Acts Online
GT Shield

Banks Act, 1990 (Act No. 94 of 1990)

Regulations

Regulations relating to Banks

Chapter III : Corporate Governance

39. Process of corporate governance

Subregulation (8)

 

(8) As a minimum, a bank that wishes to adopt the internal model method for the measurement of the bank's exposure to counterparty credit risk—
(a) shall obtain the prior written approval of the Registrar and shall in addition to the relevant requirements specified in these Regulations comply with such conditions as may be specified in writing by the Registrar;
(b) shall have in place an independent risk control unit, which risk control unit—
(i) shall be responsible for the design and implementation of the bank's risk management system;
(ii) shall produce and analyse daily reports on the output of the bank's risk measurement model, including an evaluation of the relationship between measures of risk exposure and counterparty and trading limits;
(iii) shall be independent from all relevant line business units;
(iv) shall report directly to the senior management of the bank;
(v) shall conduct regular backtesting, that is, an ex-post comparison of the risk measure generated by the bank's EPE model against the bank's actual exposure to counterparty credit risk;
(vi) shall conduct the initial and ongoing validation of the internal model;
(vii) shall control the integrity relating to input data;
(viii) shall validate prices supplied by business units;
(ix) shall be adequately staffed;
(x) shall be closely integrated into the day-to-day credit risk management process of the bank, that is, the work of the unit shall form an integral part of the process of planning, monitoring and controlling the bank's credit and overall risk profile.
(c) shall have in place a collateral management unit, which collateral management unit—
(i) shall be responsible for calculating and making margin calls, managing margin call disputes and reporting levels of independent amounts, initial margins and variation margins accurately, on a daily basis;
(ii) shall control the integrity of the data used to make margin calls, and ensure that it is consistent and frequently reconciled with all relevant sources of data within the bank;
(iii) shall continuously track and report—
(A) the extent and reuse of cash and non-cash collateral and the rights that the bank gives away to its respective counterparties for posted collateral;
(B) concentration to individual counterparties or collateral asset classes accepted by the bank;
(iv) shall have sufficient resources—
(A) to ensure that the unit effectively discharges its duties, as measured by matters such as the timeliness and accuracy of outgoing calls and response time to incoming calls;
(B) to process calls and disputes in a timely manner, even in the case of a severe market crisis;
(C) to enable the bank to limit its number of large disputes caused by trade volumes;
(v) shall produce and maintain appropriate collateral management information that is regularly reported to the senior management of the bank, which internal reports, as a minimum, shall include information regarding—
(A) the type of cash and non-cash collateral received and posted;
(B) the categories of collateral assets reused, and the terms of such reuse, including instrument, credit quality and maturity;
(C) the size, ageing and cause for margin call disputes; and
(D) any relevant trends in the aforesaid information;
(d) shall—
(i) ensure the active involvement and oversight of the bank's board of directors and senior management in the bank's risk control processes;
(ii) regard risk control, including credit and counterparty credit risk control, as an essential aspect of the bank's business;
(iii) devote adequate resources to the bank's risk control and collateral management units;
(iv) ensure that reports prepared by the independent risk control unit and the collateral management unit are reviewed by a level of senior management with sufficient authority to enforce both reductions of individual exposures to a particular counterparty and reductions in the bank's overall counterparty risk exposure;
(v) ensure that the senior management of the bank is aware of the limitations and assumptions made in respect of the said internal model and the impact that such limitations and assumptions may have on the output of the model;
(vi) ensure that the bank's model validation process and its review process are independent of the model developers;
(vii) ensure that transactions are assigned to the appropriate netting set within the bank's model for the calculation or estimation of expected positive exposure relating to a particular counterparty;
(viii) ensure that all relevant policies, processes and procedures, including all relevant policies, processes and procedures related to cash management, duly account for the liquidity risks associated with potential incoming margin calls in the context of exchanges of variation margin or other margin types, such as initial or independent margin, under adverse market shocks, potential incoming calls for the return of excess collateral posted by counterparties, and calls resulting from a potential downgrade of its own public rating;
(ix) duly define—
(A) how representative counterparty portfolios are constructed for the purposes of validating its EPE model and its risk measures;
