Preamble
T.S. Eliot posed the question: “Where is the wisdom we have lost in knowledge? Where is the knowledge we have lost in information?” It is on the basis of such a question, I would like to share my views (Information, Knowledge and Wisdom) after I read the 108 page Bank of Ghana Capital (BoG) Requirement Directive (“the CRD” or “Directive”) issued on November 14, 2017. In this article, I will like to give my 2 cent views on the following six elements/areas of the Directive:
- The cost benefits assessments of the Directive: Under this heading, I want to assess BoG documentation of the costs and benefits assessments of the Directive.
- Legal basis of the Directive: Under this caption, I will like to understand BoG legal basis for issuing the Directive.
- Scope of the Directive: The BoG letter dated November 14, 2017 addressed to Managing Directors (MD) of banks stated that BoG is giving immediate priority to Basel II pillar 1 risk (i.e. credit, operational and market) and the Basel III capital framework. The letter went on to state that when the Basel regulatory framework is in place, BoG will look to introduce other parts of the Basel framework, namely Basel II pillar 2 and Pillar 3 and or Basel III liquidity requirements. Under this heading, I want to ask why not include liquidity in the Directive now rather than later.
- Preparation towards the implementation: The BoG November 14, 2017 letter addressed to banks MDs stated that the period of consultation is expected to close by January 31, 2018. The letter further states that at the end of the consultation, banks will be required to submit to BoG a self-assessment of their readiness to comply with the Directive and the reporting forms. Under this caption, I want to address the kind of preparatory work that should take place before banks can implement the Directive.
- Timing of implementation: The Directive states that the Directive shall be implemented from 1 January 2018. The effective date by which banks are to comply with the CRD shall be 1 July 2018. Under this caption, I want to assess whether the period for implementation of the Directive is adequate.
- Linkages between the Directive and other current regulatory and accounting projects currently undertaken by banks
This article will not provide you my views on the appropriateness of the specific methodologies, guidelines, thresholds and approaches listed in the various parts of Directive. I will communicate those views in other articles.
Key Soundbites/Executive summary:
Key soundbites of this article include:
- BoG should provide cost and benefit analysis of the Directive
It will be helpful for BoG to provide a cost and benefit analysis of the Directive. In my experience, when regulators issue major directives they provide cost and benefit analysis of the directive. This cost and benefit analysis help people to understand the societal and economic cost and benefits of such an initiative. Such analysis will also provide the logical basis used in reaching the various decision points in the Directive.
After reading the Directive, I have the following unanswered questions which could have been addressed by a cost and benefits analysis report from BoG on the Directive:
- Are we going to apply Basel II simply because everyone else is adopting Basel II? Is that good enough reason for Ghana to adopt Basel II?
- What are the underlying current problems or deficiencies that the Directive is seeking to address?
- Is the economy going to benefit from the Directive?
- Since banks are already burden with a lot of changes in 2018, is it the best time for banks to implement the Directive? Why now?
- BoG should consider to add Liquidity requirements as part of the Directive
The scope of the Directive stated in the letter dated November 14, 2017 addressed to Managing Directors (MD) of Banks is that the Directive will cover Basel II pillar 1 risk (i.e. credit, operational and market) and the Basel III capital framework. The letter went on to state that when the Basel regulatory framework is in place, BoG will look to introduce other parts of the Basel framework, namely Basel II pillar 2 and Pillar 3 and or Basel III liquidity requirements.
From what I know, the collapse of UT bank and Capital Bank was due to both liquidity and capital. In my article “Are some Banks on Liquidity life Support?” I noted that a lot of Banks are on liquidity life support. Hence I strongly encourage BoG to include Basel III liquidity requirements as part of the Directive.
- Work performed on IFRS 9 should be leveraged for the implementation of the Directive
The International Financial Reporting Standard (IFRS) 9- Financial instrument which is effective January 1, 2018 was issued by International Accounting Standards Boards (IASB) in collaboration with regulators including the Basel Committee.
