Your SlideShare is downloading. ×
Monday April 16 2012 - Top 10 risk and compliance management related news stories and world events
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.


Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

Monday April 16 2012 - Top 10 risk and compliance management related news stories and world events


Published on

Monday April 16 2012 - Top 10 risk and compliance management related news stories and world events

Monday April 16 2012 - Top 10 risk and compliance management related news stories and world events

Published in: Career, Business, Technology

  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide


  • 1. Page |1 International Association of Risk and Compliance Professionals (IARCP) 1200 G Street NW Suite 800 Washington, DC 20005-6705 USA Tel: 202-449-9750 Monday, April 16, 2012 - Top 10 risk and compliance management related news stories and world events that (forbetter or for worse) shaped the weeks agenda, and what is next George Lekatis President of the IARCPDear Member,Crying is not a sign of weakness. You may let out your tears!Assuming full implementation of the Basel III requirements as of 30 June2011, including changes to the definition of capital and risk-weightedassets, and ignoring phase-in arrangements, Group 1 banks would havean overall shortfall of €38.8 billion for the CET1 minimum capitalrequirement of 4.5%, which rises to €485.6 billion for a CET1 target levelof 7.0% (ie including the capital conservation buffer); the latter shortfallalready includes the G-SIB surcharge where applicable.As a point of reference, the sum of profits after tax prior to distributionsacross the same sample of Group 1 banks in the second half of 2010 andthe first half of 2011 was €356.6 billion.Under the same assumptions, the capital shortfall for Group 2 banksincluded in the Basel III monitoring sample is estimated at €8.6 billion forthe CET1 minimum of 4.5% and €32.4 billion for a CET1 target level of7.0%.The sum of Group 2 bank profits after tax prior to distributions in thesecond half of 2010 and the first half of 2011 was €35.6 billion.Welcome to the Top 10 list._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 2. Page |2Number 1 (Page 4)The Basel Committee published the results of its BaselIII monitoring exercise. The study is based on rigorousreporting processes set up by the Committee toperiodically review the implications of the Basel IIIstandards for financial markets.Number 2 (Page 40)Study on the Cross-Border Scope of the Private Right ofAction Under Section 10(b) of the Securities ExchangeAct of 1934 As Required by Section 929Y of theDodd-Frank Wall Street Reform and ConsumerProtection ActNumber 3 (Page 52)12 April 2012 - The European BankingAuthority (EBA) publishes today the resultsof the survey on the implementation of CEBSGuidelines on remuneration policies andpractices.Number 4 (Page 96)Jumpstart Our Business Startups Act: Frequently AskedQuestions.The Jumpstart Our Business Startups Act (the “JOBSAct”) was enacted on April 5, 2012.Number 5 (Page 101)EBA, ESMA and EIOPA publishtwo reports on Money Laundering.The Joint Committee of the three European Supervisory Authorities(EBA, ESMA and EIOPA) has published two reports on theimplementation of the third Money Laundering Directive [2005/60/EC](3MLD)._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 3. Page |3Number 6 (Page 105)BIS - Peer review of supervisory authoritiesimplementation of stress testing principles.Stress testing is an important tool used by banksto identify the potential for unexpected adverseoutcomes across a range of risks and scenarios.Number 7 (Page 136)The Hong Kong Monetary Authority(HKMA) announced (Thursday) thatinvestigation of over 99% of a total of 21,851 Lehman-Brothers-relatedcomplaint cases received has been completed.Number 8 (Page 138)DARPA seeks robot enthusiastsHardware, software, modeling and gaming developerssought to link with emergency response and sciencecommunities to design robots capable of supervisedautonomous response to simulated disasterNumber 9 (Page 141)The Securities and Exchange Commission announcedthe formation of a new Investor Advisory Committeerequired by the Dodd-Frank Wall Street Reform andConsumer Protection Act.Number 10 (Page 144)EIOPA - Report on Good Practices for Disclosure and Sellingof Variable AnnuitiesThis Report summarises the findings of an Expert Group, setup in May 2011 under the auspices of EIOPA’s Committee onConsumer Protection and Financial Innovation (CCPFI) withthe aim of establishing good disclosure and selling practicesfor variable annuities (VA)._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 4. Page |4NUMBER 1Quantitative impact study results published by the BaselCommittee, 12 April 2012The Basel Committee published the results ofits Basel III monitoring exercise.The study is based on rigorous reportingprocesses set up by the Committee toperiodically review the implications of theBasel III standards for financial markets.A total of 212 banks participated in the study,including 103 Group 1 banks (ie those that haveTier 1 capital in excess of €3 billion and areinternationally active) and 109 Group 2 banks(ie all other banks). While the Basel III framework sets out transitional arrangements toimplement the new standards, the monitoring exercise results assume fullimplementation of the final Basel III package based on data as of 30 June2011 (ie they do not take account of the transitional arrangements such asthe phase in of deductions).No assumptions were made about bank profitability or behaviouralresponses, such as changes in bank capital or balance sheet composition.For that reason the results of the study are not comparable to industryestimates. Based on data as of 30 June 2011 and applying the changes to thedefinition of capital and risk-weighted assets, the average common equityTier 1 capital ratio (CET1) of Group 1 banks was 7.1%, as compared withthe Basel III minimum requirement of 4.5%.In order for all Group 1 banks to reach the 4.5% minimum, an increase of_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 5. Page |5€38.8 billion CET1 would be required.The overall shortfall increases to €485.6 billion to achieve a CET1 targetlevel of 7.0% (ie including the capital conservation buffer); this amountincludes the surcharge for global systemically important banks whereapplicable.As a point of reference, the sum of profits after tax and prior todistributions across the same sample of Group 1 banks in the second halfof 2010 and the first half of 2011 was €356.6 billion.For Group 2 banks, the average CET1 ratio stood at 8.3%.In order for all Group 2 banks in the sample to meet the new 4.5% CET1ratio, the additional capital needed is estimated to be €8.6 billion.They would have required an additional €32.4 billion to reach a CET1target 7.0%; the sum of these banks profits after tax and prior todistributions in the second half of 2010 and the first half of 2011 was €35.6billion.The Committee also assessed the estimated impact of the liquiditystandards.Assuming banks were to make no changes to their liquidity risk profile orfunding structure, as of June 2011, the weighted average LiquidityCoverage Ratio (LCR) for Group 1 banks would have been 90% while theweighted average LCR for Group 2 banks was 83%.The aggregate LCR shortfall is €1.76 trillion which representsapproximately 3% of the €58.5 trillion total assets of the aggregate sample.The weighted average Net Stable Funding Ratio (NSFR) is 94% for bothGroup 1 and Group 2 banks.The aggregate shortfall of required stable funding is €2.78 trillion. Banks have until 2015 to meet the LCR standard and until 2018 to meet_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 6. Page |6the NSFR standard, which will reflect any revisions following eachstandards observation period.As noted in a January 2012 press statement issued by the Group ofGovernors and Heads of Supervision, the Basel Committees oversightbody, modifications to a few key aspects of the LCR are currently underinvestigation but will not materially change the frameworks underlyingapproach.The Committee will finalise and subsequently publish itsrecommendations in these areas by the end of 2012.Banks that are below the 100% required minimum thresholds can meetthese standards by, for example, lengthening the term of their funding orrestructuring business models which are most vulnerable to liquidity riskin periods of stress.It should be noted that the shortfalls in the LCR and the NSFR are notadditive, as reducing the shortfall in one standard may also reduce theshortfall in the other standard.Results of the Basel III monitoring exercise as of 30 June 2011April 2012Executive summaryIn 2010, the Basel Committee on Banking Supervision conducted acomprehensive quantitative impact study (C-QIS) using data as of 31December 2009 to ascertain the impact on banks of the Basel IIIframework, published in December 2010.The Committee intends to continue monitoring the impact of the BaselIII framework in order to gather full evidence on its dynamics.To serve this purpose, a semi-annual monitoring framework has been setup on the risk-based capital ratio, the leverage ratio and the liquidity_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 7. Page |7metrics using data collected by national supervisors on a representativesample of institutions in each jurisdiction.This report summarises the aggregate results of the latest Basel IIImonitoring exercise, using data as of 30 June 2011.The Committee believes that the information contained in the report willprovide the relevant stakeholders with a useful benchmark for analysis.Information for this report was submitted by individual banks to theirnational supervisors on a voluntary and confidential basis.A total of 212 banks participated in the study, including 103 Group 1 banksand 109 Group 2 banks.Members’ coverage of their banking sector is very high for Group 1 banks,reaching 100% coverage for some jurisdictions, while coverage iscomparatively lower for Group 2 banks and varied across jurisdictions.The Committee appreciates the significant efforts contributed by bothbanks and national supervisors to this ongoing data collection exercise.The report focuses on the following items:- Changes to bank capital ratios under the new requirements, and estimates of any capital deficiencies relative to fully phased-in minimum and target capital requirements (to include capital charges for global systemically important banks – G-SIBs);- Changes to the definition of capital that result from the new capital standard, referred to as common equity Tier 1 (CET1), including a reallocation of deductions to CET1, and changes to the eligibility criteria for Additional Tier 1 and Tier 2 capital;- Increases in risk-weighted assets resulting from changes to the definition of capital, securitisation, trading book and counterparty credit risk requirements;_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 8. Page |8- The international leverage ratio; and- Two international liquidity standards – the liquidity coverage ratio (LCR) and the net stable funding ratio (NSFR).With the exception of the transitional arrangements for non-correlationtrading securitisation positions in the trading book, this report does nottake into account any transitional arrangements such as phase-in ofdeductions and grandfathering arrangements.Rather, the estimates presented assume full implementation of the finalBasel III requirements based on data as of 30 June 2011.No assumptions have been made about banks’ profitability orbehavioural responses, such as changes in bank capital or balance sheetcomposition, since this date or in the future.For this reason the results are not comparable to current industryestimates, which tend to be based on forecasts and consider managementactions to mitigate the impact, and incorporate estimates whereinformation is not publicly available.The results presented in this report are also not comparable to the priorC-QIS, which evaluated the impact of policy questions that differ incertain key respects from the finalised Basel III framework.As one example, the C-QIS did not consider the impact of capitalsurcharges for global systemically important banks.Capital shortfallsAssuming full implementation of the Basel III requirements as of 30 June2011, including changes to the definition of capital and risk-weightedassets, and ignoring phase-in arrangements, Group 1 banks would havean overall shortfall of €38.8 billion for the CET1 minimum capitalrequirement of 4.5%, which rises to €485.6 billion for a CET1 target levelof 7.0% (ie including the capital conservation buffer); the latter shortfallalready includes the G-SIB surcharge where applicable._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 9. Page |9As a point of reference, the sum of profits after tax prior to distributionsacross the same sample of Group 1 banks in the second half of 2010 andthe first half of 2011 was €356.6 billion.Under the same assumptions, the capital shortfall for Group 2 banksincluded in the Basel III monitoring sample is estimated at €8.6 billion forthe CET1 minimum of 4.5% and €32.4 billion for a CET1 target level of7.0%.The sum of Group 2 bank profits after tax prior to distributions in thesecond half of 2010 and the first half of 2011 was €35.6 billion.Further details on additional capital needs to meet the Basel IIIrequirements are included in Section 2.Capital ratiosThe average CET1 ratio under the Basel III framework would declinefrom 10.2% to 7.1% for Group 1 banks and from 10.1% to 8.3% for Group 2banks.The Tier 1 capital ratios of Group 1 banks would decline, on average from11.5% to 7.4% and total capital ratios would decline from 14.2% to 8.6%.As with the CET1 ratios, the decline in other capital ratios iscomparatively less pronounced for Group 2 banks; Tier 1 capital ratioswould decline on average from 10.9% to 8.6% and total capital ratioswould decline on average from 14.3% to 10.6%.Changes in risk-weighted assetsAs compared to current risk-weighted assets, total risk-weighted assetsincrease on average by 19.4% for Group 1 banks under the Basel IIIframework.This increase is driven largely by charges against counterparty credit riskand trading book exposures._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 10. P a g e | 10Securitisation exposures, principally those risk-weighted at 1250% underthe Basel III framework (which were previously 50/50 deductions underBasel II), are also a significant contributor to the increase.Banks that have significant exposures in these areas influence the averageincrease in risk-weighted assets heavily.As Group 2 banks are less affected by the revised counterparty credit riskand trading book rules, these banks experience a comparatively smallerincrease in risk-weighted assets of only 6.3%.Even within this sample, higher risk-weighted assets are attributedlargely to Group 2 banks with counterparty and securitisation exposures(ie those subject to a 1250% risk weighting).Leverage ratioThe weighted average current Tier 1 leverage ratio for all banks is 4.5%.For Group 1 banks, it is somewhat lower at 4.4% while it is 5.0% for Group2 banks.The average Basel III Tier 1 leverage ratio for all banks is 3.5%. The BaselIII average for Group 1 banks is 3.4%, and the average for Group 2 banksis 4.2%.Liquidity standardsBoth liquidity standards are currently subject to an observation periodwhich includes a review clause to address any unintended consequencesprior to their respective implementation dates of 1 January 2015 for theLCR and 1 January 2018 for the NSFR.Basel III monitoring results for the end-June 2011 reporting period give anindication of the impact of the calibration of the standards and highlightseveral key observations:A total of 103 Group 1 and 102 Group 2 banks participated in the liquiditymonitoring exercise for the end-June 2011 reference period._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 11. P a g e | 11The weighted average LCR for Group 1 banks is 90% while the weightedaverage LCR for Group 2 banks is 83%.The aggregate LCR shortfall is €1.76 trillion which representsapproximately 3% of the €58.5 trillion total assets of the aggregate sample.The weighted average NSFR is 94% for both Group 1 and Group 2 banks.The aggregate shortfall of required stable funding is €2.78 trillion.General remarksAt its 12 September 2010 meeting, the Group of Governors and Heads ofSupervision (GHOS), the Committee’s oversight body, announced asubstantial strengthening of existing capital requirements and fullyendorsed the agreements it reached on 26 July 2010.These capital reforms together with the introduction of two internationalliquidity standards, delivered on the core of the global financial reformagenda presented to the Seoul G20 Leaders summit in November 2010.Subsequent to the initial comprehensive quantitative impact studypublished in December 2010, the Committee continues to monitor andevaluate the impact of these capital and liquidity requirements(collectively referred to as “Basel III”) on a semi-annual basis.This report summarises results of the latest Basel III monitoring exerciseusing 30 June 2011 data.Scope of the impact studyAll but one of the 27 Committee member jurisdictions participated inBasel III monitoring exercise as of 30 June 2011.The estimates presented are based on data submitted by the participatingbanks to national supervisors in reporting questionnaires in accordancewith the instructions prepared by the Committee in September 2011.The questionnaire covered components of eligible capital, the calculation_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 12. P a g e | 12of risk-weighted assets (RWA), the calculation of a leverage ratio, andcomponents of the liquidity metrics. The results were initially submittedto the Secretariat of the Committee in October 2011.The purpose of the exercise is to provide the Committee with an ongoingassessment of the impact on participating banks of the capital andliquidity proposals set out in the following documents:- Revisions to the Basel II market risk framework and Guidelines for computing capital for incremental risk in the trading book;- Enhancements to the Basel II framework which include the revised risk weights for re-securitisations held in the banking book;- Basel III: A global framework for more resilient banks and the banking system as well as the Committee’s 13 January 2011 press release on loss absorbency at the point of non-viability;- International framework for liquidity risk measurement, standards and monitoring; and- Global systemically important banks: Assessment methodology and the additional loss absorbency requirement.Sample of participating banksA total of 212 banks participated in the study, including 103 Group 1 banksand 109 Group 2 banks. Group 1 banks are those that have Tier 1 capital inexcess of €3 billion and are internationally active.All other banks are considered Group 2 banks.Banks were asked to provide data as of 30 June 2011 at the consolidatedlevel.Subsidiaries of other banks are not included in the analyses to avoiddouble counting._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 13. P a g e | 13Table 1 shows the distribution of participation by jurisdiction.For Group 1 banks members’ coverage of their banking sector was veryhigh reaching 100% coverage for some jurisdictions.Coverage for Group 2 banks was comparatively lower and varied acrossjurisdictions._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 14. P a g e | 14Not all banks provided data relating to all parts of the Basel IIIframework._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 15. P a g e | 15Accordingly, a small number of banks are excluded from individualsections of the Basel III monitoring analysis due to incomplete data.MethodologyThe impact assessment was carried out by comparing banks’ capitalpositions under Basel III to the current regulatory frameworkimplemented by the national supervisor.With the exception of transitional arrangements for non-correlationtrading securitisation positions in the trading book, Basel III results arecalculated without considering transitional arrangements pertaining tothe phase-in of deductions and grandfathering arrangements.Reported average amounts in this document have been calculated bycreating a composite bank at a total sample level, which effectively meansthat the total sample averages are weighted.For example, the average common equity Tier 1 capital ratio is the sum ofall banks’ common equity Tier 1 capital for the total sample divided by thesum of all banks’ risk-weighted assets for the total sample.To maintain confidentiality, many of the results shown in this report arepresented using box plots charts.These charts show the distribution of results as described by the medianvalues (the thin red horizontal line) and the 75th and 25th percentilevalues (defined by the blue box).The upper and lower end points of the thin blue vertical lines show thevalues which are 1.5 times the range between the 25th and the 75thpercentile above the 75th percentile or below the 25th percentile,respectively.This would correspond to approximately 99.3% coverage if the data werenormally distributed.The red crosses indicate outliers._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 16. P a g e | 16To estimate the impact of implementing the Basel III framework oncapital, comparisons are made between those elements of Tier 1 capitalwhich are not subject to a limit under the national implementation ofBasel I or Basel II, and CET1 under Basel III.Data qualityFor this monitoring exercise, participating banks submittedcomprehensive and detailed non-public data on a voluntary andbest-efforts basis.As with the C-QIS, national supervisors worked extensively with banks toensure data quality, completeness and consistency with the publishedreporting instructions.Banks are included in the various analyses that follow only to the extentthey were able to provide sufficient quality data to complete the analyses.For the liquidity elements, data quality has improved significantlythroughout the iterations of the Basel III monitoring exercise, although itis still the case that some differences in banks’ reported liquidity riskpositions could be attributed to differing interpretations of the rules,rather than underlying differences in risk.Most notably individual banks appear to be using differentmethodologies to identify operational wholesale deposits and exclusionsof liquid assets due to failure to meet the operational requirements.Interpretation of resultsThe following caveats apply to the interpretation of results shown in thisreport:These results are not comparable to those shown in the C-QIS, whichevaluated the impact of policy questions that differ in certain key respectsfrom the finalised Basel III framework. As one example, the C-QIS didnot consider the impact of capital surcharges for G-SIBs based on the_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 17. P a g e | 17initial list of G-SIBs announced by the Financial Stability Board inNovember 2011.One member country, Switzerland, has already implemented certainelements of the Basel III framework pertaining to new rules for marketrisk and enhancements to the treatment of securitisations held in thebanking book (often referred to collectively as “Basel 2.5”).For banks in this country, the results included in this report reflect theimpact of adopting the Basel III requirements relative to the Basel II andBasel 2.5 frameworks already in place.The new rules for counterparty credit risk are not fully accounted for inthe report, as data for capital charges for exposures to centralcounterparties (CCPs) and stressed effective expected positive exposure(EEPE) could not be collected.The actual impact of the new requirements will likely be lower thanshown in this report given the phased-in implementation of the rules andinterim adjustments made by the banking sector to changing economicconditions and the regulatory environment.For example, the results do not consider bank profitability, changes incapital or portfolio composition, or other management responses to thepolicy changes since 30 June 2011 or in the future.For this reason, the results are not comparable to industry estimates,which tend to be based on forecasts and consider management actions tomitigate the impact, as well as incorporate estimates where information isnot publicly available.The Basel III capital amounts shown in this report assume that allcommon equity deductions are fully phased in and all non-qualifyingcapital instruments are fully phased out.As such, these amounts underestimate the amount of Tier 1 capital andTier 2 capital held by a bank as they do not give any recognition fornon-qualifying instruments that are actually phased out over nine years._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 18. P a g e | 18The treatment of deductions and non-qualifying capital instruments alsoaffects figures reported in the leverage ratio section.The underestimation of Tier 1 capital will become less of an issue as theimplementation date of the leverage ratio nears.In particular, in 2013, the capital amounts based on the capitalrequirements in place on the Basel III monitoring reporting date willreflect the amount of non-qualifying capital instruments included incapital at that time.These amounts will therefore be more representative of the capital heldby banks at the implementation date of the leverage ratio.Capital shortfalls and overall changes in regulatory capital ratiosTable 2 shows the aggregate capital ratios under the current and Basel IIIframeworks and the capital shortfalls if Basel III were fully implemented,both for the definition of capital and the calculation of risk-weightedassets as of 30 June 2011._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 19. P a g e | 19As compared to current CET1, the average CET1 capital ratio of Group 1banks would have fallen by nearly one-third from 10.2% to 7.1% (a declineof 3.1 percentage points) when Basel III deductions and risk-weightedassets are taken into account.The reduction in the CET1 capital ratio of Group 2 banks is smaller (from10.1% to 8.3%), which indicates that the new framework has greaterimpact on larger banks.Results show significant variation across banks as shown in Chart 1.The reduction in CET1 ratios is driven by the new definition of eligiblecapital, by deductions that were not previously applied at the commonequity level of Tier 1 capital in most jurisdictions (numerator) and byincreases in risk-weighted assets (denominator)._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 20. P a g e | 20Banks engaged heavily in trading or counterparty credit activities tend toshow the largest denominator effects as these activities attractsubstantively higher capital charges under the new framework.Tier 1 capital ratios of Group 1 banks would on average decline 4.1percentage points from 11.5% to 7.4%, and total capital ratios of this samegroup would decline on average by 5.6 percentage points from 14.2% to8.6%.As with CET1, Group 2 banks show a more moderate decline in Tier 1capital ratios from 10.9% to 8.6%, and a decline in total capital ratios from14.3% to 10.6%.The Basel III framework includes the following phase-in provisions forcapital ratios:_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 21. P a g e | 21For CET1, the highest form of loss absorbing capital, the minimumrequirement will be raised to 4.5% and will be phased-in by 1 January2015;For Tier 1 capital, the minimum requirement will be raised to 6.0% andwill be phased-in by 1 January 2015;For total capital, the minimum requirement remains at 8.0%;Regulatory adjustments (ie possibly stricter sets of deductions that applyunder Basel III) will be fully phased-in by 1 January 2018;An additional 2.5% capital conservation buffer above the regulatoryminimum capital ratios, which must be met with CET1, will be phased-inby 1 January 2019; andThe additional loss absorbency requirement for G-SIBs, which rangesfrom 1.0% to 2.5%, will be phased in by 1 January 2019.It will be applied as the extension of the capital conservation buffer andmust be met with CET1.The Annex includes a detailed overview of all relevant phase-inarrangements.Chart 2 and Table 2 provide estimates of the amount of capital that Group1 and Group 2 banks would need between 30 June 2011 and 1 January 2019in addition to the capital they already held at the reporting date, in orderto meet the target CET1, Tier 1, and total capital ratios under Basel IIIassuming fully phased-in target requirements and deductions as of 30June 2011.Under these assumptions, the CET1 capital shortfall for Group 1 bankswith respect to the 4.5% CET1 minimum requirement is €38.8 billion.The CET1 shortfall with respect to the 4.5% requirement for Group 2banks, where coverage of the sector is considerably smaller, is estimatedat €8.6 billion._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 22. P a g e | 22For a CET1 target of 7.0% (ie the 4.5% CET1 minimum plus the 2.5%capital conservation buffer, plus any capital surcharge for G-SIBs asapplicable), Group 1 banks’ shortfall is €485.6 billion and Group 2 banks’shortfall is €32.4 billion.The surcharges for G-SIBs are a binding constraint on 24 of the 28 G-SIBsincluded in this Basel III monitoring exercise.As a point of reference, the aggregate sum of after-tax profits prior todistributions for Group 1 and Group 2 banks in the same sample was€356.6 billion and €35.6 billion, respectively in the second half of 2010 andthe first half of 2011.Assuming the 4.5% CET1 minimum capital requirements were fully met(ie, there were no CET1 shortfall), Group 1 banks would need anadditional €66.6 billion to meet the minimum Tier 1 capital ratiorequirement of 6.0%.Assuming banks already hold 7.0% CET1 capital, Group 1 banks wouldneed and an additional €221.4 billion to meet the Tier 1 capital target ratioof 8.5% (ie the 6.0% Tier 1 minimum plus the 2.5% CET1 capitalconservation buffer), respectively.Group 2 banks would need an additional €7.3 billion and an additional€16.6 billion to meet these respective Tier 1 capital minimum and targetratio requirements.Assuming CET1 and Tier 1 capital requirements were fully met (ie, therewere no shortfalls in either CET1 or Tier 1 capital), Group 1 banks wouldneed an additional €119.3 billion to meet the minimum total capital ratiorequirement of 8.0% and an additional €223.2 billion to meet the totalcapital target ratio of 10.5% (ie the 8.0% Tier 1 