(B) criteria with which to assess the relevant EPE models and the models that input into the calculation of EPE;
(x) ensure that the nature and horizon of collateral reuse is consistent with the bank's liquidity needs and does not jeopardise the bank's ability to post or return collateral in a timely manner;
(xi) in the case of—
(A) exposures with a rising risk profile after one year, regularly compare the bank's estimate of EPE over one year with the EPE over the life of the said exposure;
(B) exposures with a maturity of less than one year, regularly compare the replacement cost or current exposure and the realised exposure profile;
(xii) store sufficient data relating to the bank's counterparty exposure in order to conduct robust stress-testing and backtesting;
(xiii) ensure that the bank has in place robust internal policies and procedures to verify that in respect of each exposure in respect of which—
(A) the bank wishes to apply netting, prior to including the relevant transaction in a netting set, the transaction is covered by a legally enforceable netting contract that complies with the relevant requirements specified in these Regulations;
(B) the bank wishes to make use of collateral to mitigate the bank's exposure to counterparty credit risk, prior to recognising the effect of the said collateral in the calculation of the bank's exposure to counterparty credit risk, the collateral complies with the relevant requirements specified in these Regulations.
(e) shall have in place a robust model for the estimation of expected positive exposure, that is, a robust EPE model, which model—
(i) shall be closely integrated into the risk management processes of the bank and the output of which model shall be an integral part of the process of planning, monitoring and controlling the bank's exposure to counterparty credit risk;
(ii) shall be used in conjunction with internal trading and exposure limits in a manner that is consistent over time and that is well understood by the relevant traders, the credit function, the senior management and all relevant line and support functions of the bank;
(iii) shall for purposes of measuring counterparty exposure forecast over a sufficiently long time horizon interest rates, foreign exchange rates, equity prices, commodities, and other market risk factors, the performance of which forecasting model relating to market risk factors shall be validated over a sufficiently long time horizon;
(iv) shall capture and include transaction-specific information in order—
(A) to aggregate counterparty exposures at the level of a particular netting set;
(B) to duly capture the effect of margining, that is, the model shall take into account the current amount of margining and margining that will be exchanged between relevant counterparties in the future;
(v) shall in the case of exposures with a long-term maturity duly capture the potential rising risk profile of the said exposure;
(vi) shall duly account for—
(A) the nature of margin agreements, that is, unilateral or bilateral agreements;
(B) the frequency of margin calls;
(C) the margin period of risk;
(D) the minimum threshold of unmargined exposure the bank is willing to accept;
(E) the minimum transfer amount.
(vii) shall either model the mark-to-market change in the value of collateral posted or ensure the bank's continued compliance with the relevant requirements relating to collateral, specified in regulations 23(7)(b) and 23 (12) (b);
(viii) shall comply with the relevant further operational requirements specified in subregulation (12) below.
(f) shall have in place a robust process in respect of model validation, which model validation process—
(i) shall include appropriate backtesting in respect of representative counterparty portfolios and netting sets that complies with the relevant qualitative requirements specified in paragraph (g) below—
(A) which backtesting shall include a sufficient number of actual and hypothetical representative counterparty portfolios and netting sets;
(B) which representative portfolios and netting sets shall be selected based on their sensitivity to the material risk factors and correlations to which the bank is exposed;
(C) during which process of backtesting—
(i) starting at a particular historical date, the bank shall use its internal model to forecast each portfolio's probability distribution of exposure at various time horizons;
(ii) using historical data on movements in market risk factors, the bank shall compute the exposures that would have occurred in respect of each portfolio at each time horizon assuming no change in the composition of the relevant portfolio;
(iii) the bank shall compare the realised exposures with the model's forecast distribution at the various relevant time horizons;
(iv) the bank shall repeat the process in respect of several historical dates that cover a wide range of market conditions such as rising rates, falling rates, quiet markets and volatile markets;
(v) the bank shall obtain and duly document the explanations for significant differences between the realised exposures and the model's forecast distribution.
(ii) shall comply with the requirements regarding initial validation and on-going periodic review of the bank's internal model and the risk measures generated by it, as specified in paragraph (n) below,

