more detail below. Whether a bank chooses to assign ELGD and LGD values directly or, alternatively, to assign exposures to rating grades and then quantify the ELGD or LGD, as appropriate, for the rating grades, the key requirement is that the bank must identify exposure characteristics that influence ELGD and LGD. Each of the loss severity rating grades would be associated with an empirically supported ELGD or LGD estimate. Banks employing loss severity grades must have a sufficiently granular loss severity grading system to avoid grouping together exposures with widely ranging ELGDs or LGDs.
To implement the advanced approach for retail exposures, a bank must have an internal system that segments its retail exposures to differentiate accurately and reliably among degrees of credit risk. The most significant difference between the proposed rule's treatment of wholesale and retail exposures is that the risk parameters for retail exposures are not assigned at the individual exposure level. Banks typically manage retail exposures on a segment basis, where each segment contains exposures with similar risk characteristics. Therefore, a key characteristic of the proposed rule's retail framework is that the risk parameters for retail exposures would be assigned to segments of exposures rather than to individual exposures. Under the retail framework, a bank would group its retail exposures into segments with homogeneous risk characteristics and then estimate PD, ELGD, and LGD for each segment.
A bank must first group its retail exposures into three separate subcategories: (i) residential mortgage exposures; (ii) QREs; and (iii) other retail exposures. The bank would then classify the retail exposures in each subcategory into segments to produce a meaningful differentiation of risk. The proposed rule requires banks to segment separately (i) defaulted retail exposures from non-defaulted retail exposures and (ii) retail eligible margin loans for which the bank adjusts EAD rather than ELGD and LGD to reflect the risk mitigating effects of financial collateral from other retail eligible margin loans. Otherwise, the agencies are not proposing to require that banks consider any particular risk drivers or employ any minimum number of segments in any of the three retail subcategories.
In determining how to segment retail exposures within each subcategory for the purpose of assigning risk parameters, a bank should use a segmentation approach that is consistent with its approach for internal risk assessment purposes and that classifies exposures according to predominant risk characteristics or drivers. Examples of risk drivers could include loan-to-value (LTV) ratios, credit scores, loan terms and structure (for example, interest only or payment option adjustable rate mortgages), origination channel, geographical location of the borrower, and collateral type. A bank must be able to demonstrate to its primary Federal supervisor that its system assigns accurate and reliable PD, ELGD, and LGD estimates for each retail segment on a consistent basis.
In the ANPR, the agencies proposed to define default for a wholesale exposure as either or both of the following events: (i) the bank determines that the borrower is unlikely to pay its obligations to the bank in full, without recourse to actions by the bank such as the realization of collateral; or (ii) the borrower is more than 90 days past due on principal or interest on any material obligation to the bank.
A number of commenters encouraged the agencies to use a definition of default that conforms more closely to that used by bank risk managers. Many of these commenters recommended that the agencies define default as the entry into non-accrual status for wholesale exposures and the number of days past due for retail exposures, or as the entry into charge-off status for wholesale and retail exposures. The agencies have amended the ANPR definitions of default to respond to these concerns and recognize that the definition of default in this proposed rule is different from the definitions that are being implemented in other jurisdictions.
Under the proposed rule's definition of default, a bank's wholesale obligor would be in default if, for any credit exposure of the bank to the obligor, the bank has (i) placed the exposure on non-accrual status consistent with the Call Report Instructions or the Thrift Financial Report and the Thrift Financial Report Instruction Manual; (ii) taken a full or partial charge-off or write-down on the exposure due to the distressed financial condition of the obligor; or (iii) incurred a credit-related loss of 5 percent or more of the exposure's initial carrying value in connection with the sale of the exposure or the transfer of the exposure to the held-for-sale, available-for-sale, trading account, or other reporting category. Under the proposed definition, a wholesale exposure to an obligor remains in default until the bank has reasonable assurance of repayment and performance for all contractual principal and interest payments on all exposures of the bank to the obligor (other than exposures that have been fully written-down or charged-off). The agencies would expect a bank to employ standards for determining whether it has a reasonable assurance of repayment and performance that are similar to those for determining whether to restore a loan from non-accrual to accrual status.
When a bank sells a set of wholesale exposures, the bank must examine the sale prices of the individual exposures contained in the set and evaluate whether a credit loss of 5 percent or more of the exposure's initial carrying value has occurred on any given exposure. Write-downs of securities that are not credit-related (for example, a write-down that is due to a change in market interest rates) would not be a default event.
Question 14: The agencies seek comment on this proposed definition of default and on how well it captures substantially all of the circumstances under which a bank could experience a material credit-related economic loss on a wholesale exposure. In particular, the agencies seek comment on the appropriateness of the 5 percent credit loss threshold for exposures sold or transferred between reporting categories. The agencies also seek commenters' views on specific issues raised by applying different definitions of default in multiple national jurisdictions and on ways to minimize potential regulatory burden, including use of the definition of default in the New Accord, keeping in mind that national bank supervisory authorities must adopt default definitions that are appropriate in light of national banking practices and conditions.
In response to comments on the ANPR, the agencies propose to define default for retail exposures according to the timeframes for loss classification that banks generally use for internal purposes and that are embodied in the FFIEC's Uniform Retail Credit Classification and Account Management Policy.25 Specifically, revolving retail exposures and residential mortgages would be in default at 180 days past due; other retail exposures would be in default at 120 days past due. In addition, a retail exposure would be in default if the bank has taken a full or partial charge-off or write-down of principal on the exposure for credit-related reasons. Such an exposure would remain in default until the bank has reasonable assurance of repayment and performance for all contractual principal and interest payments on the exposure.
The proposed definition of default for retail exposures differs from the proposed definition for the wholesale portfolio in several important respects. First, the proposed retail default definition applies on an exposure-by-exposure basis (rather than, as is the case for wholesale exposures, on an obligor-by-obligor basis). In other words, default on one retail exposure would not require a bank to treat all other obligations of the same obligor to the bank as defaulted. This difference reflects the fact that banks generally manage retail credit risk based on segments of similar exposures rather than through the assignment of ratings to particular obligors. In addition, it is quite common for retail borrowers that default on some of their obligations to continue payment on others.
Second, the retail definition of default, unlike the wholesale definition of default, does not include exposures placed on non-accrual status. The agencies recognize that retail non-accrual practices vary considerably among banks. Accordingly, the agencies have determined that removing non-accrual from the retail definition of default would promote greater consistency among banks in the treatment of retail exposures.
In addition, the retail definition of default, unlike the wholesale definition of default, does not explicitly state that an exposure is in default if a bank incurs credit-related losses of 5 percent or more in connection with the sale of the exposure. Because of the large number of diverse retail exposures that banks usually sell in a single transaction, banks typically do not allocate the sales price of a pool of retail exposures in such a way as to enable the bank to calculate the premium or discount on individual retail exposures. Although the proposed rule's definition of retail default does not explicitly include credit-related losses in connection with loan sales, the agencies would expect banks to assess carefully the impact of retail exposure sales in quantifying the risk parameters calculated by the bank for its retained retail exposures.