minimum plus the 2.5%CET1 capital conservation buffer), respectively.Group 2 banks would need an additional €5.5 billion and an additional€11.6 billion to meet these respective total capital minimum and targetratio requirements._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 23. P a g e | 23As indicated above, no assumptions have been made about bank profitsor behavioural responses, such as changes balance sheet composition,that will serve to ameliorate the impact of capital shortfalls over time.Impact of the definition of capital on Common Equity Tier 1capitalAs noted above, reductions in capital ratios under the Basel IIIframework are attributed in part to capital deductions not previouslyapplied at the common equity level of Tier 1 capital in most jurisdictions.Table 3 shows the impact of various deduction categories on the grossCET1 capital (ie, CET1 before deductions) of Group 1 and Group 2 banks.In the aggregate, deductions reduce the gross CET1 of Group 1 banksunder the Basel III framework by 32.0%.The largest driver of Group 1 bank deductions is goodwill, followed bycombined deferred tax assets (DTAs) deductions, and intangibles otherthan mortgage servicing rights._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 24. P a g e | 24These deductions reduce Group 1 bank gross CET1 by 15.4%, 4.9%, and3.6%, respectively.The category described as other deductions reduces Group 1 bank grossCET1 by 3.0% and pertain mainly to deductions for provision shortfallsrelative to expected credit losses and deductions related to defined benefitpension fund schemes.Holdings of capital of other financial companies reduce the CET1 ofGroup 1 banks by 2.9%.The category “Excess above 15%” refers to the deduction of the amountby which the aggregate of the three items subject to the 10% limit forinclusion in CET1 capital exceeds 15% of a bank’s CET1, calculated afterall deductions from CET1.These 15% threshold bucket deductions reduce Group 1 bank gross CET1by 2.1%. Deductions for MSRs exceeding the 10% limit have a minorimpact on Group 1 CET1.Deductions reduce the CET1 of Group 2 banks by 26.9%. Goodwill is thelargest driver of deductions for Group 2 banks, followed by holdings ofthe capital of other financial companies, and combined DTAsdeductions.These deductions reduce Group 2 bank CET1 by 10.5%, 4.4%, and 4.3%,respectively.Other deductions, which are driven significantly by deductions forprovision shortfalls relative to expected credit losses, result in a 3.5%reduction in Group 2 bank gross CET1.Deductions for intangibles other than mortgage servicing rights anddeductions for items in excess of the aggregate 15% threshold basketreduce Group 2 bank gross CET1 by 2.5% and 1.8%, respectively.Deductions for mortgage servicing rights above the 10% limit have noimpact on Group 2 banks._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 25. P a g e | 25Changes in risk-weighted assetsOverall resultsReductions in capital ratios under the Basel III framework are alsoattributed to increases in risk-weighted assets.Table 4 provides additional detail on the contributors to these increases,to include the following categories:Definition of capital:These columns measure the change in risk-weighted assets as a result ofproposed changes to the definition of capital.The column heading “other” includes the effects of lower risk-weightedassets for exposures that are currently included in risk-weighted assetsbut receive a deduction treatment under Basel III._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 26. P a g e | 26The column heading “50/50” measures the increase in risk-weightedassets applied to securitisation exposures currently deducted under theBasel II framework that are risk-weighted at 1250% under Basel III.The column heading “threshold” measures the increase in risk-weightedassets for exposures that fall below the 10% and 15% limits for CET1deduction;Counterparty credit risk (CCR):This column measures the increased capital charge for counterpartycredit risk and the higher capital charge that results from applying ahigher asset value correlation parameter against exposures to financialinstitutions under the IRB approaches to credit risk.Not included in CCR are risk-weighted asset effects of capital charges forexposures to central counterparties (CCPs) or any impact ofincorporating stressed parameters for effective expected positiveexposure (EEPE);Securitisation in the banking book:This column measures the increase in the capital charges for certain typesof securitisations (eg, resecuritisations) in the banking book; andTrading book:This column measures the increased capital charges for exposures held inthe trading book to include capital requirements against stressedvalue-at-risk, incremental default risk, and securitisation exposures in thetrading book.Risk-weighted assets for Group 1 banks increase overall by 19.4% forGroup 1 banks.This increase is to a large extent attributed to higher risk-weighted assetsfor counterparty credit risk exposures, which result in an overall increasein total Group 1 bank risk-weighted assets of 6.6%._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 27. P a g e | 27The predominant driver behind this figure is capital charges forcounterparty credit risk as the higher asset value correlation parameterresults in an increase in overall risk-weighted assets of only 1.0%.Trading book exposures and securitisation exposures currently subject todeduction under Basel II, also contribute significantly to higherrisk-weighted assets at Group 1 banks at 5.2% for each category.Securitisation exposures currently subject to deduction, counterpartycredit risk exposures, and exposures that fall below the 10% and 15%CET1 eligibility limits are significant contributors to changes inrisk-weighted assets for Group 2 banks.Changes in risk-weighted assets show significant variation across banksas shown in Chart 3.Again, these differences are explained in large part by the extent of banks’counterparty credit risk and trading book exposures, which attractsignificantly higher capital charges under Basel III as compared tocurrent rules._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 28. P a g e | 28Impact of the revisions to the Basel II market risk frameworkTable 5 shows further detail on the impact of the revised trading bookcapital charges on overall risk-weighted assets for Group 1 banks.The sample analysed here is smaller than the one in Table 4 as not all theGroup 1 banks provided data on market risk exposures.For this reduced sample of banks, trading book exposures resulted in a6.1% increase in total risk-weighted assets.The main contributors to this increase are stressed value-at-risk (stressedVaR), non-correlation trading securitisation exposures subject thestandardised measurement method (column heading “SMM non-CTP”),and the incremental risk capital charge (IRC), which contribute 2.2%,_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 29. P a g e | 291.7%, and 1.4%.Less significant contributors to the increase in overall risk-weightedassets are capital charges for correlation trading exposures.Increases in risk-weighted assets are partially offset by effects related toprevious capital charges24 and changes to the standardised measurementmethod (SMM).Impact of the rules on counterparty credit risk (CVA only)Credit valuation adjustment (CVA) risk capital charges lead to a 7.3%increase in total RWA for the subsample of 77 banks which provided therelevant data (6.6% on the full Group 1 sample).A larger fraction of the total effect is attributable to the application of thestandardised method than to the advanced method.The impacts on Group 2 banks are smaller but still significant, adding upto an overall 2.9% increase in RWA over a subsample of 63 banks (2.2%for the full Group 2 sample), totally attributable to the standardisedmethod. Further detailed are provided in Table 6._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 30. P a g e | 30Findings regarding the leverage ratioThe results regarding the leverage ratio are provided using two alternativemeasures of Tier 1 capital in the numerator:Basel III Tier 1, which is the fully phased-in Basel III definition of Tier 1capital, and Current Tier 1, which is Tier 1 capital eligible under the BaselII agreement (the phase-in period of Basel III begins in 2013).Total exposures of Group 1 banks according to the definition of thedenominator of the leverage ratio were €59.2 trillion while total exposuresfor Group 2 banks were €5.6 trillion.One important element in understanding the results of the leverage ratiosection is the terminology used to describe a bank’s leverage.Generally, when a bank is referred to as having more leverage, or beingmore leveraged, this refers to a multiple (eg 33 times) as opposed to aratio (eg 3%).Therefore, a bank with a high level of leverage will have a low leverageratio.Chart 4 presents leverage ratios based on Basel III Tier 1 and current Tier1 capital.The chart provides this information for all banks, Group 1 banks andGroup 2 banks._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 31. P a g e | 31The weighted average current Tier 1 leverage ratio for all banks is 4.5%.For Group 1 banks, it is somewhat lower at 4.4% while it is 5.0% for Group2 banks.The average Basel III Tier 1 leverage ratio for all banks is 3.5%. The BaselIII average for Group 1 banks is 3.4%, and the average for Group 2 banksis 4.2%.The analysis shows that Group 2 banks are generally less leveraged thanGroup 1 banks, and this difference increases under Basel III when therequirements are fully phased in.It is likely that a portion of this effect is due to the changes in thedefinition of capital, which, as seen in Section 2, are likely to affect Group1 banks to a greater extent than Group 2 banks._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 32. P a g e | 32Under the current Tier 1 leverage ratio, 17 banks would not meet the 3%Tier 1 leverage ratio level, including six Group 1 banks and 11 Group 2banks.Under the Basel III Tier 1 leverage ratio, 63 banks would not meet the 3%Tier 1 leverage ratio level, including 36 Group 1 banks and 27 Group 2banks.LiquidityLiquidity coverage ratioOne of the two standards introduced by the Committee is a 30-dayliquidity coverage ratio (LCR) which is intended to promote short-termresilience to potential liquidity disruptions.The LCR has been designed to require global banks to have sufficienthigh-quality liquid assets to withstand a stressed 30-day funding scenariospecified by supervisors.The LCR numerator consists of a stock of unencumbered, high qualityliquid assets that must be available to cover any net outflow, while thedenominator is comprised of cash outflows less cash inflows (subject to acap at 75% of outflows) that are expected to occur in a severe stressscenario.103 Group 1 and 102 Group 2 banks provided sufficient data in the 30 June2011 Basel III monitoring exercise to calculate the LCR according to theBasel III liquidity framework.The weighted average LCR was 90% for Group 1 banks and 83% forGroup 2 banks. These aggregate numbers do not speak to the range ofresults across the banks.Chart 5 below gives an indication of the distribution of bank results; thethick red line indicates the 100% minimum requirement, the thin redhorizontal lines indicate the median for the respective bank group.45% of the banks in the Basel III monitoring sample already meet or_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 33. P a g e | 33exceed the minimum LCR requirement and 60% have LCRs that are at orabove 75%.For the banks in the sample, Basel III monitoring results show a shortfallof liquid assets of €1.76 trillion (which represents approximately 3% of the€58.5 trillion total assets of the aggregate sample) as of 30 June 2011, ifbanks were to make no changes whatsoever to their liquidity risk profile.This number is only reflective of the aggregate shortfall for banks that arebelow the 100% requirement and does not reflect surplus liquid assets atbanks above the 100% requirement.Banks that are below the 100% required minimum have until 2015 to meetthe standard by scaling back business activities which are mostvulnerable to a significant short-term liquidity shock or by lengtheningthe term of their funding beyond 30 days.Banks may also increase their holdings of liquid assets.The key components of outflows and inflows are shown in Table 7._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 34. P a g e | 34Group 1 banks show a notably larger percentage of total outflows, whencompared to balance sheet liabilities, than Group 2 banks.This can be explained by the relatively greater contribution of wholesalefunding activities and commitments within the Group 1 sample, whereas,for Group 2 banks, retail activities, which attract much lower stress factors,comprise a greater share of funding activities.Cap on inflowsNo Group 1 and 19 Group 2 banks reported inflows that exceeded the cap.Of these, six fail to meet the LCR, so the cap is binding on them._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 35. P a g e | 35Of the banks impacted by the cap on inflows, 18 have inflows from otherfinancial institutions that are in excess of the excluded portion of inflows.The composition of high quality assets currently held at banks is depictedin Chart 6.The majority of Group 1 and Group 2 banks’ holdings, in aggregate, arecomprised of Level 1 assets; however the sample, on whole, showsdiversity in their holdings of eligible liquid assets.Within Level 1 assets, 0% risk-weighted securities issued or guaranteedby sovereigns, central banks and PSEs, and cash and central bankreserves comprising significant portions of the qualifying pool.Comparatively, within the Level 2 asset class, the majority of holdings iscomprised of 20% risk-weighted securities issued or guaranteed bysovereigns, central banks or PSEs, and qualifying covered bonds.Cap on Level 2 assets€121 billion of Level 2 liquid assets were excluded because reported Level2 assets were in excess of the 40% cap as currently operationalised._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 36. P a g e | 3634 banks currently reported assets excluded, of which 24 (11% of the totalsample) had LCRs below 100%.Chart 7 combines the above LCR components by comparing liquidityresources (buffer assets and inflows) to outflows.Note that the €800 billion difference between the amount of liquid assetsand inflows and the amount of outflows and impact of the cap displayedin the chart is smaller than the €1.76 trillion gross shortfall noted above asit is assumed here that surpluses at one bank can offset shortfalls at otherbanks.In practice the aggregate shortfall in the industry is likely to liesomewhere between these two numbers depending on how efficientlybanks redistribute liquidity around the system._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 37. P a g e | 37Net stable funding ratioThe second standard is the net stable funding ratio (NSFR), alonger-term structural ratio to address liquidity mismatches and provideincentives for banks to use stable sources to fund their activities.103 Group 1 and 102 Group 2 banks provided sufficient data in the 30 June2011 Basel III monitoring exercise to calculate the NSFR according to theBasel III liquidity framework.46% of these banks already meet or exceed the minimum NSFRrequirement, with three-quarters at an NSFR of 85% or higher.The weighted average NSFR for each of the Group 1 bank and Group 2samples is 94%.Chart 8 shows the distribution of results for Group 1 and Group 2 banks;the thick red line indicates the 100% minimum requirement, the thin redhorizontal lines indicate the median for the respective bank group._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 38. P a g e | 38The results show that banks in the sample had a shortfall of stablefunding of €2.78 trillion at the end of June 2011, if banks were to make nochanges whatsoever to their funding structure.This number is only reflective of the aggregate shortfall for banks that arebelow the 100% NSFR requirement and does not reflect any surplus stablefunding at banks above the 100% requirement.Banks that are below the 100% required minimum have until 2018 to meetthe standard and can take a number of measures to do so, including bylengthening the term of their funding or reducing maturity mismatch.It should be noted that the shortfalls in the LCR and the NSFR are notnecessarily additive, as decreasing the shortfall in one standard may resultin a similar decrease in the shortfall of the other standard, depending onthe steps taken to decrease the shortfall._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 39. P a g e | 39_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 40. P a g e | 40NUMBER 2Study on the Cross-Border Scope of thePrivate Right of Action Under Section10(b) of the Securities Exchange Act of1934 As Required by Section 929Y of theDodd-Frank Wall Street Reform andConsumer Protection ActApril 2012This study has been prepared by the Staff of the U.S. Securities andExchange Commission. The Commission has expressed no viewregarding the analysis, findings, or conclusions contained herein.Executive SummaryThis study stems from two significant legal developments in the Summerof 2010 regarding the application of Section 10(b) of the SecuritiesExchange Act of 1934 (“Exchange Act”) to transnational securitiesfrauds.Section 10(b) is an antifraud provision designed to combat a wide varietyof manipulative and deceptive activities that can occur in connection withthe purchase or sale of a security.The Securities and Exchange Commission (“Commission”) has civilenforcement authority under Section 10(b) and the Department of Justice(“DOJ”) has criminal enforcement authority.Further, injured investors can pursue a private right of action underSection 10(b); meritorious private actions have long been recognized asan important supplement to civil and criminal law-enforcement actions.On June 24, 2010, the Supreme Court in Morrison v. National AustraliaBank concluded that there is no “affirmative indication” in the ExchangeAct that Section 10(b) applies extraterritorially._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 41. P a g e | 41Finding no affirmative indication of an extraterritorial reach, the SupremeCourt adopted a new transactional test under which:Section 10(b) reaches the use of a manipulative or deceptive device orcontrivance only in connection with the purchase or sale of a securitylisted on an American stock exchange, and the purchase or sale of anyother security in the United States.Congress promptly responded to the Morrison decision by adding Section929P(b)(2) of Title IX of the Dodd-Frank Wall Street Reform andConsumer Protection Act of 2010 (“Dodd-Frank Act”).Section 929P(b)(2) provided the necessary affirmative indication ofextraterritoriality for Section 10(b) actions involving transnationalsecurities frauds brought by the Commission and DOJ.Specifically, Section 929P(b)(2) provides the district courts of the UnitedStates with jurisdiction over Commission and DOJ enforcement actions ifthe fraud involves:(1) conduct within the United States that constitutes a significant step infurtherance of the violation, even if the securities transaction occursoutside the United States and involves only foreign investors; or(2) conduct occurring outside the United States that has a foreseeablesubstantial effect within the United States.With respect to private actions under Section 10(b), Section 929Y of theDodd-Frank Act directed the Commission to solicit public comment andthen conduct a study to consider the extension of the cross-border scopeof private actions in a similar fashion, or in some narrower manner.Additionally, Section 929Y provided that the study shall consider andanalyze the potential implications on international comity and thepotential economic costs and benefits of extending the cross-borderscope of private actions._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 42. P a g e | 42BackgroundConduct and Effects Tests. Prior to the Supreme Court’s Morrisondecision, the lower federal courts had applied two tests to determine thecross-border reach of Section 10(b): the conduct test and the effects test.Under the conduct test, Section 10(b) applied if a sufficient level ofconduct comprising the transnational fraud occurred in the United States,even if the victims or the purchases and sales were overseas.Although the courts had adopted a range of approaches to defining whenthe level of domestic conduct was sufficient, courts generally found theconduct test satisfied where:(1) the mastermind of the fraud operated from the United States in ascheme to sell shares in a foreign entity to overseas investors;(2) much of the important efforts such as the underwriting, drafting ofprospectuses, and accounting work that led to the fraudulent offering of aU.S. issuer’s securities to overseas investors occurred in the United States;or(3) the United States was used as a base of operations for meetings, phonecalls, and bank accounts to receive overseas investors’ funds.Under the effects test, Section 10(b) applied to transnational securitiesfrauds when conduct occurring in foreign countries caused foreseeableand substantial harm to U.S. interests.Among other situations, the effects test applied where either overseasfraudulent conduct or a predominantly foreign transaction resulted in adirect injury to:(1) Investors resident in the United States (even if the U.S. investors arerelatively small in number);_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 43. P a g e | 43(2) Securities traded on a U.S. exchange or otherwise issued by a U.S.entity; or(3) U.S. domestic markets, at least where a reasonably particularizedharm occurred.Morrison Litigation. Morrison involved a so-called “foreign-cubed” classaction – a class action on behalf of foreign investors who had acquired thecommon stock of a foreign corporation through purchases effected onforeign securities exchanges.The plaintiffs alleged that the foreign corporation made false andmisleading statements outside the United States to the plaintiff-investorsthat were based on false financial figures that had been generated in theUnited States by a wholly-owned U.S. subsidiary.The federal district court dismissed the case, holding that the conducttest had not been satisfied. The court of appeals affirmed the dismissal.At the Supreme Court, many of the arguments raised by the parties andthe various amici curiae (i.e., non-parties who voluntarily submitted theirviews and analysis to assist the Court) centered on policy argumentssupporting or opposing the conduct and effects tests in comparison to abright-line test that would restrict the cross-border reach of Section 10(b).The plaintiffs and their supporting amici argued, among other things,that:(1) there is an inherent U.S. interest in ensuring that even foreignpurchasers of globally traded securities are not defrauded, because theprices that they pay for their securities will ultimately impact the prices atwhich the securities are sold in the United States;(2) foreign issuers that cross-list in the United States benefit from theprestige and increased investor confidence that results from a U.S. listing,and thus it is reasonable to hold these foreign issuers to the full force ofthe U.S. securities laws regardless of where the particular transactionoccurs; _____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 44. P a g e | 44(3) without the cross-border application of Section 10(b) afforded by theconduct and effects tests, there generally would be no legal options forredress open to the foreign victims of frauds committed by personsresiding in the United States; and(4) eliminating the conduct and effects tests could be a significant factorweighing against further or continued foreign investment in the UnitedStates.The defendants and their supporting amici (excluding foreigngovernments) argued, among other things, that:(1) the uncertainty and lack of predictability resulting from the conductand effects tests discourage investment in the United States and capitalraising in the United States, which would not occur with a bright-line testlimiting Section 10(b) only to transactions within the United States;(2) application of Section 10(b) private liability to frauds resulting intransactions on foreign exchanges would result in wasteful and abusivelitigation, cause the United States to become a leading venue for globalsecurities class actions, and subject foreign issuers to the burdens anduncertainty of extensive U.S. discovery, pre-trial litigation, and perhapstrial before plaintiffs’ claims can be dismissed under the conduct andeffects tests; and(3) different nations have reached different conclusions about whatconstitutes fraud, how to deter it, and when to prosecute it, and thecross-border application of U.S. securities law would interfere with thosesovereign policy choices.The U.S. Solicitor General, joined by the Commission, recommended tothe Supreme Court a standard that would permit a private plaintiff whosuffered a loss overseas as part of a transnational securities fraud topursue redress under Section 10(b) if the U.S. component of the frauddirectly caused the plaintiff’s injury.Although the Solicitor General acknowledged the potential for privatesecurities actions brought under U.S. law to conflict with the procedures_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 45. P a g e | 45and remedies afforded by foreign nations, the Solicitor General opposed atransactional test that would permit a Section 10(b) private action only ifthe securities transaction occurred in the United States.A transactional test, the Solicitor General explained, would producearbitrary outcomes, including denying a Section 10(b) private action evenwhen the fraud was hatched and executed entirely in the United Statesand the injured investors were in the United States if the transactionsinduced by the fraud were executed abroad.The British, French, and Australian Governments opposed to varyingdegrees the cross-border scope of private rights of action under Section10(b).Each argued that it had made different policy choices about theprevention of fraud and enforcement of antifraud rules based on its ownsovereign interests, and asserted that each choice deserved respect.The British and French Governments expressly supported a bright-linetest.Morrison Decision. As noted above, the Supreme Court adopted a newtransactional test under which Section 10(b) applies only to frauds inconnection with the “the purchase or sale of a security listed on anAmerican stock exchange, and the purchase or sale of any other securityin the United States.”In rejecting the conduct and effects tests, the Court expressly identifiedthe potential threat of regulatory conflict and international discord thatprivate securities class actions can pose in the context of transnationalsecurities frauds.Justice Stevens filed a concurrence in which he argued in favor of theconduct and effects tests, and criticized the transactional test as undulyexcluding from private redress under Section 10(b) frauds that transpire inthe United States or directly target U.S. citizens._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 46. P a g e | 46Post-Morrison Legal DevelopmentsFollowing the Morrison decision, the lower federal courts have addresseda number of questions regarding the interpretation and application of thetransactional test.To date, the courts have issued decisions holding that:1) Although the Supreme Court stated in Morrison that Section 10(b)applies to the “purchase or sale of a security listed on an American stockexchange,” an investor in a U.S. and foreign cross-listed security cannotmaintain a Section 10(b) private action if he or she acquired the securityon the foreign stock exchange.2) An investor who acquires an exchange-traded American depositaryreceipt (ADR), which is a type of security that represents an ownershipinterest in a specified amount of a foreign security, can maintain a Section10(b) private action.3) The purchase or sale of a security on a foreign exchange by a U.S.investor is not within the reach of Section 10(b) even if the transaction wasinitiated in the United States (e.g., the purchase or sale order was placedwith a U.S. broker-dealer by a U.S. investor).4) A Section 10(b) private action is not available for a U.S. counter-party toa security-based swap that references a foreign security, at least to theextent that the counter-party is suing a third party (i.e., a non-party to theswap) for fraudulent conduct related to the foreign-referenced security.5) Section 10(b) applies where a defendant engages in insider tradingoverseas with respect to a U.S. exchange-traded corporation by acquiringcontracts for difference, which are a type of security in which thepurchaser acquires the future movement of the underlying company’scommon stock without taking formal ownership of the company’s shares.6) A Section 10(b) private action is not available against a securitiesintermediary such as a broker-dealer, investment adviser, or underwriter_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 47. P a g e | 47if the transaction for which the investor suffered a loss occurred on aforeign exchange or otherwise outside the United States, even if(i) the intermediary resided in the United States and primarily engaged inthe fraudulent conduct here, or(ii) the intermediary traveled to the United States frequently to meet withthe U.S. investor-client.7) Investors who purchase shares of an off-shore feeder fund that holdsitself out as investing exclusively or predominantly in a U.S. fund cannotmaintain a Section 10(b) private action unless the purchase of the feederfund’s shares occurred in the United States.Courts are divided on the issue of how to determine whether a purchaseor sale of securities not listed on a U.S. or foreign exchange takes place inthe United States, setting forth a number of competing approaches thatinclude looking to:(a) whether either the offer or the acceptance of the off-exchangetransaction occurred in the United States;(b) whether the event resulting in “irrevocable liability” occurred in theUnited States; or(c) whether the issuance of the securities occurred in the United States.Responses to Request for Public CommentIn response to the Commission’s request for public comments, as ofJanuary 1, 2012 the Commission received 72 comment letters (excludingduplicate and follow-up letters) – 30 from institutional investors; 19 