Arguably the biggest change brought by IFRS 9 is incorporation of credit risk data into an accounting and therefore financial reporting process. Essentially, a new kind of interaction between finance and risk functions at the organization level is needed, and these functions will in turn impact data management processes. The implementation of the IFRS 9 impairment model challenges the way risk and finance data analytics are defined, used, and governed throughout an institution
IFRS 9 basis of conclusion paragraph BCE.127 included this statement: “The IASB notes that financial reporting, including estimates of expected credit losses, are based on information, circumstances and events at the reporting date. The IASB expects entities to be able to use the systems and processes in place to determine amounts for regulatory purposes as a basis for the application of the impairment requirements in IFRS 9. However, these calculations would have to be adjusted to meet the measurement requirements of IFRS 9”. The highlighted portion of the above paragraph in IFRS 9 means Banks can leverage their Basel models and processes for implementation of IFRS 9 and vice versa.
Both regulatory credit risk measurement and IFRS 9 share the following in common:
- Forward-looking models
- Use of credit risk data
- Use of multifactor and holistic data that covers borrower specific information, transaction-specific details , bank specific factors, macro-economic conditions and environmental factors
- Granular level of data
- Full economic cycle data required ( at least 5 years data)
- Data storage period should be at least equal to a credit or economic cycle
- Measurement objective is to make provision for credit risk as opposed to provision for credit loss
- Reliance on good credit risk practices, robust credit risk system and good quality data
- Expectation of a strong coordination between finance and risk
On the basis of above similarities between IFRS 9 and Basel framework, I strongly encourage Banks in Ghana to leverage on the processes, systems and data from their IFRS 9 project for the implementation of the CRD. This will be made possible if Banks have already addressed their IFRS 9 credit risk and data gaps.
- Banks should address IFRS 9 credit risk systems and data gaps before proceeding with BoG CRD
In order for banks to leverage their IFRS 9 work already performed for the implementation of the CRD as noted in point three above, it is fair to say that banks should first address their IFRS 9 credit risk system and data gaps. It will be unwise to carry the same mistakes and baggage from IFRS 9 to the implementation of the CRD.
- Both the IFRS and BoG CRD Directives penalize a bank for lack of or poor quality data
As stated on page 24 of the Bank of Ghana’s Capital Requirement Directive, a bank should establish a credit risk management framework that produces sound and reliable measurements of credit risk for risk based capital. The Directive noted that the risk weights designated herein work on the basis that a bank has obtained, verified and retains records of all relevant documentation supporting a credit assessment and the decision to fund a credit exposure. A bank must make available this information to BOG as part of the supervisory process, and where:
- a bank cannot demonstrate that the procedures have been followed as above, BOG may increase the risk weight with a risk add-on of 50% to the risk weight as prescribed.
- A bank has misclassified an exposure; BOG may increase the risk weight of the exposure in line with the characteristics identifiable.
IFRS 9 on the other hand states in paragraph 7.2.20 that if, at the date of initial application, determining whether there has been a significant increase in credit risk since initial recognition would require undue cost or effort, an entity shall recognize a loss allowance at an amount equal to lifetime expected credit losses at each reporting date until that financial instrument is derecognized (unless that financial instrument is a low credit risk at a reporting date, in which case paragraph 7.2.19(a) applies).
In simple English, the IFRS 9 requirement is that if you cannot demonstrate that a loan should be in stage 1 for you to provide 12 month expected loss to it, you should put the loan into stage 2 and provide lifetime expected loss for it.
On the basis of the penalties under both IFRS and CRD, it makes sense for Banks to address their data gaps under IFRS 9 before proceeding with the CRD.
Bank of Ghana and Banks should consider implementing the relevant sections of Basel guidance on data quality called BCBS 239[1]: Principles for effective risk data aggregation and risk reporting.
- Bank of Ghana (BoG) should require Banks to submit their IFRS 9 credit risk and data gap analysis report and road-map to address all gaps by June 2018
Related to point number 4 & 5 above and to ensure appropriate implementation of the CRD, Bank of Ghana (BoG) should require Banks to submit their IFRS 9 credit risk and data gap analysis report along with a road-map to address all gaps by June 2018. In addition, on a monthly basis, banks should report to BoG on their progress in closing the IFRS 9 gaps.
