The complexities of Basel II make it easy to lose sight of why capital requirements are imposed on banks. So I wish to start by going back to first principles. The essence of banking is lending at a higher interest rate than the cost of funding that lending. Bank funding, of course, comes from owners’ equity and debt. Debt is cheaper than equity, but it is riskier for the bank in that if it can’t be repaid, say because loans made by the bank are in default, then the bank may fail. In contrast, if loans funded by equity fail then, while shareholders lose their money, the bank survives (as long as its capital position remains positive). The challenge for bankers is getting the right mix of capital and debt; ensuring that there is adequate protection against default while maximising debt - achieving the optimum level of gearing.
The failure of a bank has ramifications that extend way beyond the bank; the crucial role of banks in the financial system mean that problems in one can be quickly transmitted to other institutions; changes in banks’ capacity to lend lead to broader macroeconomic effects; and much of banks’ funding is derived from unsophisticated depositors. As a consequence, governments have long felt obligated to minimise the risks in banks by regulating them and protecting their depositors. Historically in Australia, successive governments sought to make banking less risky by regulating the activities of, and imposing lending controls on, the various banks. But interestingly no minimum capital requirement was imposed - that is there was no restriction on gearing - but I will return to that shortly.
Starting in the late 1970s, in Australia and elsewhere in the developed world, bank regulation has given way to supervision. That has enabled banks to continue to be highly geared. But they have also become highly competitive and innovative, something that they were more constrained in when their activities were tightly regulated. As an aside, in some areas of banking in Australia competition was slow to emerge because new entrants initially believed they had to replicate the existing structures. But in virtually all facets of banking highly innovative niche players have now emerged.
A company that is highly geared, is innovative and exists in a very competitive environment faces many risks and must therefore become extremely good at managing those risks and protecting itself against them. Returning to our simple banking model, one way to protect against risk in a bank is to require a minimum level of capital relative to its risk assets; in other words to place a limit on the ability of a bank to gear its balance sheet, thereby moving risk from the bank to its owners. The original 1988 Basel Capital Accord provided a global methodology and capital ratio. The methodology defined eligible capital, on-balance sheet credit risk, off-balance sheet credit risk and, in a later version, market risk. It also set a minimum capital ratio of eight per cent and required supervisors to have the ability to apply a higher ratio to specific institutions. As the world moves from Basel I to Basel II, it is worth bearing in mind that history has shown that banks’ management and the markets have generally adopted a buffer over the regulatory minimum.
The world of banking has continued to develop since Basel I and its “one size fits all” approach has been unable to deal with the increasing innovation and sophistication of the marketplace. Internally, banks have been addressing this as they develop models for calculating economic capital and supervisors have been seeking to develop a better regulatory solution. Basel II seeks to harness into the supervisory process best practices in risk management in banking.
As we have already heard this morning, Basel II is based on three pillars. The first is the minimum capital requirements. Generally, the definition of eligible capital, off-balance sheet credit risk and market risk remain unchanged from Basel I. Operational risk has been added and there are now three options for calculating credit risk; standardised, foundation internal ratings-based and advanced internal ratings-based. Similarly, there are three options for calculating operational risk; basic indicator, standardised and advanced measurement. The second pillar requires banks to assess their capital adequacy positions relative to their overall risks and for supervisors to review those assessments and to take appropriate action. The third pillar encourages market discipline by developing a set of disclosure requirements that allow market participants to assess key information about a bank’s risk profile and level of capitalisation.
Consistent with the move away from the “one size fits all” approach, Basel II is designed to be flexible and to be able to reflect the complexity of the business undertaken by specific banks. In a small bank, for example, lending decisions may be made largely on the judgement of the lending officer. That of course raises the risk that the officer’s judgement will be faulty; let’s call that “judgement” risk. So the bank may introduce credit scoring. That will reduce “judgement” risk, but a new risk is introduced; the risk that there are flaws in the credit scoring methodology and its application. While total risk may have been reduced, the remaining risk is more complex. Basel II aims to match the level of capital to the amount of risk, while ensuring that all the components of the risk are provided against. The more complex the risk, the more complex is the Basel II solution.
Banks can decide where on the complexity scale they wish to operate. A small ADI, such as a credit union, can happily exist with a small number of simple products. Operating in its own market it can be competitive and innovative, while maintaining a simple risk profile that can be adequately protected against with simple risk management strategies and practices. At the other extreme, a sophisticated global bank providing a broad suite of products will require complex risk measurement practices and strategies. Basel II makes available a capital solution for the small banks offering a small number of uncomplicated products, a solution for the most complex banks and a solution for those banks in between.
A bank unnecessarily applying a complex capital regime will pay the substantial cost of implementing and operating that regime but will receive a poor return on that investment in terms of capital reduction and cost of funding. At the other extreme, a sophisticated global bank not investing in the systems appropriate to its business will pay the cost of holding more capital, and in all probability suffering more losses, than its competitors.
While banks are free to choose whether they wish to apply the standardised Basel II arrangements, or one of the more sophisticated approaches, APRA is requiring banks to be consistent in how they implement Basel II. Banks using the internal ratings-based approach for credit risk will also have to adopt the advanced measurement approach for operational risk, and vice versa. Banks using the more sophisticated approaches to calculate regulatory capital for credit and operational risk will also have to hold capital for interest rate risk in the banking book and will have to take into account the full range of risks, including business/strategic, credit concentration and business cycle effects, in their own capital allocation models. In saying this APRA acknowledges the difficulty in measuring some of these risks, such as business/strategic, and will be working closely with the banks to ensure sensible outcomes.
