Stress Testing 2.0: Better Informed Decisions Through Expanded Scenario-Based Risk Management

Publié le par hanswillertbleuazurconsultingeu

Turning a Regulatory Requirement Into Competitive Advantage

Mandated enterprise stress testing – the primary macro-prudential tool that emerged from the 2008 financial crisis – helps regulators address concerns about the state of the banking industry and its impact on the local and global financial system. These regulatory stress tests typically focus on the largest banking institutions and involve a limited set of prescribed downturn scenarios.

Regulatory stress testing requires a significant investment by financial institutions – in technology, skilled people and time. And the stress testing process continues to become even more complex as programs mature and regulatory expectations keep growing.

The question is, what’s the best way to go about stress testing, and what other benefits can banks realize from this investment? Equally important, should you view stress testing primarily as a regulatory compliance tool? Or can banks harness it as a management tool that links corporate planning and risk appetite – and democratizes scenariobased analysis across the institution for faster, better business decisions?

These are important questions for every bank executive and risk officer to answer because justifying large financial investments in people and technology solely to comply with periodic regulatory requirements can be difficult. Not that noncompliance is ever an option; failure can result in severe damage to reputation and investor confidence.

But savvy financial institutions are looking for – and realizing – a significant return on investment by reaching beyond simple compliance. They are seeing more effective, consistent analytical processes and the ability to address complex questions from senior management (e.g., the sensitivity of financial performance to changes in macroeconomic factors). Their successes provide a road map for those who are starting to build – or are rethinking their approach to – their stress testing infrastructure.

This article reviews the maturation of regulatory stress test regimes and explores diverse use cases where stress testing (or, more broadly, scenario-based analysis) may provide value beyond regulatory stress testing.

Comprehensive Capital Assessments: A Daunting Exercise

The regulatory stress test framework that emerged following the 2008 financial crisis – that banks perform capital adequacy-oriented stress testing over a multiperiod forecast horizon – is summarized in Figure 1. At each period, a scenario exerts its impact on the net profit or loss based on the

  • as-of-date business,
  • including portfolio balances,
  • exposures,
  • and operational income and costs.

The net profit or loss, after being adjusted by other financial obligations and management actions, will determine the capital that is available for the next period on the scenario path.

SAS1

Note that the natural evolution of the portfolio and business under a given scenario leads to a state of the business at the next horizon, which then starts a new evaluation of the available capital. The risk profile of this business evaluation also determines the capital requirement under the same scenario. The capital adequacy assessment can be performed through this dynamic analysis of capital supply and demand.

This comprehensive capital assessment requires cooperation from various groups across business and finance in an institution. But it becomes a daunting exercise on a multiperiod scenario because of the forward-looking and path-dependent nature of the analysis. For this reason, some jurisdictions began the exercise with only one horizon. Over time, these requirements have been revised to cover at least two horizons, which allows banks to build more realistic business dynamics into their analysis.

Maturing and Optimizing Regulatory Stress Testing

Stress testing – now a standard supervisory tool – has greatly improved banking sector resilience. In regions where stress testing capabilities are more mature, banks have built up adequate capital and have performed well in recent years. For example, the board of governors for both the US Federal Reserve System and Bank of England announced good results for their recent stress tests on large banks.

As these programs mature, many jurisdictions are raising their requirements, both quantitively and qualitatively. For example:

  • US CCAR and Bank of England stress tests now require banks to carry out tests on institution-specific scenarios, in addition to prescribed regulatory scenarios.
  • The regions adopting IFRS 9, including the EU, Canada and the UK, are now required to incorporate IFRS 9 estimates into regulatory stress tests. Likewise, banks subject to stress testing in the US will need to incorporate CECL estimates into their capital adequacy tests.
  • Liquidity risk has been incorporated into stress tests – especially as part of resolution and recovery planning – in regions like the US and UK.
  • Jurisdictions in Asia (such as Taiwan) have extended the forecast horizons for their regulatory stress tests.