- Timelines for the Directive should be revised to accommodate timing of addressing the IFRS 9 credit risk and data gaps
Emanating from point 6 and to give ample time to address the IFRS 9 gaps, I recommend the following changes / extensions to the timelines stipulated for the implementation of the CRD:
- BoG assessment data for CRD should be extended from January 2018 to March 2018
- BoG implementation date for the CRD should be extended from July 2018 to September 2018
- Both IFRS 9 impairments and BoG Capital Directive Requirement require modifications to credit risk systems
Some of the enhancements required under IFRS 9 and the CRD for Banks credit risk systems include:
- Banks will need a comprehensive credit risk system with the following components; credit underwriting/origination system, credit rating system, collateral management system , loan monitoring system (watch list, loan review workout, recovery) and loan write off
- Instead of using live data, banks should consider purchasing or building a data warehouse system to house credit risk data for further analysis and use.
- Bank’s underwriting, origination, modification, loan review, watch list, workout, recovery, collateral details should be integrated into one system. This integrated credit risk system should be capable of measuring and tracking credit quality for the life of each and every instrument on their balance sheet
- Banks will need a credit risk management system that can capture a comprehensive range (multifactor and holistic- set of information) of credit risk information that is forward-looking and which is updated on a timely basis at the individual instrument level.
- Both IFRS 9 and BoG CRD requires granular and comprehensive data
IFRS 9 impairment requirement is a provision for credit risk as opposed to provision for credit loss under IAS 39. As such provision for credit risk under IFRS 9 requires credit risk data. The Basel Committee on Banking Supervision (or BCBS) defines credit risk as the potential that a bank borrower or counterparty will (in future not past) fail to meet its payment obligations regarding the terms agreed with the bank. In other words, Credit risk arises from the potential that an obligor is either unwilling to perform on an obligation or its ability to perform such obligation is impaired resulting in economic loss to the bank
Credit risk data required by IFRS 9 for making staging decision. IFRS 9 requires that information used for staging should be comprehensive, holistic and multifactor that captures all credit risk information including borrower specific information, transaction-specific details (such as repayment schedules, collateral requirements, down payments, and loan-to-value ratios), bank specific factors, macro-economic conditions and environmental factors since they drive a borrower’s ability and willingness to repay the loan. In addition, in order for the measurement of credit losses to be sufficiently sensitive to all sources of credit risk which impact the expectation of loss within an institution’s loan portfolio, it is necessary that available forward looking environmental, borrower, and instrument-specific credit indicators or risk drivers be factored into the ECL estimates.
- Both IFRS 9 and BoG CRD requires enhanced credit risk management practices
Some of the enhanced credit risk management practices required by both IFRS 9 and the BoG CRD include:
- Banks credit risk appetite document should be updated at least quarterly for macroeconomic and industries outlook relevant to a particular borrower or group of borrowers.
- Banks should perform an annual review of credit risk factors/triggers incorporated in the credit evaluation process. This can be achieved through a back-testing process. This back-testing process may require the use of a statistical model such as a regression equation to establish the linkages between the drivers of credit risk and credit loss and the borrower credit risk factors and macro-economic factors
- Banks should quantify the impact of forecasted macro-economic conditions and incorporate the impact of the forecast conditions its credit decision at a loan origination and include the impact in the measurement of a loan’s 12 month expected credit loss
- Credit risk measurement both on origination and an on-going basis should include the use of the bank’s credit rating system.
- Credit risk assessment during loan review process and other monitoring process should include forward-looking information that is specific to the individual borrower and forward-looking information on the macroeconomic, commercial sector and geographical region
- Collateral process should be enhanced to ensure that all loan collateral is perfected on a timely basis
- Banks should enhance their watch list process and factors, credit review process, credit appetite process to incorporate the relevant 16 credit risk trigger factors under IFRS 9.
- Instead of an annual review and semiannual review of loans, to ensure timely identification of loans that have experienced significant changes in credit risk, banks should consider carrying out credit reviews and update their ECLs, at least quarterly, to reflect changes in credit risk since initial recognition
- Banks have to develop mechanism to transfer the current risk data from credit review, watch list process and other monitoring activities to the credit management system to be used for staging and ECL calculation. This can be achieved through an integrated credit risk system or a data warehouse
- The segmentation information of a loan used for credit risk assessment should be more granular at the following segments: purpose, loan structure, loan type, sectors, vintages and credit risk grading. This level of segmentation will assist in timely identification of significant increase in credit risk to facilitate the recognition of lifetime expected loss. Information in BSD 4 can be a starting process for the segmentation process.
