Custom print

CA-14.3.1

Past version: Effective from 01 Apr 2008 to 31 Mar 2011
To view other versions open the versions tab on the right

In order to ensure that banks using models have market risk management systems that are conceptually sound and implemented with integrity, the CBB has set the following qualitative criteria that banks are required to meet before they are permitted to use the models-based approach for calculating capital charge. Apart from influencing the CBB's decision to permit a bank to use internal models, where such permission is granted, the extent to which the bank meets the qualitative criteria will further influence the level at which the CBB will set the multiplication factor for that bank, referred to in section CA-14.5. Only those banks whose models, in the CBB's judgement, are in full compliance with the qualitative criteria will be eligible for application of the minimum multiplication factor of 3. The qualitative criteria include the following:

(a) The bank should have an independent risk management unit that is responsible for the design and implementation of the bank's risk management system. The unit should produce and analyse daily reports on the output of the bank's risk measurement model, including an evaluation of the relationship between the measures of risk exposure and the trading limits. This unit must be independent from the business trading units and should report directly to the senior management of the bank.
(b) The independent risk management unit should conduct a regular back-testing programme, i.e. an ex-post comparison of the risk measure generated by the model against the actual daily changes in portfolio value over longer periods of time, as well as hypothetical changes based on static positions. See CA-14.5.1 (j).
(c) The unit should also conduct the initial and on-going validation of the internal model. Further guidance on validation of internal models is given in section CA-14.12.
(d) The board of directors and senior management of the bank should be actively involved in the risk management process and must regard such process as an essential aspect of the business to which significant resources need to be devoted. In this regard, the daily reports prepared by the independent risk management unit must be reviewed by a level of management with sufficient seniority and authority to enforce both reductions of positions taken by individual traders and reductions in the bank's overall risk exposure.
(e) The bank's internal model must be closely integrated into the day-to-day risk management process of the bank. Its output should, accordingly, be an integral part of the process of planning, monitoring and controlling the bank's market risk profile.
(f) The risk measurement system should be used in conjunction with the internal trading and exposure limits. In this regard, the trading limits should be related to the bank's risk measurement model in a manner that is consistent over time and that is well-understood by both traders and senior management.
(g) A routine and rigorous programme of stress testing, along the general lines set out in section CA-14.6, should be in place as a supplement to the risk analysis based on the day-to-day output of the bank's risk measurement model. The results of stress testing should be reviewed periodically by senior management and should be reflected in the policies and limits set by management and the board of directors. Where stress tests reveal particular vulnerability to a given set of circumstances, prompt steps should be taken to manage those risks appropriately (e.g., by hedging against that outcome or reducing the size of the bank's exposures).
(h) The bank should have a routine in place for ensuring compliance with a documented set of internal policies, controls and procedures concerning the operation of the risk measurement system. The bank's risk measurement system must be well documented, for example, through a risk management manual that describes the basic principles of the risk management system and that provides an explanation of the empirical techniques used to measure market risk.
(i) An independent review of the risk measurement system should be carried out regularly in the bank's own internal auditing process. This review should include both the activities of the business trading units and of the independent risk management unit. A review, by the internal auditor, of the overall risk management process should take place at regular intervals (ideally not less than once every six months) and should specifically address, at a minimum:
•   the adequacy of the documentation of the risk management system and process;
•   the organisation of the risk management unit;
•   the integration of market risk measures into daily risk management;
•   the approval process for risk pricing models and valuation systems used by front- and back-office personnel;
•   the validation of any significant changes in the risk measurement process;
•   the scope of market risks captured by the risk measurement model;
•   the integrity of the management information system;
•   the accuracy and completeness of position data;
•   the verification of the consistency, timeliness and reliability of data sources used to run internal models, including the independence of such data sources;
•   the accuracy and appropriateness of volatility and correlation assumptions;
•   the accuracy of valuation and risk transformation calculations;
•   the verification of the model's accuracy through frequent back-testing as described in (b) above and in the Appendix 15.
Apr 08