Business Model Analysis: The Slow Shift to a New Supervisory Paradigm 23 rd January 2018

Transcription

1 Business Model Analysis: The Slow Shift to a New Supervisory Paradigm 23 rd January 2018

2 The SSM approach to business model analysis Stephen Woulfe Head of Significant Bank Supervision European Central Bank 2

3 A slow shift to a new Supervisory Paradigm Helmut Bauer Deloitte Senior Advisor and former Chief Executive Director and Head of Banking Supervision at BaFin 3

4 Supervisory approaches in Europe Meeting of the AFME SCES (Full Configuration) Business Model Analysis: The Slow Shift to a New Supervisory Paradigm Deloitte Ireland Dublin 23 January 2018

5 Supervisory approaches in Europe Meeting of the AFME SCES (Full Configuration) Business Model Analysis: The Slow Shift to a New Supervisory Paradigm Deloitte Ireland Dublin 23 January 2018

6 Fail or likely to fail SREP overall score measures distance to fail Economic viability of the business model is at the very core of the supervisory approach 6

7 Supervisory approaches in Europe Meeting of the AFME SCES (Full Configuration) 7

8 SSM ICAAP/ILAAP multiyear plan CP 02/2017 Normative internal perspective Ongoing fulfilment of all relevant legal, regulatory and supervisory requirements For the projections (covering at least 3 years), this means, e.g., ongoing fulfilment of TSCR (adverse) OCR + P2R (baseline) Additional management buffer determined by bank, depending on business model, risk appetite and risk profile ICAAP Mutual Information Economic internal perspective All risks that may impact the economic viability are covered by capital. Economic viability concept (incl. e.g. net present value) is defined internally. Institution develop own risk quantification methods. Short term risk assessment, no additional projections expected. Internal definition of capital. Additional management buffer determined by bank, depending on business model, risk appetite and risk profile Sound governance. Full integration in decision making, strategies and risk management. Sound data quality, data aggregation and IT architecture. Thorough independent review and validation. 8

9 Basel 2 align regulatory and economic capital a risk-sensitive and incentives-based capital regime internal modelling for capital computation subject to use test Normative Economic 9

10 risk-sensitive incentives-based use test Normative Economic 10

11 Julie Dickson (former SSM supervisory board member) Intensity and Effectiveness of SIFI Supervision Intensity and Effectiveness of SIFI Supervision Recommendations for enhanced supervision Recommendations for enhanced supervision Principles for An Effective Risk Appetite Framework Guidance on Supervisory Interaction with Financial Institutions on Risk Culture A Framework for Assessing Risk Culture 18 November April November November April November

12 determined by the particular conditions and circumstances of the country and the bank. The supervisor regularly assesses the quality, effectiveness and integration of its on-site and off-site functions, and amends Basel Committee its approach, as needed. on Banking Supervision 2. The supervisor has a coherent process for planning and executing on-site and offsite activities. There are policies and processes to ensure that such activities are conducted on a thorough and consistent basis with clear responsibilities, objectives and outputs, and that there is effective coordination and information sharing between the on-site and off-site functions. Sabine Lautenschläger (SSM vice chair) 3. The supervisor uses a variety of information to regularly review and assess the Core Principles for Effective safety and soundness of banks, the Banking evaluation Supervision of material risks, and the identification of necessary corrective actions and supervisory actions. This includes information, such as prudential reports, statistical returns, information on a bank s related entities, and publicly available information. The supervisor determines that September information provided by banks is reliable and obtains, as necessary, additional September 2012 information on the banks and their related entities. Julie Dickson (former SSM supervisory board member) 4. The supervisor uses a variety of tools to regularly review and assess the safety and soundness of banks and the banking system, such as: (a) (b) (c) (d) (e) analysis of financial statements and accounts; business model analysis; horizontal peer reviews; review of the outcome of stress tests undertaken by the bank; and analysis of corporate governance, including risk management and internal control systems. The supervisor communicates its findings to the bank as appropriate and requires the bank to take action to mitigate any particular vulnerabilities that have the 12

13 Why it took so long? risk-sensitive incentives-based use test Normative Economic 13

14 Normative internal perspective Economic internal perspective Additional management buffer determined by bank, depending on business model, risk appetite and risk profile Additional management buffer determined by bank, depending on business model, risk appetite and risk profile 14

15 Risk Appetite Framework and economic viability A risk appetite framework allows the firm to identify and determine the relative positions of its risk capacity, risk profile and risk appetite when evaluating and pursuing its strategy and business model and to take corrective action where necessary. In each of the five states illustrated, the firm s risk profile has changed relative to its risk capacity and risk appetite (e.g. in response to external market conditions). Profile Capacity Capacity Capacity Capacity Capacity Profile Upper limit Appetite Appetite Appetite Appetite Appetite Upper trigger Profile Profile Acceptable range for risk profile Lower trigger Lower limit Profile Objective under threat Desired range Escalation Objective under threat Firm is unviable Risk profile is less than the lower limit. Corrective action must be taken. Risk profile is between the upper and lower triggers Risk profile is between the upper trigger and limit. Escalation to consider corrective action. Risk profile exceeds the upper limit. Corrective action must be taken Risk profile exceeds risk capacity. The firm must enact its Recovery and Resolution Plan Note: In practice, for some risks, such as operational risk, the firm may not have a lower limit and trigger 15