A bank must explain to its primary Federal supervisor its rating philosophy that is, how the bank's wholesale obligor rating assignments are affected by the bank's choice of the range of economic, business, and industry conditions that are considered in the obligor rating process. The philosophical basis of a bank's ratings system is important because, when combined with the credit quality of individual obligors, it will determine the frequency of obligor rating changes in a changing economic environment. Rating systems that rate obligors based on their ability to perform over a wide range of economic, business, and industry conditions, sometimes described as "through-the-cycle" systems, would tend to have ratings that migrate more slowly as conditions change. Banks that rate obligors based on a more narrow range of likely expected conditions (primarily on recent conditions), sometimes called "point-in-time" systems, would tend to have ratings that migrate more frequently. Many banks will rate obligors using an approach that considers a combination of the current conditions and a wider range of other likely conditions. In any case, the bank would need to specify the rating philosophy used and establish a policy for the migration of obligors from one rating grade to another in response to economic cycles. A bank should understand the effects of ratings migration on its risk-based capital requirements and ensure that sufficient capital is maintained during all phases of the economic cycle.
A bank must have a policy that ensures that each wholesale obligor rating and (if applicable) wholesale exposure loss severity rating reflects current information. A bank's internal risk rating system for wholesale exposures must provide for the review and update (as appropriate) of each obligor rating and (if applicable) loss severity rating whenever the bank receives new material information, but no less frequently than annually. A bank's retail exposure segmentation system must provide for the review and update (as appropriate) of assignments of retail exposures to segments whenever the bank receives new material information, but no less frequently than quarterly.
A bank must have a comprehensive risk parameter quantification process that produces accurate, timely, and reliable estimates of the risk parameters PD, ELGD, LGD, EAD, and (for wholesale exposures) M for its wholesale obligors and exposures and retail exposures. Statistical methods and models used to develop risk parameter estimates, as well as any adjustments to the estimates or empirical default data, should be transparent, well supported, and documented. The following sections of the preamble discuss the proposed rule's definitions of the risk parameters for wholesale and retail exposures.
As noted above, under the proposed rule, a bank must assign each of its wholesale obligors to an internal rating grade and then must associate a PD with each rating grade. PD for a wholesale exposure to a non-defaulted obligor would be the bank's empirically based best estimate of the long-run average of one-year default rates for the rating grade assigned by the bank to the obligor, capturing the average default experience for obligors in the rating grade over a mix of economic conditions (including economic downturn conditions) sufficient to provide a reasonable estimate of the average one-year default rate over the economic cycle for the rating grade. This estimate of the long-run average PD is converted into an estimate of PD under economic downturn conditions as part of the IRB risk-based capital formulas.
In addition, under the proposed rule, a bank must assign a PD to each segment of retail exposures. The proposed rule provides two different definitions of the PD of a segment of non-defaulted retail exposures based on the materiality of seasoning effects for the segment or for the segment's retail exposure subcategory. Some types of retail exposures display a distinct seasoning pattern that is, the exposures have relatively low default rates in their first year, rising default rates in the next few years, and declining default rates for the remainder of their terms. A bank must use a separate definition of PD that addresses seasoning effects for a segment of non-defaulted retail exposures unless the bank has determined that seasoning effects are not material for the segment or for the segment's entire retail exposure subcategory.
The proposed rule provides a definition of PD for segments of non-defaulted retail exposures where seasoning is not a material consideration that tracks closely the wholesale PD definition. Specifically, PD for a segment of non-defaulted retail exposures for which seasoning effects are not material, or for a segment of non-defaulted retail exposures in a retail exposure subcategory for which seasoning effects are not material, would be the bank's empirically based best estimate of the long-run average of one-year default rates for the exposures in the segment, capturing the average default experience for exposures in the segment over a mix of economic conditions (including economic downturn conditions) sufficient to provide a reasonable estimate of the average one-year default rate over the economic cycle for the segment. Banks that use this PD formulation for a segment of retail exposures should be able to demonstrate to their primary Federal supervisor, using empirical data, why seasoning effects are not material for the segment or the retail exposure subcategory in which the segment resides.
Because of the one-year IRB horizon, the agencies are proposing a different PD definition for retail segments with material seasoning effects. Under the proposed rule, PD for a segment of non-defaulted retail exposures for which seasoning effects are material would be the bank's empirically based best estimate of the annualized cumulative default rate over the expected remaining life of exposures in the segment, capturing the average default experience for exposures in the segment over a mix of economic conditions (including economic downturn conditions) to provide a reasonable estimate of the average performance over the economic cycle for the segment. A bank's PD estimates for these retail segments with material seasoning effects also should reflect potential changes in the expected remaining life of exposures in the segment over the economic cycle.
For wholesale exposures to defaulted obligors and for segments of defaulted retail exposures, PD would be 100 percent.
Under the proposed rule, a bank must directly estimate an ELGD and LGD risk parameter for each wholesale exposure or must assign each wholesale exposure to an expected loss severity grade and a downturn loss severity grade, estimate an ELGD risk parameter for each expected loss severity grade, and estimate an LGD risk parameter for each loss severity grade. In addition, a bank must estimate an ELGD and LGD risk parameter for each segment of retail exposures. The same ELGD and LGD may be appropriate for more than one retail segment.
LGD is an estimate of the economic loss that would be incurred on an exposure, relative to the exposure's EAD, if the exposure were to default within a one-year horizon during economic downturn conditions. The economic loss amount must capture all material credit-related losses on the exposure (including accrued but unpaid interest or fees, losses on the sale of repossessed collateral, direct workout costs, and an appropriate allocation of indirect workout costs). Where positive or negative cash flows on a wholesale exposure to a defaulted obligor or on a defaulted retail exposure (including proceeds from the sale of collateral, workout costs, and draw-downs of unused credit lines) occur after the date of default, the economic loss amount must reflect the net present value of cash flows as of the default date using a discount rate appropriate to the risk of the exposure.
The LGD of some exposures may be substantially higher during economic downturn conditions than during other periods, while for other types of exposures it may not. Accordingly, the proposed rule requires banks to use an LGD estimate that reflects economic downturn conditions for purposes of calculating the risk-based capital requirements for wholesale exposures and retail segments; however, the LGD of an exposure may never be less than the exposure's ELGD. More specifically, banks must produce for each wholesale exposure (or downturn loss severity rating grade) and retail segment an estimate of the economic loss per dollar of EAD that the bank would expect to incur if default were to occur within a one-year horizon during economic downturn conditions. The estimate of LGD can be thought of as the ELGD plus an increase if appropriate to reflect the impact of economic downturn conditions.
For the purpose of defining economic downturn conditions, the proposed rule identifies two wholesale exposure subcategories high-volatility commercial real estate (HVCRE) wholesale exposures and non-HVCRE wholesale exposures (that is, all wholesale exposures that are not HVCRE exposures) and three retail exposure subcategories residential mortgage exposures, QREs, and other retail exposures. The proposed rule defines economic downturn conditions with respect to an exposure as those conditions in which the aggregate default rates for the exposure's entire wholesale or retail subcategory held by the bank (or subdivision of such subcategory selected by the bank) in the exposure's national jurisdiction (or subdivision of such jurisdiction selected by the bank) are significantly higher than average.