In addition, stress testing and scenario analysis are now part of Pillar 2 in the Internal Capital Adequacy Assessment Process (ICAAP) published by the Basel Committee on Banking Supervision. Institutions are expected to use stress tests and scenario analyses to improve their understanding of the vulnerabilities that they face under a wide range of adverse conditions. Further uses of regulatory stress testing include the scenariobased analysis for Interest Rate Risk in the Banking Book (IRRBB).

Finally, the goal of regulatory stress testing is increasingly extending beyond completing a simple assessment. Management must prepare a viable mitigation plan should an adverse condition occur. Some regions also require companies to develop “living wills” to ensure the orderly wind-down of institutions and to prevent systemic contagion from an institutional failure.

All of these demands will require the adoption of new technologies and best practices.

Exploring Enhanced Use Cases for Stress Testing Capabilities

As noted by the Basel Committee on Banking Supervision in its 2018 publication Stress Testing Principles, “Stress testing is now a critical element of risk management for banks and a core tool for banking supervisors and macroprudential authorities.” As stress testing capabilities have matured, people are exploring how to use these capabilities for strategic business purposes – for example, to perform “internal stress testing.”

The term “internal stress testing” can seem ambiguous. Some stakeholders don’t understand the various use cases for applying scenario-based analyses beyond regulatory stress testing or doubt the strategic value to internal management and planning. Others think that developing a scenario-based analytics infrastructure that is useful across the enterprise is just too difficult or costly.

But there are, in fact, many high-impact strategic use cases for stress testing across the enterprise, including:

  1. Financial planning.
  2. Risk appetite management.
  3. What-if and sensitivity analysis.
  4. Emerging risk identification.
  5. Reverse stress testing.

Financial Planning

Stress testing is one form of scenario-based analysis. But scenario-based analysis is also useful for forward-looking financial planning exercises on several fronts:

  • The development of business plans and management actions are already required as part of regulatory stress testing, so it’s natural to align these processes with internal planning and strategic management.
  • Scenario-based analyses lay the foundation for assessing and communicating the impacts of changing environmental factors and portfolio shifts on the institution’s financial performance.
  • At a more advanced level, banks can incorporate scenario-based planning with optimization techniques to find an optimal portfolio strategy that performs robustly across a range of scenarios.

Here, banks can leverage the technologies and processes used for regulatory stress testing. However, both the infrastructure and program processes must be developed with flexibility in mind – so that both business-as-usual scenarios and alternatives can be easily managed, and the models and assumptions can be adjusted.

Risk Appetite Management

A closely related topic to stress testing and capital planning is risk appetite. Risk appetite defines the level of risk an institution is willing to take to achieve its financial objectives. According to Senior Supervisors Group (2008), a clearly articulated risk appetite helps financial institutions properly understand, monitor, and communicate risks internally and externally.

Figure 2 illustrates the dynamic relationship between stress testing, risk appetite and capital planning. Note that:

  • Risk appetite is defined by the institution to reflect its capital strategy, return targets and its tolerance for risk.
  • Capital planning is conducted in alignment with the stated risk appetite and risk policy.
  • Scenario-based analyses are then carried out to ensure the bank can operate within the risk appetite under a range of scenarios (i.e., planning, baseline and stressed).

SAS2

Any breach of the stated risk appetite observed in these analyses leads to management action. These actions may include, but are not limited to,

  • enforcement or reallocation of risk limits,
  • revisions to capital planning
  • or adjustments to current risk appetite levels.

What-If and Sensitivity Analysis

Faster, richer what-if analysis is perhaps the most powerful – and demanding – way to extend a bank’s stress testing utility. What-if analyses are often initiated from ad hoc requests made by management seeking timely insight to guide decisions. Narratives for these scenarios may be driven by recent news topics or unfolding economic events.

