Experiences in the Implementation of Credit Risk Management for Basel II February 2008 PRMIA Shanghai Credit Risk Forum Gary Chen Principal, Credit Advisory

Experiences in the Implementation of Credit Risk Management for Basel II

February 2008

PRMIA Shanghai Credit Risk Forum

Gary Chen

Principal, Credit Advisory

Algorithmics, Fitch Group

© 2007 Algorithmics Incorporated. All rights reserved. 2

Introduction

Purpose: To provide

An overview of sound practices for credit risk management under BIS II IRB Pillar 1 framework

A framework for model development and validation based on sound industry practices

A process for internal credit risk control aligned with regulatory principles and guidance


Agenda

1. Introduction

2. Pre-model Build Process

3. IRB Model Build Process

4. Rating System Validation Process

5. Credit Risk Control & Oversight


An Overview of credit risk measurement under BIS II Framework

Quantitative Evaluation

Qualitative Evaluation

Internal Rating

Loss Given Default(LGD)

Exposure at Default(EAD)

Correlation

Stress Testing

Cal

cula

tion

of C

redi

t R

isk

Am

ount

Exp

ecte

d Lo

ss (

EL)

Une

xpec

ted

Loss

(U

L)

Ris

k C

ompo

nent

s

Financial Data

Portfolio Monitoring

Provisioning

Pricing

Profit Management

Capital Allocation

Reporting to the Board

Migration Matrix

Probability of Default (PD)

Quantification of Credit Risk

Internal Rating System

Internal UseSource: BoJ Sep 2005


Inputs

Business Processes

BIS II – Standard Approach

Internal Rating Approach

BIS II – IRB Foundation

BIS II – IRB Advanced

Portfolio Approach

Risk AppetiteCapital AllocationActive Portfolio Mgmt.Mitigation StrategiesRisk Averse PricingRAPM & VaR limitsEcoCap Optimisation

IRB Parameters Macroeconomic Forecasts

Internal Estimate PD Internal Estimate LGD Internal estimate EAD

Internal Estimate PD Supervisory LGD Supervisory EAD

External PD Supervisory LGD Supervisory EAD

Regulatory Capital Requirement


Risk-Adjusted PricingProvisioning PoliciesLimits Based on ELEarly Warnings

Correlations

Diver

sifica

tio

n


Risk-Adjusted PricingProvisioning PoliciesLimits Based on ELEarly Warnings

From Expected Loss to Economic Capital

Algo’s Advisory: From Pillar 1 to Pillar 2


A Simple Look on Pillar 1 IRB Tasks

Internal Use

“Use Test”*: Pricing,

Portfolio Monitoring,

Credit Risk Quantification?

Validation Work

Architecture of an Internal Rating System,

Quantitative Rating Model

Qualitative Evaluation

Estimation of Risk Components

Risk estimates (i.e., PD, LGD, EAD) predictive and accurate?

Source: BoJ Sep 2005

* Use Test: IRB provision that requires ratings and default and loss estimates to “play an essential role” in the Institution’s credit approval, risk management, internal capital allocations and corporate governance functions.


3. Perform Development and Validation Activities for all IRB Components:

Overview of Pillar 1 IRB Tasks

Initial Setup Ongoing & Iterative Process

2. Check Policies/Documents

DevelopmentalEvidence

OutcomesAnalysis

OngoingMonitoring

Rating System

Quantification

Data

Controls & Oversight

Board & Senior Management Independent Validation Group

Create credit /validation policy & procedural manual

Define Roles & Responsibilities

Form Independent Validation Group

Establish System of Controls

1. Review IRB Gap Assessment

InternalAudit


The need for clear CRM Roles and Responsibilities

The Board

Risk Control and Management Department

Senior Management

Business UnitSupport

Department

Credit Policy

Risk Quantification

Credit Review and Control

Bu

siness

Develop

men

t

Risk

Con

trol

Accounting

Human Resource

IT

Legal ServiceCredit Process

Internal Audit

Model Development, Maintenance and Monitoring

Model Application

Resource and IT Support

Risk Report

Business Strategy

Internal ControlEvaluation

Validation Group


Agenda

1. Introduction






The Basics : First Things First

Pre-Model Build Process: to clarify:

1. Portfolio Type:- Customer, product, industry or geographic region is model applicable to?

2. Model Purpose: - Assign ratings? Establish credit limits?

3. Model Performance Definition: - Question model is trying to answer in quantifiable terms (e.g., predict default) - Which parameters shall be estimated?