Provided that, when validating its EPE models and its risk measures that produce forecast distributions, the bank's validation shall assess more than a single statistic of the model distribution.

(g) shall have in place a robust process of backtesting, that is, an ex-post comparison of the relevant risk measures generated by the model against realised risk measures,
(i) which backtesting—
(A) shall be conducted at regular intervals;
(B) shall include comparing hypothetical changes based on static positions with realised measures;
(ii) which process of backtesting shall comply with the relevant requirements specified in paragraph (n) below;
(iii) which risk measures shall not only relate to Effective EPE, the risk measure used to derive minimum required capital and reserve funds, but also to the other risk measures used in the calculation of Effective EPE, such as the exposure distribution at a series of future dates, the positive exposure distribution at a series of future dates, the market risk factors used to derive those exposures and the values of the constituent trades of a portfolio;
(h) shall have in place a comprehensive and rigorous process or programme of stress-testing—
(i) the results of which stress-testing—
(A) shall be integrated into regular reporting to the senior management of the bank;
(B) shall be used in the bank's internal assessment of capital adequacy;
(C) shall be compared against the bank's measure of expected positive exposure and the related impact on the bank's capital adequacy;
(D) shall be duly reflected in the bank's policies and counterparty limits set by management and the bank's board of directors;
(ii) which stress-testing process or programme—
(A) may form part of the bank's bank-wide stress testing process;
(B) shall include the identification of possible events or future changes in economic conditions that may have an unfavourable effect on the bank's credit exposures, and an assessment of the bank's ability to withstand such changes, which events or economic conditions may include—
(i) economic or industry downturns;
(ii) market-place events; or
(iii) decreased liquidity conditions.
(C) shall include the stress testing of the bank's counterparty exposures, including a process of jointly stressing relevant market and credit risk factors;
(iii) which stress-testing process or programme shall be sufficiently robust—
(A) to ensure complete trade capture and exposure aggregation across all relevant forms of counterparty credit exposure, including counterparty risk arising from OTC derivative transactions, at the counterparty-specific level, in a sufficient time frame to conduct regular stress testing;
(B) to at least once a month, for all relevant counterparties, produce exposure stress testing of principal market risk factors, that is, for example, interest rates, foreign exchange, equities, credit spreads, and commodity prices, in order to proactively identify, and, when necessary, reduce undue concentrations to specific directional sensitivities;
(C) to at least once a quarter—
(i) apply multifactor stress testing scenarios and assess material non-directional risks, that is, for example, yield curve exposure and basis risks, which multiple-factor stress tests shall, as a minimum, aim to address scenarios in which—
(aa) severe economic or market events have occurred;
(bb) broad market liquidity has decreased significantly; and
(cc) the market impact of liquidating positions of a large financial intermediary;
(ii) conduct stress tests, applying stressed conditions to the joint movement of exposures and counterparty creditworthiness, since stressed market movements have an impact not only on counterparty exposures, but also on the credit quality of counterparties;
(D) to perform exposure stress testing, including single factor, multifactor and material non-directional risks, and joint stressing of exposure and creditworthiness at the counterparty-specific level, counterparty group level, that is, for example, industry and regional level, and aggregate bank-wide counterparty credit exposure levels;
(E) to capture the largest counterparty-level impacts across the portfolio, material concentrations within segments of the portfolio, that is, for example, within the same industry or region, and relevant portfolio and counterparty specific trends;
(F) to ensure that the severity of factor shocks is consistent with the purpose of the stress test, that is, when the bank, for example, evaluates solvency under stress, factor shocks shall be severe enough to capture historical extreme market environments and/or extreme but plausible stressed market conditions;
(G) to ensure that the bank appropriately evaluates the impact of the aforesaid shocks on matters such as qualifying capital, capital requirements and earnings;
(H) to ensure that for the purpose of day-to-day portfolio monitoring, hedging, and management of concentrations, the bank also considers scenarios of lesser severity and higher probability;
(I) to ensure that the bank conducts relevant reverse stress tests to identify extreme, but plausible, scenarios that could result in significant adverse outcomes;
(iv) during which process of stress-testing the bank shall consider—
(A) concentration risk, including concentration risk in respect of a single counterparty or a group of related counterparties;
(B) any risk of correlation between market risk and credit risk, including situations in which a large movement in market prices, for example, may result in a particular counterparty exposure becoming a large exposure or cause a material deterioration in the credit quality of the said counterparty, or both;
(C) the risk that liquidating a counterparty position may have a material impact on the market;
(D) the impact on the bank's own positions of movements in market prices, which impact shall be integrated into the bank's assessment of counterparty risk.

Provided that when the bank's stress-tests reveal particular vulnerability to a particular set of circumstances, the bank shall take appropriate and prompt action in order to manage and control the relevant risks, which action may include hedging against a particular outcome, reducing the size of the bank's exposures or increasing the amount of capital and reserve funds.

(i) shall have in place a routine for ensuring the bank's continued compliance with a documented set of internal policies, controls and procedures concerning the operation of the bank's risk measurement system;

(j)        shall duly document—

(i) the process for initial and on-going validation of the bank's internal model to a level of detail that would enable a third party to recreate the relevant analysis;
(ii) the calculation of the respective risk measures generated by the models to a level of detail that would allow a third party to re-create the said risk measures;
(iii) the bank's risk measurement system, for example, by maintaining an updated risk management manual that describes the basic principles of the risk management system and that provides an explanation of the empirical techniques used to measure the bank's exposure to counterparty risk,

which documentation, among other things, shall clearly set out the frequency with which backtesting analysis and any other on-going validation will be conducted, how the validation is conducted with respect to data flows and portfolios and the analyses that are used;