Under this approach, a bank with a geographical or industry sector concentration in a subcategory of exposures may find that information relating to a downturn in that geographical region or industry sector may be more relevant for the bank than a general downturn affecting many regions or industries. At this time, however, the proposed rule does not require a bank with a geographical, industry sector, or other concentration to subdivide exposure subcategories or national jurisdictions to reflect such concentrations; rather, the proposed rule allows banks to subdivide exposure subcategories or national jurisdictions as they deem appropriate given the exposures held by the bank. The agencies understand that downturns in particular geographical subdivisions of national jurisdictions or in particular industrial sectors may result in significantly increased loss rates in material subdivisions of a bank's exposures in an exposure subcategory. Question 15: In light of the possibility of significantly increased loss rates at the subdivision level due to downturn conditions in the subdivision, the agencies seek comment on whether to require banks to determine economic downturn conditions at a more granular level than an entire wholesale or retail exposure subcategory in a national jurisdiction.
The proposed rule provides banks two methods of generating LGD estimates for wholesale and retail exposures. First, a bank may use its own estimates of LGD for a subcategory of exposures if the bank has prior written approval from its primary Federal supervisor to use internal estimates for that subcategory of exposures. In approving a bank's use of internal estimates of LGD, a bank's primary Federal supervisor will consider whether the bank's internal estimates of LGD are reliable and sufficiently reflective of economic downturn conditions. The supervisor will also consider whether the bank has rigorous and well-documented policies and procedures for identifying economic downturn conditions for the exposure subcategory, identifying material adverse correlations between the relevant drivers of default rates and loss rates given default, and incorporating identified correlations into internal LGD estimates. If a bank has supervisory approval to use its own estimates of LGD for an exposure subcategory, it must use its own estimates of LGD for all exposures within that subcategory.
As noted above, the LGD of an exposure or segment may never be less than the ELGD of that exposure or segment. The proposed rule defines the ELGD of a wholesale exposure as the bank's empirically-based best estimate of the default-weighted average economic loss per dollar of EAD the bank expects to incur in the event that the obligor of the exposure (or a typical obligor in the loss severity grade assigned by the bank to the exposure) defaults within a one-year horizon.26 For a segment of retail exposures, ELGD is the bank's empirically-based best estimate of the default-weighted average economic loss per dollar of EAD the bank expects to incur on exposures in the segment that default within a one-year horizon. ELGD estimates must incorporate a mix of economic conditions (including economic downturn conditions). For example, given appropriate data, the ELGD could be estimated by calculating the default-weighted average economic loss per dollar of EAD given default for exposures in a particular loss severity grade or segment observed over a complete credit cycle.
As an alternative to internal estimates of LGD, the proposed rule provides a supervisory mapping function for converting ELGD into LGD for risk-based capital purposes. Although the agencies encourage banks to develop internal LGD estimates, the agencies are aware that it may be difficult at this time and in the near future for banks to produce internal estimates of LGD that are sufficient for risk-based capital purposes because LGD data for important portfolios may be sparse, and there is very limited industry experience with incorporating downturn conditions into LGD estimates. Accordingly, under the proposed rule, a bank that does not qualify for use of its own estimates of LGD for a subcategory of exposures must instead compute LGD by applying a supervisory mapping function to its internal estimates of ELGD for such exposures. The bank would adjust its ELGDs upward to LGDs using the linear supervisory mapping function: LGD = 0.08 + 0.92 × ELGD. Under this mapping function, for example, an ELGD of 0 percent is converted to an LGD of 8 percent, an ELGD of 20 percent is converted to an LGD of 26.4 percent, and an ELGD of 50 percent is converted to an LGD of 54 percent. A bank would not have to apply the supervisory mapping function to repo-style transactions, eligible margin loans, and OTC derivative contracts (defined below in section V.C. of the preamble). For these exposures, the agencies believe that the difference between a bank's estimate of LGD and its estimate of ELGD is likely to be small. Instead a bank would set LGD equal to ELGD for these exposures.
As noted, the proposed rule would permit a bank to use the supervisory mapping function to translate ELGDs to LGDs and would only permit a bank to use its own estimates of LGD for an exposure subcategory if the bank has received prior written approval from its primary Federal supervisor. The agencies also are considering whether to require every bank, as a condition to qualifying for use of the advanced approaches, to be able to produce credible and reliable internal estimates of LGD for all its wholesale and retail exposures. Under this stricter approach, a bank that is unable to demonstrate to its primary Federal supervisor that it could produce credible and reliable internal estimates of LGD would not be permitted to use the advanced approaches.
Question 16: The agencies seek comment on and supporting empirical analysis of (i) the proposed rule's definitions of LGD and ELGD; (ii) the proposed rule's overall approach to LGD estimation; (iii) the appropriateness of requiring a bank to produce credible and reliable internal estimates of LGD for all its wholesale and retail exposures as a precondition for using the advanced approaches; (iv) the appropriateness of requiring all banks to use a supervisory mapping function, rather than internal estimates, for estimating LGDs, due to limited data availability and lack of industry experience with incorporating economic downturn conditions in LGD estimates; (v) the appropriateness of the proposed supervisory mapping function for translating ELGD into LGD for all portfolios of exposures and possible alternative supervisory mapping functions; (vi) exposures for which no mapping function would be appropriate; and (vii) exposures for which a more lenient (that is, producing a lower LGD for a given ELGD) or more strict (that is, producing a higher LGD for a given ELGD) mapping function may be appropriate (for example, residential mortgage exposures and HVCRE exposures).
The agencies are concerned that some approaches to ELGD or LGD quantification could produce estimates that are pro-cyclical, particularly if these estimates are based on economic indicators, such as frequently updated loan-to-value (LTV) ratios, that are highly sensitive to current economic conditions. Question 17: The agencies seek comment on the extent to which ELGD or LGD estimates under the proposed rule would be pro-cyclical, particularly for longer-term secured exposures. The agencies also seek comment on alternative approaches to measuring ELGDs or LGDs that would address concerns regarding potential pro-cyclicality without imposing undue burden on banks.
This proposed rule incorporates comments on the ANPR suggesting a need to better accommodate certain credit products, most prominently asset-based lending programs, whose structures typically result in a bank recovering substantial amounts of the exposure prior to the default date for example, through paydowns of outstanding principal. The agencies believe that actions taken prior to default to mitigate losses are an important component of a bank's overall credit risk management, and that such actions should be reflected in ELGD and LGD when banks can quantify their effectiveness in a reliable manner. In the proposed rule, this is achieved by measuring ELGD and LGD relative to the exposure's EAD (defined in the next section) as opposed to the amount actually owed at default.27
In practice, the agencies would expect methods for estimating ELGD and LGD, and the way those methods reflect changes in exposure during the period prior to default, to be consistent with other aspects of the proposed rule. For example, a default horizon that is longer than one year could result in lower estimates of economic loss due to greater contractual amortization prior to default, or a greater likelihood that covenants would enable a bank to accelerate paydowns of principal as the condition of an obligor deteriorates, but such long horizons could be inconsistent with the one-year default horizon incorporated in other aspects of this proposed rule, such as the quantification of PD.
