Menu
CLIENT NAME
Anonymous
CLIENT TYPE
Diversified commercial bank
CLIENT LOCATION
Singapore
CLIENT SINCE
2010
This leading South East Asian bank was considering the benefits and implications of migrating from the Standardised Approach (TSA) to the Advanced Measurement Approach (AMA) for Pillar 1 regulatory capital. In order to fully understand all the implications and to develop a cost-benefit justification for consideration by its Board of Directors, the bank retained RiskBusiness to assist in the development of an AMA roadmap, intended to form the basis both of any future project plan and for use in developing the cost-benefit justification.
The project commenced by developing a catalogue of all applicable international, regional and country specific regulatory requirements pertaining to AMA, covering not just the bank’s home country but all countries in which the bank had a material presence. Many of the requirements were already available from RiskBusiness’ library of regulatory compliance requirements, with additional ones specific to the region added after careful assessment of the pertinent regulations.
The requirements set was divided into seven core areas: governance; operational risk programmes and data sources; the Use Test; capital modelling; model validation; internal audit; and IT. For each area, an assessment was then conducted of the degree of existing fit to the requirements – with the up-front acceptance that there would be little to no fit in the areas of capital modelling and model validation.
Based on the assessment, which covered both documentation and implemented practices, a gap analysis between the requirements and the current status was determined and documented. This then formed the basis for establishing what work was required in order to achieve AMA status, with a comprehensive roadmap then developed. Using the roadmap and required effort, a time, materials and support budget was prepared and a complete document pack created for submission, firstly to the bank’s Risk Committee for consideration, review and approval, then secondly, to the bank’s Board of Directors to review and approval and budget sign-off.
Supported by RiskBusiness advisors, the bank’s head of operational risk presented the material to both the Risk Committee and to the Board. A decision was made to embark upon the roadmap with the final intention to become AMA accredited, but without setting the date for accreditation. This implied that certain components within the roadmap would be prioritised over others, with the capital modelling and model validation workstreams placed on hold. Budgetary approval was then granted for a phased approach over three years to completing all other elements of the roadmap to AMA standard, including the sourcing and implementation of a suitable technology solution to support AMA status.
Once the roadmap had been presented and approved at Board level, the bank retained RiskBusiness to assist with the implementation of certain key components required to achieve the overall plan. The first phase of this focussed on scenario assessment.
The bank’s operational risk framework was augmented during one of the initial steps on the roadmap to clearly delineate the roles, responsibilities and boundaries between each of the operational risk programmes, with a clear difference being drawn between risk and control self-assessment (RCSA) and scenario assessment. The former was focused on risk identification, controls documentation and periodic assessment of risk exposure over the forthcoming 12 to 18 months, supported by both control design strength assessment and estimated control effectiveness. Scenario assessment was focussed on potentially rare events which could significantly hurt the organisation over a much longer time horizon.
The roadmap allowed for three forms of scenario assessment: specific exposure scenarios; scenarios for management purposes; and scenarios for capital measurement. Specific exposure scenario assessment is intended when the industry, region or bank is suddenly faced by an unexpected event, for example, following a significant earthquake and tsunami within the geographic region, an assessment of how the bank would react if it happened again and affected the bank.
Scenarios for management purposes focuses on assessing significant risks, identifying control shortcomings and any required remedial actions and developing appropriate management responses. They are usually conducted through workshops, have a high level of iteration and often consider multi-variable scenarios, that is, a scenario where several relatively independent factors are considered to occur simultaneously or in sequence. Scenarios for capital measurement are far more controlled, are single variable and usually assessed through one-on-one interviews to minimise subjectivity and bias. The focus is on obtaining frequency and severity data which can be used to develop distributions for modelling purposes.
Having designed the relevant programmes, RiskBusiness assisted the bank develop its first set of scenarios and then facilitated a proof of concept and training programme to initiate the use of scenarios across the bank. RiskBusiness also provided focussed training to a selected set of staff to act as workshop and interview facilitators.
RiskBusiness is an international Governance, Risk, Audit and Compliance (GRAC) solution provider, with more than 200 financial services firms currently using our SaaS (Software-as-a-Service) solutions globally.