fromlaw firms and accounting firms; 8 from foreign governments; 7 frompublic companies and associations representing them; 7 from academics;and 1 from an individual investor._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 48. P a g e | 48Of these, 44 supported enactment of the conduct and effects tests or somemodified version of the tests, while 23 supported retention of theMorrison transactional test.Arguments in Favor of the Transactional Test. The comment letters insupport of the transactional test asserted that cross-border extension ofSection 10(b) private actions would create significant conflicts with othernations’ laws, interfere with the important and legitimate policy choicesthat these nations have made, and result in wasteful and abusive litigationinvolving transactions that occur on foreign securities exchanges.Those comment letters argue that, by contrast, retention of thetransactional test would foster market growth because the test provides abright-line standard for issuers to reasonably predict their liabilityexposure in private Section 10(b) actions.Arguments Against the Transactional Test. The comment letters opposedto the transactional test argued, among other things, that: whether anexchange-traded securities transaction executed through a broker-dealeroccurs in the United States or overseas may not be either apparent to U.S.investors or within their control; the transactional test impairs the abilityof U.S. investment funds to achieve a diversified portfolio that includesforeign securities because the funds will have to either trade in the lessliquid and potentially more costly ADR market in the United States or,alternatively, forgo Section 10(b) private remedies to trade overseas orpursue foreign litigation; and the transactional test fails to provide aprivate action in situations where U.S. investors are induced within theUnited States to purchase securities overseas.Arguments in Favor of the Conducts and Effects Tests. The commentletters supporting enactment of the conduct and effects tests argued thatdoing so would promote investor protection because private actionswould be available to supplement Commission enforcement actionsinvolving transnational securities frauds.These comment letters also argued that the conduct and effects testsreflect the economic reality that although a company’s shares may tradeon a foreign exchange and the company may be incorporated overseas,_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 49. P a g e | 49the entity may have an extensive U.S. presence justifying application ofU.S. securities laws.Further, comment letters also argued that the conduct and effects testsensure that fraudsters operating in the United States or targetinginvestors in the United States cannot easily avoid the reach of Section10(b) private liability, and facilitates international comity by balancing theinterests of the United States and foreign jurisdictions.Arguments Against the Conduct and Effects Tests. The argumentsagainst the conduct and effects tests largely mirrored those set forthabove in favor of the transactional test.In addition, these comment letters argued that: investor protection anddeterrence of fraud are sufficiently achieved in the context oftransnational securities fraud by Congress having enacted the conductand effects tests for cases brought by the Commission and DOJ; smallU.S. investors do not need the heightened protection of the conduct andeffects tests because they generally do not directly invest overseas; theconduct and effects tests’ fact-specific analysis bears little relationship toinvestors’ expectations about whether they are protected by U.S.securities laws; and foreign legal regimes already provide sufficientremedies for investors who engage in transactions abroad.Alternative Approaches that Commenters Proposed. Several commentletters argued in support of conduct and effects tests limited to U.S.resident investors.According to these comment letters, such an approach would minimizemany of the international comity concerns associated with the conductand effects tests because foreign nations recognize that the United Stateshas a strong interest in protecting its own citizens.Another option that the comment letters suggested was afraud-in-the-inducement standard under which an investor couldmaintain a Section 10(b) private action if the investor was induced topurchase or sell the security in reliance on materially false or misleadingmaterial provided to the investor in the United States. _____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 50. P a g e | 50Comment letters supporting this alternative argued that it would beconsistent with investors’ expectations, because investors generallybelieve that they will be protected by the legal regime that applies in thelocations where they are subjected to fraudulent information or conduct.Options Regarding the Cross-Border Reach of Section 10(b)Private ActionsThe Staff advances the following options for consideration:Options Regarding the Conduct and Effects Tests.Enactment of conduct and effects tests for Section 10(b) private actionssimilar to the test enacted for Commission and DOJ enforcement actionsis one potential option.Consideration might also be given to alternative approaches focusing onnarrowing the conduct test’s scope to ameliorate those concerns that havebeen voiced about the negative consequences of a broad conduct test.One such approach (which the Solicitor General and the Commissionrecommended in the Morrison litigation) would be to require the plaintiffto demonstrate that the plaintiff’s injury resulted directly from conductwithin the United States.Among other things, requiring private plaintiffs to establish that theirlosses were a direct result of conduct in the United States could mitigatethe risk of potential conflict with foreign nations’ laws by limiting theavailability of a Section 10(b) private remedy to situations in which thedomestic conduct is closely linked to the overseas injury.The Commission has not altered its view in support of this standard.Another option is to enact conduct and effects tests only for U.S. residentinvestors._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 51. P a g e | 51Such an approach could limit the potential conflict between U.S. andforeign law, while still potentially furthering two of the principalregulatory interests of the U.S. securities laws – i.e., protection of U.S.investors and U.S. markets.Options to Supplement and Clarify the Transactional Test. In addition topossible enactment of some form of conduct and effects tests, the Studysets forth four options for consideration to supplement and clarify thetransactional test.One option is to permit investors to pursue a Section 10(b) private actionfor the purchase or sale of any security that is of the same class ofsecurities registered in the United States, irrespective of the actuallocation of the transaction.A second option, which is not exclusive of other options, is to authorizeSection 10(b) private actions against securities intermediaries such asbroker-dealers and investment advisers that engage in securities fraudwhile purchasing or selling securities overseas for U.S. investors orproviding other services related to overseas securities transactions to U.S.investors.A third option is to permit investors to pursue a Section 10(b) privateaction if they can demonstrate that they were fraudulently induced whilein the United States to engage in the transaction, irrespective of where theactual transaction takes place.A final option is to clarify that an off-exchange transaction takes place inthe United States if either party made the offer to sell or purchase, oraccepted the offer to sell or purchase, while in the United States_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 52. P a g e | 52NUMBER 3Survey on the implementation of the CEBS Guidelines onRemuneration Policies and Practices12 April 2012 - The European Banking Authority (EBA) publishes todaythe results of the survey on the implementation of CEBS Guidelines onremuneration policies and practices.The survey findings indicate that in most countries the Guidelines cameinto force on 1 January 2011 and that supervisors have actively assessedremuneration policies requiring, where needed, interventions in theremuneration structures and payouts of the variable component.While considerable progress has been reported with respect to thegovernance of remuneration, some areas of concern remain.Further supervisory guidance is needed in setting up the criteria foridentifying risk takers as well as in the application of the proportionalityprinciple and of the risk alignment practices.The findings of the survey have showed a satisfactory implementation ofthe Guidelines into the respective legal and supervisory frameworks andgood progress by the industry has been reported namely as to thepractices in the governance of remuneration.However, the scope of the Guidelines is one of the areas for concern asconsiderable variations exist in the extent to which the remunerationrequirements are applied beyond the scope of the CRD._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 53. P a g e | 53With regard to the identification of risk takers, the survey has highlightedinconsistencies across institutions in the criteria used to identify staff thathave a material impact on the firm’s risk profile.Furthermore, such criteria have not always proved to sufficiently graspthe risk impact aspect of the exercise.Inconsistencies have also emerged in the application of theproportionality principle with practices varying from predetermined fixedcriteria to open case-by-case approaches to determine if the set of specificremuneration rules should be applied to identified staff.Finally, the survey has showed that risk alignment practices across theindustry remain underdeveloped namely with regard to the interaction ofparameters used for risk management and the structure of bonus pools.In light of the shortcomings identified by the survey, it is welcomed thatthe Danish Presidency, in its January compromise text on the CRD IVpackage, has proposed to widen the scope of the mandate for the EBA toelaborate criteria to identify categories of staff whose professionalactivities have a material impact on the institution’s risk profile.CONTEXT FOR THE SURVEYThis report presents the results of an EBA survey on the implementationof the CEBS Guidelines on Remuneration Policies and Practices(hereafter: the Guidelines) amongst European banking supervisors,conducted in Q 4 2011.The Guidelines were published on 10 December 2010.The aim of the survey was twofold i.e. to get an overview of- how legislators and supervisors have implemented the Guidelines in their legislative frameworks and/or their supervisory policies, focusing on possible differences between these implementations and the Guidelines;_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 54. P a g e | 54- more importantly, how the requirements of the Guidelines have been supervised in practice, what progress has been made by institutions and which areas need further development.This aim is set off against a level playing field concern that was raisedwhen adopting the Guidelines, both by the sector and betweensupervisors.Although the Guidelines provide an extensive supporting framework tointerpret the CRD III requirements on remuneration, they includenumerous open aspects where judgment by institutions and bysupervisors is required.The concern was that this judgment would lead to differentimplementations within the EU, further intensified by the fact thatprudential supervision over remuneration policies has been since thecrisis a completely new field of supervisory competence in most EUcountries.Through this report the EBA wants to encourage greater regulatoryconsistency across the EU jurisdictions.The survey benchmarks progress and further work to be done against theGuidelines, and consequently has a European context, with no direct linkto level playing field concerns between Europe and other members of theFSB.In this respect, the FSB published in October 2011 a Thematic Review onCompensation that included this kind of level playing concerns, amongstother implementation survey work on the FSB Principles andImplementation Standards.As a follow-up, the FSB has launched a detailed ongoing monitoringprogram.In the European Union, this survey is not the only tool through whichEBA monitors remuneration practices and levels in institutions across theMember States._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 55. P a g e | 55A benchmark exercise based on remuneration data collected inaccordance with the criteria for disclosure established in point 15(f) ofpart 2 Annex XII of CRD III, will be launched by EBA.Twenty-one supervisors have participated in the survey; questions in thesurvey were mainly open and qualitative of nature, but for some aspects,numerical information was asked for a sample of institutions thatrepresents 60 % of total assets in the banking sector or at least the 20largest institutions in a particular Member State.Answers about practices in institutions relate mainly to the 2010remuneration cycle (i.e. for performances in 2010), the first year ofapplication of the CRD III requirements.The intention of this implementation report is not to repeat therequirements of the Guidelines.Where necessary, references will be made to the numbers of the relevantparagraphs of the Guidelines in footnotes.Words or expressions used in this report which are also used in theGuidelines shall have the meaning in this report as in the Guidelines.Executive SummaryThe CRD III remuneration requirements sought to develop risk-basedremuneration policies and practices, aligned with the long term interestsof the institution and avoiding short-term incentives that could lead toexcessive risk-taking.This was seen as a key contributory reform in restoring overall financialstability after the 2007-2008 financial crisis.In most countries, the Guidelines came into force on 1 January 2011, withsome countries suffering from delays in the legislative process._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 56. P a g e | 56The CRD III combination of articles and annexes, with the Guidelines ontop of these, is often mirrored in the countries as a combination oflegislative acts, regulation, circulars and/or explanatory memoranda.The balance between legally prescriptive and supervisory regulatoryapproaches differs between the respondents.Supervisors have actively assessed remuneration policies, imposing -where needed - amendments to the policy and consequently interveningin the remuneration structures and actual payouts of variableremuneration.In all countries, the Guidelines are part of the supervisory review overinstitutions.The scope of the Guidelines is an area of significant concern.Regarding the scope of institutions, there are effectively no substantiveexemptions at national level to the application of the remunerationrequirements to institutions covered by CRD III.Considerable variations exist in the extent to which the remunerationrequirements are applied beyond the scope of CRD III e.g. in somecountries this extends to the financial sector as a whole.While these findings are reassuring or at least not problematic at firstsight, they need further nuancing when put in the context of groups orwhen taken together with the proportionality CRD III allows.Groups with non-EEA entities or groups with non-regulated subsidiariesor regulated subsidiaries that are not subject to CRD III do not alwaysobtain the standard of group-wide application of the remuneration policy.Differences in how the Guidelines apply beyond the EEA borders oftenhave their origin in different implementation of the FSB Principles andImplementing Standards by third countries._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 57. P a g e | 57Proportionality regimes, sometimes based on predetermined fixedcriteria, other times based on an open case-by-case approach, can lead tosignificant variation in the net degree by which institutions are subject tothe CRD III requirements.Regarding staff under scope of the specific risk alignment requirements,CRD III requires that institutions identify the categories of staff that havea material impact on the risk profile of the institution (hereafter: theIdentified Staff).Institutions use a large variety of criteria for this internal exercise butthese are not always sufficient to grasp the risk impact aspect of thisexercise or to take into account less quantifiable risks such asreputational risk.The numbers of Identified Staff differ considerably between MemberStates, but there is a clear tendency of institutions to select very lownumbers.This affects the core of the CRD III requirements and undermines theeffectiveness of EU supervisory reforms on remuneration.The process to determine the Identified Staff in a group can be applieddifferently between parent undertaking and subsidiaries.There is a genuine concern on supervisory differences regarding theidentification process, within and outside the EEA.These differences can lead to regulatory arbitrage and competitivedisadvantages.Many supervisors express the need for clear criteria and a process toidentify risk takers in a single entity and within groups.More guidance is also needed on the application of the proportionalityprinciple and the neutralization of requirements. Further harmonisationof the identification process is essential for a level playing field._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 58. P a g e | 58In order to be able to align with the risk profile of institutions, a balanceshould be found between clarity and flexibility.The governance of remuneration has shown considerableprogress.This may be explained by the fact that remuneration governance is part ofbroader governance reforms after the financial crisis.There is a widespread good implementation of the Guidelines with regardto the general principles on corporate governance, the role of themanagement body in its supervisory and management function and thesetting up of a Remuneration Committee (hereafter: Rem Co).If weaknesses occur, those mainly stem from the group governancecontext: differences in the implementation of the Guidelines acrossjurisdictions often have their origin in different corporate laws andpractices; another source may be the difficult balance between thecoherent application of the group policy and the local responsibilities,based on local risks profiles and regulatory environment, that subsidiariesmay have in the field of remuneration.The risk alignment of remuneration policies and practicesremain underdeveloped.In the first cycle of application of CRD III, it appears that too manysupervisory resources often have been spent to discussions withinstitutions regarding the numbers of Identified Staff rather than focusingmore on risk alignment principles.Hardly any supervisory guidance, additional to the Guidelines, has beendeveloped at national level.Changes are perceptible in risk alignment during performancemeasurement of employees and in the parameters used ex ante for settingbonus pools._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 59. P a g e | 59Net profits and to a certain extent also risk-adjusted performanceparameters are now more in use for setting bonus pools, but much moreexperience needs to be gained here on the credibility of the parametersand on their simultaneous internal use for risk management purposesoutside remuneration so that they can really become embedded in theorganisations risk management framework.The interaction of such risk-adjusted parameters and discretionaryjudgment needs more transparency and the level at which the ex anteadjustment is applied is still restricted too much to the highest levels ofthe organisation.Also it is particularly important to ensure that the level of variableremuneration is consistent with the need to maintain, strengthen andrestore a sound capital base.Regarding ex post risk alignment, more improvements seem to bedesirable with a view to establishing sufficiently sensitive malus criteriawhich trigger forfeiture of deferred, i. e. unvested, variable remuneration.The malus criteria used do not always reflect the back testing character,which is inherent in the idea of a malus, with regard to the initiallymeasured performance.In light of the underdevelopment of risk adjustment techniques, the ratiosof variable to fixed that institutions have set in their remuneration policiesand that were used in this first CRD III cycle do not appear to signal abreach with practices from the past and tend to be high.The criteria by which institutions decide on the ratios in practice are notalways clear.Progress can however be observed in setting up multi-year frameworks,with deferral periods now being widespread.National requirements on the different elements of the multi-yearframework (e.g. proportion being deferred, time horizon, vesting process,_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 60. P a g e | 60time span between end of accrual and vesting of deferred amount) showsome minor variance or divergence from the Guidelines.The use of instruments as part of variable remuneration suffersfrom a feasibility gap.CRD III introduced a requirement to pay at least 50% of the variablecomponent of remuneration in instruments.Because the wording used for this requirement includes an "appropriatebalance" of different types of instruments, there was some room forinstitutions to tailor this requirement to their own needs and possibilities.In some countries, there is delay in complying with this CRD IIIrequirement because banks have difficulties in finding suitableinstruments.Listed institutions in several jurisdictions do not use common shares dueto practical and dilution problems, even though based on the CRD IIItext there were expectations that such shares would be used by listedinstitutions.So-called "phantom shares plans" (equivalent non cash instruments) aremore frequently used by both listed and non-listed institutions, althoughtheir development is still subject to many open issues.The main open issue concerns the valuation of these plans: by whomshould the value be determined and what kind of method should be usedto that end?Further practical experience is needed in this respect, especially todevelop these instruments for non-listed companies.Still, some strong practices are emerging which may help to shape furtherpolicy.Hybrid tier 1 instruments, part of the "appropriate balance" that CRD IIIenvisaged, are so far in practice not used._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 61. P a g e | 61Disclosure of remuneration policies and practices deservesgreater attention.Greater attention on disclosure of remuneration policies and practicescould enhance the implementation.The tandem between public disclosure and supervisory reporting, oncethe EBA Guidelines 46 and Guidelines 47 on remuneration data collectionexercises are implemented, should be helpful in this respect.Effective disclosure in fact allows the markets awareness onremuneration to increase.At the same time, it increases monitoring by the markets and regulatorson the relation between pay, risk-taking and performance and canfacilitate the emergence of best practices that address both financialstability concerns and the institutions need for competitive pay schemes.It is therefore important to ensure an equal level of application of thedisclosure requirements.Today, this is still hampered mainly by the fact that disclosurerequirements relate to those categories of staff selected as Identified Staff,whose number can differ considerably between Member States, as alreadymentioned.Analysis of the ImplementationScopeScope issues are structured as follows: first the report discusses theinstitutions in scope, then the report examines how the concept ofIdentified Staff has been implemented.These two subsections have three parts: a general discussion and then anelaboration of how(1) the group context and_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 62. P a g e | 62(2) neutralization influence implementation.The Guidelines distinguish between proportionality between institutionsand proportionality between staff, with neutralization being the mostfar-reaching form of these types of proportionality.INSTITUTIONS WITHIN SCOPEGeneralThe CRD III remuneration requirements apply to credit institutions asdefined under art. 4(1) of Directive 2006/48 and investment firms asdefined under Directive 2006/49/EC, which in turn refers to Directive2004/39/EC on markets in financial instruments (MiFID) (article 4(1)(1)).It is clear that the implementation of the remuneration requirements hasensured comprehensive coverage of these institutions.Overall, jurisdictions have in place no substantive exemptions to theapplication of the requirements.However there were considerable divergences in two important areas:- The extent to which the CRD III remuneration requirements were applied to sectors not within the scope of CRD III; and- The approach which individual markets have taken to proportionality and the degree to which the remuneration requirements may be neutralized. (In this context neutralization means the decision not to apply certain of the remuneration requirements to certain covered institutions dependent upon nationally determined criteria).Many jurisdictions apply the remuneration requirements solely to thoseinstitutions covered by CRD III._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 63. P a g e | 63However, some others extend the application in relatively modest waysincluding, for example, the utilisation of broader definitions of creditinstitutions or extension to settlement and clearing institutions.Some authorities, though, have chosen to apply the requirements muchmore widely including in some cases to the whole of the financial servicessector or to a significant number of additional sub-sectors, for example toinsurance and reinsurance companies, investment managementcompanies and private pension funds, asset management and financeleasing firms.The key positive outcome is that the remuneration requirements arecomprehensively being applied to CRD III institutions and somejurisdictions have used national discretion to apply the requirementsmore widely. Future EU legislation for other financial services sectors e.g.Solvency II, will lead to more harmonisation.Neutralization at the level of institutionsHowever, although all firms within scope are covered, there are very widedivergences across jurisdictions in the extent to which the remunerationprovisions can be neutralized and the ways in which that neutralization isachieved. In a few cases there was little or no neutralization.Three jurisdictions operate tiered proportionality regimes.Whilst these have some differences in structure and detail, theproportionality regimes apply neutralization primarily in relation to thesize, scope, complexity and nature of firms’ businesses with the mostsignificant firms unable to neutralize any of the provisions.GermanyGermany has a very heterogeneous banking market with many smallerinstitutions that have a conservative business model, esp. with a focus onlocal retail and smaller to medium corporate client business._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 64. P a g e | 64For this reason the Remuneration Regulation for Institutions(Instituts-Vergütungsverordnung, in short InstitutsVergV) makes adistinction between general requirements applying to all institutions andall employees (sections 3, 4 and 7 InstitutsVergV), and additional moredemanding requirements (sections 5, 6 and 8 InstitutsVergV) that arerelevant for “major institutions” and the remuneration schemes of theirmanagement board and identified staff.Institutions that are not "major" may neutralize the followingrequirements listed in Annex 2 of the Guidelines ("major institutions"cannot neutralize the following requirements):- (g) on performance criteria,- (h) on the multi-year framework, except for the management body of every institution,- (o) on instruments,- (p) on deferral,- (q) on risk adjustments,- (r) on pension policy as “discretionary pension benefits” play no role in the German institutions- the establishment of a Rem Co.The general requirements of the InstitutsVergV (sections 3, 4 and 7)implement all other requirements listed in Annex 2 of the Guidelines(including Annex 2 (l) on the ratio variable/fix).Qualification as a "major institution" depends on total assets and a riskanalysis which the institution is required to perform itself.This risk analysis is relevant for all institutions whose total assets on therespective balance sheet dates for the last three completed financial yearsreached or exceeded an average of €10 billion.The risk analysis shall take particular account of the institution’s size, itsremuneration structure and the nature, scope, complexity, risk contentand international scale of the business activities conducted._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 65. P a g e | 65In this regard, particular significance will be attached to an institution’sbusiness activities. Institutions with total assets of at least €40 billion aregenerally considered to be "major".Institutions with total assets under €10 billion are not considered to be"major" unless these institutions deem themselves to be major.ItalyItaly operates a proportionality regime based on three categories ofinstitutions:(a) ‘major’ banking groups with total consolidated assets of over €40billion are required to adopt all the general and stricter requirements ofthe CRD III and the Guidelines;(b) ‘medium’ banks and banking groups with total consolidated assetsbetween €3.5 and €40 billion are required to apply all the generalrequirements and may consider not to apply the stricter requirements ona case by case basis;(c) ‘minor’ banks with total consolidated assets lower than €3.5 billion arerequired to comply with the general requirements but not with the stricterprovisions.Stricter requirements are:(i) the payment of at least 50% of variable remuneration in shares/otherfinancial instruments;(ii) the deferral of at least 40% to 60% of the variable remuneration for atleast 3 to 5 years; (iii) the appointment of a Rem Co.All the other CRD III provisions have to be intended as "generalrequirements".As a result of such proportionate approach, all Italian institutions musttherefore comply with all the CRD III provisions and the