An anecdotal example illustrates the business value of this type of analysis. Two years ago, a chief risk officer at one of the largest banks in the United States was at a dinner event and heard concerns about Chinese real estate and a potential market crash. He quickly asked his stress testing team to assess the impact on the bank if such an event occurred. His team was able to report back within a week. Fortunately, the result was not bad – news that was a relief to the CRO.

The responsiveness exhibited by this CRO’s stress testing team is impressive. But speed alone is not enough. To really get value from what-if analysis, banks must also conduct it with a reasonable level of detail and sophistication. For this reason, banks must design their stress test infrastructure to balance comprehensiveness and performance. Otherwise, its value will be limited.

Sensitivity analysis usually supplements stress testing. It differs from other scenariobased analyses in that the scenarios typically lack a narrative around them. Instead, they are usually defined parametrically to answer questions about scenario, assumption and model deviations.

Sensitivity analysis can answer questions such as:

  • Which economic factors are the most significant for future portfolio performance?
  • What level of uncertainty results from incremental changes to inputs and assumptions?
  • What portfolio concentrations are most sensitive to model inputs?

For modeling purposes, sensitivity tests can be viewed as an expanded set of scenario analyses. Thus, if banks perform sensitivity tests, they must be able to scale their infrastructure to complete a large number of tests within a reasonable time frame and must be able to easily compare the results.

Emerging Risk Identification

Econometric-based stress testing of portfolio-level credit, market, interest rate and liquidity risks is now a relatively established practice. But measuring the impacts from other risks, such as reputation and strategic risk, is not trivial. Scenario-based analysis provides a viable solution, though it requires proper translation from the scenarios involving these risks into a scenario that can be modeled. This process often opens a rich dialogue across the institution, leading to a beneficial consideration of potential business impacts.

Reverse Stress Testing

To enhance the relevance of the scenarios applied in stress testing analyses, many regulators have required banks to conduct reverse stress tests. For reverse stress tests, institutions must determine the risk factors that have a high impact on their business and determine scenarios that result in the breaching thresholds of specific output metrics (e.g., total capital ratio).

There are multiple approaches to reverse stress testing. Skoglund and Chen proposed a method leveraging risk information measures to decompose the risk factor impact from simulations and apply the results for stress testing. Chen and Skoglund also explained how stress testing and simulation can leverage each other for risk analyses.

Assessing the Impacts of COVID-19

The worldwide spread of COVID-19 in 2020 has presented a sudden shock to the financial plans of lending institutions. Both the spread of the virus and the global response to it are highly dynamic. Bank leaders, seeking a timely understanding of the potential financial impacts, have increasingly turned to scenario analysis. But, to be meaningful, the process must:

  • Scale to an increasing array of input scenarios as the situation continues to develop.
  • Provide a controlled process to perform and summarize numerous iterations of analysis.
  • Provide understandable and explainable results in a timely fashion.
  • Provide process transparency and control for qualitative and quantitative assumptions.
  • Maintain detailed data to support ad hoc reporting and concentration analysis.

Banks able to conduct rapid ad hoc analysis can respond more confidently and provide a data-driven basis for the actions they take as the crisis unfolds.

Conclusion

Regulatory stress testing has become a primary tool for bank supervision, and financial institutions have dedicated significant time and resources to comply with their regional mandates. However, the benefits of scenario-based analysis reach beyond such rote compliance.

Leading banks are finding they can expand the utility of their stress test programs to

  • enhance their understanding of portfolio dynamics,
  • improve their planning processes
  • and better prepare for future crises.

Through increased automation, institutions can

  • explore a greater range of scenarios,
  • reduce processing time and effort,
  • and support the increased flexibility required for strategic scenario-based analysis.

Armed with these capabilities, institutions can improve their financial performance and successfully weather downturns by making better, data-driven decisions.

