Despite calls from critics like the Adam Smith Institute to abolish stress tests, and the difficulty regulators admit that banks have in producing stress testing submissions, the public appetite for financial services regulation and the perceived failure of ‘light touch’ pre-2007 regulatory regimes mean that stress testing is here to stay.
Moreover, given that we are in early stages of a major change to how financial market stability and industry solvency is monitored, we can expect further change as regulators refine their stress testing approaches, and contiguously gain insight from the information provided by participants. Industry feedback may yet prompt further changes, as regulators look to build acceptance for their stress testing regimes.
Another argument to suggest that stress testing will continue is that regulators see evidence of it working. Since the establishment of CCAR, DFAST, UK and EU stress tests and other risk data regulations such as BCBS 239 and the upcoming BCBS 265, firms have made sizeable improvements, particularly in areas such as data collection, risk analytics and elements of corporate governance. All this suggests that, independent of whether institutions believe the scenarios being tested are realistic or not, we are seeing the start of a fundamental shift in risk culture which is what the regulations seek to achieve in the long run.
The Intent behind the Regulation
Banks on both sides of the Atlantic are faced with two common challenges:
- Making stress testing a transparent, repeatable and cost-efficient process
- Coping with stress testing changes in the future
A proactive, rather than reactive, approach to stress testing and risk reporting is viewed as the key to increasing the resilience of individual firms, the overall stability of the financial system, and – ultimately – regulatory approval.
How is this done?
Just as critics of stress testing say a ‘one size fits all’ approach can be considered too blunt for the wide variety of business models in financial markets, there is no single method (or off-the-shelf solution) to help banks manage the challenge of annual stress testing. However, there are common approaches that institutions adopt, which are being recommended by regulators as best practice.
Best Practice Recommendations
From an organisational and systems perspective, these recommendations include:
Well-articulated documentation, standards and process orchestration and underlying data ensure that scenarios are implemented consistently across business functions in terms of the understanding of the intent of the scenario, the portfolios and business lines affected and the accuracy and reliability of reported results.
In addition to this, a sound governance process identifies and addresses gaps in an enterprise’s stress testing framework and has the authority to work with business owners and stakeholders to address them.
- Data Control Points for Scenario Generation
To achieve consistency in preparing scenarios it is essential that common data inputs (e.g. securities data, historical market prices) and derived data (e.g. curves and surfaces) are sourced, validated and distributed from a single function. This is to make sure common data has assured lineage and provenance, and any changes can be quickly propagated throughout the organisation. High quality data is needed for understanding the historical relationship between scenario parameters (GDP, interest rates, unemployment, stock markets etc.) so that scenarios can be correctly discussed and challenged before they are released internally.
Where scenarios require price or volatility shocks to trading books these should also be defined from a validated central source and provided to models that are simulating their impact on positions for the stress test. For the results to be convincing to regulators, it is important that banks have a deep understanding of the data and models used in their scenarios so that their explanatory materials meet the required standards.
- Workflow Control Points
At such firms, control points have been established to both promote repeatable and automated practices within the modelling framework, and to verify the data and model quality throughout the process. These control points ensure that corrections or enrichments of data used are proliferated consistently both upstream and downstream from the control point and – wherever possible – the opportunity for manual input of data is eliminated, along with the risk of human error.
In short, governance, data management, model management and system integration are the keys to banks building a robust stress testing framework that is capable of both adapting to future changes in stress testing requirements and, more importantly, becoming the decision-making tool that regulators hope will inform both strategic and routine decisions.
Making the process repeatable and cost effective will be made possible by the use of automation and integration, particularly with regard to the common data sets required for scenarios calculation around the various departments and divisions running them. This moves the process from what is currently a highly manual task, led by risk and audit experts, to an automated and scalable environment that leverages existing technology investments.
Ultimately, financial institutions will be successful in creating stress testing environments that meet regulators’ needs and indeed institutionalise risk weighted decision making. After all, the single greatest engineering skill western financial institutions have shown over the last 50 years is the ability to take physical processes and make them virtual. The question today is whether this transformation can be done at a pace that keeps regulators satisfied.
By Richard Petti, CEO, Asset Control