Guidelines. _____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 66. P a g e | 66Medium and minor institutions might neutralize only the stricterrequirements.A Rem Co shall be however appointed in all listed institutions regardlessof size.Group contextIn the case of groups, the remuneration requirements are generallyimplemented worldwide and in relation to all regulated andnon-regulated subsidiaries.The responses received reveal that national regulations in all countriescompletely reflect the minimum requirements of the Guidelines withregard to the application of remuneration policies on a consolidatedbasis.In many jurisdictions, the group Rem Co has a role in ensuring thatremuneration provisions are applied at both group and subsidiary level.In practice, the balance between the requirement of the parent companyto have the group remuneration policy applied coherently and therequirement of subsidiaries to take into account local responsibilities,based on local risk profile and regulatory environment, proves to bedifficult to obtain.Some supervisors faced practices where the parent company determinedgroup wide policies which did not sufficiently respect the subsidiary’slocal responsibilities.Divergences occurred in the extent to which national regulations mighttake into account local non-EEA regulations (since within the EU there isa harmonised framework), practices or culture.In certain cases local regulations prevailed or were taken into account butin one case only if local regulation was tighter than national regulation. Inthose circumstances local requirements took precedence._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 67. P a g e | 67In certain other jurisdictions home regulation automatically appliedregardless of where the business was carried out. Sometimes institutionsuse (the absence of) local non-EEA regulations, practices or culture as anargument to implement less stringent remuneration policies in relation toactivity in those third country markets.A supervisory response noted in that case was to bring activity in thosemarkets at least within scope of the group policy, to ensure transparencytowards and oversight by the management body.There are similarly differences in the application of proportionalityprinciples ranging from the full application of home countryproportionality regimes to application on a case by case basis to no scopefor proportionality.There is thus the potential here for Member States to operate differentregimes for their institutions in the same third country markets.The possible impact of this would be greatest where local jurisdictionsoperated markedly less restrictive remuneration regimes than thoseapplicable in the EEA.STAFF WITHIN SCOPECRD III requires that institutions identify the categories of staff that havea material impact on the risk profile of the institution.The scope of the Identified Staff determines the scope of the specific riskalignment requirements.Therefore the identification of staff is the essential starting point forthe effective management of risks.It is clear from the implementation report that the selection of IdentifiedStaff has been the most important subject of discussion betweeninstitutions and supervisors._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 68. P a g e | 68Because of the impact on the scope of the remuneration policies and onthe competition between institutions, discussions between supervisorsand institutions stuck at this phase of the implementation of soundremuneration policies.The differentiation in the number of Identified Staff hinders the creationof a level playing field.Institutional practicesCRD III and the CEBS Guidelines state the categories of staff whichshould be selected.The CEBS Guidelines provide some guidance on the selection ofIdentified Staff.However, it is clear from the implementation report that more guidance isneeded.Varying practices lead to differences in the criteria used to identify staffand in the number of Identified Staff within jurisdictions andinternationally.Those differences can lead to regulatory arbitrage and competitivedisadvantages.The result is that institutions have tended to select low numbers ofIdentified Staff, which is contrary to the objective of managing effectivelyrisks resulting from remuneration policies and practices.Institutions use different processes to select Identified Staff.Some institutions first identify the relevant types of activity and thenselect the Identified Staff within these activities.Others base their selection on a risk analysis._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 69. P a g e | 69Within the different categories of Identified Staff, mentioned in CRD IIIand the Guidelines, the category other risk takers has proved to be themost challenging.The implementation report also provides some information on theselection criteria.Institutions use a variety of criteria to select the other risk takers; oftenmore than one.The criteria are quantitative as well as qualitative.The good practices identified in the implementation report are mainlyquantitative metrics which are based on responsibilities or are linked tothe risk impact of the employees activity.Examples which were mentioned are: credit competence; trading limits;bounded economic capital on business unit level; Value at Risk, RiskWeighted Assets-, revenue- or Profit&Loss impact; risk capital, totalremuneration, ratio fixed to variable remuneration, and variousthresholds (threshold above which staff are allowed to operate; amountsof revenue; assets under management).Qualitative criteria which are used by the institutions are the seniority ofstaff; hierarchy in the institution; type of responsibility of staff members;type of activity; and employee rating.Most of these criteria are applied at individual level. In one jurisdictioninstitutions are required to use also criteria at institutional level.The implementation report also provides information per jurisdiction onthe percentage of the total number of employees which institutions haveselected as Identified Staff.These percentages should be treated with some care, because they are notalways comparable.One reason for this is the different sizes of institutions._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 70. P a g e | 70Although the absolute number of Identified Staff of a big institution willusually be higher than the number of a small institution, the percentage ofthe total number of staff can be lower.Also national regulation on proportionality or proportionality practicesmay impact the percentage of Identified Staff.Nevertheless, the clear conclusion can been drawn that the numbers ofIdentified Staff which institutions have selected vary considerably perjurisdiction.This conclusion applies to all three categories of banks on which theImplementation report requested data: all institutions, investmentbanks, and retail banks.For example, in the category all institutions there are 6 jurisdictions withan average Identified Staff < 1% of total number of employees; in 5jurisdictions the average Identified Staff is between 1-5 %; in 3jurisdictions the average is between 5-10 %; and in 2 jurisdictions theaverage is more than 10%.Institutions tend to identify lower numbers of Identified Staff, especiallythe bigger institutions.In the view of supervisors this is inadequate for effective riskmanagement.Five supervisors have provided information on investment banks.Although one would expect investment banks consistently to have ahigher percentage of Identified Staff than retail banks due to the higherrisk profile, this is not the case in practice.In three jurisdictions investment banks have a higher percentage ofIdentified Staff than retail banks.However, in the other two jurisdictions the investment banks have a lowerpercentage._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 71. P a g e | 71In the majority of jurisdictions the management body is involved in theidentification process.Often the board has the responsibility to set the criteria for the selectionof Identified Staff.In a few jurisdictions the supervisory board has a role. More often theRem Co is involved, but its responsibilities vary between jurisdictions.Among the control functions, the human resources function is the mostcommonly involved in the identification process.The risk management function is clearly less often involved, although theaim of sound remuneration policies is the management of risks.The compliance function and the audit function appear to have only aminor role in the identification process.Supervisory practices and guidanceAlmost all supervisors have indicated that they apply the institution-widerules of CRD III and that the regulation covers all staff.In three jurisdictions, the regulations apply to a wider group of people,such as consultants, intermediaries, and persons to whom the institutionhas outsourced certain activities.The aim of covering this wider group is to avoid circumvention of theregulation. Almost all jurisdictions indicated that every institutioncovered by CRD has to select Identified staff.The determination of Identified Staff (especially in the category ‘otherrisk takers’, at lower level of the hierarchy) proves to be difficult, becausea process and clear criteria are lacking.One supervisor has developed further guidance on ‘material impact’._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 72. P a g e | 72Other supervisors have published guidance on the functions whichshould be appointed as Identified Staff and on the category ‘remunerationbracket’.The NetherlandsThe Dutch supervisor has published a Q&A concerning Identified staff.With regard to the category "other risk takers" the Dutch Q&A givescriteria related to the most common financial risks.Depending on a bank’s or investment firm’s business, the relativeimportance of risk types may vary. It is up to the firm to demonstratewhich are most important.For banks that engage in (mortgage) lending, credit risk may generally beexpected to be among the principal risk types.Where a firm (also) does significant business in the wholesale or financialmarkets, market risk will be a prominent financial risk.For most banks, funding and liquidity risk will also be of importance.Where credit, market, capital and liquidity risk are concerned, the Dutchsupervisor regards a (non-additive) combination of three criteria as astarting point for gauging the materiality of staff activities.Taken individually, every one of these tests have their limitations (e.g.:trading business is relatively immaterial in capital terms; taking capital asthe sole criterion will provide inconclusive evidence).Thus a combination of all three tests provides the fullest overview of‘material activities’. _____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 73. P a g e | 73Note that the test results are non-additive.Where a test score ‘sticks out’, the associated activity is assumed tomaterially affect the firm’s risk profile.Next, relevant staff members may be identified within the scope of theselected activities.Functions which have a material influence on the risk profile are notlimited to management functions (hierarchical positions), but alsocontain operational and controlling functions.With regard to nonfinancial risks (e.g. reputation, legal, or IT risks) theDutch Q&A states that it is difficult to lay down a single or a smallnumber of quantitative measures.Therefore, institutions should primarily select staff responsible fordecisions with strong impact on a firm’s operational risk profile.DenmarkThe Danish order on remuneration includes the following criteria onwhich persons should be appointed as identified staff:1) the management of the part of the institution that deals with orapproves financial instruments,2) the management of the part of the institution that invests theinstitutions own book,3) employees in the part of the institution as mentioned in 1 and 2 who viafinancial instruments can take a material risk on behalf of the institutionon the institutions own book (proprietary trading),4) the management of the actuary function and the reassurance functionwho can take a material risk on behalf of the institution on theinstitutions own book,_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 74. P a g e | 745) managers of the part of the institution who control compliance ofthresholds for risk taking, and6) other employees that can cause the institution a material credit risk.The UKThe UK FSA Handbook states that the first three categories of IdentifiedStaff ("Code staff" in the Handbook) (senior management, risk takersand staff engaged in control functions) should include persons whoperform a significant influence function for the firm, or is a seniormanager; individuals holding key positions, including heads ofsignificant business lines and support and control functions; and otherrisk takers, which firms may identify through setting their own metrics.Many supervisors express the need for clear criteria and a process toselect Identified Staff in a single entity and within groups.Further harmonisation of the identification process is essential for alevelplaying field to operate.In view of this it is also suggested to set appropriate quantitative andqualitative criteria for the number of Identified Staff.In order to be able to align with the risk profile of institutions, a balanceshould be found between clarity and flexibility.Specific issues on which more guidance is needed are:(i) the definition of the term ‘material’, with regard to activities/subsidiaries /business lines as well as to other risk takers.Without a better definition, institutions interpret functions (such as CFOand control functions) differently.(ii) the material impact of operating staff._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 75. P a g e | 75This proves to be more difficult to determine than staff in hierarchicalpositions.(iii) the relevant level in the organisation. Some supervisors mention thatit is not clear how far down in the organisation institutions have to selectIdentified Staff. Although low in hierarchy, certain activities of staff inlower positions can have an impact on the risk profile.(iv) the measurement of reputational risk and other not – easy – to –measure - risks when assessing the impact on the risk profile.(v) determination of the category of ‘risk takers who have collectivelyimpact on the risk profile’.Clear criteria for the identification of this category are lacking.(vi) the identification of Identified Staff within a group.Especially there are questions about the level within subsidiaries at whichstaff have to be identified (e.g. only the highest control function in asubsidiary or also the level below), and whether a further differenceshould be made between regulated and non-regulated subsidiaries.(vii) the application of the proportionality principle and the neutralizationof requirements.Diverging regulation or supervisory guidance on this point could haveimpact on the level playing field.Neutralization at the level of Identified StaffAnnex 2 of the CEBS Guidelines provides a table which shows theapplicability and the possibility of neutralization of requirements forIdentified Staff.In three jurisdictions neutralization is not possible._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 76. P a g e | 76In all other jurisdictions neutralization is allowed for the requirements (o),(p) and (q): pay out in financial instruments (combined with retention)and deferral (including ex post adjustment).In a few jurisdictions institutions have made use of this.Reasons given for the neutralization of the requirements are: the businessmodel in combination with the total (limited) number of employees; lowratio variable to fixed remuneration; the size of the group of personswhich has collectively material impact; maximum threshold of totalvariable remuneration; the relative level of seniority of staff members; thesize of the possible obligation entered into on behalf of the institution.GOVERNANCEMuch progress has been made in the field of governance of remuneration.Both institutions and supervisors have increased their awareness in thisrespect and have taken concrete actions to strengthen the governancearrangements.This may be explained by the fact that governance of remuneration is partof broader governance reforms undertaken after the financial crisis.The degree of compliance of national regulations with the Guidelines istherefore high.However, while many countries have proved themselves to be fullycompliant from a regulatory point of view, many have pointed out thatmore time is still needed to complete an exhaustive assessment of goodand bad practices.In a few circumstances, institutions claimed that the regulations were toorecent to be fully and properly implemented.The Guidelines on corporate governance have been generally wellimplemented, in particular in respect of: the role and compensation of the_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 77. P a g e | 77management body in its supervisory and management functions5; thesetting up, role and composition of the Rem Co and the definition, roleand composition of the control functions.However, problems still persist in few limited areas; in these cases,supervisors have often expressly required institutions to rectify thepractices and non-compliance (i.e. institutions have been asked to limitthe role of the CEO, improve the formalisation and functioning of all thereporting lines, ensure adequate discussion among all corporate bodiesetc.).The effective involvement of the control functions in the design, oversightand review of the overall remuneration policy is of paramount importancein order to achieve the prudential goals of CRD III and the Guidelines;nonetheless in many countries neither direct contact of the controlfunctions with the bodies responsible for the design and approval of thecompensation policy, nor access to the information needed to fullyparticipate in the decision-making process seem to be guaranteed.There is room for further regulatory convergence across EU jurisdictionson some detailed aspect of the governance Guidelines.However, some other differences can not be removed, as they stem fromnational corporate governance legislative frameworks (e.g. somespecificities may derive from the different allocation of roles andresponsibilities within the management and supervisory boards).Despite significant progress, many countries raised specific concernswith regard to group-wide remuneration policies and the structuralrelationship between the parent company and its subsidiaries (from agovernance point of view).This increases diversity across Member States.The most frequent concerns mentioned are: the identification of theIdentified Staff (see above in section 3.1.B - group context); cleardocumentation of the remuneration decision making process and therelationship between the subsidiaries and their parent company in that_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 78. P a g e | 78respect; the timely allocation of bonus pools at the subsidiary levels; toolittle or only an unbalanced interaction between the control functions(compliance, internal audit, HR) at parent and subsidiary level.There are good practices that may help in solving problems arising in thefield of the group context.For example:1) the human resources function at the subsidiary level receives a yearlylocal inspection of its remuneration policy performed by group controlfunctions;2) the internal audit function of the parent company reports to the homesupervisory authority about the remuneration policy of the whole group;3) a clear documentation on which local specificities (activities and risksof a subsidiary, local regulatory environment etc.) apply and how they areintegrated in the group policy.Besides encouraging these good practices, some supervisors have alsorequired from parent institutions to provide them detailed data andinformation on the compensation schemes adopted at the subsidiarylevels.Another good evolution is that cooperation and coordination initiativesamongst supervisory authorities have been activated, to ensure theeffective compliance with regulation in cross-border groups.FranceFrench supervisors have required main banking institutions to reportseveral months in advance their forecasting on the global pool ofcompensation that their business units and subsidiaries will submit totheir control and supervisory functions._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 79. P a g e | 79This practice has provided the French supervisor with both informationand tools for1. ensuring institutions’ ability to comply in real time with therequirement that compensation pools are effectively aligned withinstitutions’ risk profile and results;2. testing the time needed for supervisory and control functions toperform in a group context an assessment of the amount andcomputation modalities of compensation pools which are submitted bymanagement functions.RISK ALIGNMENT: UNDERDEVELOPED TECHNIQUESThe need for risk aligned variable remuneration was a core issue raised inthe wake of the financial crisis.However, institutions and supervisors also had to focus on moresupporting but important questions related to this risk alignment, such asthe scope of remuneration requirements on institutions and staff.Therefore the issue of the actual risk alignment itself has to be givenconsiderably more attention by institutions and supervisors.In this context, it is also important thatvariable remuneration is reducedwhere necessary to maintain, strengthen and restore a sound capital base.OVERALL RISK ALIGNMENTRisk alignment of variable remuneration has many different aspects thatare reflected in CRD III and the Guidelines.The idea of risk alignment is embodied in several requirements like thealignment of remuneration systems with the institutions’ strategies, theprohibition of guaranteed bonuses, personal hedging strategies andgolden parachutes, the implementation of minimum ratios fixed tovariable remuneration, the limits to the variable compensation when_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 80. P a g e | 80inconsistent with a sound capital base as well as the use of risk adjustedperformance parameters in the accrual period and of deferred variableremuneration with malus or clawback arrangements.Most of the reporting Member States stated that the national provisionswith regard to risk alignment of the variable remuneration show noidentifiable differences to the Guidelines.Often Member States keep the national provisions on a more abstract andcompacted level than the Guidelines.Nevertheless the Guidelines are at least used for interpretation and aresometimes even directly referred to.Some Member States seem to accentuate certain aspects with regard torisk alignment in their regulation and their supervisory practices.In some Member States the supervisory practice or regulation reachedmore prescriptive outcomes with regard to the scope or the maximumratios of variable to fixed remuneration.Alignment with strategiesInstitutions’ remuneration system and especially the variable part of theremuneration influence employees’ behaviour with regard to(inappropriate) risk taking.Thus remuneration systems – intentionally or not – also serve as amanagement tool.As such remuneration systems could be aligned with institutions’business and risk strategies as well as in the risk management system.The link between strategies and especially between risk strategies and theremuneration system is not always well developed or documented._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 81. P a g e | 81In some cases this may also have to do with underdeveloped business andrisk strategies that make it difficult to derive operational objectives fromthese strategies.Also remuneration systems are not always sufficiently embedded in thestrategy planning, transposition, assessment and modification process.Thus, performance parameters used for risk management purposes arestill underrepresented in remuneration systems.A good practice is to link the remuneration-related processes to theinstitutions’ business and risk strategy process.This ensures that the remuneration system is aligned with the strategiesand the operational objectives derived from these strategies.Furthermore those functions that are in charge of the strategy processincluding the risk management function should formally be involved inthe process of development, implementation and modification of aremuneration system especially with a view to the objectives set out at thedifferent levels of an institution’s remuneration system.ProhibitionsCRD III and the Guidelines disallow guaranteed bonuses (except whenhiring new staff and limited to the first year of employment), personalhedging strategies to undermine the risk alignment effects as well as“golden parachutes” that would reward for failure, are not allowed.All responding Member States adopted these requirements in theirnational jurisdictions. Most institutions incorporated the aforementionedprohibitions in their remuneration policies.Good progress has been made with a view to guaranteed bonuses.Except when hiring new staff and limited to the first year of employmentguaranteed bonuses seem to play no relevant role in the remunerationpractices of Member States institutions._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 82. P a g e | 82However, in practice also the classification of payments as guaranteedbonuses may not always be obvious.Supervisors notice cases where certain payments are presented as fixedpayments, but where further examination of the characteristics of thesepayments leads to re-assessment of that qualification.A similar observation can be made with regard to golden parachutes.Their use is claimed to be nonexistent by institutions.Nevertheless, the classification of certain arrangements under "paymentsrelated to the early termination of a contract that do not reward forfailure" may be questionable, e.g. in cases where persons have anentitlement to their fixed remuneration for the residual period of a fixedterm contract in case the performance under that contract has beenterminated before the originally anticipated term.With a view to the prohibition of hedging strategies and liability-relatedinsurance it is good practice if institutions require a commitment of theiremployees to adhere to this requirement.RATIOS VARIABLE TO FIXEDOverall national regulations are in line with the Guidelines requirementsto have an appropriately balanced ratio of variable to fixed remunerationto ensure a fully flexible bonus that could be zero.In some Member States this provision has to be applied by all institutionsand for all employees and is not limited to Identified Staff.Most Member States leave it to the institutions to set an internalmaximum ratio.This ratio can differ internally between business lines of an institution.The criteria by which institutions decide on the ratios in practice are notyet well known._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 83. P a g e | 83This may have to do with the fact that the use of ratios has a certaintradition and is therefore not always explainable.Another factor is market usages with a view to benchmarking among peergroups.However, it seems questionable whether institutions really usesophisticated approaches to determine such ratios.Only few Member States introduced maximum ratios.With the implementation of more detailed requirements for the variablepart of the remuneration, industry shifted parts of the variable pay into thefixed part of the remuneration.Some Member States found it opportune to prevent this unintendedconsequence of CRD III and introduced a requirement to keep thevariable part of the remuneration sufficiently high so that risk adjustmentrequirement can have sufficient impact on that part when needed.The ratios of variable to fixed remuneration for executive members of themanagement body (executives) and the other Identified Staff variedamong Member States.Through the implementation report, data have been collected on theaverage and maximum ratios of variable to fixed remuneration paid in thedifferent Member States to executives and other Identified Staff.National competent authorities were asked to base their data collectionon a representative sample of institutions in their jurisdiction, comprisingeither 60% of total domestic banking assets or the 20 largest institutions.Aggregate information on fixed to variable remuneration ratios wasreported as minimum and maximum and average among all observationson an individual bank basis._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 84. P a g e | 84For the purpose of this report, Member State figures have then beenaggregated at Union level.The data show that the median of the average ratios among MS is 122%for executives and 139% for the other identified staff.The highest value of the average ratios that were reported by the MS was220% for executives and 313% for the other identified staff.Furthermore, looking at the maximum ratios reported by the MS, themedian of this is 225% for executives and 324% for the other identifiedstaff.The highest reported values of these maximum ratios were 429% forexecutives and 940% for the other identified staff.Because of the differences in the degree to which Identified Staff aredetermined by the institutions (see above in this report in section 3.1.B)and because the sample of institutions for which data have been collectedmay include very different types of institutions depending on the MemberState concerned, the level of detail of these data did not allow numericalconclusions to be drawn from them.However, the general conclusion is that in all Member States, the variablepart of the remuneration exceeds the fixed remuneration considerably forall Identified Staff. Moreover, in all Member States, this ratio is generallyhigher for the category "other risk takers" than for the category"executive members" (for the categories, see paragraph 16 of theGuidelines).Taking into account the nominal pay levels for the fixed component forexecutives and the other risk takers, the ratios observed can lead to veryhigh variable remuneration components.If the potential variable remuneration is the dominating part of the totalremuneration, this could incentivise staff to take too much risk in order toassure a certain minimum pay level._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 85. P a g e | 85Some supervisors informally communicate to their institutions a certainnumerical maximum ratio of variable to fixed that they consider asappropriate; this allows them to obtain a clear level playing field in thewhole sector under their supervision.In this context, observed practices within institutions are:- The remuneration policy determines in a detailed way the underlying reasons why for a particular business unit or person, it is considered appropriate to have a ratio variable to fixed remuneration above a certain level.