The agencies intend to limit recognition of the impact on ELGD and LGD of pre-default paydowns to certain types of exposures where the pattern is common, measurable, and especially significant, as with various types of asset-based lending. In addition, not all paydowns during the period prior to default warrant recognition as part of the recovery process. For example, a pre-default reduction in the outstanding amount on one exposure may simply reflect a refinancing by the obligor with the bank, with no reduction in the bank's total exposure to the obligor. Question 18: The agencies seek comment on the feasibility of recognizing such pre-default changes in exposure in a way that is consistent with the safety and soundness objectives of this proposed rule. The agencies also seek comment on appropriate restrictions to place on any such recognition to ensure that the results are not counter to the objectives of this proposal to ensure adequate capital within a more risk-sensitive capital framework. In addition, the agencies seek comment on whether, for wholesale exposures, allowing ELGD and LGD to reflect anticipated future contractual paydowns prior to default may be inconsistent with the proposed rule's imposition of a one-year floor on M (for certain types of exposures) or may lead to some double-counting of the risk-mitigating benefits of shorter maturities for exposures not subject to this floor.
Except as noted below, EAD for the on-balance sheet component of a wholesale or retail exposure means (i) the bank's carrying value for the exposure (including net accrued but unpaid interest and fees)28 less any allocated transfer risk reserve for the exposure, if the exposure is held-to-maturity or for trading; or (ii) the bank's carrying value for the exposure (including net accrued but unpaid interest and fees) less any allocated transfer risk reserve for the exposure and any unrealized gains on the exposure, plus any unrealized losses on the exposure, if the exposure is available-for-sale. For the off-balance sheet component of a wholesale or retail exposure (other than an OTC derivative contract, repo-style transaction, or eligible margin loan) in the form of a loan commitment or line of credit, EAD means the bank's best estimate of net additions to the outstanding amount owed the bank, including estimated future additional draws of principal and accrued but unpaid interest and fees, that are likely to occur over the remaining life of the exposure assuming the exposure were to go into default. This estimate of net additions must reflect what would be expected during a period of economic downturn conditions. For the off-balance sheet component of a wholesale or retail exposure other than an OTC derivative contract, repo-style transaction, eligible margin loan, loan commitment, or line of credit issued by a bank, EAD means the notional amount of the exposure.
For a segment of retail exposures, EAD is the sum of the EADs for each individual exposure in the segment. For wholesale or retail exposures in which only the drawn balance has been securitized, the bank must reflect its share of the exposures' undrawn balances in EAD. The undrawn balances of exposures for which the drawn balances have been securitized must be allocated between the seller's and investors' interests on a pro rata basis, based on the proportions of the seller's and investors' shares of the securitized drawn balances. For example, if the EAD of a group of securitized exposures' undrawn balances is $100, and the bank's share (seller's interest) in the securitized exposures is 25 percent, the bank must reflect $25 in EAD for the undrawn balances.
The proposed rule contains a special treatment of EAD for OTC derivative contracts, repo-style transactions, and eligible margin loans, which is in section 32 of the proposed rule and discussed in more detail in section V.C. of the preamble.
The proposed rule requires data used by a bank to estimate risk parameters to be relevant to the bank's actual wholesale and retail exposures and of sufficient quality to support the determination of risk-based capital requirements for the exposures. For wholesale exposures, estimation of the risk parameters must be based on a minimum of 5 years of default data to estimate PD, 7 years of loss severity data to estimate ELGD and LGD, and 7 years of exposure amount data to estimate EAD. For segments of retail exposures, estimation of risk parameters must be based on a minimum of 5 years of default data to estimate PD, 5 years of loss severity data to estimate ELGD and LGD, and 5 years of exposure amount data to estimate EAD. Default, loss severity, and exposure amount data must include periods of economic downturn conditions or the bank must adjust its estimates of risk parameters to compensate for the lack of data from such periods. Banks must base their estimates of PD, ELGD, LGD, and EAD on the proposed rule's definition of default, and must review at least annually and update (as appropriate) their risk parameters and risk parameter quantification process.
In all cases, banks would be expected to use the best available data for quantifying the risk parameters. A bank could meet the minimum data requirement by using internal data, external data, or pooled data combining internal data with external data. Internal data refers to any data on exposures held in a bank's existing or historical portfolios, including data elements or information provided by third parties. External data refers to information on exposures held outside of the bank's portfolio or aggregate information across an industry.
For example, for new lines of business where a bank lacks sufficient internal data, it must use external data to supplement its internal data. The agencies recognize that the minimum sample period for reference data provided in the proposed rule may not provide the best available results. A longer sample period usually captures varying economic conditions better than a shorter sample period; in addition, a longer sample period will include more default observations for ELGD, LGD, and EAD estimation. Banks should consider using a longer-than-minimum sample period when possible. However, the potential increase in precision afforded by a larger sample should be weighed against the potential for diminished comparability of older data to the existing portfolio; striking the correct balance is an important aspect of quantitative modeling.
Both internal and external reference data should not differ systematically from a bank's existing portfolio in ways that seem likely to be related to default risk, loss severity, or exposure at default. Otherwise, the derived PD, ELGD, LGD, or EAD estimates may not be applicable to the bank's existing portfolio. Accordingly, the bank must conduct a comprehensive review and analysis of reference data at least annually to determine the relevance of reference data to the bank's exposures, the quality of reference data to support PD, ELGD, LGD, and EAD estimates, and the consistency of reference data to the definition of default contained in the proposed rule. Furthermore, a bank must have adequate data to estimate risk parameters for all its wholesale and retail exposures as if they were held to maturity, even if some loans are likely to be sold or securitized before their long-term credit performance can be observed.
As noted above, periods of economic downturn conditions must be included in the data sample (or adjustments to risk parameters must be made). If the reference data include data from beyond the minimum number of years (to capture a period of economic downturn conditions or for other valid reasons), the reference data need not cover all of the intervening years. However, a bank should justify the exclusion of available data and, in particular, any temporal discontinuities in data used. Including periods of economic downturn conditions increases the size and potentially the breadth of the reference data set. According to some empirical studies, the average loss rate is higher during periods of economic downturn conditions, such that exclusion of such periods would bias ELGD, LGD, or EAD estimates downward and unjustifiably lower risk-based capital requirements.
Risk parameter estimates should take into account the robustness of the quantification process. The assumptions and adjustments embedded in the quantification process should reflect the degree of uncertainty or potential error inherent in the process. In practice, a reasonable estimation approach likely would result in a range of defensible risk parameter estimates. The choices of the particular assumptions and adjustments that determine the final estimate, within the defensible range, should reflect the uncertainty in the quantification process. That is, more uncertainty in the process should be reflected in the assignment of final risk parameter estimates that result in higher risk-based capital requirements relative to a quantification process with less uncertainty. The degree of conservatism applied to adjust for uncertainty should be related to factors such as the relevance of the reference data to a bank's existing exposures, the robustness of the models, the precision of the statistical estimates, and the amount of judgment used throughout the process. Margins of conservatism need not be added at each step; indeed, that could produce an excessively conservative result. Instead, the overall margin of conservatism should adequately account for all uncertainties and weaknesses in the quantification process. Improvements in the quantification process (including use of more complete data and better estimation techniques) may reduce the appropriate degree of conservatism over time.