APRA expects the four major banks, as large internationally operating banks, to seek to implement one of the internal-ratings based approaches for credit risk, probably the advanced approach.
Some other Australian banks may wish to use the more sophisticated approaches. If they do so, they will need to meet the high level requirements that will apply in regard to the qualitative and quantitative criteria necessary for internal ratings-based approval.
ADIs may choose not to implement the internal ratings-based approach and no connotation should be drawn from that. As I noted earlier, Basel II is a deliberate move away from the “one-size-fits-all” approach. There is no generically “right” answer across the deposit-taking sector and whether an approach is appropriate for a particular institution will depend on the circumstances.
It should also be borne in mind that banks that are using the standardised approach at the time of the Basel II implementation date of end 2006 will not be prevented from subsequently moving to the more advanced approaches as dictated by changes to their business and internal processes.
As I was asked to speak specifically about Pillar 2 this morning, I should say a bit more about that.
Much of the focus, by both supervisors and banks, on Basel II to date has been on Pillar 1. Nevertheless, Pillar 2 is an integral part of the Basel II framework. It aims to encourage banks to develop and use better risk management techniques in monitoring and managing the risks to which they are exposed and to ensure they hold appropriate capital against:
- risks not fully captured by the Pillar 1 process, such as business concentration risk,
- risks not taken into account by the Pillar 1 process, such as interest rate risk on the banking book, business and strategic risk, and
- factors external to the bank, such as business cycle effects.
The first principle of Pillar 2 is that banks should have a process for assessing their overall capital adequacy in relation to their risk profile and a strategy for maintaining their capital levels. Basel II identifies five features of a rigorous process: board and senior management oversight; ensuring the integrity of the capital assessment and management process; a comprehensive assessment of risks; monitoring and reporting; and internal control review.
Pillar 2 contains three other principles, the responsibility for which fall on supervisors. Supervisors should review and evaluate banks’ internal capital adequacy assessments and strategies, as well as their ability to monitor and ensure their compliance with regulatory capital ratios. Supervisors should expect banks to operate with a capital buffer to protect against bank specific risks or broader economic risks. Many banks themselves see such a buffer as necessary for competitive reasons, including those associated with how ratings agencies view them. They also consider a buffer as protection against the possible need to raise capital in times of difficult market conditions. Finally, supervisors should seek to intervene at an early stage if there is a risk of a bank’s capital falling below the regulatory minimum.
As is clear from the above brief outline of Pillar 2, much of it is subjective and the detail of its implementation will reflect the complexity and risk profile of individual ADIs. This is particularly evident, for example, in the Pillar 2 requirement that banks identify, measure and report material risks and address them in the capital assessment process. A large global bank, by its nature, is exposed to the full spectrum of risk. In the case of credit risk, the Pillar 1 internal ratings-based approach will capture most, but not all, of this risk. The remaining credit risk, for example concentration, will be captured under Pillar 2. In contrast, the standardised approach is generally acknowledged to contain a buffer that represents a proxy for risk against which banks using the more sophisticated approaches will explicitly hold capital under Pillar 2. But there is also an alignment between sophisticated risk management and Pillar 2 expectations. Banks initially using the standardised approach but which have a longer term aim of becoming internal ratings based banks would be expected to move along Pillar 2 as they strive towards their objective. However, for those ADIs whose business plan is based on offering only “plain vanilla” products it is partly in the implementation of Pillar 2 that APRA will be able to meet its commitment to simplify the standardised approach in order to avoid unnecessary complexity and cost.
There is a view around that advanced IRB banks will require significantly less capital. Although APRA, and indeed most other bank supervisors, is still to fully assess the impact that Pillar 2 will have on regulatory capital, it should be clear from the above discussion that only moderate reductions in capital for internal risk-based banks are anticipated. It is appropriate that banks that have introduced sophisticated and effective risk management practices should be rewarded. But, reducing risk is an incremental procedure. In any event, banks should not view a reduced capital charge as the only offset against the substantial investment required to be an internal ratings-based bank. At least in part, the investment is a necessary tool to properly manage a sophisticated bank. And there will be funding offsets. The markets, both equity and debt, used by a sophisticated bank to fund itself will reward those banks with risk management and capital models appropriate to their business. On the other hand the markets will penalise those banks that do not have them.
I wish to address one other issue. It is appropriate that banks have the option of being able to outsource some of the work required to implement Basel II; to use consultants and possibly share historic data. In doing so, however, it is important that banks understand what it is they are outsourcing and understand the information that is returned. As would be clear from the Basel II emphasis on managing and reducing risk, a “black box” response is not acceptable.
Irrespective of any outsourcing arrangements used, APRA’s responsibilities always lie with the individual banking institutions. In meeting those responsibilities, APRA is always happy to talk to individual banks and it encourages banks that have concerns about Basel II to discuss them with us. APRA is also prepared to discuss Basel II issues with consultants, but it does not, nor will it, endorse any particular consultants or providers of outsourced services. Nor will it enter into direct relations with such consultants or providers.Click here for slides