Title[ Part 3: The Second Pillar - Supervisory Review Process
Section[ 5. Counterparty credit risk
777 (i). As counterparty credit risk (CCR) represents a form of credit risk, this would include meeting this Framework’s standards regarding their approaches to stress testing, “residual risks” associated with credit risk mitigation techniques, and credit concentrations, as specified in the paragraphs above.
777 (ii). The bank must have counterparty credit risk management policies, processes and systems that are conceptually sound and implemented with integrity relative to the sophistication and complexity of a firm’s holdings of exposures that give rise to CCR. A sound counterparty credit risk management framework shall include the identification, measurement, management, approval and internal reporting of CCR.
777 (iii). The bank’s risk management policies must take account of the market, liquidity, legal and operational risks that can be associated with CCR and, to the extent practicable, interrelationships among those risks. The bank must not undertake business with a counterparty without assessing its creditworthiness and must take due account of both settlement and pre-settlement credit risk. These risks must be managed as comprehensively as practicable at the counterparty level (aggregating counterparty exposures with other credit exposures) and at the firm-wide level.
777 (iv). The board of directors and senior management must be actively involved in the CCR control process and must regard this as an essential aspect of the business to which significant resources need to be devoted. Where the bank is using an internal model for CCR, senior management must be aware of the limitations and assumptions of the model used and the impact these can have on the reliability of the output. They should also consider the uncertainties of the market environment (e.g. timing of realisation of collateral) and operational issues (e.g. pricing feed irregularities) and be aware of how these are reflected in the model.
777 (v). In this regard, the daily reports prepared on a firm’s exposures to CCR must be reviewed by a level of management with sufficient seniority and authority to enforce both reductions of positions taken by individual credit managers or traders and reductions in the firm’s overall CCR exposure.
777 (vi). The bank’s CCR management system must be used in conjunction with internal credit and trading limits. In this regard, credit and trading limits must be related to the firm’s risk measurement model in a manner that is consistent over time and that is well understood by credit managers, traders and senior management.
777 (vii). The measurement of CCR must include monitoring daily and intra-day usage of credit lines. The bank must measure current exposure gross and net of collateral held where such measures are appropriate and meaningful (e.g. OTC derivatives, margin lending, etc.). Measuring and monitoring peak exposure or potential future exposure (PFE) at a confidence level chosen by the bank at both the portfolio and counterparty levels is one element of a robust limit monitoring system. Banks must take account of large or concentrated positions, including concentrations by groups of related counterparties, by industry, by market, customer investment strategies, etc.
777 (viii). The bank must have a routine and rigorous program of stress testing in place as a supplement to the CCR analysis based on the day-to-day output of the firm’s risk measurement model. The results of this stress testing must be reviewed periodically by senior management and must be reflected in the CCR policies and limits set by management and the board of directors. Where stress tests reveal particular vulnerability to a given set of circumstances, management should explicitly consider appropriate risk management strategies (e.g. by hedging against that outcome, or reducing the size of the firm’s exposures).
777 (ix). The bank must have a routine in place for ensuring compliance with a documented set of internal policies, controls and procedures concerning the operation of the CCR management system. The firm’s CCR management system must be well documented, for example, through a risk management manual that describes the basic principles of the risk management system and that provides an explanation of the empirical techniques used to measure CCR.
777 (x). The bank must conduct an independent review of the CCR management system regularly through its own internal auditing process. This review must include both the activities of the business credit and trading units and of the independent CCR control unit. A review of the overall CCR management process must take place at regular intervals (ideally not less than once a year) and must specifically address, at a minimum:
w the adequacy of the documentation of the CCR management system and process;
w the organisation of the CCR control unit;
w the integration of CCR measures into daily risk management;
w the approval process for risk pricing models and valuation systems used by front and back-office personnel;
w the validation of any significant change in the CCR measurement process;
w the scope of counterparty credit risks captured by the risk measurement model;
w the integrity of the management information system;
w the accuracy and completeness of CCR data;
w the verification of the consistency, timeliness and reliability of data sources used to run internal models, including the independence of such data sources;
w the accuracy and appropriateness of volatility and correlation assumptions;
w the accuracy of valuation and risk transformation calculations;
w the verification of the model’s accuracy through frequent backtesting.
174
777 (xi). A bank that receives approval to use an internal model to estimate its exposure amount or EAD for CCR exposures must monitor the appropriate risks and have processes to adjust its estimation of EPE when those risks become significant. This includes the following:
w Banks must identify and manage their exposures to specific wrong-way risk.
w For exposures with a rising risk profile after one year, banks must compare on a regular basis the estimate of EPE over one year with the EPE over the life of the exposure.
w For exposures with a short-term maturity (below one year), banks must compare on a regular basis the replacement cost (current exposure) and the realised exposure profile, and/or store data that allow such a comparisons.
777 (xii). When assessing an internal model used to estimate EPE, and especially for banks that receive approval to estimate the value of the alpha factor, supervisors must review the characteristics of the firm’s portfolio of exposures that give rise to CCR. In particular, supervisors must consider the following characteristics, namely:
w the diversification of the portfolio (number of risk factors the portfolio is exposed to);
w the correlation of default across counterparties; and
w the number and granularity of counterparty exposures.
777 (xiii). Supervisors will take appropriate action where the firm’s estimates of exposure or EAD under the Internal Model Method or alpha do not adequately reflect its exposure to CCR. Such action might include directing the bank to revise its estimates; directing the bank to apply a higher estimate of exposure or EAD under the IMM or alpha; or disallowing a bank from recognising internal estimates of EAD for regulatory capital purposes.
777 (xiv). For banks that make use of the standardised method, supervisors should review the bank’s evaluation of the risks contained in the transactions that give rise to CCR and the bank’s assessment of whether the standardised method captures those risks appropriately and satisfactorily. If the standardised method does not capture the risk inherent in the bank’s relevant transactions (as could be the case with structured, more complex OTC derivatives), supervisors may require the bank to apply the CEM or the SM on a transaction-by- transaction basis (i.e. no netting will be recognised).
Contents
Prev
Next
Last