Judgment will inevitably play a role in the quantification process and may materially affect the estimates of risk parameters. Judgmental adjustments to estimates are often necessary because of some limitations on available reference data or because of inherent differences between the reference data and the bank's existing exposures. The bank must ensure that adjustments are not biased toward optimistically low risk parameter estimates. This standard does not prohibit individual adjustments that result in lower estimates of risk parameters, as both upward and downward adjustments are expected. Individual adjustments are less important than broad patterns; consistent signs of judgmental decisions that lower risk parameter estimates materially may be evidence of systematic bias, which would not be permitted.
A bank that intends to apply the internal models methodology to counterparty credit risk, the double default treatment for credit risk mitigation, the internal assessment approach (IAA) for securitization exposures to ABCP programs, or the internal models approach (IMA) to equity exposures must receive prior written approval from its primary Federal supervisor. The criteria on which approval would be based are described in the respective sections below.
A bank must have operational risk management processes, data and assessment systems, and quantification systems that meet the qualification requirements in section 22(h) of the proposed rule. A bank must have an operational risk management function independent from business line management. The operational risk management function is responsible for the design, implementation, and oversight of the bank's operational risk data and assessment systems, operational risk quantification systems, and related processes. The roles and responsibilities of the operational risk management function may vary between banks, but must be clearly documented. The operational risk management function should have organizational stature commensurate with the bank's operational risk profile. At a minimum, the bank's operational risk management function should ensure the development of policies and procedures for the explicit management of operational risk as a distinct risk to the bank's safety and soundness.
A bank also must establish and document a process to identify, measure, monitor, and control operational risk in bank products, activities, processes, and systems. This process should provide for the consistent and comprehensive collection of the data needed to estimate the bank's exposure to operational risk. The process must also ensure reporting of operational risk exposures, operational loss events, and other relevant operational risk information to business unit management, senior management, and to the board of directors (or a designated committee of the board). The proposed rule defines operational loss events as events that result in loss and are associated with internal fraud; external fraud; employment practices and workplace safety; clients, products, and business practices; damage to physical assets; business disruption and system failures; or execution, delivery, and process management. A bank's operational risk management processes should reflect the scope and complexity of its business lines, as well as its corporate organizational structure. Each bank's operational risk profile is unique and requires a tailored risk management approach appropriate for the scale and materiality of the operational risks present in the bank.
A bank must have an operational risk data and assessment system that incorporates on an ongoing basis the following four elements: internal operational loss event data, external operational loss event data, results of scenario analysis, and assessments of the bank's business environment and internal controls. These four operational risk elements should aid the bank in identifying the level and trend of operational risk, determining the effectiveness of operational risk management and control efforts, highlighting opportunities to better mitigate operational risk, and assessing operational risk on a forward-looking basis. A bank's operational risk data and assessment system must be structured in a manner consistent with the bank's current business activities, risk profile, technological processes, and risk management processes.
The proposed rule defines operational loss as a loss (excluding insurance or tax effects) resulting from an operational loss event. Operational losses include all expenses associated with an operational loss event except for opportunity costs, forgone revenue, and costs related to risk management and control enhancements implemented to prevent future operational losses. The definition of operational loss is an important issue, as it is a critical building block in a bank's calculation of its operational risk capital requirement under the AMA. More specifically, under the proposed rule, the bank's estimate of operational risk exposure the basis for determining a bank's risk-weighted asset amount for operational risk is an estimate of aggregate operational losses generated by the bank's AMA process.
The agencies are considering whether to define operational loss based solely on the effect of an operational loss event on a bank's regulatory capital or to use a definition of operational loss that incorporates, to a greater extent, economic capital concepts. In either case, operational losses would continue to be determined exclusive of insurance and tax effects.
With respect to most operational loss events, the agencies believe that the operational loss amount incorporated into a bank's AMA process would be substantially the same whether viewed from the perspective of its effect on the bank's regulatory capital or an alternative approach that more directly incorporates economic capital concepts. In the case of operational loss events associated with premises and other fixed assets, however, potential loss amounts used in a bank's estimate of its operational risk exposure could be considerably different under the two approaches. The agencies recognize that, for purposes of economic capital analysis, banks often use replacement cost or market value, and not carrying value, to determine the amount of an operational loss with respect to fixed assets. The use of carrying value would be consistent with a definition of operational loss that covers a loss event's effect on a bank's regulatory capital, but may not reflect the full economic impact of a loss event in the case of assets that have a carrying value that is different from their market value.
Further, the agencies recognize that there is a potential to double-count all or a portion of the risk-based capital requirement associated with fixed assets. Under section 31(e)(3) of the proposed rule, which addresses calculation of risk-weighted asset amounts for assets that are not included in an exposure category, the risk-weighted asset amount for a bank's premises will equal the carrying value of the premises on the financial statements of the bank, determined in accordance with GAAP. A bank's operational risk exposure estimate addressing bank premises generally will be different than the risk-based capital requirement generated under section 31(e)(3) of the proposed rule and, at least in part, will address the same risk exposure.
Question 19: The agencies solicit comment on all aspects of the proposed treatment of operational loss and, in particular, on (i) the appropriateness of the proposed definition of operational loss; (ii) whether the agencies should define operational loss in terms of the effect an operational loss event has on the bank's regulatory capital or should consider a broader definition based on economic capital concepts; and (iii) how the agencies should address the potential double-counting issue for premises and other fixed assets.
A bank must have a systematic process for capturing and using internal operational loss event data in its operational risk data and assessment systems. Consistent with the ANPR, the proposed rule defines internal operational loss event data for a bank as gross operational loss amounts, dates, recoveries, and relevant causal information for operational loss events occurring at the bank. A bank's operational risk data and assessment system must include a minimum historical observation period of five years of internal operational losses. With approval of its primary Federal supervisor, however, a bank may use a shorter historical observation period to address transitional situations such as integrating a new business line. A bank may refrain from collecting internal operational loss event data for individual operational losses below established dollar threshold amounts if the bank can demonstrate to the satisfaction of its primary Federal supervisor that the thresholds are reasonable, do not exclude important internal operational loss event data, and permit the bank to capture substantially all the dollar value of the bank's operational losses.
A bank also must establish a systematic process for determining its methodologies for incorporating external operational loss event data into its operational risk data and assessment systems. The proposed rule defines external operational loss event data for a bank as gross operational loss amounts, dates, recoveries, and relevant causal information for operational loss events occurring at organizations other than the bank. External operational loss event data may serve a number of different purposes in a bank's operational risk data and assessment systems. For example, external operational loss event data may be a particularly useful input in determining a bank's level of exposure to operational risk when internal operational loss event data are limited. In addition, external operational loss event data provide a means for the bank to understand industry experience and, in turn, provide a means for the bank to assess the adequacy of its internal operational loss event data.