- High ratios above a certain threshold are approved by the management body in its supervisory function.- Approval for ratios inside a division that exceed the average of the ratios inside this division considerably.- Higher ratios result in a higher part of the variable payment deferred as well as in longer deferral and retention periods.RISK ALIGNMENT TECHNIQUES EX ANTE AND EXPOSTRisk alignment of variable remuneration has two main perspectives.Risks already have to play a prominent role in the performancemeasurement or accrual period and the award process when a certainpool of variable remuneration is determined and then allocated todivisional subpools, business units and individuals (ex ante perspective).As this forward-looking ex ante perspective may not identify all risks thatlater may emerge , risks also have to be considered retrospectively similarto a back testing of the initially measured performance (ex postperspective)._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 86. P a g e | 86The ex post perspective of risk alignment is subject to those requirementsthat cover the pay out process of variable remuneration, especially in thedeferral and malus or clawback arrangements.Although these two perspectives cannot be mixed, they can not be seenseparately either.A more conservative approach in one perspective may allow for a moreflexible approach in the other perspective.For example institutions that apply longer accrual periods with riskadjusted performance parameters may only apply the minimum deferralperiod of three years or use shorter retention periods for instruments likeshares.The CRD III and the Guidelines require that the total variableremuneration does not limit the ability of institutions to maintain a soundcapital base.In this respect, Member States shall have the power to impose correctivemeasures (e.g. limits to the variable remuneration, capital add-ons) andinstitutions shall have in place well-functioning ex ante (potentialreduction of the bonus pool) and ex post risk alignment mechanisms.The responses received reveal that national regulations in the majority ofMember States completely reflect the CRD III and Guidelinesrequirements.As regard practices carried out by institutions, the level of capital seemsto be taken into account among the risk-adjustment indicators, but thereis no evidence as to if and how it operated to reduce, when necessary, theoverall variable remuneration.Risk alignment of variable remuneration is the most challenging aspect ofa sound remuneration system.The practices in institutions and experiences of supervisors are stillnascent._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 87. P a g e | 87Ex ante perspectiveAn important way to incorporate risks in the system of measuringremuneration-related performance is the use of risk adjusted performanceparameters.Risk adjusted parameters are still underrepresented among thequantitative performance parameters used by institutions to determineand allocate the bonus pools.This may be partly due to the limitations of existing measures fordifferent types of risk and assets.Rather, performance criteria used by banks tend to include measures(such as revenues, profit, RoE, business volume, earnings per share,...)that may be subject to financial manipulation or do not provideemployees with sufficient incentives to consider the quality of thebusiness undertaken.Common techniques used to adjust profits and capital for risks are basedon the calculation of economic profit or economic capital (VaR, RAROC,RORAC).Accounting profits do not capture adequately future risks and may implya certain degree of judgment in decisions on the performance-related partof remuneration is necessary.Adjusting remuneration for risk over a multi-year period, seems also to bequite difficult to achieve in practice for an institution.However, if compensation schemes rely on imperfect risk measures, theyrun the risk of becoming ineffective and, more importantly, of creatingarbitrage-like opportunities for employees to take on risks that are notfully recognized by the measures.It is therefore important for institutions not to rely blindly on their riskmodels but to make qualitative judgments as well._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 88. P a g e | 88Institutions often also use discretion to adjust the bonus pools, e. g. toreflect external or unexpected events.However, discretion is also used for upward adjustments which makesthe measurement and award process less transparent and susceptible topossible manipulations.In this context a very important factor that is considered when bonuspools - not only on institutional level but also on divisional and businessunit level - are adjusted by discretion is the competitive environment inwhich institutions have to retain or attract their staff.Therefore even a bonus pool which is calculated predominantly on thebasis of conservative performance parameters is often dominated by theneed to grant competitive remuneration packages and especially variableremuneration.This has an overriding effect on the risk adjusted performance parametersused.Many institutions determine and allocate their variable remuneration inmore or less modified top-down approaches.A top-down approach starts by setting a bonus pool on the level of theinstitution, which is then allocated to business units and to individuals.Bigger institutions often have additional divisional sub pools under thebonus pool at the level of institution, which are then further distributed.On each of the aforementioned levels ex ante risk adjustment can beexercised.Furthermore institutions seem to use risk adjusted parameters more athigher bonus pool levels, i. e. at the level of institution and at divisionallevel._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 89. P a g e | 89At the level of the business unit, but especially at individual level,consideration of risk metrics by institutions seems to be rarely used.Real risk adjustments at these levels are more based on red flags raised e.g. in case of breaches of compliance.The other performance parameters used at business unit and individuallevel seem to be based more on operating results and some qualitativeparameters like customer satisfaction etc.Some jurisdictions have more detailed expectations with a view to theratio of institution wide, business unit and individual performanceparameters (e. g. management board: 50% institution wide, 50%individual; others: in principle 1/3 on each level).The use of more risk adjusted performance parameters also at lower levels,i. e. business unit and individual level, should be a key future objective.This is because the behaviour of an employee in his specific job functionwill primarily be influenced by those parameters he can affect through hisperformance etc.It is good practice to use a combination of appropriate quantitative andqualitative parameters on each level of performance measurement, i. e. oninstitutional, divisional and business unit level as well as on individuallevel.Quantitative parameters that refer to the annual performance of theinstitutions should refer to a multi-year period to avoid a high volatility ofthese metrics, which could lead to inappropriate risk taking.There should also be a formalized process and predefined criteria for apossible discretionary adjustment of these parameters, especially toreflect the adjustment of profits.The Rem Co and risk management function should formally be involvedin this process._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 90. P a g e | 90Possible adjustments and their rationale should be documented and bepart of the reporting to the management body in its supervisory function.Supervisors should ask for the full calculations behind variableremuneration, checking the traceability of the different decisions.Furthermore it is good practice to use the aforementioned performanceparameters in combination with a secondary risk adjusted metric, whichshould coincide with the risk metrics used for risk management purposesat the respective level of performance measurement.For example, if the allocation of a divisional bonus pool to a business unitdepends on operating results of a business unit, an existing VaR limit forthis business unit could also serve as a performance cap.This performance cap would reduce the incentive to take higher risks inorder to increase operative results.For supervisors, it is important to monitor the strength of the incentivesgiven by remuneration to executives and identified staff, by looking, forinstance, at how much executives and other identified staff are insulatedfrom downside risks.Ex post perspectiveMore improvements seem to be desirable with a view to sufficientsensitive malus criteria which trigger forfeiture of deferred, i. e. unvested,variable remuneration.Malus criteria used do not always reflect the back testing character, whichis inherent in the idea of a malus, with regard to the initially measuredperformance.Often, the ex post risk adjustment is only qualitative in nature, or where itis quantitative in nature, it is not sufficiently defined._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 91. P a g e | 91For example, institutions often use a “significant downturn” as aparameter for ex post risk adjustment, without giving any details on whata “significant downturn” means.Also the malus trigger should be applied at lower levels, i.e. business unitand individual level, as this has a more substantial effect on theemployees’ behaviour (see above).Often malus triggers at lower levels do not take full account of negativeoperational performance and risk profiles of the business unit.At individual level a malus is often only triggered in the case of severecompliance breaches or when an employee leaves the firm voluntarily.It is good practice if malus or clawback arrangements include aperformance forfeiture on each level where the performance initially wasassessed, i.e. on the institutional, divisional and business unit level as wellas on individual level.This performance forfeiture should revert to those performanceparameters that were already used in the ex ante accrual process to assessthe initial performance on the respective level.SETTING UP MULTI YEAR FRAMEWORKSPerformance measurement periods, deferral schedules with malus orclawback arrangements attached to them and retention periods in caseinstruments are used to pay out variable remuneration introduce amulti-year element, linking the employees compensation schemes to thelong term performance of the institutions.This is by now a widespread practice in institutions.There are no major differences in the national regulation with respect tothe requirements of the CRD and Guidelines for the different componentsof the multi year framework._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 92. P a g e | 92In some countries longer accrual periods of at least two years areexpected for members of the management body.The portion of variable remuneration to be deferred varies betweenminimum 40% and 60%, as prescribed in CRD, while the deferral periodvaries between minimum 3 and 5 years.Some countries fixed a threshold of variable remuneration below whichthere is no requirement for deferral to take place.Another country fixed a threshold of variable remuneration for which 60%needs to be deferred.The payment is in general on a pro-rata basis, with yearly vesting periodsafter the end of the accrual period, as prescribed in the Guidelines.In general, no specific retention period has been fixed, an issue also leftopen in the Guidelines.Several countries, though, indicate a minimum retention period based onbest practice and which can vary between 6 months and 2 years.Member States seem to comply as well with the application of the 50%minimum threshold for the instruments to be divided equally over thedeferred and the non-deferred part, although some supervisors are of theopinion that rremuneration in shares is only likely to impact positively onbehaviours if there is a requirement for the shares to be held for prolongedperiods of time and that this is undermined by the requirement to pay50% of the upfront portion in shares.Institutions signal the administrative burden in designing andimplementing new CRD III compliant incentive plans.Another difficulty is adjusting the multi year framework to the tasks andresponsibilities of the different Identified Staff; up to now, there is littledifferentiation among the different levels of personnel in the multi yearelements that are applied to them._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 93. P a g e | 93With a view to the length of the accrual period one year periods seem tobe widespread.Nevertheless longer periods are also used, especially for highermanagement levels.For deferral, institutions stick to the legal minima, with little variation inthe 40 to 60 % or the 3 to 5 years ranges.The percentage deferred is however in general slightly higher forexecutive members of the management body.In almost all countries, most of the Identified Staff receives 50% ofvariable remuneration paid in instruments.The deferral period is 3 years in the practice of almost all countries.The retention period most commonly chosen is between 6 months and 18months.Occasionally, conceptually wrong deferral schemes are persistentlypresently by institutions.The following examples show a good and an inappropriate practice toconsider a multi-year performance measurement:_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 94. P a g e | 94While the first example shows an approach that combines a longeraccrual period with the other requirements of the CEBS Guidelines,especially with a view to the pay out requirements (deferral etc.), theapproach in the second example does not._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 95. P a g e | 95The approach in the second example considers the accrual periodsimultaneously as a deferral period.Beside the very clear textual distinction between these periods in CRD IIIand in the CEBS Guidelines, the approach unduly blends the ex ante andex post perspectives of risk alignment.Finally the performance parameters can be changed annually during theaccrual period. Thus the multi-year accrual period in fact has thecharacter of a short term accrual period._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 96. P a g e | 96NUMBER 4Jumpstart Our Business Startups ActFrequently Asked QuestionsChanges to the Requirements for Exchange Act Registration andDeregistration, April 11, 2012The Jumpstart Our Business Startups Act (the “JOBS Act”) was enactedon April 5, 2012.In these Frequently Asked Questions, the Division of CorporationFinance is providing guidance on the implementation and application ofthe JOBS Act, based on our current understanding of the JOBS Act and inlight of our existing rules, regulations and procedures.These FAQs are not rules, regulations or statements of the Commission.Further, the Commission has neither approved nor disapproved theseFAQs.Title V and Title VI of the JOBS Act amend Section 12(g) and Section15(d) of the Exchange Act as follows:  The holders of record threshold for triggering Section 12(g) registration for issuers (other than banks and bank holding companies) has been raised from 500 or more persons to either (1) 2,000 or more persons or (2) 500 or more persons who are not accredited investors.  Banks and bank holding companies, as such term is defined in the Bank Holding Company Act of 1956, will have a Section 12(g) registration obligation as of any fiscal year-end after April 5, 2012 with respect to a class of equity security held of record by 2,000 or more persons. Under Exchange Act Section 12(i), banks do not register their securities or file reports with the Commission. Accordingly, these FAQs relate only to bank holding companies._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 97. P a g e | 97  The holders of record threshold for Section 12(g) deregistration for banks and bank holding companies has been increased from 300 to 1,200 persons.  The holders of record threshold for the suspension of reporting under Section 15(d) for banks and bank holding companies has been increased from 300 to 1,200 persons.  In calculating the number of holders of record for purposes of determining whether Section 12(g) registration is required with respect to a class of equity security, issuers (including banks and bank holding companies) may exclude persons who received the securities pursuant to an employee compensation plan in transactions exempted from the registration requirements of Section 5 of the Securities Act.(1) Question:How do the amendments to Section 12(g)(1)(A) affect the obligations ofissuers (other than bank holding companies) to register a class of equitysecurity under Section 12(g) where such obligations were triggered as of afiscal year-end before April 5, 2012?Answer:If an issuer that is not a bank holding company triggered a Section 12(g)registration obligation with respect to a class of equity security as of afiscal year-end before April 5, 2012 but would not trigger such obligationunder the amended holders of record threshold contained in the JOBS Act,and the issuer has not yet registered that class of equity security underSection 12(g), then the issuer is no longer subject to a Section 12(g)registration obligation with respect to that class.Therefore, if the issuer has not filed an Exchange Act registrationstatement, it is no longer required to do so.If the issuer has filed an Exchange Act registration statement and theregistration statement is not yet effective, then the issuer may withdrawthe registration statement._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 98. P a g e | 98If the issuer has registered a class of equity security under Section 12(g), itwould need to continue that registration unless it is eligible to deregisterunder Section 12(g) or current rules.(2) Question:How do the amendments to Section 12(g)(1)(B) affect the obligations ofbank holding companies to register a class of equity security underSection 12(g) where such obligations were triggered as of a fiscal year-endon or before April 5, 2012?Answer:Under Section 12(g)(1)(B), a bank holding company will have a Section12(g) registration obligation if, as of any fiscal year-end after April 5, 2012,it has total assets of more than $10 million and a class of equity securityheld of record by 2,000 or more persons.We consider that the effect of this provision is to eliminate, for bankholding companies, any Section 12(g) registration obligation with respectto a class of equity security as of a fiscal year-end on or before April 5,2012.Therefore, if a bank holding company has filed an Exchange Actregistration statement and the registration statement is not yet effective,then it may withdraw the registration statement.If a bank holding company has registered a class of equity security underSection 12(g), it would need to continue that registration unless it iseligible to deregister under Section 12(g) or current rules.(3) Question:On or after April 5, 2012, how can a bank holding company terminate theregistration of a class of equity security under Section 12(g)?Answer:If the class of equity security is held of record by less than 1,200 persons,the bank holding company may file a Form 15 to terminate the Section12(g) registration of that class.Form 15 has not yet been amended to reflect the change to Exchange ActSection 12(g)(4)._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 99. P a g e | 99Therefore, a bank holding company should include an explanatory notein its Form 15 indicating that it is relying on Exchange Act Section12(g)(4) to terminate its duty to file reports with respect to that class ofequity security.Pursuant to Section 12(g)(4), the Section 12(g) registration will beterminated 90 days after the bank holding company files the Form 15.Until that date of termination, the bank holding company is required tofile all reports required by Exchange Act Sections 13(a), 14 and 16.Alternatively, a bank holding company could rely on Exchange Act Rule12g-4, which permits the immediate suspension of Section 13(a) reportingobligations upon filing a Form 15, if it meets the requirements of that rule.Note that Rule 12g-4 has not yet been amended to incorporate the new1,200 holder deregistration threshold.(4) Question:On or after April 5, 2012, how can a bank holding company suspend itsreporting obligations under Section 15(d)?Answer:In general, the Section 15(d) reporting obligation is suspended if, and forso long as, the issuer has a class of security registered under Section 12.When an issuer terminates Section 12 registration, it must address anySection 15(d) obligation that would apply once the Section 15(d)suspension is lifted.For the current fiscal year, a bank holding company can suspend itsobligation to file reports under Section 15(d) with respect to a class ofsecurity that was sold pursuant to a Securities Act registration statementand that was held of record by less than 1,200 persons as of the first day ofthe current fiscal year.Such suspension would be deemed to have occurred as of the beginningof the fiscal year in accordance with Section 15(d) (as amended by theJOBS Act)._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 100. P a g e | 100If, during the current fiscal year, a bank holding company has aregistration statement that becomes effective or is updated pursuant toSecurities Act Section 10(a)(3), then it will have a Section 15(d) reportingobligation for the current fiscal year.If a bank holding company with a class of security held of record by lessthan 1,200 persons as of the first day of the current fiscal year has aregistration statement that is updated during the current fiscal yearpursuant to Securities Act Section 10(a)(3), but under which no sales havebeen made during the current fiscal year, the bank holding company maybe eligible to seek no-action relief to suspend its Section 15(d) reportingobligation. Such issuers should contact the Division’s Office of ChiefCounsel for further information.(5) Question:Section 503 of the JOBS Act requires the Commission to revise thedefinition of “held of record” to exclude, from the Section 12(g)(1) holderof record calculation, persons who received the securities pursuant to anemployee compensation plan in transactions exempted from theregistration requirements of Section 5 of the Securities Act.May an issuer (including a bank holding company) exclude such personsbefore the effective date of the revised definition?If so, would an issuer also be able to exclude former employees?Answer:Yes.As of April 5, 2012, an issuer (including a bank holding company) mayexclude persons who received securities pursuant to an employeecompensation plan in Securities Act-exempt transactions whether or notthe person is a current employee of the issuer.Although Section 503 of the JOBS Act directs the Commission to adopt“safe harbor provisions that issuers can follow when determining whetherholders of their securities received the securities pursuant to an employeecompensation plan in transactions that were exempt from the registrationrequirements of section 5 of the Securities Act of 1933,” the lack of a safeharbor does not affect the application of Exchange Act Section 12(g)(5)._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 101. P a g e | 101NUMBER 5EBA, ESMA and EIOPA publish two reports on MoneyLaunderingThe Joint Committee of the three European Supervisory Authorities(EBA, ESMA and EIOPA) has published two reports on theimplementation of the third Money Laundering Directive [2005/60/EC](3MLD).The “Report on the legal, regulatory and supervisory implementationacross EU Member States in relation to the Beneficial Owners CustomerDue Diligence requirements” analyses EU Member States’ current legal,regulatory and supervisory implementation of the anti - moneylaundering/counter terrorist financing (AML/CTF) frameworks relatedto the application by different credit and financial institutions ofCustomer Due Diligence (CDD) measures on their customers’ beneficialowners.The report sought to identify differences in the implementation of theDirective and to determine whether such differences create a gap in theEU AML/CTF regime that could be exploited by criminals for moneylaundering and terrorist financing purposes.The “Report on the legal and regulatory provisions and supervisoryexpectations across EU Member States of Simplified Due Diligence_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 102. P a g e | 102requirements where the customers are credit and financial institutions”provides an overview of EU Member States’ legal and regulatoryprovisions and supervisory expectations in relation to the application ofSimplified Due Diligence (SDD) requirements of the 3MLD.The report focuses exclusively on one particular situation of low riskwhere SDD is applicable, namely where the customer is a credit orfinancial institution situated in a EU/EEA state or in a country thatimposes equivalent AML/CFT requirements.Both reports come to the conclusion that there are significant differencesin the implementation across the EU Member States, and that some ofthese differences could create undesirable effects on the commonEuropean Anti Money Laundering Regime.The reports find that some of these differences are not due to theDirective’s minimum harmonisation approach, but instead appear tostem from different national interpretations of the Directive’srequirements.Both reports also call on the European Union to consider addressingthese problems.The Joint CommitteeThe Joint Committee is a forum for cooperation that was established on1st January 2011, with the goal of strengthening cooperation between theEuropean Banking Authority (EBA), European Securities and MarketsAuthority (ESMA) and European Insurance and Occupational PensionsAuthority (EIOPA), collectively known as the three European SupervisoryAuthorities (ESAs).Through the Joint Committee, the three ESAs cooperate regularly andclosely and ensure consistency in their practices.In particular, the Joint Committee works in the areas of supervision offinancial conglomerates, accounting and auditing, microprudential_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 103. P a g e | 103analyses of crosssectoral developments, risks and vulnerabilities forfinancial stability, retail investment products and measures combatingmoney laundering. In addition to being a forum for cooperation, the JointCommittee also plays an important role in the exchange of informationwith the European Systemic Risk Board (ESRB) and in developing therelationship between the ESRB and the ESAs.Interesting AbbreviationsAML – Anti Money LaunderingAMLTF – Anti-Money Laundering Task Force of the EBA, ESMA andEIOPAAML Committee – The Joint Committee of the European SupervisoryAuthorities’ Sub Committee on Anti Money LaunderingCDD - Customer Due DiligenceCPMLTF – EU Committee on the Prevention of Money Laundering andTerrorist FinancingCTF – Counter Terrorist FinancingEBA - European Banking AuthorityEC – European CommissionEEA - European Economic AreaEIOPA - European Insurance and Occupational Pensions AuthorityEDD – Enhanced Due DiligenceESMA - European Securities and Markets AuthorityEU – European Union_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 104. P a g e | 104FATF – Financial Action Task ForceID - IdentityML – Money LaunderingMS – Member State of the European UnionSDD - Simplified Due DiligenceTF – Terrorist FinancingUBO – Ultimate Beneficial OwnerWG – Working Group3rd MLD - Third Money Laundering Directive (2005/60/EC)_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 105. P a g e | 105NUMBER 6BIS - Peer review of supervisory authorities implementation ofstress testing principles -April 2012Stress testing is an important tool used by banks to identify the potentialfor unexpected adverse outcomes across a range of risks and scenarios.In 2009, the Committee reviewed the performance of stress testingpractices during the financial crisis and published recommendations forbanks and supervisors entitled Principles for sound stress testingpractices and supervision.As part of its mandate to assess the implementation of standards acrosscountries and to foster the promotion of good supervisory practice, theCommittees Standards Implementation Group (SIG) conducted a peerreview during 2011 of supervisory authorities implementation of theprinciples.The review found that stress testing has become a key component of thesupervisory assessment process as well as a tool for contingency planningand communication.Countries are, however, at varying stages of maturity in theimplementation of the principles; as a result, more work remains to bedone to fully implement the principles in many countries.Overall, the review found the 2009 stress testing principles to be generally_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 106. P a g e | 106effective.The Committee, however, will continue to monitor implementation of theprinciples and determine whether, in the future, additional guidancemight be necessary.Peer review of supervisory authorities’ implementation of stresstesting principles, April 2012Executive summaryThis report summarises the Basel Committee’s peer review on howsupervisory authorities have implemented the Committee’s 2009Principles for sound stress testing practices and supervision.The global financial crisis and the 2009 stress testing principlesStress testing is an important tool for banks to identify unexpectedadverse outcomes across a range of risks. It plays a particularly importantrole in:- providing forward-looking assessments of risk;- overcoming limitations of models and historical data;- supporting internal and external communication;- feeding into capital and liquidity planning procedures;- informing the setting of banks’ risk tolerance; and- facilitating the development of risk mitigation or contingency plans across a range of stressed conditions.In 2009, the Committee reviewed the performance of stress testingpractices during the crisis and found weaknesses in various