16 1 Financial services regulation: 16

17 Business environment Strategy, Business Model Risk Appetite Framework Risk Culture Business Model Analysis: The Slow Shift to a New Supervisory Paradigm Deloitte Ireland Dublin 23 January 2018

18 Risk Appetite Framework Developing risk appetite statements requires business input and understanding across the firm, driven by both top down leadership and bottom up management involvement. The cascading of high level statements down through the business is aimed at developing and implementing a comprehensive and coherent structure. It is also key to enabling transparency and communication of the firm s risk profile as it creates a firm-specific common risk appetite language. Strategic Plan & Objectives, Business Model, Risk Strategy Based on the themes from the firm s strategic plan and objectives and its business model, which are approved by the Board, the risk strategy is set by the CRO. It articulates the aspirational status of the firm s risk profile (the firm s targeted future risk profile). Based on the risk strategy, the Board approves the firm s enterprise-wide highlevel risk appetite statement, and related measures and limits. Board or Senior management provide direction to the rest of the firm. The enterprise-wide high-level risk appetite statement, and related measures and limits, aremapped to key risk drivers. Specific activities that the firm can and cannot do are defined and documented qualitatively in principles and policies to operationalise risk appetite. Quantitative detailed risk appetite measures and limits are articulated to allow risk appetite to be monitored and controlled in day-to-day risk management processes. Top-down articulation of risk appetite statements and limits must be informed at all stages by bottom-up input and engagement. The risk appetite framework must take into account and respond to the firm's business dimensions (such as business model, customer profile, limits and controls, concentrations, competitive position and financials). High level Directional Specific Detailed Risk Appetite Business Dimensions High-level enterprise-wide risk appetite statement, measures and limits Key Risk Drivers and related risk appetite statements, measures and limits Principles and Policies to operationalise risk appetite Detailed risk appetite measures and limits 18

19 Risk Appetite Framework Developing risk appetite statements requires business input and understanding across the firm, driven by both top down leadership and bottom up management involvement. The cascading of high level statements down through the business is aimed at developing and implementing a comprehensive and coherent structure. It is also key to enabling transparency and communication of the firm s risk profile as it creates a firm-specific common risk appetite language. Risk Appetite Detailed risk appetite measures and limits Business Dimensions Detailed Principles and Policies to operationalise risk appetite Based on the themes from the firm s strategic plan and objectives and its business model, which are approved by the Board, the risk strategy is set by the CRO. It articulates the aspirational status of the firm s risk profile (the firm s targeted future risk profile). Based on the risk strategy, the Board approves the firm s enterprise-wide highlevel risk appetite statement, and related measures and limits. Key Risk Drivers and related risk appetite statements, measures and limits Board or Senior management provide direction to the rest of the firm. The enterprise-wide high-level risk appetite statement, and related measures and limits, aremapped to key risk drivers. Specific activities that the firm can and cannot do are defined and documented qualitatively in principles and policies to operationalise risk appetite. High-level enterprise-wide risk appetite statement, measures and limits Specific Directional High level Quantitative detailed risk appetite measures and limits are articulated to allow risk appetite to be monitored and controlled in day-to-day risk management processes. Top-down articulation of risk appetite statements and limits must be informed at all stages by bottom-up input and engagement. The risk appetite framework must take into account and respond to the firm's business dimensions (such as business model, customer profile, limits and controls, concentrations, competitive position and financials). Risk Strategy Strategic Plan & Objectives, Business Model, 19

20 Risk Appetite Framework Developing risk appetite statements requires business input and understanding across the firm, driven by both top down leadership and bottom up management involvement. The cascading of high level statements down through the business is aimed at developing and implementing a comprehensive and coherent structure. It is also key to enabling transparency and communication of the firm s risk profile as it creates a firm-specific common risk appetite language. 1. Set strategic plan & objectives, business model, risk strategy and risk capacity Based on the themes from the firm s strategic plan and objectives and its business model, which are approved by the Board, the risk strategy is set by the CRO. It articulates the aspirational status of the firm s risk profile (the firm s targeted future risk profile). Based on the risk strategy, the Board approves the firm s enterprise-wide highlevel risk appetite statement, and related measures 4. Control and limits. and correct Board or Senior management provide direction to the rest of the firm. The enterprise-wide high-level risk appetite statement, and related measures and limits, aremapped to key risk drivers. Internal Communication, Risk Data, IT 2. Articulate risk appetite statements and limits Specific activities that the firm can and cannot do are defined and documented qualitatively in principles and policies to operationalise risk appetite. Quantitative detailed risk appetite measures and limits are articulated to allow risk appetite to be monitored and controlled in day-to-day risk management processes. Top-down articulation of risk appetite statements and limits must be informed at all stages by bottom-up input and engagement. The risk appetite framework must take into account and respond to the firm's business dimensions (such as business model, customer profile, limits and controls, concentrations, competitive position and financials). 3. Monitor and report Risk appetite framework links strategy and business model development with risk management across 3LOD, and bank operations 20

