New Era of Risk Management Challenges Evolution and Challenges Presented by Regulatory Requirements Tomas Spurny CEO Banca Comerciala Romana June 09 th, , 2015
New Era of Risk Management Challenges Evolution and Challenges Presented by Regulatory Requirements
Tomas Spurny
CEO
Banca Comerciala Romana
June 09th,, 2015
EU Banking regulations and Regulatory institutions Two distinct ages
1974 1988 2004 2009 2011 2013 2014 >2014
Regulations
Central
Regulatory
Institutions Committee of
European
Banking
Supervisors
(CEBS)
European
Banking
Authority (EBA)
– replaces
CEBS
European
Central
Bank (ECB)
ECB supervisory
role of EU zone -
Single Supervisory
Mechanism (SSM)
Basel
Accord
Basel II
Basel III
Bank Recovery
and Resolution
Directive
Basel IV ??
30-35 years of light regulation 6-7 years of complex regulations and more to come
2
0
1
0
AQR Stress
tests
ITSs
RTSs NPE
Forbearance
ANACREDIT
New
Finrep
IFRS9
Basel 2.5
Basel
Committee
2
EU Banking regulations vs. Crises Regulations are reactive and acts as “lessons learned”
5
1974 1988 2004 2009 2011 2013 2014 >2014
Regulations
Triggers Barings Bank
bankruptcy
(1995)
Financial crisis
(2008)
Failure of
Bank
Herstatt
Basel
Committee
Basel
Accord
Basel II
Basel 2.5
Basel III
Bank Recovery
and Resolution
Directive
Basel IV ??
30-35 years of light regulation
2
0
1
0
AQR Stress
tests
ITSs
RTSs NPE
Forbearance
ANACREDIT
New
Finrep
IFRS9
6-7 years of complex regulations and more to come
Purpose of the new regulations Acting as safeguards
• Control functions
• Management bodies
• Remuneration principles
• Organizational structure
• Independence
• Committees
• Own funds computation principles
• Transitory measures
• Dividends
• New reporting requirements and disclosures
• Capital & Own Funds
• Capital requirement
• Pillar I vs. Pillar II
• From simple to very complex methodologies for quantification
• Risk control function
• Risk Appetite
• Risk Tolerance
• Stress testing
• Recovery Plan
• More than 20 risk types and sub-types
• Measurement & Assessment
Risk Management
Capital Management
Governance Accounting
4
Managing the risk in banking with complex regulations Main Pros and Cons
7
Assure stability over the entire EU banking system
Assure common risk management language, tools and systems for measurement
for all EU countries
Financial solidity and stability of the EU banking system
Not all EU countries are mature in terms of tax collection, “black economy”,
financial education
The new regulations become more and more complex, large (as volume) and
sophisticated
Trigger huge consumption of resources
Trigger the need of more experienced and skilled human resources
Romania as part of EU Is Romanian Banking System ready to cope with the new requirements?
8
Challenges / Opportunities
GDP per capita around of 45% below
EU average
No real capital market
High liquidity
Margins on a continuous pressure:
regulatory requirements; interest
rates; low lending demand
Increasing need for risk management skills of bankers
Lending under strict criteria of equity, cash flows, debt capacity
Debt burden still under EU average
Short term focus on solving the legacy of
bad assets
The banks still have to satisfy their counterparties And this becomes more and more challenging as the requirements are
increasing from all of them
9
Processes
IT
Systems Financial
Accounting
HR, PR,
Legal
Business
Shareholders/
Investors
Clients
Regulators
(NBR, ECB,
EBA)
Employees
They
want
more!
They
want
more!
