Banks across the globe are preparing for new stress testing requirements, particularly those that focus on improving their risk management frameworks. Requirements vary by jurisdiction, but mostly require institutions to design and implement comprehensive stress testing programmes, including:
- management controls with clear objectives and operational owners;
- recommended actions for contingency planning.
A snapshot of the EU, UK and USA’s regulatory stress testing requirements
The potential cost of non-compliance can be high. Banks may be required to take remedial actions like disposing of assets, issuing new equity, changing or eliminating dividend payouts, limiting leverage and growth, or converting contingent convertible debt.
Regulators want banks to integrate stress testing into their business management processes. However, doing so often represents a significant challenge, as it often means enhancing data management systems, implementing stress testing analytics, and creating an enterprise-wide stress testing platform.
Greater focus on governance requirements
Governance has become a key tenet of bank stress testing programmes. It is also a qualitative measure used by regulators to assess the rigor, auditability, and repeatability of the banks’ internal stress testing processes.
In the 2013/2014 US Comprehensive Capital Analysis and Review test (CCAR), all but one bank passed the quantitative assessment. By contrast, five banks had to resubmit their capital plans due to qualitative deficiencies in their stress testing and capital planning governance framework, analysis, internal controls, information systems and assumptions. As a consequence, these institutions cannot implement their capital plans, including increasing the payout ratios or capital distributions to shareholders, until an updated plan is resubmitted and remediation actions implemented.
It can be time-consuming to set up and execute a stress testing governance programme that enables oversight of the stress testing process, the construction and execution of a defined stress testing framework, and a single point of contact with the regulatory bodies. The generation of ever-changing data sets can become as much of a hindrance as a help.
To emphasise the importance of stress testing as both a risk management and supervisory tool, regulators have increased their focus and expectations on documentation, workflow, processes, and unstructured information. It is now expected that stress testing processes will be coordinated with other relevant regulatory processes, for example the Internal Capital Adequacy Assessment Process. Such coordination can be challenging when operationalising a stress testing programme.
Stress testing framework best practices
Effective stress testing programmes require close collaboration among multiple stakeholders across the bank, in areas such as finance, technology, risk, audit, budget and planning. To gain an effective and consistent view across the organisation, it is critical to design an appropriate governance framework for both internal and regulatory stress testing requirements.
A stress testing programme should focus on automating and streamlining the workflow process across the enterprise, identifying dependencies, and maximising the return-on-investment by addressing key elements. We have identified some key areas banks should focus on when developing their enterprise-wide stress testing programmes:
- Creation of a single stress testing programme board charged with the coordination and oversight of bank-wide stress testing activities.
- Aggregation, consolidation and management of relevant data bank-wide.
- Investment in dedicated stress testing infrastructure that automates and streamlines the process, manages data, controls and orchestrates workflows, runs scenario analysis, and automates the generation of regulatory and management reports. Minimise reliance on obsolete and inefficient tools such as Excel spreadsheets and email systems.
- Comprehensive documentation that meets regulatory stress testing requirements.
- Clear policies and communication practices that facilitate effective communication flows across divisions and business units, and support governance and control across geographies to adapt to international standards and languages.
- Models which are appropriately designed and aligned with the goals of the stress testing programme at the institution, for example producing the needed level of granularity, and using the desired top-down or bottom-up approach.
A bank’s enterprise-wide stress testing programme must lastly be integrated into their enterprise risk frameworks and management practices. This step guarantees a consistent view across businesses, jurisdictions, regulatory requirements, and budgeting/accounting projections, at both a group and subsidiary level. Taking all these requirements into account, it is apparent that a bank’s process and governance framework for stress testing calculations and workflows are even more important than the calculation itself.
This article is taken from Moody’s Analytics Risk Perspectives™ magazine, which explores regulatory and industry topics to help risk practitioners make smarter, risk-aware decisions. To view the full article and additional insight in the magazine, please visit moodysanalytics.com/riskgov
About the author: Mr Gea-Carrasco is the Head of Stress Testing Services and Advisory at Moody’s Analytics. Mr Gea-Carrasco has extensive experience working with financial institutions on credit portfolio management across different asset classes, analysis of structured credit portfolios, derivatives pricing, counterparty credit risk analytics, stress testing (CCAR, CLAR), liquidity management and enterprise risk management. Mr Gea-Carrasco holds a BSc and MSc in Telecommunication Engineering, a Master in Economics and Finance and a MSc in Financial Mathematics, with distinction, from King’s College London.