(k) shall conduct an appropriate independent review of the bank's risk measurement system, for example, as part of the bank's internal auditing process, which review—
(i) shall include the activities of the relevant business units, the independent risk control unit and the bank's overall risk management process;
(ii) shall be conducted at regular intervals but not less frequently than once a year;
(iii) as a minimum, shall include—
(A) the adequacy of documentation relating to the bank's risk management policies, system and processes;
(B) the organisation of the risk control unit;
(C) the organisation of the collateral management unit;
(D) the integration of risk measures into the bank's ongoing risk management processes and systems;
(E) the approval process relating to all relevant risk pricing models and valuation systems, including counterparty credit risk models used in the calculation of counterparty credit risk exposure used by front office and back office personnel;
(F) the validation of any significant changes made in respect of the bank's risk measurement process;
(G) the scope of counterparty credit risk and relevant market risk factors captured by the risk measurement model;
(H) the integrity of the management information system;
(I) the accuracy and completeness of relevant credit and market variables and data;
(J) the accurate reflection of relevant legal terms in collateral and netting agreements in the respective measurements of the bank's exposure to risk;
(K) the verification of the consistency, timeliness and reliability of data sources used to operate the internal model, including the independence of the said data sources;
(L) the accuracy and appropriateness of volatility and correlation assumptions;
(M) the accuracy of valuation and risk transformation calculations;
(N) the verification of the model's accuracy through frequent backtesting as set out in these Regulations;
(l) shall have in place a written policy that clearly describes the process by which unacceptable performance of the bank's model will be determined and remedied;
(m) shall ensure that on-going validation of counterparty credit risk models, including backtesting, is reviewed periodically by senior management with sufficient authority to decide the course of action that will be taken to duly address weaknesses in the bank's models;
(n) shall ensure that, as part of the bank's initial and on-going validation of its internal model and the related risk measures—
(i) the most recent performance of the bank's EPE model and the relevant risk measures are duly assessed;
(ii) the bank conducts backtesting using historical data on movements in market risk factors prior to the bank's application to the Registrar for approval of the bank's internal model, which backtesting shall consider a number of distinct prediction time horizons out to at least one year, over a range of various start or initialisation dates, and covering a wide range of market conditions;
(iii) the bank's backtesting includes the performance of the EPE model and the model's relevant risk measures as well as the market risk factor predictions that support EPE, provided that, for collateralised trades, the prediction time horizons considered shall include those reflecting typical margin periods of risk applied in collateralised or margined trading, and include time horizons of at least one year;
(iv) pricing models used to calculate counterparty credit risk exposure for a given scenario of future shocks to market risk factors are appropriately tested, which pricing models—
(A) may be different from the pricing models used to calculate market risk over a short horizon;
(B) shall in the case of options duly account for the nonlinearity of option value with respect to market risk factors;
(C) shall be regularly tested against appropriate independent benchmarks;
(v) the bank verifies that transactions are assigned to the appropriate netting set within the model;
(vi) static, historical backtesting on representative counterparty portfolios forms part of the bank's validation process;
(vii) the bank conducts, at such intervals as may be directed in writing by the Registrar, backtesting on a sufficient number of representative counterparty portfolios, provided that—
(A) the representative portfolios shall be chosen based on their sensitivity to the material risk factors and correlations to which the bank is exposed;
(B) the backtesting conducted by the bank shall be designed to test the key assumptions of the bank's EPE model and the relevant risk measures, that is, for example, the modelled relationship between tenors of the same risk factor, and the modelled relationships between risk factors;
(C) the bank's backtesting programme shall be sufficiently robust to identify poor performance in the bank's EPE model's risk measures;
(D) the bank shall report to the Registrar significant differences between realised exposures and the bank's forecast distribution;
(viii) the bank validates its EPE model and all relevant risk measures out to time horizons commensurate with the maturity of trades for which exposure is calculated using the internal modelling method;
(ix) the frequency with which the parameters of the bank's EPE model are updated is assessed;
(x) in respect of a measure or metric for which the bank obtained the prior written approval of the Authority to measure counterparty exposure, which measure shall be more conservative than the specified metric used to calculate EAD for every counterparty, that is, more conservative than alpha times Effective EPE, the bank shall regularly validate that the said measure or metric is sufficiently conservative;

[Regulation 39(8)(n)(x) substituted by section 10(i) of Notice No. 1427, GG44048, dated 31 December 2020 - effective 1 January 2021]

(xi) the bank includes all relevant counterparties for which the models are used;
(xii) the bank assesses whether or not the bank level and netting set exposure calculations of EPE are appropriate;
(o) shall comply with the relevant further operational requirements specified in subregulations (9) to (12) below.