Special focus and requirements on risk management Capital and Other ratios to be managed
10
Before 2014
Total Capital Ratio Capital
RWA (Credit +Market +Operational) = > 8%
After 2014
2014 2015 2016 2017
Common Equity Tier 1 Ratio min 4.5% min 4.5% min 4.5% min 4.5%
Tier 1 Capital Ratio ( CET1 + Add T1 ) min 6 % min 6 % min 6 % min 6 %
Total Capital Ratio min 8% min 8% min 8% min 8%
Capital Conservation Buffer not applicable not applicable 0.625% 1.25%
Countercyclical Buffer not applicable not applicable (0% - 0.625%) (0% - 1.25%)
Other Systemically Important Institutions Buffer not applicable not applicable (0% - 2%) (0% - 2%)
Systemic Risk Buffer 0% ( 0% - 5%) ( 0% - 5%) ( 0% - 5%)
+
LCR
NSFR
Leverage
+
SREP
MREL*
Recovery plan
*minimum requirement for own
funds and eligible liabilities
Skills and resources on risk management Last two years – continuously increased pressure
Just to count some external and internal actions and exercises where risk management
functions had to respond in a short time and a prompt manner:
- AQR
- EBA Stress Test
- Annual NBR controls
- 3-5 external audit actions
- Adaptation to new Basel III requirements
- Adaptation to new FINREP reporting requirements
- Ad-hoc reporting and answers towards regulators (local and group)*
- Implement new and advanced measures and models to manage risk
- Prepare and launch new projects in order to accommodate future requirements like IFRS9,
AnaCredit, AMA changes; new Liquidity reporting requirements
* BCR estimate: this process increased around of 5 times compared
with the past years
More resources; skills; IT
systems update and upgrade;
increased costs
9
Governance of risk management (1/2) Need to be organized as part of internal control system
12
Inte
rna
l co
ntr
ol fr
am
ew
ork
Risk Management
Compliance
Internal Audit
Governance of risk management (2/2) To be a second line of defense
13
THE THREE LINES OF DEFENSE MODEL
FIRST LINE SECOND LINE THIRD LINE
Risk management
as performed at each
Business
Unit/Operational level
Primary ICS functions
a. Risk Management
b. Compliance
Develop and maintain the
systems which ensure:
effective and efficient
activities, adequate risk
control, prudent activities
and compliance with internal
and external regulations.
Oversight over First Line
Internal audit
Ensures an independent
review / oversight of the
first two lines of defense
BCR Risk Management Organization (1/2) Fit into the overall structure
14
General Shareholders’ Assembly
Supervisory Board
Audit and Compliance
Committee
Internal Audit DivisionManagement Board
Assets Liabilities
Committee
Chief Executive Officer
CEO
Executive VP
Corporates & Markets
Credit Committee
Executive VP Financial
CFO
Operational Risk
Management Committee
Executive VP
Operations & IT
COO
Executive VP Remedial,
Restructuring and
Recovery CWO
Executive VP Retail &
Private Banking
Executive VP Risk
CRO
Nomination Committee
Remuneration
Committee
Risk Committee
Financial Steering
Committee
BCR Risk Management Organization (2/2) A modern structure, regulatory compliant and aligned with market practice
15
Executive VP Risk
CRO
STRATEGIC RISK
MANAGEMENT/ RISK
CONTROLLING DIVISION
CORPORATE
UNDERWRITING
DIVISION
SECURITY MANAGEMENT
AND BUSINESS
CONTINUITY DIVISION
RETAIL RISK
MANAGEMENT
DIVISION
FINANCIAL CRIME
PREVENTION
DIVISION
CORPORATE LOAN
ADMINISTRATION
DIVISION
COMPLIANCE
DIVISION
SENIOR EXECUTIVE
DIRECTOR – RISK
RISK GOVERNANCE AND
PROJECTS DIVISION
Couple of questions and uncertainties Will the near future offer us answers to all of these?
Are we able to manage the future risks (and mainly unknown risks) when the
regulations are reactive and acts as “lessons learned”?
Will both banks and regulators be able to deal with the new challenges in terms of
human resources (number and skills) and IT infrastructure changes?
Will the banks be an engine for the economic growth when they are mainly focused
on assuring regulatory compliance, instead of concentrating the resources on
managing a healthy and profitable business?
What is the actual level of independence of a financial institution in managing its own
operations?
Is Romanian Banking System ready to be part of the unique and common EU
banking system, including complexity, common risk and regulatory language and
competition?
14