areas._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 107. P a g e | 107Based on the findings, and as part of its efforts to incorporate lessonsfrom the crisis in supervisory practices, the Committee publishedrecommendations for banks and supervisors entitled Principles for soundstress testing practices and supervision.The guidance sets out a comprehensive set of principles for the soundgovernance, design and implementation of stress testing programmes atbanks.The principles also established high-level expectations for the role andresponsibilities of supervisors in evaluating stress testing practices.Scope of the reviewAs part of its mandate to assess the implementation of standards acrosscountries, during 2011 the Committees Standards Implementation Groupundertook a peer review of supervisory authorities’ implementation of theprinciples.The review was conducted via an off-site survey of supervisoryauthorities.All Committee member countries and one non-member countryparticipated in the review.The review focused primarily on progress in supervisory processes usedto implement the principles.It was not designed to provide a detailed country-by-country assessmentor to assess the adequacy of banks stress testing programmes.Increasingly, supervisory stress tests are being used to set minimumcapital requirements, determine explicit capital buffers or to limit capitaldistributions by banks.This recent development was not extensively considered in the principlesand as a result was not a key focus of the review._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 108. P a g e | 108Key findingsProgress overviewIn the period since the principles were issued, stress testing has become akey component of the supervisory assessment process as well as a tool forcontingency planning and communication.Many of the countries participating in this peer review have been workingto implement and refine stress testing frameworks and methodologies atthe same time as their economies and banking systems have beenaffected by a high degree of global economic and financial uncertainty.Although many supervisory authorities and banks had operational stresstesting frameworks in place, existing guidance and rules had to be revisedand new expectations put in place to broaden and deepen stress testingcapabilities at both banks and supervisory authorities.The review found that countries are at varying stages of maturity in theirimplementation of the principles.Nearly half of the countries were considered to be at an early stage.These countries showed some progress toward implementing theprinciples, but they may not have issued or finalised prudentialrequirements on enterprise-wide stress testing since the principles werepublished.They generally had not conducted regular on-site or off-site reviews otherthan in the context of risk-specific modelling requirements such as formarket risk, and had conducted industry-wide stress tests infrequently, oronly as part of International Monetary Fund Financial Sector AssessmentProgram (FSAP) reviews.In contrast, a few countries were considered to be advanced.For these countries, the survey responses provided evidence of a rigorousregular review process that included a combination of on-site and off-siteassessments, some review and feedback on detailed stress testing models_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 109. P a g e | 109used by banks, evidence of follow-up actions and a well-embeddedsupervisory stress testing programme that was not limited to externallyimposed scenarios.The remainder of countries were found to fall between the above twogroups.These countries have issued some formal requirements or guidanceconsistent with the principles, are generally performing regularsupervisory stress tests on large banks in their jurisdictions and arereviewing stress testing in the context of annual internal capital adequacyassessment process (ICAAP) reviews and specific risk reviews.These countries have more to do in deepening their stress testingprogrammes, including issuing updated requirements and conductingmore detailed on-site and off-site reviews of banks stress testingcapabilities.Remaining challenges and examples of good practicesThe most common overall supervisory approach was to conduct somereview of banks stress testing as part of regular ICAAP assessments andin the context of specific risks where ongoing supervisory review ofexposure modelling is now routine, notably market and liquidity risks.Conducting more detailed, comprehensive reviews of banksenterprise-wide stress testing governance and modelling as envisioned inthe principles requires expert skills and resourcing at both banks andsupervisors, and as a result has not yet become standard practice in manycountries.A significant development in the last several years has been the increaseduse of supervisory stress tests.A majority of countries now regularly conduct mandated stress tests withprescribed scenarios across the large banks in their jurisdictions,although for some countries, this is limited to the FSAP stress tests._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 110. P a g e | 110A number of countries noted the resource-intensive nature ofindustry-wide stress tests.In particular, the more advanced countries note that resourcing at bothsupervisory authorities and banks to support stress testing is challenging,with a trend towards establishing specially staffed units or internal taskforces for stress testing.Many, however, found that these exercises have been helpful in terms ofenhancing the visibility of stress testing and providing a structured basisfor dialogue with banks on their capabilities.It was noted that industry dialogue around mandated stress tests had ledto improvements in bank capabilities.The following types of practices are also associated with relatively moreadvanced countries:- plans for, or completed horizontal or thematic reviews of, stress testing either at an enterprise-wide level or for specific portfolios;- engagement with boards of directors on stress testing scenarios and governance;- review of detailed evidence of how banks are using stress test outcomes in their decision-making and risk-appetite setting;- well-articulated plans for improving their stress testing supervision programmes;- involvement of both generalist and specialist supervision staff; and- publication of the results and provision of consistent feedback to banks.While not a primary focus of the peer review, many countries providedviews on areas for improvement in stress testing practices at banks._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 111. P a g e | 111These responses focused fairly consistently on areas such as governanceand the use of stress testing in bank decision-making, data andinformation technology infrastructure, severity of scenarios and firm-widemodelling challenges.The review found the principles to be generally effective.The Committee, however, will continue to monitor implementation of theprinciples and determine whether, in the future, additional guidancemight be necessary.IntroductionStress testing is an important tool for banks to identify unexpectedadverse outcomes across a range of risks.The financial crisis highlighted significant weaknesses in banks stresstesting programmes that contributed to failures to identify the nature andmagnitude of key risks.As a result, the Committee engaged with the industry in examining stresstesting practices and, in May 2009, the Committee publishedrecommendations for banks and supervisors entitled Principles for soundstress testing practices and supervision.The guidance set out a comprehensive set of principles for the soundgovernance, design and implementation of stress testing programmes atbanks.The principles established expectations for the role and responsibilities ofsupervisors in evaluating stress testing practices. Overall, the guidanceincludes fifteen principles for banks and six principles for supervisors.As part of its mandate to assess the implementation of its standardsacross countries, the Committees Standards Implementation Groupundertook a peer review of supervisory authorities’ implementation of theprinciples.The objectives of this review were to:_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 112. P a g e | 112- assess the extent to which the principles have been implemented in a rigorous and consistent manner across the Committees member authorities;- identify and provide feedback on factors that are most critical to the effective implementation of the principles; and- assess the effectiveness of the principles themselves.An important element of the review was the context in which theprinciples are being implemented.Many of the countries participating in this peer review have been workingto implement and refine stress testing frameworks and methodologies atthe same time their economies and banking systems have been affectedby a high degree of global economic and financial uncertainty.Although many supervisory authorities and banks had operational stresstesting frameworks in place, existing guidance and rules had to be revisedand new expectations put in place to broaden and deepen stress testingcapabilities at both banks and supervisors.This is being done in a stressed environment and is also being conductedat a time when stress testing infrastructure, including the ability to collectappropriate data, develop models and aggregate results, is evolving.As a result, the current environment has provided a useful early test ofhow countries are putting the principles into practice.More broadly, it was evident that countries are implementing stresstesting regimes and activities in different ways that may reflect theirindividual situations and not all will follow the same progression or pathin implementing the principles.The review was intended to deliver feedback on good supervisory practiceto help supervisors implement standards more effectively._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 113. P a g e | 113Indeed, several countries have reported significant progress subsequentto the completion of the peer review survey, particularly with regard tosupervisory stress testing practices.MethodologyThe peer review was conducted through a questionnaire which wasdistributed to Committee member countries in September 2011.Analysis of the responses was conducted by a working group ofrepresentatives of supervisory authorities with expertise in stress testing.The questionnaire focused primarily on the implementation activities ofsupervisors and consisted of both factual multiple choice questions andfree-form responses.The review team used the information provided by each country and,where relevant, source documents demonstrating its implementation ofthe principles, to assess and compare the progress made across countries.Given the off-site and high-level nature of the review, it was not intendedto produce a definitive assessment of individual countriesimplementation of the principles, but, rather, to allow an overall view ofprogress across countries.A detailed report was provided to the Standards Implementation Groupand to the Committee.The review focused primarily on the implementation of principles 16-21for supervisors, as it was not within the scope of the peer review to assesscompliance by banks with principles 1-15 on stress testing practices.However, countries were invited to provide their views on the ease andeffectiveness of implementation for each of the principles for banks intheir jurisdiction.In their responses, supervisory authorities were asked to focus onsupervision of the largest banks in their jurisdiction, although some also_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 114. P a g e | 114addressed their supervisory expectations for stress testing at smallerbanks.Assessment of principles for supervisorsOverall maturity of implementationFor purposes of assessing and comparing implementation of theprinciples, participating countries were stratified as being in an early,intermediate or advanced state of implementation.These assessments were based on indicators of maturity developed forthis purpose by the review team, as well as the quality and thoroughnessof the questionnaire responses.Countries in the early category (nearly half of respondents) showed someprogress towards implementing the principles; however, they may nothave issued or finalised prudential requirements on enterprise-wide stresstesting since the principles were published.These countries generally had not conducted regular on-site or off-sitereviews other than in the context of risk-specific modelling requirementssuch as for market risk, and have conducted industry-wide stress testsinfrequently, or only as part of FSAP reviews.In contrast, a few countries were classified as advanced. For thesecountries, the review team saw evidence of a rigorous regular reviewprocess that included a combination of:- on-site and off-site assessments;- some review and feedback on detailed stress testing models used by banks;- evidence of follow-up actions; and- a well-embedded supervisory stress testing programme that was not limited to FSAP or regionally-imposed scenarios._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 115. P a g e | 115The remainder of countries (approximately half of respondents) fell intothe intermediate category.These countries have issued some formal requirements or guidanceconsistent with the principles, were generally performing regularsupervisory stress tests on their large banks and were reviewing stresstesting in the context of annual ICAAP reviews and specific risk reviews.These countries have more to do in deepening their programmes,including issuing updated requirements and conducting more detailedon-site and off-site reviews of banks stress testing capabilities.Notably, several countries have reported significant progress subsequentto the completion of the peer review survey, particularly with regard tosupervisory stress testing practices and also in some cases issuance ofstress testing requirements or guidance.Specific areas of supervisory activity in relation to the principles arediscussed in more detail below.Prudential frameworkThe review found that all countries have in place prudential requirementsrelating to stress testing.In many cases these requirements were implemented as a component ofBasel II, namely the ICAAP requirements, or otherwise pre-date theprinciples.In addition, a large majority of the respondents stated that they hadissued specific rules or guidance implementing the principles.However, approximately one-third of respondents has not issued anyrules or guidance on stress testing post-2009, and thus would not beconsidered to have implemented the principles explicitly.These countries rely on other rules relating to stress testing, particularlyunder the Basel II credit or market risk requirements._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 116. P a g e | 116In terms of future plans, a number of countries across different levels ofmaturity are in the process of, or are planning to strengthen or finaliseguidance or regulations.In some cases, key elements of the principles have been incorporated intothe Pillar 2 requirements and in other cases as (non-mandatory) guidancefor banks.Some countries issued informal guidance based generally on theprinciples or on other regional guidelines.A number of countries are still in the early phases of issuing prudentialexpectations for enterprise-wide stress testing.At least a few countries have not yet issued requirements relating to BaselII ICAAPs, which was the most common means of implementing theprinciples.Other countries have already updated their rules and adapted theprinciples or other guidelines for their own circumstances.These would be considered to have a more mature supervision frameworkfor stress testing.A few other countries have issued their own good practice guidelineswhich incorporate the principles as well as key findings from supervisoryactivities and industry dialogue.Roughly three-quarters of respondents reported that there have not beenany impediments to implementing the principles.However, resourcing and other supervisory priorities were noted as aconstraint by a number of other countries.A number of countries asserted that because their banks or bankingsystems are not complex, some of the aspects of the principles are notrelevant (eg structured products and highly leveraged counterparties)._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 117. P a g e | 117Further, banks in some jurisdictions generally do not have theinfrastructure and skills to be able to comply with sophisticated stresstesting requirements.Supervisory reviewPrinciple 16 recommends that supervisors should make regular andcomprehensive assessments of banks stress testing programmes.The review found that supervisory authorities use a combination ofon-site and off-site reviews to assess banks’ stress testing practices.Most countries indicated that they have conducted some form of on-sitereview of stress testing at banks.For specific risk areas (primarily market, liquidity and to some extentcredit risk), there are well established supervisory review programmes.Almost three-quarters of countries indicated that they perform extensiveregular review of firm-wide stress testing practices.The most common approach for assessing firm-wide stress testing isthrough annual ICAAP reviews, which generally cover capital planning aswell as other matters.Given the scope of ICAAP reviews, it may be difficult to assess all of theprinciples during a routine ICAAP review.Indeed, a few countries indicated that they conduct horizontal orthematic reviews specifically on firm-wide stress testing including theprinciples, which is considered a more advanced practice.The frequency of on-site reviews of firm-wide stress testing varied acrosscountries.About one-third of countries conducted less-than-annual reviews (every2-4 years) while roughly half of responding countries reported that theyconduct annual or more frequent on-site reviews of stress testing._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 118. P a g e | 118Some supervisors have conducted a one-time review of the principlesthrough self-assessments, questionnaires, or benchmarking studiesacross a range of banks.In terms of the scope of supervisory review, supervisory activitiesregularly covered stress testing for firm-wide risks, general credit risks,retail mortgages and corporate credit risks, market risk, banking bookinterest rate risk and liquidity risk.Authorities reported that areas such as operational risk, overseasoperations, as well as specific portfolios such as commercial property andsovereign risks, receive less coverage.Supervisory authorities in most countries reported conducting annual ormore frequent review of board and senior management reporting of stresstest results.Use of stress testing in loan loss provisioning was reviewed regularly byabout half of the countries.The role of stress testing to help set risk appetite and identify riskconcentrations were areas that were less commonly reviewed; this is anarea where supervisory and bank practice is at a very early stage.Review of contingency plans for operational risk is the surveyed area leastlikely to have been assessed by supervisors in the context of stress testing.Some countries noted different requirements or expectations of stresstesting across banks, mainly depending on the banks’ systemicimportance (including size, complexity and relevance to economy) andrisk profile.Most emphasised that supervisors have proportionately differentexpectations when conducting stress testing reviews of smaller banks.Several countries (particularly those at the more advanced stages ofimplementation of the principles) indicated that they are planning toincrease the expectations of smaller institutions with respect to stresstesting going forward._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 119. P a g e | 119Supervisory actionPrinciple 17 indicates that supervisors should take action on deficienciesin banks stress testing programmes.The review found that the two most common areas for supervisoryfollow-up were improving governance processes for stress testing and useof additional (in particular, more severe) scenarios.Many countries either regularly or occasionally imposed requirements toimprove data or model validation processes.The least common supervisory follow-up action indicated in theresponses was to require the bank to review or change limits or exposures(less than half of the countries reported taking this action regularly).Principle 19 encourages supervisors to consider the results of stress testsin assessing capital adequacy and in setting prudential buffers for capitaland liquidity.A large majority of countries indicated that they sometimes or regularlyimpose capital or liquidity requirements as a result of stress testingdeficiencies.In particular, use of stress scenarios for setting liquidity requirementsappears to be fairly well established, particularly as countries work towardimplementing the Basel III liquidity framework, which is based onstressed cash flows.Nearly all of the countries indicated regular review of liquidity stresstesting.Use of stress tests for setting minimum capital requirements, determiningexplicit capital buffers or for limiting capital distributions by banks is amore recent development that was not extensively considered in theprinciples and as a result was not a key focus of the review.A small number of countries indicated that stress testing has become akey tool for setting or assessing capital requirements._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 120. P a g e | 120Some countries have issued new requirements in the past year or sospecifically related to the use of stress tests in assessing capital adequacy.While use of stress tests to set formal minimum capital requirements isnot common, use of standard supervisory stress scenarios as abenchmarking tool is increasingly prevalent.Other countries took the view that stress test results are just one factor inassessing how much capital is needed to offset the risk of unexpectedlosses.In a number of countries, and even those with fairly advanced stresstesting supervision programmes, stress testing was seen as one of severaltools in assessing capital adequacy and there was a reluctance to placeprimary reliance on stress test scenario outcomes.This may reflect the evolving nature of supervisory and bank practices.Supervisory resourcingAs stress testing is a fairly new and specialised area of supervision, thereview found that resourcing and capabilities for stress testingsupervision were key challenges for many supervisory authorities.Only a few countries have established units specifically dedicated tostress testing.Most countries are primarily relying on separate teams of staff to conductsupervisory stress tests and, in many cases, also to review stress testingpractices at banks.These teams also perform other tasks in addition to reviewing orconducting stress testing.Typically, a set of specially trained supervisors is responsible forcoordinating with banks with respect to the collection of data for stresstesting and reviewing and consolidating the stress test information.Often an inter-departmental team is used to conduct the stress tests._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 121. P a g e | 121In general, it was noted that staff with a variety of different backgroundscan be useful in stress testing, including macro-surveillance economists,risk specialists and modelling experts, as well as generalist supervisorswho are most familiar with individual institutions or accounting experts.Similarly, most countries utilise both risk specialists and generalistsupervisors in reviewing stress testing practices at banks.In most countries, generalist supervisors are involved in the review ofstress testing practices; however, they are not generally involved inconducting supervisory stress tests.At the same time, some countries noted that where stress testing isallocated to a separate unit, it can be more difficult to ensure that stresstesting is embedded within routine supervision and that stress testoutcomes are understood and used by the generalist supervisors.This was seen as an evolving challenge.The more advanced countries, in particular, noted a general lack ofspecialised stress testing resources.Indeed, some countries found that prioritisation of supervisory work is amajor issue as key individuals involved often have other responsibilities.Most countries indicated they had established some form of trainingprogramme on stress testing for supervisors.In many cases, the training was of a quite general nature and in somecases limited to presentation of the results of supervisory stress tests orhigh-level discussion in the context of introductory training on Pillar 2approaches.A few countries provide quite advanced training programmes, includingcase studies, and some offer training to other countries supervisors or tobanks in their jurisdiction.Not surprisingly, several countries noted that stress testing training is anarea of focus in their future plans._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 122. P a g e | 122Supervisory stress testingPrinciple 20 recommends that supervisors should consider implementingstress test exercises based on common scenarios.It is clear that there has been a significant increase in the use ofsupervisory stress tests in recent years.In fact, all countries indicated that they conduct some form of supervisorystress test.As a result, progress in this area can be considered more advancedgenerally than some other aspects of the principles.Portfolio-level stress tests were reported by more than half of thecountries.In recent years, this has included specific stress tests on, for example,housing loan portfolios, consumer debt, sovereign risks and liquidity risk.Some countries indicated that they conduct very frequent sensitivitytesting for specific risks, for example, applying market risk and liquidityshocks on a regular basis.In terms of firm-wide stress tests based on a common scenario, there wasa range of experience.A few countries have performed FSAP stress tests only.While these stress tests provide an important basis and experience fordesigning supervisory stress tests, in many cases they tended to be led bythe FSAP mission team and the national central bank, and did not have asupervisory focus.About one-third of countries were not running stress tests on a firm-widebasis.In a couple of countries, firm-wide stress tests were conducted by the(non-supervisory) central bank, although with some involvement by thesupervisory authority._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 123. P a g e | 123Many countries conduct both bank-run and supervisor-run stress tests.This can involve the supervisory authority running the same scenariousing supervisory or public data in order to benchmark banks resultsfrom the bank-run stress test. Some countries run both regional andcountry-specific stress tests.Directing banks to run a stress test using a common scenario isconsidered to be a more advanced practice for supervisors, as it requiresmore detailed understanding of bank modelling capabilities and anability to assess the results.About half of the countries have conducted bank-run, firm-wide stresstests (outside of the FSAP process), of which about half conduct these onan annual basis.Supervisory assessment and challengeThe overall assessment and challenge of the reasonableness of banksstress test scenarios and outputs is a difficult area for supervision.In many countries, the models, assumptions and approaches used areevolving, and banks are at varying degrees of sophistication.At a general level, the review found a range of supervisory methods forchallenging the scope and results of banks’ stress tests and scenarios.The most widely used method was to compare outputs with historicalexperience, such as a past severe recession.However, in countries with little history of financial crisis, this approachmay be more difficult.A number of countries conducted their own parallel stress tests on bankfinancial data to benchmark results produced by banks or placed highreliance on reasonableness checks based on supervisors’ understandingof portfolios.Peer comparisons were very useful in countries where banks subject tostress testing are comparable in size and scope._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 124. P a g e | 124Some countries facilitate this by requiring banks to report the results oftheir stress tests in a standardised manner.A number of countries also place moderate to high reliance on banksown internal model validation reporting.Independent review by external auditors or consultants can be oneelement of the assessment and challenge process for some countries.But more than half of countries indicated they do not rely at all onindependent review of stress testing results as part of their supervisionactivities.Another supervisory trend is that supervisory authorities are more activelyreviewing scenarios chosen by the banks in their internal stress testingand, for example, the banks’ ICAAPs.Monitoring or keeping a systematic inventory of scenarios used by banksis a more advanced practice as it allows better benchmarking of peerbanks’ internal view of stressed conditions and possible vulnerabilities.Several countries maintain a database of scenarios used by their banks,and others have plans to do this.Over half of the countries periodically review the scenarios used by banksin their internal stress testing.A few countries in the earlier stages of maturity were not regularlyreviewing scenarios used by banks.Supervisory authorities in several countries indicated that they haveperformed reverse stress tests, that is, stress tests designed to besufficiently severe that they challenge the viability of the bank.However, reverse stress testing has not become a common supervisorypractice.In fact, the supervisory stress tests appear to be the vehicle for assessingthe impact of more severe scenarios._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 125. P a g e | 125In terms of the choice of scenario for supervisory stress tests, the mostcommon approach was to look to a previous severe recession or inputfrom the central bank.Also very common was to target the scenario to known vulnerabilities.About half of the countries have used externally prescribed scenarios (forexample, from a regional