- Banks should purchase a credit system with quantitative capability to make quantitative credit assessment on-ongoing basis.
- The Basel Coordinator and IFRS 9 team should work collaboratively
Due to the linkages between IFRS 9 and Basel framework, each bank’s Basel Coordinator should work collaboratively with the existing IFRS 9 teams to achieve efficiencies and avoid duplication of efforts.
- Legal basis for the issuance of the Bank of Ghana Capital Requirement Directive
The primary role of the Bank of Ghana (BoG) as stipulated in section three of the Banks and Specialized Deposit-taking Institutions Act 2016 (Act 930) (‘the BSDI Act’) among others is to promote the safety and soundness of banks and specialized deposit-taking institutions and to ensure the soundness and stability of the financial system and the protection of depositors in the country through the regulation and supervision of financial institutions. In order to have a sound and stable financial systems, banks should hold capital and reserves sufficient to support the risks that arise in their business and Banks should hold adequate funds to its meet obligations as they come due. As part of BoG efforts to ensure sound and stable financial systems, BoG on September 11, 2017 issued a new minimum paid-up-capital of GHS 400 million (paid-in capital plus income surplus) for all banks effective December 31, 2018. The new minimum paid-up-capital itself is not enough to ensure adequacy of capital in the context of risks undertaken by the banks. To complete the puzzle, BoG in addition to the new minimum paid-up-capital will have to set capital adequacy, leverage ratios and liquidity ratios to limit the risk undertaken by Banks and to ensure that Banks have adequacy liquidity. We also have to remember that capital adequacy alone is not enough. Banks have to manage liquidity and a central bank’s lender of last resort function is crucial here. I witnessed an institution that failed to be able to fund itself (Bear Stearns). It was not a capital shortage but a funding shortage that brought the firm down.
Subsection 2 of section 29 of Act 930 stipulates that the capital adequacy should be at least 10%. Despite this, subsection 3 of section 29 of Act 930 noted that (3) The Bank of Ghana may, having regard to the risk and vulnerability of the financial system, (a) prescribe a higher capital adequacy ratio percentage, or (b) prescribe different ratios for different banks, financial holding companies and for different classes of specialized deposit taking institutions.
Subsection 4 of section 29 of Act 930, the minimum capital adequacy ratio shall be calculated in accordance with the methodology prescribed in the Directive issued by the Bank of Ghana.
Though subsection 7 of section 29 mentions leverage ratios, both the minimum amount and the mechanism of calculation was not stated but left to BoG Directive.
Aside the above, section 78 of Act 930 mandates BoG to set rules and standards based on Basel Core Principles for application of banks.
On the basis of the above relevant sections of Act 930, BoG on November 14, 2017, issued a draft Capital Directive Requirement and Reporting Forms aimed at providing rules and regulations for Basel II pillar 1 risk (i.e. credit, operational and market) and the Basel III capital framework. BoG stated in the letter that when the Basel regulatory framework is in place, BoG will look to introduce other parts of the Basel framework, namely Basel II pillar 2 and Pillar 3 and or Basel III liquidity requirements. Banks are required to perform an impact assessment of the draft Directive by January 31, 2018. In the draft capital Directive sent to banks, the Bank of Ghana requires banks to comply with the capital Directive on July 1, 2018.
- High level overview of Basel I, II and III
The Basel Accords are three sets of banking regulations (Basel I, II and III) set by the Basel Committee on Bank Supervision (BCBS), which provides recommendations on banking regulations in regards to capital risk, market risk and operational risk. The purpose of the accords is to ensure that financial institutions have enough capital on account to meet obligations and absorb unexpected losses.
Basel I- The first Basel Accord, known as Basel I, was issued in 1988 and focuses on the capital adequacy of financial institutions. The capital adequacy risk (the risk that a financial institution will be hurt by an unexpected loss), categorizes the assets of financial institutions into five risk categories (0%, 10%, 20%, 50% and 100%). Under Basel I, banks that operate internationally are required to have a risk weight of 8% or less.
Basel I, II and III are summarized below:
Basel II : The second Basel Accord, called Revised Capital Framework but better known as Basel II, served as an update of the original accord. It focuses on three main areas: minimum capital requirements, supervisory review of an institution’s capital adequacy and internal assessment process, and effective use of disclosure as a lever to strengthen market discipline and encourage sound banking practices including supervisory review. Together, these areas of focus are known as the three pillars.