Click here to access SAS’ latest Whitepaper

Financial Risk Management – Global Practice Analysis Report

Publié le par hanswillertbleuazurconsultingeu

Survey participants indicated they are involved in the daily practice of financial risk management as financial risk managers, in supervisory roles, as consultants, academics and trainers, auditors and regulators. They self-identified as highly educated — 71 percent hold a Master’s degree or higher. While 61 percent of respondents had more than five year’s experience in the financial services industry, less than half — 41 percent — had more than five year’s experience in financial risk management. This indicates that experienced financial services professionals enter the field of risk management from other areas of responsibility at financial institutions.

GARP1

More than 40 percent of respondents worked at banks, with consulting and asset management firms employing 17 and 16 percent, respectively. Approximately one-third of respondents hold the title of risk manager, one-quarter are analysts and 11 percent are consultants. Approximately 61 percent are employed at firms with more than 1,000 employees.

The GARP Global Practice Analysis survey addressed 49 specific tasks across six process-based domains. Respondents were asked to assign an importance rating from 1 (not important) to 4 (extremely important) to each task. Significantly, all 49 tasks were found to be important on the 4-point Importance Scale, meeting the industry best-practices threshold of 2.5 out of 4. Forty-seven of the 49 tasks received a mean importance rating of at least 3.0, indicating that these tasks are considered of moderate to high importance to the work of financial risk managers.

The top five tasks identified by respondents as most important, earning a mean importance rating of at least 3.3 among all survey respondents, are to:

  1. Identify signs of potential risk based on exposure, trends, monitoring systems regulatory and environmental change, organizational culture and behavior.
  2. Analyze and assess underlying risk drivers and risk interconnections.
  3. Communicate with relevant business stakeholders.
  4. Monitor risk exposure in comparison to limits and tolerances.
  5. Evaluate materiality of risk and impact on business.

The five tasks identified as least important, with a mean importance rating of or below 3.0 among all respondents, are:

  1. Create and inventory of models.
  2. Generate, validate, and communicate standardized risk reports for external purposes.
  3. Develop transparent model documentation for independent replication/validation.
  4. Set capital allocations and risk budgets in accordance with risk management framework.
  5. Recommend policy revisions as necessary.

Respondents were asked to identify at what level of experience each task should be part of the financial risk manager’s profile, according to a five-level Experience Scale:

  • Not necessary
  • Less than 2 years
  • 2 to 5 years
  • 6 to 10 years
  • More than 10 years

One-half of respondents indicated that financial risk managers should be able to perform all 49 tasks within the first five years of practice.

More than 77 percent of respondents said financial risk managers should be able to perform these specific tasks within their first five years of practice in financial risk management:

  • Monitor risk exposure in comparison to limits and tolerances
  • Define and determine type of risk (e.g., credit, market, operational) by classifying risk factors using a consistent risk taxonomy
  • Gather quantitative data to perform model evaluation
  • Select monitoring methods and set frequency (e.g., intra-daily, daily, weekly, monthly)
  • Gather qualitative information to perform model evaluation
  • Generate, validate, and communicate standardized risk reports for internal purposes (e.g., staff, executive management, board of directors)
  • Identify risk owners
  • Investigate why limits are exceeded by performing root-cause analysis
  • Analyze and assess underlying risk drivers and risk interconnections
  • Escalate breach when limits or alert levels are exceeded according to risk management plan/policies/strategies
  • Generate, validate, and communicate ad hoc reports to meet specific requirements
  • Escalate unusual behavior or potential risks according to risk management plan/ policies/strategies

GARP2

Financial risk managers are vital to any integrated financial system of managing and communicating risk. The GPA study is a contemporary and comprehensive description of the work of risk managers across work settings, geographic regions, job roles and experience levels.

The process of a practice analysis is important for programs that desire to continually evolve and reflect the critical knowledge and tasks in the industry. It is important for practitioners who desire to evolve and be successful in their career.

Click here to access GARP’s detailed survey report

 

Banks sailing in uncertain waters

Publié le par hanswillertbleuazurconsultingeu

The decision-making process apparent paradox

Corporate decision-making processes are driven by seemingly opposing forces.