authority or FSAP process).Dialogue with public and private sectorsStress testing is increasingly part of the public debate on the strength andtransparency of supervision.Supervisory authorities have regular discussions with banking industryrisk officers or hold occasional seminars, workshops or roundtables withbanks to exchange experiences on stress testing methodologies and useof results.In some cases, this has resulted in publication of local industry guidancebased on the Committees principles.Some supervisors also have a formal process for coordinating with otherofficial organisations within their country.In some cases, a formal committee of regulators and other authorities(including the central bank) discusses systemic vulnerabilities andprovides input into stress testing programmes and the scenarios to betested.A number of other supervisors coordinate with their central bank inconducting a quantitative macroeconomic stress test, includingconsideration of potential systemic issues that may be caused by banks’management reactions to a common stress scenario.Regional-level coordinating bodies have also become increasinglyimportant._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 126. P a g e | 126Effective supervisory approachesThe review highlighted a number of different supervisory approaches thatappear to have been more effective and are reflective of more advancedprogress.One of the most effective tools in advancing stress testing practices hasbeen the significantly heightened focus on industry-wide supervisorystress tests.Many countries found that this process has helped focus on commonexpectations, provide a structured approach for dialogue on better stresstesting practices, and identify gaps in banks stress testing infrastructure.By challenging the loss results reported by banks on the prescribedscenarios, supervisors have motivated banks to justify their results andhence improve their internal assessment of key risk areas.In contrast, there was some evidence that countries that have onlyconducted supervisory stress tests or supervisory review of stress testingpractices without leveraging these two aspects together have not made asmuch progress in implementing the principles.In addition, countries that address bank stress testing practices throughthe ICAAP review process have generally found this to be an effectivemechanism, although periodic horizontal or thematic reviews that allowdetailed comparison of practices across banks is a more advancedapproach that is in use or under consideration in some countries.A formal self-assessment process conducted in some countries helpedbanks identify where their practices are consistent with the principles andwhere gaps exist in stress testing programmes.Open dialogue with banks was also seen as a key element of an effectivesupervisory programme.Annual meetings with banks can include discussions of riskdevelopments and best practices in stress testing that effectively createincentives for banks to strengthen their own practices._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 127. P a g e | 127Another approach highlighted by some countries was to engage indialogue on scenario selection, dynamics of models, reporting templatesand data capabilities, and overall robustness of the stress test at thehighest level of bank management.Several countries have issued publications describing observed goodpractices arising from benchmarking or initial implementation reviews ofthe principles.This type of guidance allows banks to benchmark themselves againsttheir local peers.Banks, and to some extent regulators, are increasingly using stress testingas a means of communicating their risk profiles to the market.However, disclosure requirements and practices vary considerably bycountry.Many countries now publish aggregate summaries of stress tests resultsin their regular financial stability reports, and in some cases outcomes forindividual banks.Some banks now routinely provide stress test results as part of theirfinancial results.Future plansMost supervisory authorities described future enhancements to theirstress testing supervision programmes.Those countries in the early phases of maturity are planning to issue,finalise or update rules on stress testing and to commence review andassessment of stress testing practices.Some are also conducting supervisory stress tests for the first time.Those supervisory authorities in intermediate to advanced stages ofmaturity plan to focus on deepening their current on-site and off-sitereview programmes, with the aim of better assessing how stress testoutcomes are used in bank decision-making and risk appetite setting._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 128. P a g e | 128Stress testing results are expected to have a greater impact oncontingency planning including recovery and resolution.Additional supervisory work is planned for identifying and assessing howbanks are integrating stress tests results in the development of riskappetite and overall risk management.Some supervisors will also use horizontal reviews across multiple banks toassess these areas as well as to benchmark banks’ internal stress testscenarios and assumptions.Greater focus on the use of stress test outputs in assessing capitaladequacy and liquidity was evident in a few countries, with some alsoplanning more explicit consideration of stress test outcomes in settingcapital buffers.Principles for BanksAs the peer review focused on supervisory implementation, anassessment of stress testing practices at banks was not within the scope ofthis review.Nevertheless, many countries provided high-level comments on progressof banks in their jurisdictions that were reasonably consistent and may beof broader interest.In particular, all countries reported significant improvements in stresstesting capabilities at banks since publication of the principles.Authorities noted an overall improvement in the rigor and quality of stresstesting and the quality of information presented in ICAAPs.Risk-specific stress testing, particularly regarding market and liquidityrisk, was found to be reasonably well developed.More recently, banks have focused increasingly on centralised, firm-widestress testing that encompasses a broader range of risks, but manycountries note this area is still evolving._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 129. P a g e | 129Banks have strengthened their resourcing, with some banks now havingset up dedicated stress testing units.Banks are using a broader range of scenarios, including those that aremore severe and complex.However, as noted below, many countries indicated that banks’ scenarioscontinue to be less severe than supervisors might find appropriate.Banks generally are establishing stronger governance frameworks withclear lines of responsibility for stress testing, and some banks are givingmore importance to stress test results in their decision making.Some countries have seen an improvement in data systems and ability toadapt to new vulnerabilities and specific scenarios.The level of documentation has also improved.Countries responses to the review survey highlighted the followingcommon areas of future improvement in bank stress testing practices.Integrating results into decision-making.A number of countries pointed to challenges banks have in incorporatingstress test results into business and strategic decisions.Stress testing tools are still immature and some countries felt that in manycases the banks take a compliance-oriented approach in order to meetregulatory requirements.GovernanceThere is a sense that banks need to have a better understanding of stresstesting limitations, assumptions, and uncertainties by users of stress testresults, including senior management and the board of directors.Severity of scenariosA number of countries saw a need for firms to deepen the severity ofscenarios._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 130. P a g e | 130Supervisors in these countries remain concerned that banks internalstress test scenarios do not plausibly reflect potential severe scenarios andoutcomes.Data and IT infrastructure.A number of countries noted that data and IT systems remain a keyimpediment to implementing effective stress testing programmes.Accumulation of sufficient data for modelling purposes is a challenge forbanks in some countries and aggregating information across the bankremains an issue.Generally, some manual intervention is needed to support the banks’current IT and data infrastructure to run regular stress tests.Modelling issuesTranslating and calibrating scenarios into stress outcomes continues tobe an area where banks capabilities are challenged.Multiple risk class impacts generally have not been modelled in asophisticated manner, although some banks attempt to take into accountcorrelations between risks.Incorporating feedback effects and system-wide interactions remainsvery difficult.Another technical area cited is the identification and aggregation ofcorrelated risks and integration between credit, market and liquidityrisks.ConclusionsThe current environment has provided a sound test of how countries areputting into practice the Committees 2009 principles for stress testingsupervision._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 131. P a g e | 131There is clearly room for further progress among the supervisorycommunity in the supervision of stress testing.Many countries in the early to intermediate stages of implementation areworking to finalise their prudential requirements for stress testing andimplement regular review programmes that cover enterprise-wide stresstesting governance, capabilities and models.Even those countries considered to be in the advanced phase ofimplementation of the principles felt that there are many remainingchallenges with respect to their own stress testing programmes.Authorities are continuing with their efforts to embed the use of stresstesting within their supervisory programmes.In many cases, this requires additional resources and training for bothgeneralist and specialist supervision staff.Stress testing infrastructure, including the ability to collect appropriatedata, develop models and aggregate results, continues to evolve.Explicit consideration of stress test outcomes in assessing liquidity andmarket risk capital requirements is well established in supervisoryframeworks.Stress testing has traditionally not featured as prominently in assessmentof overall bank capital adequacy but practices are evolving in this area.The peer review has highlighted that there are different supervisoryapproaches and it is difficult to state which is most effective.A combination of supervisory stress tests together with involvement ofgeneralist and specialist supervision staff in reviews of banks’ stresstesting practices at an enterprise-wide level often characterises the morewell developed supervisory programmes._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 132. P a g e | 132More advanced countries are encouraging development of more rigorouspractices at banks by conducting horizontal and thematic reviews,publishing the results and providing feedback to banks.Finally, while the review found the principles themselves to be generallyeffective in setting high-level expectations, the Committee will continueto monitor implementation of the principles and determine whether, inthe future, additional guidance might be necessary. 1 Stress testing should form an integral part of the overall governance and risk management culture of the bank. Stress testing should be actionable, with the results from stress testing analyses impacting business decisions of the board and senior management. Board and senior management involvement in the stress testing programme is essential for its effective operation 2 A bank should operate a stress testing programme that promotes risk identification and control; provides a complementary risk perspective to other risk management tools; improves capital and liquidity management; and enhances internal and external communication. 3 Stress testing programmes should take into account of views from across the organisation and should cover a range of perspectives and techniques. 4 A bank should have written policies and procedures governing the stress testing programme. The operation of the programme should be appropriately documented. 5 A bank should have a suitably robust infrastructure in place, which is sufficiently flexible to accommodate different and possibly challenging stress tests at an appropriate level of granularity. 6 A bank should regularly maintain and update its stress testing framework. The effectiveness of the stress testing programme, as well as the robustness of major individual components, should be_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 133. P a g e | 133 assessed regularly and independently. 7 Stress tests should cover a range of risks and business areas, including at the firm-wide level. A bank should be able to integrate effectively, in a meaningful fashion, across the range of its stress testing activities to deliver a complete picture of firm-wide risk. 8 Stress testing programmes should cover a range of scenarios, including forward-looking scenarios, and aim to take into account system-wide interactions and feedback effects. 9 Stress tests should feature a range of severities, including events capable of generating the most damage whether through size of loss or through loss of reputation. A stress testing programme should also determine what scenarios could challenge the viability of the bank (reverse stress tests) and thereby uncover hidden risks and interactions among risks. 10 As part of an overall stress testing programme, a bank should aim to take account of simultaneous pressures in funding and asset markets, and the impact of a reduction in market liquidity on exposure valuation. 11 The effectiveness of risk mitigation techniques should be systematically challenged. 12 The stress testing programme should explicitly cover complex and bespoke products such as securitised exposures. Stress tests for securitised assets should consider the underlying assets, their exposure to systematic market factors, relevant contractual arrangements and embedded triggers, and the impact of leverage, particularly as it relates to the subordination level in the issue structure. 13 The stress testing programme should cover pipeline and warehousing risks. A bank should include such exposures in its stress tests regardless of their probability of being securitised._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 134. P a g e | 134 14 A bank should enhance its stress testing methodologies to capture the effect of reputational risk. The bank should integrate risks arising from off-balance sheet vehicles and other related entities in its stress testing programme. 15 A bank should enhance its stress testing approaches for highly leveraged counterparties in considering its vulnerability to specific asset categories or market movements and in assessing potential wrong-way risk related to risk mitigation techniques. 16 Supervisors should make regular and comprehensive assessments of a banks stress testing programme. 17 Supervisors should require management to take corrective action if material deficiencies in the stress testing programme are identified or if the results of stress tests are not adequately taken into consideration in the decision-making process. 18 Supervisors should assess and if necessary challenge the scope and severity of firm-wide scenarios. Supervisors may ask banks to perform sensitivity analysis with respect to specific portfolios or parameters, use specific scenarios or to evaluate scenarios under which their viability is threatened (reverse stress testing scenarios). 19 Under Pillar 2 (supervisory review process) of the Basel II framework, supervisors should examine a banks stress testing results as part of a supervisory review of both the banks internal capital assessment and its liquidity risk management. In particular, supervisors should consider the results of forward-looking stress testing for assessing the adequacy of capital and liquidity. 20 Supervisors should consider implementing stress test exercises based on common scenarios. 21 Supervisors should engage in a constructive dialogue with other public_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 135. P a g e | 135 authorities and the industry to identify systemic vulnerabilities. Supervisors should also ensure that they have the capacity and skills to assess a banks stress testing programme._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 136. P a g e | 136NUMBER 7Progress of the HKMAs investigations inLehman-Brothers-related casesThe Hong Kong Monetary Authority (HKMA) announced (Thursday)that investigation of over 99% of a total of 21,851 Lehman-Brothers-relatedcomplaint cases received has been completed.These include:- 15,769 cases which have been resolved by a settlement agreement reached under section 201 of the Securities and Futures Ordinance;- 3,370 cases which have been resolved through the enhanced complaint handling procedures required by the settlement agreement;- 2,467 cases which were closed because insufficient prima facie evidence of misconduct was found after assessment or no sufficient grounds and evidence were found after investigation;- 25 cases (including minibond cases) which are under disciplinary consideration after detailed investigation by the HKMA, of which proposed disciplinary notices are being prepared; and- 168 cases in respect of which investigation work has been completed and are going through the decision process to decide whether there are sufficient grounds for disciplinary actions or whether the cases should be closed because of insufficient evidence or lack of disciplinary grounds.Investigation work is underway for the remaining 50 cases._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 137. P a g e | 137Notes:These are cases where eligible customers accepted the settlement offersmade by the distributing banks in respect of Lehman Brothers-relatedinvestment products in accordance with the agreements reached undersection 201 of the Securities and Futures Ordinance.The HKMA has informed the distributing banks that, since theseagreements contain detailed arrangements for settlement of claims andthe implementation of robust systems for selling unlisted structuredinvestment products and dealing with related customer complaints infuture, it is not the intention of the HKMA to take any enforcement actionin relation to the Lehman Brothers-related cases that involve eligiblecustomers who accept the settlement offers made by the distributingbanks pursuant to these agreements._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 138. P a g e | 138NUMBER 8DARPA SEEKS ROBOT ENTHUSIASTS (AND YOU) TOFACE OFF FOR $2M PRIZE!Hardware, software, modeling and gaming developers sought to link withemergency response and science communities to design robots capableof supervised autonomous response to simulated disasterAs iconic symbols of the future, robots rank high with flying cars andstarships, but basic robots are already in use in emergency response,industry, defense, healthcare and education.DARPA plans to offer a $2 million prize to whomever can help push thestate-of-the-art in robotics beyond today’s capabilities in support of theDoD’s disaster recovery mission.DARPA’s Robotics Challenge will launch in October 2012.Teams are sought to compete in challenges involving stageddisaster-response scenarios in which robots will have to successfullynavigate a series of physical tasks corresponding to anticipated,_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 139. P a g e | 139real-world disaster-response requirements.Robots played a supporting role in mitigating fallout from the Fukushimanuclear plant disaster in Japan, and are used by U.S. military forces asassistants for servicemembers in diffusing improvised explosive devices.True innovation in robotics technology could result in much moreeffective robots that could better intervene in high-risk situations andthus save human lives and help contain the impact of natural andman-made disasters.The DARPA Robotics Challenge consists of both robotics hardware andsoftware development tasks.It is DARPA’s position that achieving true innovation in robotics, andthus success in this challenge, will require contributions fromcommunities beyond traditional robotics developers.The challenge is structured to increase the diversity of innovativesolutions by encouraging participation from around the world includinguniversities, small, medium and large businesses and even individualsand groups with ideas on how to advance the field of robotics.“The work of the global robotics community brought us to thispoint—robots do save lives, do increase efficiencies and do lead us toconsider new capabilities,” said Gill Pratt, DARPA program manager.“What we need to do now is move beyond the state of the art.This challenge is going to test supervised autonomy in perception anddecision-making, mounted and dismounted mobility, dexterity, strengthand endurance in an environment designed for human use but degradeddue to a disaster.Adaptability is also essential because we don’t know where the nextdisaster will strike.The key to successfully completing this challenge requires adaptablerobots with the ability to use available human tools, from hand tools to_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 140. P a g e | 140vehicles.“Robots undoubtedly capture the imagination, but that alone does notjustify an investment in robotics,” said DARPA Acting Director, KaighamJ. Gabriel.“For robots to be useful to DoD they need to offer gains in either physicalprotection or productivity. The most successful and useful robots woulddo both via natural interaction with humans in shared environments.”The DARPA Robotics Challenge supports the National RoboticsInitiative launched by President Barack Obama in June 2011.To answer questions regarding the Robotics Challenge and provide anopportunity for interested parties to connect, DARPA will hold a virtualProposers’ Day workshop on April 16, 2012.This online workshop will introduce interested communities to the effort,explain the mechanics of this DARPA challenge, and encouragecollaborative arrangements among potential performers from a widerange of backgrounds.The meeting is in support of the DARPA Robotics Challenge BroadAgency Announcement._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 141. P a g e | 141NUMBER 9SEC Announces Members of New Investor Advisory CommitteeWashington, D.C., April 9, 2012 –The Securities and ExchangeCommission today announced the formation of a new Investor AdvisoryCommittee required by the Dodd-Frank Wall Street Reform andConsumer Protection Act.The 21-member committee replaces the advisory committee that wasdisbanded after the Dodd-Frank Act became law.Section 911 of the Dodd-Frank Act established the new committee toadvise the Commission on regulatory priorities, the regulation ofsecurities products, trading strategies, fee structures, the effectiveness ofdisclosure, and on initiatives to protect investor interests and to promoteinvestor confidence and the integrity of the securities marketplace.The Dodd-Frank Act authorizes the committee to submit findings andrecommendations for review and consideration by the Commission.Members of the newly formed committee were nominated by all fivesitting Commissioners and represent a wide variety of interests, includingsenior citizens and other individual investors, mutual funds, pensionfunds, and state securities regulators."The SEC’s new Investor Advisory Committee is made up of individualswith a broad range of backgrounds and experiences," said SEC ChairmanMary Schapiro."I look forward to their insight and recommendations as to how we canfurther the SEC’s critical investor protection mission."The members of the new Investor Advisory Committee are:  Darcy Bradbury, Managing Director and Director of External Affairs, D.E. Shaw & Co., L.P.  J. Robert Brown, Jr., Law Professor, University of Denver_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 142. P a g e | 142  Joseph Dear, Chief Investment Officer, California Public Employees’ Retirement System  Eugene Duffy, Partner and Principal, Paradigm Asset Management Co. LLC  Roger Ganser, Chairman of the Board of Directors of BetterInvesting  James Glassman, Executive Director, George W. Bush Institute  Craig Goettsch, Director of Investor Education and Consumer Outreach, Iowa Insurance Division  Joseph Grundfest, William A. Franke Professor of Law and Business, Stanford Law School  Mellody Hobson, President and Director of Ariel Investments, LLC  Stephen Holmes, General Partner and Chief Operating Officer, InterWest Partners  Adam Kanzer, Managing Director and General Counsel of Domini Social Investments and Chief Legal Officer of the Domini Funds  Roy Katzovicz, Partner, Investment Team Member and Chief Legal Officer, Pershing Square Capital Management, L.P.  Barbara Roper, Director of Investor Protection, Consumer Federation of America  Kurt Schacht, Managing Director, CFA Institute  Alan Schnitzer, Vice Chairman and Chief Legal Officer, The Travelers Companies, Inc.  Jean Setzfand, Director of Financial Security for the AARP  Anne Sheehan, Director of Corporate Governance, California State Teachers’ Retirement System  Damon Silvers, Associate General Counsel for the AFL-CIO_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 143. P a g e | 143  Mark Tresnowski, Managing Director and General Counsel, Madison Dearborn Partners, LLC  Steven Wallman, Founder and Chief Executive Officer, Foliofn, Inc.  Ann Yerger, Executive Director, Council of Institutional InvestorsThe Investor Advisory Committee will begin its work in the near future._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 144. P a g e | 144NUMBER 10EIOPA - Report onGood Practices for Disclosure andSelling of Variable Annuities1. This Report summarises the findings ofan Expert Group, set up in May 2011 underthe auspices of EIOPA’s Committee onConsumer Protection and FinancialInnovation (CCPFI) with the aim ofestablishing good disclosure and sellingpractices for variable annuities (VA).2. It seeks to inform the debate on variableannuities from a consumer protectionperspective with the aim of promotingcommon supervisory approaches andpractices.However, it does not set forth anyguidelines or recommendations.3. The Expert Group has been able to draw on the conclusions of aprevious Task Force, established by EIOPA’s predecessor, theCommittee of Insurance and Occupational Pensions Supervisors(CEIOPS), which had assessed variable annuities from a prudentialperspective.In addition the Expert Group has been assisted in its work by the analysison market structure and basic product features, undertaken by EIOPA’sFinancial Stability Committee.The outcome of this analysis has been published in EIOPA’s FinancialStability Report for Spring 20112.The Expert Group also benefitted from comments received during publicconsultation and from a Feedback Statement by EIOPA’s Insurance andReinsurance Stakeholder Group (IRSG)._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 145. P a g e | 1454. In response to the losses suffered by some large insurance groups ontheir VA books during the recent financial crises, product characteristicshave changed significantly to allow for better risk management.As a consequence of an increased focus on risk management, insuranceundertakings have had to reflect the associated costs in the chargingstructure for variable annuity products, thus reducing the potentialbenefits to customers compared to pre-crises product offerings.5. The Expert Group referenced the cross-border business model oftenencountered in relation to the writing and sale of variable annuities.Many large insurance groups have set up specialised subsidiariesdedicated to this business (“VA product companies”), which underwritevariable annuities in several Member States through freedom ofestablishment or freedom of services.The Group also considered the objectives of consumers who invest inthese policies. Consumers may purchase them as a means of saving fortheir retirement or for investment purposes more generally as analternative to traditional life insurance or other savings products.Both the business model and the objectives pursued by customers have abearing on what constitutes good disclosure and selling practices.6. Good disclosure practices attempt to ensure that customers can maketheir choices on an informed basis.Customers need to be informed how the product works under differentmarket conditions, what they are charged and which options they canexercise during the life of the contract.In addition they need to be provided with some general information onthe product provider, the law governing the contract and details on therelevant supervisory authorities to take account of the commoncross-border business model referred to above.The use of “frequently asked questions” is considered to be a transparentway of communicating the relevant information._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 146. P a g e | 1467. Good selling practices for variable annuities have to ensure that thedemands and needs of a customer are taken into account.Because of their inherent complexity, variable annuities should always besold on an advised basis via a salesperson, which may be an insuranceintermediary or an agent or employee of the insurance undertaking.To avoid the risk of misselling a number of areas, in particular, should beaddressed by the salesperson.The Expert Group has suggested an indicative list of questions that couldbe used in this context.8. Finally, chapter 4.2. examines good practices by the product providerwhere it does not control the sales process.Insurance undertakings should still ensure that sales are adequate by,inter alia, carrying out a due diligence on the intermediary firms as well asreviewing the clients they have taken on to ensure that they are asexpected regardless of who controls the sales process.9. The main findings of the Report are that good practices• in relation to disclosureso should provide general information on the insurance undertaking andthe legal and supervisory regime it operates under to take account of thecross-border nature of this businesso should also include product specific information to address productcomplexity• in relation to selling practiceso should ensure that variable annuities are always sold on an advisedbasis, even when they are sold directly by the companyo should focus on the customer’s objectives to determine his demandsand needs._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 147. P a g e | 1472. BACKGROUND TO THE REPORT2.1.MANDATE AND SCOPE OF WORKMandate 10. This Report examines, specifically in relation to variable annuities, good practices on product disclosure and selling arrangements. These issues had not been covered by the mandate of the previous CEIOPS Task Force that focused only on prudential matters. 