Basel III: In the wake of the Lehman Brothers collapse of 2008 and the ensuing financial crisis, the BCBS decided to update and strengthen the Accords. It saw poor governance and risk management, inappropriate incentive structures and an overleveraged banking industry as reasons for the collapse. In July 2010, an agreement was reached regarding the overall design of the capital and liquidity reform package. This agreement is now known as Basel III.
Basel III is a continuation of the three pillars, along with additional requirements and safeguards, including requiring banks to have minimum amount of common equity and a minimum liquidity ratio. Basel III also includes additional requirements for what the Accord calls “systemically important banks,” or those financial institutions that are colloquially called “too big to fail.” The implementation of Basel III has been gradual and began in January 2013. It is expected to be completed by Jan. 1, 2019.
- The 3 Pillars of Basel II
Basel II uses a “three pillars” concept – (1) minimum capital requirements (addressing risk), (2) supervisory review and (3) market discipline.
The first pillar deals with maintenance of regulatory capital calculated for three major components of risk that a bank faces: credit risk, operational risk, and market risk.
The credit risk component can be calculated in three different ways of varying degree of sophistication, namely standardized approach, Foundation IRB and Advanced IRB.
For operational risk, there are three different approaches – basic indicator approach or BIA, standardized approach, and the internal measurement approach (an advanced form of which is the advanced measurement approach or AMA). For market risk the preferred approach is VaR (value at risk).
The second pillar: Supervisory review- : This is a regulatory response to the first pillar, giving regulators better ‘tools’ over those previously available. It also provides a framework for dealing with systemic risk, pension risk, concentration risk, strategic risk, reputational risk, liquidity risk and legal risk, which the accord combines under the title of residual risk. Banks can review their risk management system.
The Internal Capital Adequacy Assessment Process (ICAAP) is a result of Pillar 2 of Basel II accords.
The third pillar: The Market Discipline: This pillar aims to complement the minimum capital requirements and supervisory review process by developing a set of disclosure requirements which will allow the market participants to gauge the capital adequacy of an institution.
- Scope of the Directive: What are the requirements of BoG capital Directive requirements
The Capital Requirements Directive (CRD) was issued by BoG under Section 92(1) of the Banks and Specialized Deposit-taking Institutions Act 2016 (Act 930) (‘the BSDI Act’) and Section 4(d) of the Bank of Ghana Act 2002 (Act 612).
The CRD consists of four parts:
- Part 1 – Definition of Regulatory Capital;
- Part 2 – Management and Measurement of Credit Risk with three sub-sections;
- Part 3 – Management and Measurement of Operational Risk; and
- Part 4 – Management and Measurement of Market Risk.
- Definition of Regulatory Capital
The definition and constituents of regulatory capital consists of ‘tiers’ as follows:
- Tier 1 Capital or ‘going-concern capital’ – capital that supports the bank’s operations and can absorb losses as required:
- Common Equity Tier 1 (‘CET1’)
- Additional Tier 1 (‘AT1’)
- Tier 2 Capital or ‘gone-concern capital’ – capital to absorb losses or convert to equity if a bank is wound up.
- What are the components of CET 1
CET1 capital consists of the following elements:
- Ordinary (common) shares issued by the bank that meet the criteria for classification as ordinary shares for regulatory purposes defined below;
- Income Surplus (Retained Earnings);
- Statutory Reserves;
- Ordinary (common) shares issued by consolidated subsidiaries of the bank and held by third parties (i.e. minority interest) that meet the criteria for inclusion in CET1 capital; and
- Regulatory adjustments to CET1.
- what are the regulatory adjustments to CET1
The following items shall be deducted from CET1 unless another tier of regulatory capital is specified.
- Asset impairment
- Goodwill and other intangible assets
- Equity holdings and other capital support provided to banking, financial and insurance entities (collectively ‘other financial institutions’)
- Intra-group transactions for capital or funding purposes
- Investments in own shares (Treasury Shares)
- Deferred Tax Assets (DTAs)
- Cash flow Hedge Reserve
- Gain on sale related to securitization transactions
- Defined benefit pension fund assets and liabilities
- Composition of Regulatory Capital
The components of regulatory capital will be divided into different components as described below:
- CET1 must be at least 6.5% of risk-weighted assets (RWAs) i.e. for credit risk + market risk + operational risk on an on-going basis.