On the  one hand, the human urge to dispose of instruments emerges in order

  • to understand context, specific self-direction
  • and to implement the actions required for following the plotted course.

On the other hand, the exhortation to keep the mind open

  • to an array of possible future scenarios,
  • to imagine and grasp the implications of the various possible trajectories,
  • to plot alternative courses according to the obstacles and opportunities encountered, that could lead to landing places other than those contemplated originally.

Needs that are intertwined as never before whenever the decision-maker operates in an area such as the banking sector, that is characterised by extremely pervasive regulatory requirements concerning the

  • maintenance and use of capital,
  • liquidity management,
  • checks on lending and distribution policies,

and that is structurally exposed to the volatility of the macroeconomic context and financial markets, greatly increasing the range of possible scenarios.

Thus, it is far from surprising or infrequent that one of the most common questions that CEOs ask the technical structures responsible for budgeting and risk planning is: ‘what if’? (‘what would happen if…?’). The problem is that, in the last few years, the ‘ifs’ at hand have rapidly multiplied, as there has been an exponential increase in the controlling variables for which feedback is required:

  • Net Interest Income (NII);
  • Cost Income ratio (C/I);
  • Return On Equity (ROE);
  • Non Performing Exposure (NPE) Ratio;
  • Liquidity Coverage Ratio (LCR);
  • Expected Credit Loss (ECL);
  • Common Equity Tier 1 (CET1) ratio,

to cite but a few among the most widespread. Planning has turned into an interdisciplinary and convoluted exercise, an issue hard to solve for CFOs and CROs in particular (naturally, should they not operate in close cooperation).

This greater complexity can result in the progressive loss of quality of the banks’ decision-making process, more often than not based on an incomplete information framework, whenever some controlling variables are unavailable, or even incorrect when there is an actual lack of information, specialist expertise and/or the instruments required for the modelling of events.

Partial mitigating circumstances include the fact that such events, aside from being numerous, are interdependent in their impact on the bank’s results and are particularly heterogeneous. These can in fact be exogenous (turbulence and interference along the way) or endogenous (the actions that the helmsman and the crew implement during navigation).

In the first case, these events are beyond the control of those responsible for the decision-making process, determined by the evolution of the market conditions and/or the choices of institutional subjects. As such, they are often hard to predict in their likelihood of occurrence, intensity, timing and duration. By nature, such phenomena are characterised by complex interactions, that make it crucial, albeit arduous, to comprehend the cause-effect mechanisms governing them. Lastly, their relevance is not absolute, but relative, in that it depends on the degree of reactivity of the bank’s business model and budgetary structure to the single risk factors to which the market value of the banks’ assets is exposed.

Conversely, in the case of endogenous events, uncertainty is more correlated to the ability of the bank’s top management

  • to quantify the level of ambition of the business actions,
  • to assess their multiple implications,
  • and specifically, to the bank’s actual ability to implement them within requested time frames and terms.

The taxonomy of banking strategic planning

Although these complexities are increasingly obvious, many banks still remain convinced about getting started on their respective courses with certainty, exposing themselves to a range of risks that can restrict or irreversibly compromise the efficacy of the decision-making processes. Some institutions are indeed persuaded that an ‘expert-based’ approach that has always characterised their planning methodologies shall continue to be sufficient and appropriate for steering the bank, also in future.

History teaches us that things have not always worked out that way. These actors have yet to understand that it has now become vital to foster the evolution of the planning process towards a model relying upon analytical methodologies and highly sophisticated and technological instruments (risk management, econometrics, statistics, financial engineering, …), making them available to those that have always considered experience, business knowledge and budgetary dynamics to be privileged instruments for making decisions.