While internal and external operational loss event data provide a historical perspective on operational risk, it is also important that a bank incorporate forward-looking elements in its operational risk data and assessment systems. Accordingly, a bank must incorporate a business environment and internal control factor analysis in its operational risk data and assessment systems to fully assess its exposure to operational risk. In principle, a bank with strong internal controls in a stable business environment would have less exposure to operational risk than a bank with internal control weaknesses that is growing rapidly or introducing new products. In this regard, a bank should identify and assess the level and trends in operational risk and related control structures at the bank. These assessments should be current, should be comprehensive across the bank, and should identify the operational risks facing the bank. The framework established by a bank to maintain these risk assessments should be sufficiently flexible to accommodate increasing complexity, new activities, changes in internal control systems, and an increasing volume of information. A bank must also periodically compare the results of its prior business environment and internal control factor assessments against the bank's actual operational losses incurred in the intervening period.
Similar to business environment and internal control factor assessments, the results of scenario analysis provide a means for a bank to incorporate a forward-looking element in its operational risk data and assessment systems. Under the proposed rule, scenario analysis is a systematic process of obtaining expert opinions from business managers and risk management experts to derive reasoned assessments of the likelihood and loss impact of plausible high-severity operational losses that may occur at a bank. A bank must establish a systematic process for determining its methodologies for incorporating scenario analysis into its operational risk data and assessment systems. As an input to a bank's operational risk data and assessment systems, scenario analysis is especially relevant for business lines or loss event types where internal data, external data, and assessments of the business environment and internal control factors do not provide a sufficiently robust estimate of the bank's exposure to operational risk.
A bank's operational risk data and assessment systems must include credible, transparent, systematic, and verifiable processes that incorporate all four operational risk elements. The bank should have clear standards for the collection and modification of all elements. The bank should combine these four elements in a manner that most effectively enables it to quantify its exposure to operational risk.
A bank must have an operational risk quantification system that measures its operational risk exposure using its operational risk data and assessment systems. The proposed rule defines operational risk exposure as the 99.9th percentilee of the distribution of potential aggregate operational losses, as generated by the bank's operational risk quantification system over a one-year horizon (and not incorporating eligible operational risk offsets or qualifying operational risk mitigants). The mean of such a total loss distribution is the bank's EOL. The proposed rule defines EOL as the expected value of the distribution of potential aggregate operational losses, as generated by the bank's operational risk quantification system using a one-year horizon. The bank's UOL is the difference between the bank's operational risk exposure and the bank's EOL.
As part of its estimation of its operational risk exposure, a bank must demonstrate that its unit of measure is appropriate for the bank's range of business activities and the variety of operational loss events to which it is exposed. The proposed rule defines a unit of measure as the level (for example, organizational unit or operational loss event type) at which the bank's operational risk quantification system generates a separate distribution of potential operational losses. A bank must also demonstrate that it has not combined business activities or operational loss events with different risk profiles within the same loss distribution.
The agencies recognize that operational losses across operational loss event types and business lines may be related. A bank may use its internal estimates of dependence among operational losses within and across business lines and operational loss event types if the bank can demonstrate to the satisfaction of its primary Federal supervisor that its process for estimating dependence is sound, robust to a variety of scenarios, and implemented with integrity, and allows for the uncertainty surrounding the estimates. The agencies expect that a bank's assumptions regarding dependence will be conservative given the uncertainties surrounding dependence modeling for operational risk. If a bank does not satisfy the requirements surrounding dependence described above, the bank must sum operational risk exposure estimates across units of measure to calculate its operational risk exposure.
A bank's chosen unit of measure affects how it should account for dependence. Explicit assumptions regarding dependence across units of measure are always necessary to estimate operational risk exposure at the bank level. However, explicit assumptions regarding dependence within units of measure are not necessary, and under many circumstances models assume statistical independence within each unit of measure. The use of only a few units of measure heightens the need to ensure that dependence within units of measure is suitably reflected in the operational risk exposure estimate.
In addition, the bank's process for estimating dependence should provide for ongoing monitoring, recognizing that dependence estimates can change. The agencies expect that a bank's approach for developing explicit and objective dependence determinations will improve over time. As such, the bank should develop a process for assessing incremental improvements to the approach (for example, through out-of-sample testing).
A bank must review and update (as appropriate) its operational risk quantification system whenever the bank becomes aware of information that may have a material effect on the bank's estimate of operational risk exposure, but no less frequently than annually.
As described above, the agencies expect a bank using the AMA to demonstrate that its systems for managing and measuring operational risk meet established standards, including producing an estimate of operational risk exposure at the 99.9 percent confidence level. However, the agencies recognize that, in limited circumstances, there may not be sufficient data available for a bank to generate a credible estimate of its own operational risk exposure at the 99.9 percent confidence level. In these limited circumstances, a bank may propose use of an alternative operational risk quantification system to that specified in section 22(h)(3)(i) of the proposed rule, subject to approval by the bank's primary Federal supervisor. The alternative approach is not available at the BHC level.
The agencies are not prescribing specific estimation methodologies under this approach and expect use of an alternative approach to occur on a very limited basis. A bank proposing to use an alternative operational risk quantification system must submit a proposal to its primary Federal supervisor. In evaluating a bank's proposal, the bank's primary Federal supervisor will review the bank's justification for requesting use of an alternative approach in light of the bank's size, complexity, and risk profile. The bank's primary Federal supervisor will also consider whether the proposed approach results in capital levels that are commensurate with the bank's operational risk profile, is sensitive to changes in the bank's risk profile, can be supported empirically, and allows the bank's board of directors to fulfill its fiduciary responsibilities to ensure that the bank is adequately capitalized. Furthermore, the agencies expect a bank using an alternative operational risk quantification system to adhere to the qualification requirements outlined in the proposed rule, including establishment and use of operational risk management processes and data and assessment systems.
A bank proposing an alternative approach to operational risk based on an allocation methodology should be aware of certain limitations associated with use of such an approach. Specifically, the agencies will not accept an allocation of operational risk capital requirements that includes non-DI entities or the benefits of diversification across entities. The exclusion of allocations that include non-DIs is in recognition that, unlike the cross-guarantee provision of the Federal Deposit Insurance Act, which provides that a DI is liable for any losses incurred by the FDIC in connection with the failure of a commonly-controlled DI, there are no statutory provisions requiring cross-guarantees between a DI and its non-DI affiliates.29 Furthermore, depositors and creditors of a DI generally have no legal recourse to capital funds that are not held by the DI or its affiliate DIs.