11. Following the adoption of the recommendations put forward by the previous Task Force, the Board of Supervisors therefore requested the Committee on Consumer Protection and Financial Innovation (CCPFI) to look into these consumer-related issues. To this end, the CCPFI set up a subgroup (Expert Group) to assist it in its work. This exercise was informed by the potential of some variable annuities products to achieve outcomes that are not easy for the consumer to understand. 12. The Report benefitted from the comments received during public consultation and from the Feedback Statement prepared by EIOPA’s Insurance and Reinsurance Stakeholder Group (IRSG). Scope 13. Concerning product disclosures, the objective is to identify good practices regarding the product-specific information aimed at providing a proper understanding of the risks assumed by the policyholder in a variable annuity contract. These disclosure requirements apply in addition to the information that needs to be provided on the life insurance undertaking and on the commitments the undertaking assumes vis-à-vis the policyholders. 14. In this context, particular attention should be paid to the multi-layered charging structure often encountered in variable annuities._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 148. P a g e | 148 15. Concerning selling practices, the aim is to look at good practices regarding advice given to customers, which should be based on their demands and needs. Where the sales process takes place through insurance intermediaries as defined in the IMD, it has also been assessed how insurance undertakings should ensure that sales are appropriate. 16. This Report has been prepared in response to EIOPA’s monitoring role in relation to new financial activities. Variable annuities fall within the broader category of insurance contracts with an investment element. Bearing in mind that at a European level there are several legislative initiatives under way, which may have an impact on the sales of variable annuities, namely on product disclosure and on selling practices (such as the upcoming legislative proposal on Packaged Retail Investment Products –PRIPS- and the revision of the Insurance Mediation Directive -IMD), the purpose of the Report is limited to analysing good practices, to promote common supervisory approaches and practices, and to inform the debate on this topic. However, its aim is not to pre-empt the above mentioned legislative proposals nor does it set forth any guidelines or recommendations. 17. The Report has a clear product-specific focus in line with its mandate, which has driven the range of topics that have been analysed by the Expert Group. The scope of previous work by EIOPA’s predecessor CEIOPS in the form of technical advice to the European Commission on PRIPS and on IMD had been determined by the respective call for advice and, in relation to selling practices, covered a number of areas (such as transparency of remuneration, conflicts of interests and inducements), which are not dealt with in this Report. These aspects are broader in nature and should be developed further as the wider legal framework evolves. 18. In identifying good practices, the Expert Group has taken existing EU legislation for the insurance sector as a starting point._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 149. P a g e | 149 In the future, legal concepts originally developed for other financial sectors (such as the KIID for pre-contractual disclosures or MiFID for rules on sales) may be increasingly relevant as a benchmark for the insurance sector. As these issues are equally of a wider nature, the Expert Group did not want to anticipate any developments in this respect. 19. The focus of this Report is on good practices at the point of sale. Given the long term nature of many VA contracts with options that can be exercised over the lifetime of the policy, the CCPFI noted the importance for policyholders to receive timely and clear information on the performance of their account value, so that they can exercise their options on an informed basis. 2.2. BASIC PRODUCT FEATURES 20. Variable annuities (VAs) are unit-linked life insurance contracts with investment guarantees provided by the insurance undertaking which, in exchange for single or regular premiums, allow the policyholder to benefit from the upside of the unit, but be partially or totally protected when the unit loses value. 21. A common business model pursued by many larger insurance groups consists of setting up specific subsidiaries dedicated to variable annuities business, which underwrite in several Member States, through freedom of establishment or freedom of services. 22. In the US (where variable annuities have been sold in a significant way since the 1990s) as well as in some other markets such as Japan these products are very popular. In Europe, VAs have become increasingly widespread too, as the possibility to gain from the exposure to specific underlying assets and being protected against a depreciation of these assets at the same time makes them quite appealing._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 150. P a g e | 150 23. Recently, in some countries new variants of unit-linked policies have emerged that equally aim to provide some downside protection, but which do not include a guarantee by the insurance company. 24. As per the previous paper, these types of contracts fall outside the scope of this report. 25. In their basic form, the guarantees embedded in variable annuities cover the amount of premiums paid, but quite often they entail additional features, for instance, that the premiums paid yield at least at a pre-defined interest rate (roll-up). Alternatively, the guarantee may be reset to the highest account value throughout the insurance period, evaluated in accordance to a set of pre-defined time frames (ratchet). 26. Policyholders’ entitlements are determined on the basis of the guaranteed minimum benefits, if the underlying funds depreciate in value (or gain less than warranted by the roll-up rate). In all other instances, their claims are determined by the performance of the underlying funds. 27. Regarding the size and the characteristics of the VA market EIOPA has published the key findings of a survey concentrating on larger insurance groups in its First Half Year Financial Stability Report 2011. From a consumer perspective it is important to look at the type of minimum benefit being offered. 28. There are several kinds of guarantees or minimum benefits that can be embedded into a VA contract. Examples of common offerings include: • GMDB (guaranteed minimum death benefit): Minimum benefit in case of death;_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 151. P a g e | 151 • GMAB (guaranteed minimum accumulation benefit): Minimum guaranteed capital after a predefined period; • GMIB (guaranteed minimum income benefit): Minimum guaranteed lifetime or term annuity starting at a predefined age on a defined benefit base; • GMWB (guaranteed minimum withdrawal benefits): deferred or immediate, temporary or lifelong income stream. 29. The Financial Stability Report indicates that most contracts (72.2 % of gross written premiums) include a minimum death benefit. Regarding minimum living benefits, GMAB seems the most frequent feature, followed by GMWB and GMIB. Most policies are single premium contracts. 30. There are two major markets for these products. Some variable annuity contracts are intended for specific purposes (such as for private retirement savings) and seek to attract specific customer groups (such as affluent individuals approaching retirement age), often when the products are offered in tax preferred wrappers. In relation to these products, the “insurance element” (i.e. the guaranteed minimum living benefits) typically plays a prominent role in their marketing. 31. Other offerings are less focused in terms of the target clients and their goals. They look to attract a broad range of customers by promoting variable annuities as an investment opportunity with limited downside risk. For these offerings, more emphasis is generally placed on the “investment element” (i.e. the underlying funds)._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 152. P a g e | 1522.3. CURRENT TRENDS IN PRODUCT DEVELOPMENT 32. Current trends in product development can be traced back, to a large extent, to the lessons learned during the recent financial crises, which resulted in severe losses for some important insurance groups. To mitigate the effects of losses, these groups had, for example, to inject significant levels of capital into VA subsidiaries, halt product offerings and/or withdraw from certain markets. The complexity of the products offered, market volatility, inadequate hedging and poor product design were some of the main reasons why these losses occurred. 33. One of the key features of many variable annuity products is the long-term nature of the guarantee in the form of living benefits. In addition, policyholders are usually given a number of choices and options – for instance in relation to fund selection - which they can exercise at inception or during the life of the contract. These two factors combined tend to make variable annuities offerings particularly complex from a risk management perspective. In particular, the implementation of a robust hedging programme, designed to ensure that the movements in the liabilities are offset by the movement in the financial derivative instruments used for hedging, presents a huge challenge for VA product companies. The losses experienced in the course of the financial crises have evidenced that the risks associated with these products are difficult to understand and to risk manage. 34. VA product companies have put in place various initiatives with the aim to reduce the risk embedded in VA contracts. These trends in product development include, among others, the use of volatility limits_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 153. P a g e | 153 and the reduction of fund options (for example, through only allocating investments to index based funds). This Report has as its sole objective to evaluate the impact of such initiatives on consumers, but does not assess their effectiveness from a risk management perspective. 35. It should be noted, however, that the cost of hedging and related risk-mitigation must be fully reflected in the charging structure for these products, thus reducing the potential benefits to consumers compared to pre-crises offerings. It is, therefore, important that the product information provided is sufficiently clear to enable consumers to fully understand the VA contract they have been presented with. 3. DISCLOSURES 3.1. GENERAL AND PRODUCT SPECIFIC DISCLOSURES 36. The purpose of this section is to outline a possible approach to good disclosure practices for variable annuities. Under current EU law, insurance companies are obliged to provide a certain set of pre-contractual information on the life insurance policies they offer, but the format, in which it is presented, is up to their discretion. To convey the essential product characteristics in a short document insurers often use a key features document, which is prescribed by national law in some jurisdictions. 37. The key features document and any promotional material that may be used for pre-contractual information must be consistent with the general terms and conditions applicable to a variable annuities offering._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 154. P a g e | 154 It is therefore seen as good practice for the promotional material to refer, where appropriate, to the relevant sections of the general terms and conditions. In doing so, the insurance companies can ensure consistency between their disclosure documents and the actual provisions in the contract, but it also allows customers to see how the pre-contractual information they receive is reflected in the general terms and conditions. 38. It is essential for the product provider to explain a number of areas of relevance to a customer in terms that are easily understandable, clear, fair and not misleading. In relation to variable annuities some of the features, which need to be conveyed, are very product specific such as those that result from the interplay of minimum benefits and the performance of the underlying funds. Others concern general information on the product provider, the law governing the product offering and the supervisory regime. Their relevance is due to the cross-border business model generally found with variable annuities. 39. EIOPA recognises that consumers in different European countries may have different preferences for the types of product disclosures received. One way of addressing consumer information needs is through the use of frequently-asked-questions (FAQs). The questions below, which could be presented to the potential customer both in the promotional material and in the pre-contractual information documents, are aimed at ensuring that any reader will have a good understanding of the product, the charges, terms in relation to redemption/maturity and any specific risks that they should be aware of._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 155. P a g e | 155 These have therefore been grouped under 5 headings, although these are by no means exhaustive. Notwithstanding the questions below, insurance companies must follow all legal and regulatory requirements they are subject to. Finally, the questions as laid out below are indicative only, and companies may be flexible in their presentation of these to prospective customers, for example using scenarios, tables, graphics and “frequently asked questions” to ensure that the information is portrayed in a consumer-friendly manner. 3.1.1. THE PRODUCT • What is the product and how does it work? (This should describe the main features of the product and the type of guarantee(s) offered. It should clearly state at what point any monies are payable and how much these will be.) • What choice does the policy holder have in where premium(s) are invested and what are those choices? (This should describe the underlying funds in which monies may be invested and the ability of the investor to choose) • What are the main features of these funds in terms of investment objective and risk profile? (This should describe the investment objective of the underlying funds in a clear manner with an indication of risk which should follow the same approach as that used for UCITS) • How does the guarantee work? (This should describe how the investment works, how the guarantee works and the interaction between the two) • Is the insurance undertaking entitled to unilaterally modify the degree of the guarantee? If so, is the minimum degree of the guarantee determined? • Do the guarantee benefits rise or fall under any circumstances? (If the product is subject to mechanisms such as roll-up or ratchet, this should clearly describe how these mechanisms work)_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 156. P a g e | 156 • Are there any circumstances where the guarantee will not be applicable? (This should clearly state any circumstances where the guarantee will cease to exist or clearly state that the guarantee will apply in all eventualities) • If the underlying funds lose money, what will be impact on the policy? (This should describe, perhaps by way of a simple table or graph, what happens to the payout to the policy holder in certain situations) • May the policy-holder change the funds in which money is invested? (This will describe the process whereby a policy-holder may or may not have discretion on allocation, and if there is discretion, how often and to what extent that can be exercised) • Will changing allocation cost the policy holder anything? 3.1.2. CHARGES • What charges are applicable to the policy and how much are they in percentage terms? • How much of the initial premium(s) is/are used to pay the various charges payable under the policy? • What charges are payable on a regular basis and what is the impact of these? (This will describe the effect the regular charges have on the return on the policy) • If the policy-holder redeems early, will there be a cost associated with that? Or how long does the policy-holder have to stay in the policy to avoid any such surrender cost? • In case the charges can be modified unilaterally, is the maximum amount of those charges determined?_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 157. P a g e | 157 3.1.3. SURRENDERS/REDEMPTIONS/MATURITY • When does the policy mature? • What does the policy-holder receive on maturity? • Can the policy be surrendered earlier than maturity? • What happens if surrendered early and is there a cost associated? • Does the guarantee lapse if surrendered earlier than maturity? • Are there any bonus payments payable? • Can the benefits of the policy be transferred to someone else? • If so, how will this affect the policy? 3.1.4. RISKS • Is there any risk that the insurance company will not be able to pay the benefits? • How exposed is the policy-holder to the riskiness in the underlying funds? • Are there any circumstances where the policy-holder may not obtain the guarantee? • Is the policy-holder exposed to the risk that the funds will perform badly? • How does the policy-holder know that the premiums are being invested as requested?_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 158. P a g e | 158 3.1.5. COMPLAINTS/LEGAL/TAX/REGULATION • Which company does the policy-holder have a contract with? • What is the name and address of the regulatory body of the insurance company that the policy-holder has a contract with? • Which regulatory body does the policy-holder contact in the event of a complaint? Does he have access to an Alternative Dispute Resolution (ADR) system? • Is that company a member of an Insurance Guarantee Scheme? In what country? • What are the legal consequences for the policy-holder in the event that the insurance company becomes insolvent or winds up? • In the event of a legal dispute between the policy-holder and the insurance company, under which jurisdiction will the legal proceedings happen (i.e. the governing law of the contract)? • Are there any tax or legal issues that the policy-holder should be aware of? 3.2. ILLUSTRATIONS 40. The use of illustrations is governed by EU legislation in a number of aspects. For the insurance sector Directive 2009/138/EC (“Solvency II”), in particular, sets forth certain requirements on insurance undertakings, when they provide figures relating to potential payments above and beyond the contractually agreed payments. These also apply in relation to variable annuity contracts, as the guaranteed benefits constitute minimum promises, which may_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 159. P a g e | 159 be increased in the event that the underlying funds appreciate in value. The following examples illustrate, specifically for variable annuities, good practice in implementing these legal requirements. 41.Illustrations should be used to give customers an understanding of what payouts they may receive and what it might cost them in a given set of circumstances. It is usually sensible to show this on a number of different bases derived from the specific details of the case. Other illustrations on top of these could be provided but these should not assume investment growth above the top rate of the core illustration. 42. By contrast, the systematic use of favourable scenarios (when all scenarios presented lead to a positive outcome) would be misleading. Unfavourable scenarios should always also be presented and illustrated; otherwise the customer could wrongly assume that his contract has no downside. The scenarios should also make clear the maximum risk assumed by the customer. 43. In addition given that many of the charges applied to these products are based on the underlying investment it is also good practice to show the effect of these charges on the growth of the fund. This can be done as an effective reduction on the yield of the investment or as an effect of charges calculation (based on a standard investment growth rate or indeed no growth)._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 160. P a g e | 160 44. Furthermore it is also reasonable to use case studies to show what might happen in certain circumstances but these should not be misleading, should show the negative cases as well as the positive ones and should not take away from the standard illustrations above. 45. All of the above should be caveated with the fact that these are just illustrations and should not be seen to give any promise that this will be what the customer will actually get. 4. SELLING PRACTICES 4.1. DEMANDS AND NEEDS OF THE CUSTOMER 46. This section identifies good selling practices for variable annuities irrespective of the distribution channel via which they are sold (direct sales or through intermediaries). For the insurance sector, current EU legislation only covers sales by insurance intermediaries, defined as any person who, for remuneration, takes up or pursues insurance mediation. Insurance intermediaries shall specify prior to the conclusion of any specific contract, in particular on the basis of information provided by the customer, the demands and needs of that customer as well as the underlying reasons for any advice given to the customer on a given insurance product. 47. In view of the complexity of many VA offerings, their long-term nature and the importance these products frequently have in the context of private wealth management, it is good practice to apply these principles to the distribution of variable annuities generally as, irrespective of the distribution channel, the demands and needs of a customer should always determine the type of contract that is being offered._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 161. P a g e | 161 The sales process should be conducted by suitably qualified salespersons. 48. The objective pursued by a customer, based on the material facts that he has disclosed, should be a key consideration in assessing his demands and needs. Determining whether a certain product offering is suitable will namely depend on whether it is used for private retirement savings or as investment opportunity more generally. 49. The Expert Group identified a number of areas where there is a potential risk of mis-selling (advice based on personal circumstances, use of clear projections, use of clear language). The questions below are intended to prevent such risk from materialising. It should be noted that this list is indicative. 4.1.1. PERSONAL CIRCUMSTANCES • Does the sales person ask for customer’s age, financial situation, personal demand, knowledge of financial markets and the time horizon for his investment (short, medium or long-term) etc.? • Based on this demand does the sales person outline alternative products (direct investments, unit-linked contracts etc.) to VA products? Which features should the customer focus on when comparing VA to other products? • Is the VA product tailored to the customer’s demand (private pension plan, investment)? • Are there any personal circumstances under which the sales person should not advise VA?_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 162. P a g e | 162 4.1.2. USE OF CLEAR PRODUCT DESCRIPTIONS INCL. ILLUSTRATIONS The sales person should inform the customer in a clear and comprehensive way about the relevant aspects of the VA product to ensure the customer understands correctly the product he wants to buy. • Have potential risks of the VA product been explained in detail? • Has the fund performance been illustrated by adequate and plausible scenarios? (An adequate depiction includes positive scenarios as well as negative developments. It should also include a worst case scenario.) • What are the benefits of the contract in case of surrender and death and have these been clearly illustrated? • Does the insurance undertaking prepare information sheets for the sales person/intermediary that they should use when informing the customer? • Does the insurance undertaking monitor the intermediary? • Does the customer have to confirm in writing that he understood the information received? 4.1.3. USE OF CLEAR LANGUAGE The sales person should be able to illustrate all relevant aspects of the VA product without using too many technical terms to avoid any confusion. If technical terms are used, for instance in written product information (e.g. volatility), the intermediary should be able to explain them in a clear manner._____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 163. P a g e | 163 The customer should be able to take purchase decisions and to exercise his options during the contract period on an informed basis. • Does the sales person use terms which are understandable also for non experts? • Is the sales person trained to explain the complex basis of the VA products? • Does the sales person explain the written product information to the customer? 4.1.4. UNDERSTANDING POTENTIAL FUTURE OUTCOMES The performance of funds underlying VA contracts depends on different economic variables and conditions. Despite a variety of illustrations the customer may not be able to assess, which scenario is more realistic, if he is unaware of these variables and how they may affect the performance of fund investments underlying his policy and ultimately his account value. Customers should be made aware that the performance of their account value depends on how these economic variables and conditions change over time in a way, which is comprehensible to them. Only then can they decide which illustration they consider more realistic. • Does the sales person explain how external factors e.g. on capital markets can affect the fund development?_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 164. P a g e | 164 • In order to explain how external factors can affect the fund development, does the sales person refer to fund developments of the past? Does he explain that past performance is not necessarily an indication of future performance? • How does the sales person measure that the customer has understood the information received? The mechanics how a VA-product generates profits or losses may be very complex. Even if the customer can assess which scenario is more realistic, he does not know whether he has losses or profits in such a scenario. • Does the sales person explain the basic features and underlyings of the VA-product in question? • Depending on the type of the VA-product, does the sales person show the difference between a classical unit-linked product and a VA-product (Type of guarantee, contractual claims in case of a positive or negative fund development, structure of charges)? • Does the sales person explain what kind of different options the customer can exercise during the duration of the contract and how this can affect the fund development? • Does the sales person explain in which cases the customer gets only the guaranteed benefits at the end of the contract duration (e.g. adverse fund development) or to what extent he benefits from a positive fund performance?_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)
  • 165. P a g e | 165Certified Risk and Compliance Management Professional(CRCMP) Distance learning and online certification program.Companies like IBM, Accenture etc.consider the CRCMP a preferredcertificate. You may find more if yousearch (CRCMP preferred certificate)using any search engine.The all-inclusive cost is $297.What is included in the price:A. The official presentations we use in our instructor-led classes(3285 slides)The 2309 slides are needed for the exam, as all the questions are based onthese slides. The remaining 976 slides are for reference.You can find the course synopsis Up to 3 Online ExamsYou have to pass one exam.If you fail, you must study the official presentations and try again, but youdo not need to spend money. Up to 3 exams are included in the price.To learn more you may Association of Risk and Compliance Professionals (IARCP)
  • 166. P a g e | 166C. Personalized Certificate printed in full color.Processing, printing, packing and posting to your office or home.D. The Dodd Frank Act and the newRisk Management Standards (976slides, included in the 3285 slides)The US Dodd-Frank Wall Street Reformand Consumer Protection Act is the mostsignificant piece of legislation concerningthe financial services industry in about 80years.What does it mean for risk andcompliance management professionals? Itmeans new challenges, new jobs, newcareers, and new opportunities.The bill establishes new risk management and corporategovernance principles, sets up an early warning system toprotect the economy from future threats, and brings moretransparency and accountability.It also amends important sections of the Sarbanes OxleyAct. For example, it significantly expands whistleblowerprotections under the Sarbanes Oxley Act and createsadditional anti-retaliation requirements.You will find more information Association of Risk and Compliance Professionals (IARCP)
  • 167. P a g e | 167Visit our Risk and Compliance Management Speakers BureauThe International Association of Risk and Compliance Professionals(IARCP) has established the Speakers Bureau for firms and organizationsthat want to access the expertise of Certified Risk and ComplianceManagement Professionals (CRCPMs) and Certified InformationSystems Risk and Compliance Professionals (CISRCPs).The IARCP will be the liaison between our certified professionals andthese organizations, at no cost. We strongly believe that this can be agreat opportunity for both, our certified professionals and the organizers.To learn Association of Risk and Compliance Professionals (IARCP)
  • 168. P a g e | 168_____________________________________________________________International Association of Risk and Compliance Professionals (IARCP)