Back Custom print Link Text Only Rich Text Print

  • 5. Corporate Governance and Oversight

    • (i) Corporate Governance

      • CA-5.8.49

        All material aspects of the rating and estimation processes must be approved by the bank's board of directors or a designated committee thereof and senior management. These parties must possess a general understanding of the bank's risk rating system and detailed comprehension of its associated management reports. Senior management must provide notice to the board of directors or a designated committee thereof of material changes or exceptions from established policies that will materially impact the operations of the bank's rating system.

        Apr 08

      • CA-5.8.50

        Senior management also must have a good understanding of the rating system's design and operation, and must approve material differences between established procedure and actual practice. Management must also ensure, on an ongoing basis, that the rating system is operating properly. Management and staff in the credit control function must meet regularly to discuss the performance of the rating process, areas needing improvement, and the status of efforts to improve previously identified deficiencies.

        Apr 08

      • CA-5.8.51

        Internal ratings must be an essential part of the reporting to these parties. Reporting must include risk profile by grade, migration across grades, estimation of the relevant parameters per grade, and comparison of realised default rates (and LGDs and EADs for retail asset class) against expectations. Reporting frequencies may vary with the significance and type of information and the level of the recipient.

        Apr 08

    • (ii) Credit Risk Control

      • CA-5.8.52

        Banks must have independent credit risk control units that are responsible for the design or selection, implementation and performance of their internal rating systems. The unit(s) must be functionally independent from the personnel and management functions responsible for originating exposures. Areas of responsibility must include:

        (a) Testing and monitoring internal grades;
        (b) Production and analysis of summary reports from the bank's rating system, to include historical default data sorted by rating at the time of default and one year prior to default, grade migration analyses, and monitoring of trends in key rating criteria;
        (c) Implementing procedures to verify that rating definitions are consistently applied across departments and geographic areas;
        (d) Reviewing and documenting any changes to the rating process, including the reasons for the changes; and
        (e) Reviewing the rating criteria to evaluate if they remain predictive of risk. Changes to the rating process, criteria or individual rating parameters must be documented and retained for CBB to review.
        Apr 08

      • CA-5.8.53

        A credit risk control unit must actively participate in the development, selection, implementation and validation of rating models. It must assume oversight and supervision responsibilities for any models used in the rating process, and ultimate responsibility for the ongoing review and alterations to rating models.

        Apr 08

    • (iii) Internal and External Audit

      • CA-5.8.54

        Internal audit or an equally independent function must review at least bi-annually the bank's rating system and its operations, including the operations of the credit function and the estimation of PDs, LGDs and EADs. Areas of review include adherence to all applicable minimum requirements. Internal audit must document its findings. External auditors are also required to conduct above-mentioned review on an annual basis.

        Apr 08