21 Business environment analysis (function and process) Function (not necessarily one) with skills and resources for analysis of Macroeconomic environment Competitive environment Other relevant environmental variables (e.g. regulatory, technological, socio-demographic, fiscal, etc.) Process Identify, analyse, monitor on an ongoing basis the macroeconomic and competitive environment and other relevant environmental variables and determine the sensitivity of the business model to all relevant environmental variables Develop, review, and update (stress) scenarios across environmental variables for testing of current business and future strategy Communicate findings, feed into strategy/business development and budgeting process Strategy, Business Model Development (process involving many functions and intelligence) Owner: the board Function(s) and process for analysis of current and future profitability Understand and monitor on an ongoing basis profit generation by business lines/products, the key drivers, and related interdependencies Sound financial projection techniques based upon scenarios aligned to business model Demonstrate the courage to quit Risk Appetite Framework Real-life spinning of the business model generating a continuous stream of business information to feed into the fine-tuning/development of the business model 2 Financial services regulation: 21

22 Business Model Analysis Challenges and Opportunities Panel Session 22

23 Moderator Dr. Margaret Cullen: Director of Executive Education at the Institute of Banking Panellists Helmut Bauer: Deloitte Senior advisor to Deloitte s Centre for Regulatory Strategy in London and Deloitte s Banking Union Centre Frankfurt and former Chief Executive Director and Head of Banking Supervision at BaFin Stephen Woulfe: Head of Division, Significant Bank Supervision, European Central Bank Richard Pike: Independent Non-Executive Director at Permanent TSB, JP Morgan Fund Administration Services (Ireland) Limited and JP Morgan Hedge Fund Services (Ireland) Limited Harry Bhoja: GARP member and previously Head of Risk and Middle Office at Zurich Financial Services Sean Smith: Partner, Regulatory Risk, Deloitte

24 What are the challenges faced by Banks and Regulators in relation to BMA? 24

25 Business Model Analysis Panel Session Challenges faced by Firms What challenges do banks face as part of Supervisory Business Model Analysis? 25

26 Business Model Analysis Panel Session Regulatory Challenges What are the challenges faced by Regulators when assessing the viability and sustainability of firms business models? 26

27 Business Model Analysis - Panel Session Board Engagement What are the key challenges facing Boards in Business Model Analysis? 27

28 Business Model Analysis Panel Session Roles and Responsibilities Where should ownership of Business Model Analysis sit within an organization? 28

29 What are the actions firms can undertake to improve business model analysis and strategic decision making? 29

30 Business Model Analysis Panel Session Analysing business models How can firms best define their approach to business model analysis to stakeholders? 30

31 Business Model Analysis Panel Session Improving BMA What factors should firms consider when looking to improve the analysis of their business model? 31

32 Business Model Analysis Panel Session Innovation How can banks incorporate technology threats into their business model analysis? 32

33 Key Panel Messages Peer Groups: Firms can benefit from identifying peer groups against who they are likely to be benchmarked to better understand regulatory expectations Regulatory Challenges: Regulators face challenges understanding the drivers behind differences in results of firms internal and regulatory exercises, particularly when benchmarking Board Engagement: Boards should be able to evidence to Regulators that they (1) fully understand business model vulnerabilities; and (2) make informed strategic decisions based on this understanding Roles and Responsibilities: Clear definition of the responsibilities of stakeholders (particularly across Risk, Finance and Strategy) in assessing the firm s business model and the link with strategic planning is crucial 33

34 Key Panel Messages BMA Framework: Firms should have in place policies and processes which (1) define their approach to assessing its business model; (2) outline how this is integrated with other key processes; and (3) illustrate how BMA feeds into strategic decision making Strategic Balance Sheet Modelling: Firms should consider whether the implementation of strategic balance sheet management modelling may enhance their ability to deliver sustainable profitability within a suitable risk threshold, supported by appropriate capital/funding structure Innovation: Firms should ensure their stress testing scenarios incorporate the threats to their business models posed by disruptive technologies/competitors 34

35 Key Takeaways 1 Define and formalise your approach to analysing your business model (including peer group analysis) 2 Use this to illustrate how you embed and integrate key regulatory processes into strategic decision making 3 Review your business model analysis capabilities to ensure they provides a sufficiently forward looking, risk adjusted view of profitability 35