- Tier 1 capital must be at least 8.0% of RWAs on an on-going basis. Thus, within the minimum Tier 1 capital, Additional Tier 1 capital can be admitted maximum at 1.5% of RWAs.
- Total Capital (Tier 1 Capital plus Tier 2 Capital) must be at least 10.0% of RWAs on an on-going basis. Thus, within the minimum CAR of 10.0%, Tier 2 capital can be admitted maximum up to 2%.
- If a bank has complied with the minimum CET1 and Tier 1 capital ratios, then the excess Additional Tier 1 capital can be admitted for compliance with the minimum CAR of 10.0% of RWAs.
- In addition to the minimum CET1: a. banks will be required to maintain 3% additional CET1 as a capital conservation buffer (CCB1)
- The CCB1 (3.0%) is above the risk based capital requirement (10%) and banks are required to manage their capital to meet the total capital requirement (13%).
- Leverage Ratio
The leverage ratio is based on a Tier 1 definition of capital and should be a minimum of 6% for all banks
- What approach required for the measurement of credit risk
Banks will manage and measure credit risk by the Standardized Approach (SA) and the measurement of credit risks consists in three parts:
- on-balance sheet exposures
- off-balance sheet exposures
- credit risk mitigation
- What approach required for the measurement of operational risk?
Banks are required to apply the Standardized Approach (SA) to calculate operational risk capital charge. Banks are also required to submit data for the Alternative
Standardized Approach (ASA) for a period the BOG shall determine.
- What approach requirement for the measurement of market risk?
Banks shall apply the Standardized Method (SM) to measure market risk for risk based capital requirements. The standardized methodology uses a “building-block” approach. The capital charge for each risk category is determined separately. Within the interest rate and equity position risk categories, separate capital charges for specific risk and the general market risk arising from debt and equity positions are calculated. Specific risk is defined as the risk of loss caused by an adverse price movement of a debt instrument or security due principally to factors related to the issuer. General market risk is defined as the risk of loss arising from adverse changes in market prices. For commodities and foreign exchange, there is only a general market risk capital requirement
- What is IFRS 9 impairment requirements?
IFRS 9 impairment is a three stage model which requires the following steps:
Step 1: Day 1 when you lend money: IFRS 9 will require entities to estimate and account for expected credit losses for all relevant financial assets, starting from when they first lend money or invest in a financial instrument. The estimation of credit loss should include past, current and forward-looking information. The measurement of credit loss when a loan is lent is a 12 month expected credit loss.
Step 2: At each reporting date: After recognizing the expected loss at the time you lend the money, you then monitor the credit risk performance of the loan and at each reporting date, you conclude whether credit risk has increased significantly since initial recognition or not. In the worst case scenario, a loan which is more than 30 days past due, is said to have increased its credit risk significantly (stage 2). The other stage of a loan is called default or stage 3. In a worst case scenario, a loan more than 90 days past due is said to have defaulted (stage 3). At both stage 2 and 3, a loan’s credit loss is valued as a life-time expected credit loss.
Step 3: Measure ECL to reflect changes in credit risk
In essence, IFRS 9 is:
- The detailed analysis of historical patterns and current trends to identify factors that affect repayment/collectability of loans, whether related to borrower incentives, willingness or ability to perform on the contractual obligations, or lending exposure terms and conditions. Economic factors considered (such as unemployment rates or occupancy rates) must be relevant to the assessment and, depending on the circumstances, this may be at the international, national, regional or local level (borrower-specific, facility specific, bank specific, macro-economic and environment factors collectively called credit risk drivers). This analysis is based on the linkage between credit risk and its drivers.
- Using the identified credit risk factors above to segment the bank portfolio into portfolio of similar credit risk features.
- Using credit risk assessment and management processes of the bank to detect, well ahead of exposures becoming past due or delinquent, and categorize the segmented portfolio into performing, under-performing and defaulted loans based on current and forward looking information that affect the collectability of the loan portfolio;
- Incorporate relevant past, current and forward looking information that affect the collectability of the loan portfolios to measure appropriately the credit risk inherent in the bank’s current portfolio; and,
- Setting aside reserves to correspond to the credit risk inherent in current loan portfolio to cover any potential loss that may result from credit risk that exists in the portfolios.