A bank must have data management and maintenance systems that adequately support all aspects of the bank's advanced IRB systems, operational risk management processes, operational risk data and assessment systems, operational risk quantification systems, and, to the extent the bank uses the following systems, the internal models methodology to counterparty credit risk, double default excessive correlation detection process, IMA to equity exposures, and IAA to securitization exposures to ABCP programs (collectively, advanced systems). The bank's data management and maintenance systems must ensure the timely and accurate reporting of risk-based capital requirements. Specifically, a bank must retain sufficient data elements to permit monitoring, validation, and refinement of the bank's advanced systems. A bank's data management and maintenance systems should generally support the proposed rule's qualification requirements relating to quantification, validation, and control and oversight mechanisms, as well as the bank's broader risk management and reporting needs. The precise data elements to be collected would be dictated by the features and methodologies of the risk measurement and management systems employed by the bank. To meet the significant data management challenges presented by the quantification, validation, and control and oversight requirements of the advanced approaches, a bank must store its data in an electronic format that allows timely retrieval for analysis, reporting, and disclosure purposes.
The consequences of an inaccurate or unreliable advanced system can be significant, particularly on the calculation of risk-based capital requirements. Accordingly, bank senior management would be responsible for ensuring that all advanced system components function effectively and are in compliance with the qualification requirements of the advanced approaches. Moreover, the bank's board of directors (or a designated committee of the board) must evaluate at least annually the effectiveness of, and approve, the bank's advanced systems.
To support senior management's and the board of directors' oversight responsibilities, a bank must have an effective system of controls and oversight that ensures ongoing compliance with the qualification requirements and maintains the integrity, reliability, and accuracy of the bank's advanced systems. Banks would have flexibility in how they achieve integrity in their risk management systems. They would, however, be expected to follow standard control principles in their systems such as checks and balances, separation of duties, appropriateness of incentives, and data integrity assurance, including that of information purchased from third parties. Moreover, the oversight process should be sufficiently independent of the advanced systems' development, implementation, and operation to ensure the integrity of the component systems. The objective of risk management system oversight is to ensure that the various systems used in determining risk-based capital requirements are operating as intended. The oversight process should draw conclusions on the soundness of the components of the risk management system, identify errors and flaws, and recommend corrective action as appropriate.
A bank must validate its advanced systems on an ongoing basis. Validation is the set of activities designed to give the greatest possible assurances of accuracy of the advanced systems. Validation includes three broad components: (i) evaluation of the conceptual soundness of the advanced systems, taking into account industry developments; (ii) ongoing monitoring that includes process verification and comparison of the bank's internal estimates with relevant internal and external data sources or results using other estimation techniques (benchmarking); and (iii) outcomes analysis that includes comparisons of actual outcomes to the bank's internal estimates by backtesting and other methods.
Each of these three components of validation must be applied to the bank's risk rating and segmentation systems, risk parameter quantification processes, and internal models that are part of the bank's advanced systems. A sound validation process should take business cycles into account, and any adjustments for stages of the economic cycle should be clearly specified in advance and fully documented as part of the validation policy. Senior management of the bank should be notified of the validation results and should take corrective action, where appropriate.
A bank's validation process must be independent of the advanced systems' development, implementation, and operation, or be subject to independent assessment of its adequacy and effectiveness. A bank should ensure that individuals who perform the review are independent that is, are not biased in their assessment due to their involvement in the development, implementation, or operation of the processes or products. For example, reviews of the internal risk rating and segmentation systems should be performed by individuals who were not part of the development, implementation, or maintenance of those systems. In addition, individuals performing the reviews should possess the requisite technical skills and expertise to fulfill their mandate.
The first component of validation is evaluating conceptual soundness, which involves assessing the quality of the design and construction of a risk measurement or management system. This evaluation of conceptual soundness should include documentation and empirical evidence supporting the methods used and the variables selected in the design and quantification of the bank's advanced systems. The documentation should also include evidence of an understanding of the limitations of the systems. The development of internal risk rating and segmentation systems and their quantification processes requires banks to adopt methods, choose characteristics, and make adjustments; each of these actions requires judgment. Validation should ensure that these judgments are well informed and considered, and generally include a body of expert opinion. A bank should review developmental evidence whenever the bank makes material changes in its advanced systems.
The second component of the validation process for a bank's advanced systems is ongoing monitoring to confirm that the systems were implemented appropriately and continue to perform as intended. Such monitoring involves process verification and benchmarking. Process verification includes verifying that internal and external data are accurate and complete and ensuring that internal risk rating and segmentation systems are being used, monitored, and updated as designed and that ratings are assigned to wholesale obligors and exposures as intended, and that appropriate remediation is undertaken if deficiencies exist.
Benchmarking is the set of activities that uses alternative data sources or risk assessment approaches to draw inferences about the correctness of internal risk ratings, segmentations, risk parameter estimates, or model outputs before outcomes are actually known. For credit risk ratings, examples of alternative data sources include independent internal raters (such as loan review), external rating agencies, wholesale and retail credit risk models developed independently, or retail credit bureau models. Because it will take considerable time before outcomes will be available and backtesting is possible, benchmarking will be a very important validation device. Benchmarking would be applied to all quantification processes and internal risk rating and segmentation activities.
Benchmarking allows a bank to compare its estimates with those of other estimation techniques and data sources. Results of benchmarking exercises can be a valuable diagnostic tool in identifying potential weaknesses in a bank's risk quantification system. While benchmarking activities allow for inferences about the appropriateness of the quantification processes and internal risk rating and segmentation systems, they are not the same as backtesting. When differences are observed between the bank's risk estimates and the benchmark, this should not necessarily indicate that the internal risk ratings, segmentation decisions, or risk parameter estimates are in error. The benchmark itself is an alternative prediction, and the difference may be due to different data or methods. As part of the benchmarking exercise, the bank should investigate the source of the differences and whether the extent of the differences is appropriate.
The third component of the validation process is outcomes analysis, which is the comparison of the bank's forecasts of risk parameters and other model outputs with actual outcomes. A bank's outcomes analysis must include backtesting, which is the comparison of the bank's forecasts generated by its internal models with actual outcomes during a sample period not used in model development. In this context, backtesting is one form of out-of-sample testing. The agencies note that in other contexts backtesting may refer to in-sample fit, but in-sample fit analysis is not what the proposed rule requires a bank to do as part of the advanced approaches validation process.
Actual outcomes would be compared with expected ranges around the estimated values of the risk parameters and model results. Random chance and many other factors will make discrepancies between realized outcomes and the estimated risk parameters inevitable. Therefore the expected ranges should take into account relevant elements of a bank's internal risk rating or segmentation processes. For example, depending on the bank's rating philosophy, year-by-year realized default rates may be expected to differ significantly from the long-run one-year average. Also, changes in economic conditions between the historical data and current period can lead to differences between realizations and estimates.
A bank must have an internal audit function independent of business-line management that assesses at least annually the effectiveness of the controls supporting the bank's advanced systems. At least annually, internal audit should review the validation process, including validation procedures, responsibilities, results, timeliness, and responsiveness to findings. Further, internal audit should evaluate the depth, scope, and quality of the risk management system review process and conduct appropriate testing to ensure that the conclusions of these reviews are well founded. Internal audit must report its findings at least annually to the bank's board of directors (or a committee thereof).