Second mistake: many banks believe the uncertainty analysis to be wasteful and redundant for the purposes of planning since, ultimately, the allocation of objectives is (and will remain) based on assumptions and uniquely identified scenarios. In this case, the risk lies in failing to understand that, in actual fact, a broader analysis of possible scenarios contributes to better delineating the assigned objectives, by separating the external conditions from the contribution provided by internal actions. Moreover, testing various hypotheses and combinations of cases makes it easier to calibrate the ‘level of managerial ambition’, in line with the actual potential of the organisational structure and with the full involvement of the business functions responsible for attaining the corporate objectives.

The intersection of these two misreadings of the context results in a different positioning of the bank, with the relative risks and opportunities.

Models

ILLUMINATED

The planning process is built upon analytical data and models developed with the contribution of subject matter experts of different origins, which allows to consider the impacts of a specific scenario on the bank’s budget simultaneously and coherently. Nevertheless, not only does it improve the planning of a specific item, but it disposes of appropriate instruments to switch to a multi-scenario perspective and investigate the relevant scenarios for management, appraising the volatility regarding the expected results. This transition is extremely delicate: it entails a change in the way prospective information is produced by the technical functions and subsequently channelled to the top management and board of directors. In this context, the bank is governed via the analysis of deterministic scenarios and the statistical analysis of the probability distributions of the variables of interest. Leveraging this set of information (much more abundant and articulated than the traditional one) targets, risk propensity levels and relative alert and tolerance thresholds are established; business owners are provided not only with the final objectives, but also with details concerning the key risk factors (endogenous and exogenous alike) that might represent critical or success factors and the respective probabilities of occurrence.

DELUDED

The budget planning process is characterised by the prevalence of an expert-based approach (with a limited capacity of integrating quantitative models and methodologies, in that not always all budget items are developed by relying on the necessary instruments and expertise) and aimed at forecasting a single baseline scenario (the one under which the budget objectives are to be formalised, then articulated on the organisational units and business combinations).

ENLIGHTENED

The budgetary planning process is very accurate and incorporates specialist expertise (often cross-functional) required to understand and transmit the interactions across the managerial phenomena so as to ensure a full grasp of the bank’s ongoing context. The onus is chiefly on the ability to explain the phenomena inside the bank without prejudice to the external baseline scenario, that is ‘given’ by definition.

MISSING

The planning process attempts to consider the impact of alternative scenarios as compared to the baseline scenario, however, it is implemented on the basis of imprecise or incomplete modelling, in that developed without the analytical foundations and instruments required to appraise the consistency and the degree of likelihood of these scenarios, useful tools to sustain such a serious consideration. The focus remains on the comparison across the results produced under diverse conditions, while taking into account the approximations used.

Click here to access Prometeia’s white paper

Achieving Optimal IFRS 9 Compliance

Publié le par testbacblog

IFRS 9 will have a substantial financial impact on banks and create implementation challenges. By taking an optimal approach to compliance, banks can balance the financial impact and the effort required and still ensure compliance. To achieve this goal, banks will need significant support from technology. In this paper, we explore the software functionality needed to support optimal IFRS 9 compliance for banks.

Across the globe, large financial institutions are working to understand the implications of the latest impairment requirements introduced by IASB1 as part of the IFRS 9 package. According to a recent Deloitte industry survey, this single, forward-looking “expected loss” impairment standard will have a significant financial impact for the majority of large banks.

Given that IFRS 9 requirements will be effective Jan. 1, 2018, banks are beginning to pay greater attention to this new accounting standard; IFRS 9 implementation budgets doubled during the last 12 months. But as discussed in this paper, any steps they take toward IFRS 9 compliance should not be taken in isolation, but rather in the context of existing regulatory pressures. With Basel III, CCAR, stress testing, BCBS 239 and other requirements, banks are already exposed to high levels of regulatory scrutiny and devoting substantial attention to compliance efforts.

Finally, it is expected that key jurisdictions will implement similar impairment approaches to IFRS 9, with the most relevant being the FASB’s Current Expected Credit Loss project. These initiatives will combine to broaden the scope of banks that need to implement ECL-based impairment approaches.

ifrs9

Click here to access SAS’ detailed analysis.