- What are the IFRS 9 impairment data requirements
The IFRS 9 impairment data elements are categorized under the following
- Borrower-specific information
- Transaction specific information/Loan level characteristics
- Cash flow information
- Collateral information
- Insurance information
- Attrition/pay-off information
- Restructuring information
- Delinquency data
- Credit loss data
- Initial credit risk/rating information
- Current credit risk/rating information
- Watch-list information
- Macroeconomic economic variables
- Forecast data about customer and macro-economic
- IFRS 9 credit risk indicators
- Disclosure related information
- What are the typical IFRS 9 data gaps among Banks in Ghana?
- Missing data More than 50 data elements under the above 16 categories are currently not housed in the primary credit risk systems of most banks. Such missing data elements includes:
- Credit ratings at the inception of loans are currently not stored and credit ratings at not updated during the life of the loan
- Delinquency data for more than one year does not exist
- Delay in write-offs and inconsistent write-off practices leading to poor quality of historical credit loss/charge-off/write-offs data leading
- Lack of recovery data for certain products
- Loan roll forward and loss roll forward information
- Prepayment data
- Utilization data on undrawn balances
- Initial risk of a default occurring data
- Historical delinquency data not stored over entire credit cycle
- Forecast monthly loan balances are not available
- Macro-economic data
- Data for key drivers of credit risk in each type of loan portfolio
- Full credit cycle data for each loan and type of loan is not available
- Data accessibility – data are not readily available in usable formats. Storing information across disparate systems or in unusable formats (PDFs) can cause efficiency challenges
- Storage of data over the entire credit cycle- Data are kept at most 2 years and not entire credit cycle and save on-live system and no data warehouse. This explains why storage of data is red throughout.
- Data exist in manual format/lack of automation – some data are kept in word or excel with a lot of manual intervention
- Suggested solutions to IFRS 9 credit data gaps
So where should you start?
First, put in place an IFRS data collection team (“team”). This can be a dedicated team of 4 medium level staff from Finance, Credit, Risk and IT with good knowledge of the banking credit system and strong excel skills.
The first step that the team should take is to perform a gap assessment to identify the areas that require improvement. After the gap assessment, the team can devise an implementation plan and identify the required changes and resourcing. A thorough gap assessment allows the implementation tasks to be prioritized, avoiding duplication of effort across other internal projects.
The step by step activities of the team include:
Perform data gap analysis to identify the new data requirements. If interested, for free, you can request for my data gap template and complete it. After completion, you can send it to me to analyse for you for free. I will use my software to analyse it and provide you with a data gap report.
- Develop an action plan for all data gaps. The action plan should include:
- A clear description of the effort involved
- Timelines with key milestones
- A resource plan to undertake the effort and
- Co-ordination and oversight arrangements for the implementation plan
- Put in place systems and processes to collect current available data
- Identify where the current data resides and document the current data source
- Identify data that has been subject to audits and those that have not been audited
- Engage internal audit team to audit data that were not subject to audits in the past
- Develop a process to collate data from the core systems
- Develop a process to collate data from the non-core systems
- Develop a strategy to bring in non-electronic sources of data as well as data from third-party sites for industry, economic and risk factors
- Determine the central point you are going to keep all the IFRS 9 relevant data collected. If resources are available, I recommend a data warehouse system.
- Accumulate all relevant data that is currently available into the central point
- Develop a process to maintain and update the newly required information
- Put in place data quality/governance controls.
- Common key controls include:
- Data Integrity Ensure data are entered into the core system accurately and ensure that personnel involved in the data setup and maintenance do not have conflicting duties
- Automation of the end to end process all the way from data capture, data governance, classification & measurement, impairment, hedge accounting all the way to reporting (regulatory, internal or analytical reporting)
- Governance processes around data, data aggregation, optimizing the data lineage process and auditability of the results
- Versioning of the data, calculation process including the models used across the different asset classes
- Suggested Data Maintenance Principles
- Senior Management and Oversight
In particular, institutions’ Senior Management should assess the scope, plans and risks associated with timely execution of data maintenance projects, and take effective measures to mitigate these risks. The accountabilities of Senior Management will include, but are not limited to:
- Reviewing and approving organizational structure and functions to facilitate development of appropriate data architecture to support implementation of IFRS 9 and Capital requirement Directive;
- Establishing an enterprise-wide data management framework defining, where appropriate, the institution’s policies, governance, technology, standards and processes to support the data collection, data maintenance, data controls and distribution of processed data, i.e., information;
- Ensuring data maintenance processes provide security, integrity and auditability of the data from its inception through to its archival and/or logical destruction;
- Instituting internal audit programs, as appropriate, to provide for periodic independent audits of data maintenance processes and functions; and
- Ensuring the appropriate policies, procedures and accountabilities are in place to monitor the enterprise-wide observance of the data management framework, including ongoing updates to procedures and documentation, as necessary.