A bank must periodically stress test its advanced systems. Stress testing analysis is a means of understanding how economic cycles, especially downturns as described by stress scenarios, affect risk-based capital requirements, including migration across rating grades or segments and the credit risk mitigation benefits of double default treatment. Under the proposed rule, changes in borrower credit quality will lead to changes in risk-based capital requirements. Because credit quality changes typically reflect changing economic conditions, risk-based capital requirements may also vary with the economic cycle. During an economic downturn, risk-based capital requirements would increase if wholesale obligors or retail exposures migrate toward lower credit quality ratings or segments.
Supervisors expect that banks will manage their regulatory capital position so that they remain at least adequately capitalized during all phases of the economic cycle. A bank that is able to credibly estimate regulatory capital levels during a downturn can be more confident of appropriately managing regulatory capital. Stress testing analysis consists of identifying a stress scenario and then translating the scenario into its effect on the levels of key performance measures, including regulatory capital ratios.
Banks should use a range of plausible but severe scenarios and methods when stress testing to manage regulatory capital. Scenarios could be historical, hypothetical, or model-based. Key variables specified in a scenario could include, for example, interest rates, transition matrices (ratings and score-band segments), asset values, credit spreads, market liquidity, economic growth rates, inflation rates, exchange rates, or unemployment rates. A bank may choose to have scenarios apply to an entire portfolio, or it may identify scenarios specific to various sub-portfolios. The severity of the stress scenarios should be consistent with the periodic economic downturns experienced in the bank's market areas. Such scenarios may be less severe than those used for other purposes, such as testing a bank's solvency.
The scope of stress testing analysis should be broad and include all material portfolios. The time horizon of the analysis should be consistent with the specifics of the scenario and should be long enough to measure the material effects of the scenario on key performance measures. For example, if a scenario such as a historical recession has material income and segment or ratings migration effects over two years, the appropriate time horizon is at least two years.
A bank must document adequately all material aspects of its advanced systems, including but not limited to the internal risk rating and segmentation systems, risk parameter quantification processes, model design, assumptions, and validation results. The guiding principle governing documentation is that it should support the requirements for the quantification, validation, and control and oversight mechanisms as well as the bank's broader risk management and reporting needs. Documentation is also critical to the supervisory oversight process.
The bank should document the rationale for all material assumptions underpinning its chosen analytical frameworks, including the choice of inputs, distributional assumptions, and weighting of quantitative and qualitative elements. The bank also should document and justify any subsequent changes to these assumptions.
An advanced approaches bank must meet the qualification requirements on an ongoing basis. Banks are expected to improve their advanced systems as they improve data gathering capabilities and as industry practice evolves. To facilitate the supervisory oversight of such systems changes, a bank must notify its primary Federal supervisor when it makes a change to its advanced systems that results in a material change in the bank's risk-weighted asset amount for an exposure type, or when the bank makes any significant change to its modeling assumptions.
Due to the advanced approaches' rigorous systems requirements, a core or opt-in bank that merges with or acquires another company that does not calculate risk-based capital requirements using the advanced approaches might not be able to use the advanced approaches immediately for the merged or acquired company's exposures. Therefore, the proposed rule would permit a core or opt-in bank to use the general risk-based capital rules to compute the risk-weighted assets and associated capital for the merged or acquired company's exposures for up to 24 months following the calendar quarter during which the merger or acquisition consummates.
Any ALLL associated with the acquired company's exposures may be included in the acquiring bank's tier 2 capital up to 1.25 percent of the acquired company's risk-weighted assets. Such ALLL would be excluded from the acquiring bank's eligible credit reserves. The risk-weighted assets of the acquired company would not be included in the acquiring bank's credit-risk-weighted assets but would be included in the acquiring bank's total risk-weighted assets. Any amount of the acquired company's ALLL that was eliminated in accounting for the acquisition would not be included in the acquiring bank's regulatory capital. An acquiring bank using the general risk-based capital rules for acquired exposures would be required to disclose publicly the amounts of risk-weighted assets and qualifying capital calculated under the general risk-based capital rules with respect to the acquired company and under the proposed rule for the acquiring bank.
Similarly, due to the substantial infrastructure requirements of the proposed rule, a core or opt-in bank that merges with or acquires another core or opt-in bank might not be able to apply its own version of the advanced approaches immediately to the acquired bank's exposures. Accordingly, the proposed rule permits a core or opt-in bank that merges with or acquires another core or opt-in bank to use the acquired bank's advanced approaches to determine the risk-weighted asset amounts for, and deductions from capital associated with, the acquired bank's exposures for up to 24 months following the calendar quarter during which the merger or acquisition consummates.
In all mergers and acquisitions involving a core or opt-in bank, the acquiring bank must submit an implementation plan for using advanced approaches for the merged or acquired company to its primary Federal supervisor within 30 days of consummating the merger or acquisition. A bank's primary Federal supervisor may extend the transition period for mergers or acquisitions for up to an additional 12 months. The primary Federal supervisor of the bank will monitor the merger or acquisition to determine whether the application of the general risk-based capital rules by the acquired company produces appropriate risk weights for the assets of the acquired company in light of the overall risk profile of the combined bank.
Question 20: The agencies seek comment on the appropriateness of the 24-month and 30-day time frames for addressing the merger and acquisition transition situations advanced approaches banks may face.
If a bank that uses the advanced approaches to calculate its risk-based capital requirements falls out of compliance with the qualification requirements, the bank must establish a plan satisfactory to its primary Federal supervisor to return to compliance with the qualification requirements. Such a bank also must disclose to the public its failure to comply with the qualification requirements promptly after receiving notice of non-compliance from its primary Federal supervisor. If the bank's primary Federal supervisor determines that the bank's risk-based capital requirements are not commensurate with the bank's credit, market, operational, or other risks, it may require the bank to calculate its risk-based capital requirements using the general risk-based capital rules or a modified form of the advanced approaches (for example, with fixed supervisory risk parameters).
- The agencies have issued for public comment draft supervisory guidance on corporate and retail exposures and operational risk. See 68 FR 45949 (Aug. 4, 2003); 69 FR 62748 (Oct. 27, 2004). Return to text
- The bank's primary Federal supervisor may extend the bank's first floor period start date. Return to text
- As explained below, a bank that chooses not to use an internal risk rating system for ELGD and LGD for a wholesale exposure must directly assign an ELGD and LGD estimate to the wholesale exposure. Return to text
- FFIEC, "Uniform Retail Credit Classification and Account Management Policy," 65 FR 36903 (June 12, 2000). Return to text
- Under the proposal, ELGD is not the statistical expected value of LGD. Return to text
- To illustrate, suppose that for a particular asset-based lending exposure the EAD equaled $100 and that for every $1 dollar owed by the obligor at the time of default the bank's recovery would be $0.40. Furthermore, suppose that in the event of default within a one-year horizon, pre-default paydowns of $20 would reduce the exposure amount to $80 at the time of default. In this case, the bank's economic loss rate measured relative to the amount owed at default (60%) would exceed the economic loss rate measured relative to EAD (48% = 60% × ($100 - $20)/$100), because the former does not reflect fully the impact of the pre-default paydowns. Return to text
- "Net accrued but unpaid interest and fees" are accrued but unpaid interest and fees net of any amount expensed by the bank as uncollectable. Return to text
- 12 U.S.C. 1815(e). Return to text