After years in the making, Basel 3.1 is a broad set of reforms that aim to reduce variability in risk weighted asset calculations and make them easier to compare. Covering a range of technical updates, the reforms include changes to market risk, credit risk and operational risk calculations, among others.
Paul: The implementation deadline is January 2025. How far along are most firms at the moment?
Kantilal: That varies a lot. The final rules are still pending, and the PRA already expects subsequent clarification papers. So, a lot of firms feel unsure about what to do now.
Some have carried out impact assessments based on the current consultation paper, knowing that they’ll have to update it when the final rules come out. Others are waiting for the final rules, then doing their assessment and implementation back-to-back.
Paul: Does it matter which route firms follow?
Kantilal: Not really. Either option can work and the choice will depend on your capacity to address any financial resource or operational issues in time, but you need to be compliant by 2025.
By this time next year, you need to have done your impact assessment and be making good inroads in the implementation itself. Ideally, you should be able to do parallel runs using the new regulatory return templates in Q3, to iron out any issues before the go-live date.
Regardless of the preferred approach, you should nominate a key sponsor to oversee the Basel 3.1 implementation programme and to lead the steering committee. They can start work on stakeholder engagement, put together a plan of work and keep everything moving.
Paul: What’s the impact on capital requirements? Do you expect them to go up or down?
Kantilal: That’s a tricky one, and it’s going to vary a lot between firms, depending on the strategies and approach they follow. Speaking to our clients who have done an impact assessment, it’s a fifty/fifty split in terms of an increase or decrease in capital requirements.
So far, it looks like IRB banks will have an initial increase, due to changes in the output floor. But it’s going to be unique to each firm, and you won’t know for sure until after the impact assessment.
At the moment, the PRA isn’t anticipating changes to Pillar 2 capital requirements, but it seems likely that there may be some changes in the future, on the operational risk side of things, including modelling and governance, so there may be Pillar 2 add-ons to come.
Paul: There’s a lot of talk about model risk in relation to Basel 3.1. What are the key concerns?
Kantilal: Basel 3.1 relies on good modelling, so you need to make sure they’re reliable and consistent across the board. They’re also an area of focus for the PRA at the moment, so if you’re waiting to start your implementation programme, now’s a good time to review your model risk framework.
Key things to think about include governance, oversight, and data management. That includes clarity over what the model’s doing, key assumptions, effective validation and back-testing, and transparency over the model limitations.
You need clear roles and responsibilities between the people developing the model, the people implementing it and the people providing the data. The data itself also is a big challenge and you need processes in place to make sure it’s accurate, consistent, timely and fit for purpose.
Model risk: drawing on BCBS 239 to apply new SS1/23
Paul: Tell us more about the data requirements. How can firms achieve consistency across their model outputs?
Kantilal: Moving forward, you need to start thinking about a data warehouse. This is essentially a data management system that centralises all your internal and external data. It can help you maintain data quality and consistency across all your models. But it can also be a game changer in terms of how you approach reporting.
Firms tend to tackle each report separately, but a warehouse lets you create common data models that can inform a wide range of reports.
That can really boost the accuracy and alignment of your internal and external reporting for Basel 3.1. The only issue is that it’ll take time to set up and people are naturally resistant to change – especially if they have existing reporting processes that are working.
Data governance is the other big concern. More firms are starting to approach data governance in a holistic way that combines data policies, data standards and data governance frameworks. They’re also starting to prioritise their most important d
ata, and think about how to manage and support it throughout its lifecycle. This is crucial to make sure your data remains reliable and fit for purpose.
Model risk-management: working with third-party vendors
Paul: How will the changes affect regulatory reporting?
Kantilal: The PRA have made some changes to reporting – some templates are gone, others have new data points to include. But a lot of these reporting changes will depend on the approaches you follow.
They’ll also have a knock-on effect on your ICAAP and you need to update your processes to reflect that. For example, the changes to Pillars 1 and 3 will feed into your large exposure reporting and leverage exposure reporting, amongst others.
In time there’ll probably be Pillar 2 changes too, but we’ll have to see what the regulators come back with in terms of add-ons.
It’s really important to make sure your data processes
are robust and granular enough to meet the new reporting requirements. The regulators have really stepped up the volume of s166s, with regulatory reporting as an ongoing topic of concern. That trend’s probably not slowing down any time soon, so once Basel 3.1 is in full swing, we can expect more thematic reviews in this space to assess implementation.
Learn more about how our Data, regtech and digital ecosystems for financial services services can help you
Paul: What about the strong and simple regime? How does that sit alongside Basel 3.1?
Kantilal: The timelines for Basel 3.1 and the strong and simple regime don’t line up that well. So, the PRA’s giving smaller firms two choices. They either stay on the Capital Requirements Regulation (CRR) and move to the strong and simple regime when it comes in – this option’s called the Transitional Capital Regime (TCR). Or they can adopt Basel 3.1 now and move to the strong and simple regime later.
The choice is going to be down to the individual firm. Adopting the TCR may reduce business disruption and save money on implementation costs. But some firms may find that the other option reduces capital requirements in the short term – but it depends by how much, as implementation costs could wipe out any savings. It may just come down to what’s practical for your firm.
Strong and simple regime: how does Basel 3.1 affect it?
Paul: Are there any additional operational elements to consider?
Kantilal: Absolutely. There are a few things to think about. First off, you’ll need to carry out more detailed due diligence on your clients’ financials. This will improve the reliability of your internal ratings calculations and ensure that the external ratings you’re using for risk weighted purposes accurately reflect the riskiness of the counterparty. Where due diligence shows a higher risk than external ratings, you must use a notch higher risk weight. You’ll need more skilled resources to carry out the work and to maintain the supporting processes.
There are also additional governance and oversight requirements. So, you need to think about key roles, resourcing, accountability, reporting and MI processes. The changes may affect your second line responsibilities, and your audit or risk committee. You may need to review your Senior Management responsibilities to make sure they’re still feasible and up to date, and you’ll need to check that you have the right team in place to support them.
Banking breakfast briefing: Basel 3.1
Paul: What other considerations should firms be thinking about?
Kantilal: There are a few general risk management points to think about. For example, you need to check how Basel 3.1 will affect your risk profile and you may need to restate your risk appetite to reflect those changes.
You also need to think about your three lines of defence and who’s doing what. Calculating risk weighted assets used to fall with the financial and reporting teams, but it’s becoming a bit more integrated across first and second line now. In particular, the second line should provide independent review and sample-based deep dives into the end-to-end regulatory reports submitted by Risk or Finance.
They also need to make sure that all processes, reporting, assumptions and interpretations are in line with your regulatory reporting framework and policies. The third line can still focus on controls and design and operating effectiveness across all stakeholders and streams involved in the new reporting processes.
International banks also need to think about how to align their approach across all territories. The PRA has followed the Basel 3.1 recommendations fairly closely, but not all countries have. So, there will be some divergence across each region, and banks need to think about how to manage consistency.