4. Model Type: - What type of model shall be estimated?

5. Definition of Default: - How is default defined?

6. Time Horizon:- What time horizon is chosen?


Types of Rating Systems

Types of rating systems:

• Expert-judgement based: qualitative/subjective ratings criteria; lacks transparency and consistency (e.g., LDPs);

• Model-based: ratings based on objective risk factors using mathematical equations;

• Constrained judgment or Hybrid: combines elements of both expert-judgment and model-based systems; and

• Vendor Models: external third-party rating systems


Rating Philosophies

Per Basel II, IRB systems must have a valid risk grading methodology based on an assessment horizon reflected in the Institution’s rating philosophy

▪ Institution must specify a rating philosophy representing its business practices:

e.g. Citigroup

(a)Ratings represent the risk of default over the next year

(b)Ratings take into account anticipated changes in borrowers conditions (stress-test)

(c) Ratings are reviewed at a minimum once a year

▪ Difference in ratings philosophy is mostly due to “time horizon” (LT vs. ST)

▪ Rating philosophy has important implications for validation and stress testing-- Must be clearly articulated in the Institution’s rating policy


IRB Minimum Requirements for Rating Systems

Rating systems are subject to IRB minimum requirements and must be validated against:

• Supervisory Standards

• Design Specifications

• Operational Criteria



IRB design requirements for rating systems:

• Rating Dimensions• 2 separate distinct dimensions: (i) risk of borrower default; and (ii) transaction-specific factors

(e.g., collateral, seniority, etc.)

• Rating Structure• Meaningful distribution of exposures across grades w/ no excessive concentrations; minimum of

7 borrower grades &1 for defaulted

• Rating Criteria• Detailed rating definitions and grade descriptions/criteria

• Rating Assignment Horizon• 1 year forward horizon for PD estimation

• Use of Models• Human review; vetting data inputs & representativeness

• Documentation of a Rating System

• Rating Systems’ Design & Operational Details (history of changes)



IRB operational criteria for rating systems:

• Coverage of Ratings• Obligors assigned ratings; exposures associated w/ facility rating

• Integrity of Rating Process• Independence; ratings refreshed at least 1x p.a.

• Rating Criteria• Detailed rating definitions and grade descriptions/criteria

• Overrides• Policy stating by whom and when; identification & tracking

• Data Maintenance• Collection & storage of borrower/facility characteristics; rating histories

• Stress Tests• Evaluation of low probability/high impact events on required capital


Agenda

1. Introduction






Quantification: Supervisory Standards

The Institution must meet the IRB risk-quantification standards for own-estimates of PD, LGD and EAD:

• PD estimates are 1 year forward-looking probabilities of default

• LGD estimates reflect economic downturn conditions; and

• EAD estimates are a long-run default weighted average EAD


Model Development Process Overview

Data merge and exclusion (1)

Data analysis and variable calculation (2)

Assessment of model input (3)

Model Selection (4)

Model validation (5)

Model calibration (6)

Mapping to rating system (7)

Step 1: Univariate analysis (3.1)

Step 2: Data Treatment (3.2)

Step 3: Monotonicity analysis (3.3)

Step 1: Correlation analysis (4.1)

Step 2: Significance and predictive power (4.2)

Step 3: Select first factor (4.3)

Step 4: Select additional factors (4.4)

Step 1: Discriminatory power (5.1)

Step 2: Bootstrapping test (5.2)Sensitivity tests (5.3)

Input of master rating system

Input of population PD

Homogeneous Tests (7.1)

Benchmark Tests (7.2)

On-going validation (8)Stress Test (8.1)

Credit migration matrix & related stability tests (8.2)


Model Development Process Overview

Explanatory Analysis

Transformation / Preparation of Variables

Estimation

Performance

Credit sense of coefficients

Tests

Performance

ImplementationYes

No

Variable selection

Create dummy variables

Data Collection


Basel Alert: Data Collection and Maintenance Systems

The Institution must have processes to collect data, assess and manage data quality and integrity and must meet key supervisory standards regarding data maintenance:

• Collect Data Over Life of Loan: “cradle to grave” collection of data for obligors and facilities

• Collect Rating Assignment Data: significant quantitative and qualitative factors for both obligors and facilities

• Support of IRB System: data collected must be of sufficient depth, scope, and reliability to:

• Develop and validate IRB system processes,

• Develop and validate parameters,

• Refine the IRB system,

• Apply improvements historically,

• Calculate capital ratios,

• Produce internal and public reports, and

• Support risk management


Data Infrastructure: Managing Quality and Integrity

Assurance of data quality and integrity require the following:

• Documentation: • Formalize process to ensure data integrity

• Articulate requirements for delivery, retention and renewal of inputs to data warehouse

• Definitions: • Develop and document comprehensive data dictionary

• Electronic Storage: • Store data in electronic format to facilitate analysis, validation and disclosure

requirements

• Regular Review and Refreshment:

• Conduct data quality assessment at least annually

• Review IRB requirements regarding “accuracy” (e.g., timeliness), “completeness” (i.e., data gaps) and “appropriateness”


Agenda

1. Introduction






“Institutions must have a robust system in place to validate the accuracy

and consistency of ratings systems and process, and estimation of all

relevant risk components. An institution must demonstrate to its

supervisor that the internal validation process enables it to assess the

performance of internal rating and risk estimation systems consistently

and meaningfully”.

