As the local and international banks in the UK start afresh in 2024, the supervisory authorities set out their priorities at the onset of the new year. Banks in the UK can expect greater scrutiny from the supervisory authorities on the following six (6) key areas. It goes without saying that banks need to pay attention to these areas as they navigate through the Basel 3 capital reforms mandates. It is worth noting that many of the priorities outlined by the supervisory authorities below are interconnected to the Basel 3.1 capital reforms focus areas and therefore makes sense for financial institutions (FI) to address these issues whilst implementing the Basel 3.1 mandates.
- Credit Risk – the supervisory is likely to check:
-
- How an FI has adapted risk appetites.
- What improvements have made to monitor their portfolio, with particular focus on enhancements to forbearance monitoring and early warning indicator frameworks.
- What sort of underwriting standards has the FI implemented.
- How an FI is monitoring vulnerable segments including cyclical sectors, key international portfolios, and traditionally high-risk portfolios such as credit cards, unsecured personal loans, leveraged lending, and commercial real estate etc.
- What is the FI doing to ensure credit risk management and measurement practices remain robust and adaptable to changing considerations.
2. Model Risk – PRA has underscored the importance of model risk management (MRM) and is looking to verify the FIs ability to assess and manage risk.
3. Data Risk – BCBS and other national supervisors including PRA have expressed concerns around data risk in the last three months. The supervisory authorities have expressed concerns around deficiencies as it relates to data, including, but not limited to:
-
- Overall pace of banks’ progress in implementing sustainable risk data aggregation and risk reporting capabilities is occurring at a slower pace than envisaged.
- Lack a common taxonomy and complete data lineage that prevents banks from harmonizing their systems and detect data defects.
- Board and senior management lack of awareness / attention to data issues resulting in lack of appropriate budget, resources, and accountability for risk data aggregation initiatives.
- The complexity of banks’ operating environments globally, data architecture, IT infrastructure improvements, and IT roadmaps (affecting many domains, business areas, and subsidiaries) are often subject to changes or delays.
- Global pandemic and other stress events causing a strain on bank’s IT systems requiring some banks to re-design and / or simplify certain internal processes, as data has to be tailored to the specific circumstances and reported at a higher frequency.
- Many banks still lack quality data, a prerequisite for embarking any digitization project i.e., automate documentation, reduce manual interventions, automate the discovery, visualization of data flows, and maintain data lineage.
- New technologies such as Artificial Intelligence (AI) have not yet materially impacted bank’s risk data aggregation and risk reporting processes.
Given this predicament, one can expect the supervisors to scrutinize the FI’s:
-
- data governance frameworks.
- independent validation process.
- end-to-end definition of roles and responsibilities.
- adequacy of IT infrastructure and data architecture.
- data taxonomies and data architecture.
- minimization of manual processes and interventions.
- data quality management monitoring.
4. Financial Resilience – The supervisory is likely to assess:
-
- How the FI’s treasury management is taking into consideration the interaction between capital and liquidity risks, including interest rate risk.
- The Fis ability to deal with the changes in the depositor behavior and what proactive steps firms to dealing with changes in bank funding and liquidity conditions.
- What sort of forward-looking indicators have the banks put in place, such as liquidity and capital indicators and stress testing (it should not be a mere box ticking exercise) to assess their financial resilience and to have realistic and effective contingency plans.
5. Operational Resilience – FIs need to:
-
- Demonstrate that they can remain within impact tolerances for all their important business services and implement operational resilience expectations (SS 1/21) by March 2025.
- Have a clear plan to identify and remediate any vulnerabilities that could impact their ability to deliver important business services.
- Identify resources needed to support the delivery of important business services, running scenario tests.
- Demonstrate their ability managing large and complex transformations of their IT infrastructure, use of third-party vendors (i.e., cloud providers) including meeting the outsourcing and third-party risk management supervisory expectations set out in SS 2/21.
6. Financial Risks Due to Climate Change – FIs are required to demonstrate to the supervisory authorities outlining:
-
- Progress in managing climate risk.
- Ability to identify, measure, manage, and mitigate climate-related financial risk on their businesses.
How Treliant Can Help
Treliant’s risk, regulatory, compliance, and data practitioners can help banks smoothly transition to the new regulatory framework, thereby bolstering their strength and resilience in the face of evolving regulations.
Ready to Talk?
We work with you to understand your needs, so we can tailor our approach to your engagement. Learn more when you connect with our team.