- Data Collection
Institutions’ data collection processes should:
- Establish clear and comprehensive documentation for data definition, collection and aggregation, including data mapping to source/aggregation routines, data schematics where necessary, and other identifiers, if any;
- Establish standards for data accuracy, completeness, timeliness and reliability;
- Ensure that data elements collected encompass the necessary scope, depth and reliability to substantiate rating definitions, rating assignment, rating refinement, risk parameters, overrides, back-testing and other processes, capital ratio computations, and relevant management and regulatory reporting;
- Identify and document data gaps and, where applicable, document the manual or automated workarounds used to close data gaps and meet data requirements;
- Establish standards, policies and procedures around the cleansing of data through reconciliation identifiers, field validation, reformatting, decomposing or use of consistent standards, as appropriate, and;
- Establish procedures for identifying and reporting on data errors and data linkage breaks to source, downstream and/or external systems.
- Data Processing
The data processing component covers a wide range of data management tasks, including its conversion through multiple systems (or manual) processes, transmissions, source/network authentication, validation, reconciliation, etc.
Institutions’ data processing should:
- Limit reliance on workarounds and manual data manipulation in order to mitigate the operational risk related to human error and dilution of data integrity;
- Establish standards and data processing infrastructure for life-cycle tracking of credit data including, but not limited to, relevant history covering borrowers, obligors, credit facilities, transactions, repayments, rollovers, restructuring, and sale and error trails, as appropriate;
- Ensure appropriate levels of front-end validation/data cleansing for each process and reconciliation to related processes as applicable, e.g., accounting and general ledger, line of business management information system;
- Establish adequate controls to ensure processing by authorized staff acting within designated roles and established authorities;
- Institute appropriate change control procedures for changes to the processing environment, including, where applicable, change initiation, authorization, program modifications, testing, parallel processing, sign-offs, release, library controls; and,
- Provide appropriate levels of disaster back-up, process resumption and recovery capabilities to mitigate loss of data and/or data integrity.
- Data Access/Retrieval
Institutions should ensure that:
- Data repositories and underlying extract, query and retrieval routines are designed and built to support the institutions’ own data requirements as well as ongoing needs for supervisory assessments of various data as appropriate, including credit portfolios, history, borrower/industry profiles, exposures, process quality, asset class analyses;
- Access controls and data/information distribution are based on user roles/responsibilities and industry best practices in the context of effective segregation of duties, “need to know”, as validated by institutions’ internal compliance and audit functions; and
- Access to data/information is not restricted in any arrangements where data maintenance is outsourced to external service provider(s). Notwithstanding these arrangements, institutions should be able to provide data/information at no additional cost.
- Data Storage/Retention
In order to support internal estimates and ensure that all relevant risks are considered, data may be needed for a long period of time. For corporate, sovereign and bank exposures, a minimum of five years of underlying history for PD estimates, and a minimum of seven years underlying history for LGD and EAD estimates should be maintained. For retail exposures, a minimum of five years of underlying history for PD, LGD and EAD estimates is required. In addition, institutions should:
- Establish documented policies and procedures addressing storage, retention and archival, including, where applicable, the procedures for logical/physical deletion of data and destruction of data storage media and peripherals;
- Maintain back-ups of relevant data files/stores and data bases in a manner that can facilitate ready availability of the data/information to meet information calls on the CRD and IFRS 9 compliance and ongoing supervisory assessments; and
- Ensure that availability of electronic versions for all relevant and material data/information is in a machine-readable format and can be made accessible.
[1] https://www.bis.org/publ/bcbs239.pdf