[Source: BCBS, IC §500]

Basel Validation Expectations


Broad Interpretation: Rating System & Process

Internal Validation by Individual Bank

Validation of Rating System

Validation of Rating Process

BenchmarkingBacktesting

Data Quality

PD

Report Problem & Handling

Internal Use by Credit Officers

Risk Components

Model Design

LGD EAD

Broad Approachto Validation

Source: BCBS Working Paper No. 14– Feb 2005]


Validation Activities and IRB Components

Upon development

Development evidence Continuous monitoring Outcome analysis

Validation activities

Upon operation

Backtesting

Model performance

(Power /Stability

Basel minimum requirements

Completeness of development report

Model performance evidence

(Power /Stability etc,.)Model design and logic

Monitoring item

Stress Test

Benchmark analysis

IRB

validation

Model

validation

Support

structure

Control

Data

Quantitative

Data maintenance,Model operation procedure

Governance review

Internal use

BOD reporting

Actions based on

Validation results

Model

Responsibility, Governance

(authority/responsibility/limitation/documentation

)

Data adequacy

validation


Summary: Guiding Principles for Validation

√

√

√

√

Ensure integrity of IRB processes & systems

Confirm predictiveness of PD, LGD, EAD

Review IRB compliance

All IRB components

Models

Inputs (Data) & Outputs (Estimates)

Rating Process (i.e., Independence)

Control & Oversight Mechanisms (e.g., Internal Audit, Use)

Independent validation team

Experts in credit and/or modeling

Qualitative and Quantitative techniques

Review of documents

Meet w/ various depts. (e.g., risk mgmt, audit, etc.)

Determine model type & rating philosophy

Check logic behind model (programs)

Review sample data

Benchmarking (i.e., compare w/ external sources)

Backtesting (i.e., estimates v. actual)

Regular and Periodic Basis

At least 1x per year

Changes in model, data or portfolio

Initial model development

TIMING (WHEN)

PURPOSE (WHY)

SCOPE (WHAT)

MEMBERS (WHO)

METHOD (HOW)√


Agenda

1. Introduction






Corporate Governance and Oversight

Prerequisites for the Board and Senior Management

General understanding of regulatory expectations

General understanding of the institution’s proposal to meet such expectations

General understanding of the use of IRB risk estimates in capital management

Good understanding of the internal rating system design and operation

Delegation

Delegate to an appropriate party

Defined roles and responsibilities for delegated tasked if appointed


Corporate Governance and Oversight

Senior management’s IRB responsibilities

Resource management

Adequate training

Integration of IRB systems into Institution’s credit risk management processesand culture

Ensure that IRB ratings/estimates are put to proper use

Approve and track material differences between established policies and actual practice

Review performance and predictive power of IRB estimates

Advise the Board of material changes or exceptions from established policies


Controls and Oversight: Reporting Requirements

Validation Report to Management:• Upon completion of its validation activities, validation group must

submit to senior management and the Board its findings and recommendation for actions

Frequency of reporting: • Validation Policy and/or Operational Manual should set the

timetable, which at minimum is once per annum


Regulators Concerns: Infrastructure Gaps

Source: Y K Choi, Deputy Chief Executive HKMA November 2007

Observed Challenges facing Banks:Knowledge gapsInsufficient default and loss data for model development and validationInadequate awareness on importance of data integrityRevamp of risk management practice, culture, internal controls and oversight frameworkComplexity of CAR calculation and reporting engine


Regulators Concerns: PD Deviations across banks

Illustration: UK FSA Working Paper September 2007


Key Messages

Basel II’s purpose is the quantification of Capital at Risk

This requires forward-looking risk estimates

Fewer international banks than expected have so far achieved IRB Pillar

1 compliance. This calls for more complete and rigorous on-going

Validation processes

In-house data is seldom sufficient. Chinese banks will benefit from

participating in Chinese data consortiums

The on-going management of capital resources in relation to risks taken

requires robust database and risk system infrastructures.


Questions?

Further Contacts:

Gary Chen Ph.D.Principal, Credit AdvisoryAlgorithmics (Hong Kong) Ltd.28th Floor, Tower Two, Lippo Center89 Queensway, Central, Hong KongTel : (852) 2263 9970Fax : (852) 2530 [email protected]