Managing interdependencies in Current Expected Credit Loss (CECL) implementations

Similar documents
Federal Reserve Guidance on Supervisory Assessment of Capital Planning and Positions for Large Financial Institutions.

Appointing, Assessing, and Compensating the Independent Auditor The Role of the Audit Committee

Creating a Risk Intelligent Enterprise: Risk governance

Proposed Attestation Requirements for FR Y-14A/Q/M reports. Overview and Implications for Banking Institutions

Implementing Analytics in Internal Audit. Jordan Lloyd Senior Manager Ravindra Singh Manager

Transformation in the Internal Audit Function Neil White October 5, 2017

Deloitte Governance Framework and Maturity Model

Adding insight to audit Transforming Internal Audit through data analytics

Shine a light on media accountability

Social Analytics in Media & Entertainment The three-minute guide

Modernizing Compliance: Evolving From a Foundational Program to a Value-Creating Strategic Partner

Beyond Compliance. Leveraging Internal Control to Build a Better Business: A Response to Sarbanes-Oxley Sections 302 and 404

Comparison of the PCAOB s Auditing Standards No. 5 and No. 2 (Certain key differences are highlighted by underlining)

SREP Transformation The Deloitte approach. Deloitte Malta Risk Advisory - Banking

Digital Testing and Controls Automation A transformative approach to automating your control environment

Enterprise Risk Management in Health Care

Audit quality Independent Audit

Optimizing the value of audit quality indicators Lessons we have learned

Adopting automation in internal audit Using robotic process automation and cognitive intelligence to fortify the third line of defense

EMEA TMC client conference Tax Operating Model defining your tax resourcing, governance and technology approach. The Crystal, London 9-10 June 2015

Navigating the PCAOB s and SEC s internal control expectations A discussion. June 2015

Modernizing regulatory reporting in banking & securities Where to get started. CENTER for REGULATORY STRATEGY AMERICAS

Practical Suggestions/Tips for an Effective BSA/AML Compliance Function

Mid-market technology trends: Leveraging disruption to drive value The Dbriefs Private Companies series Anthony Stephan, Principal, Deloitte

FDICIA Reporting for Financial Institutions. Reporting Changes Under Part 363 and SAS 130

Accelerating application management services automation Time to break out the bots?

Audit committee performance evaluation

Getting Comfortable with being Uncomfortable! Using Agile IA to transform your internal audit function

Modernizing compliance: Moving from value protection to value creation

Launching a hedge fund building the operational foundation for success

EY Center for Board Matters. Leading practices for audit committees

Getting Comfortable with being Uncomfortable! Using Agile IA to transform your internal audit function. IIA New York - Agile Auditing May 18, 2018

Refocus your risk assessment lens Scale your ICFR program to focus on risks not benchmarks

Leveraging Stress Testing Processes and Systems Page 1

Enterprise Risk Management Discussion American Gas Association Risk Management Committee Meeting

Looking to improve earnings calls? Start with better information. CFO Insights April 2017

Outsourcing banking processes: The question is no longer if, but how to effectively manage extended enterprises

DevSecOps Embedded Security Within the Hyper Agile Speed of DevOps

Achieving CECL Compliance with Oracle Financial Services Analytical Applications

Auditing Agile projects Your grandfather s audit won t work here!

Audit committee performance evaluation

Global Manufacturing Industry Landscape

Delivering smarter audits Insights through innovation

Planning tool: Audit committee calendar of activities

The Role of the Board in Strategy & Risk. NACD National Conference Power Breakfast October 15, 2012

It s time to revisit your anti-corruption compliance program How to design an effective and defensible compliance program in response to global trends

Sarbanes-Oxley Act of 2002 Can private businesses benefit from it?

The Report of the Audit Committee Analysing the trends in South Africa

2017 Deloitte Renewable Energy Seminar Innovating for tomorrow November 13-15, 2017

Kenya Human Capital Trends, 2015 Leading in the new world of work Deloitte Consulting 1

Model risk management A practical approach for addressing common issues

EY Center for Board Matters

Creating a Risk Intelligent Enterprise: Scenario planning and war-gaming

Our PRIIPS solution Get prepared for the race

CFO attestation: building a sustainable process

Our mission is to promote transparency and integrity in business. We monitor the quality of UK Public Interest Entity audits. We have responsibility f

IIB - INTERNATIONAL BANKING ANTI-MONEY LAUNDERING SEMINAR

Quarterly accounting roundup: An update on important developments The Dbriefs Financial Reporting series Robert Uhl, Partner, Deloitte & Touche LLP

Investment management analytics The three-minute guide

Contents The CECL Approach... 3 Data... 4 Platform... 5 Modeling... 6 Summary... 6 More Information... 6

Internal Audit of the Future Evolution of Internal Audit Due to Digitisation. Cheryl Khor Asia Pacific Operational Risk Leader Deloitte

CFO meets M&A: Value creation in the digital age The Dbriefs Driving Enterprise Value series

ERP systems and operational transfer pricing: Relief is on the way Dbriefs Tax Operations series

IFRS 16 Technologies 12 June 2018

Revenue matters Is Australia ready for AASB 15?

Investment management analytics The three-minute guide

EXECUTIVES are usually hired to drive business. Influencing stakeholders. Executive Transitions. Persuade, trade, or compel

Creating a Risk Intelligent Enterprise: Risk sensing

Business development companies

Barry Robinson. Forensic Accountant, Deloitte

Implementation considerations for private companies Staying on track with the new lease accounting standard, ASC 842

Integrated Business Planning plus Your journey towards digital end-to-end planning

Time to take action IFRS 16 Leases

Making yourself irresistible for M&A 7 tips to get you ready to sell your business

Federal CFO Insights Real solutions to win the fight against improper payments and fraud, waste and abuse

Activating the digital organization A sink-or-swim moment for today's enterprise

Becoming agile A guide to elevating internal audit s performance and value. Part 1: Understanding agile internal audit

Outsourcing transparency evolution

WARRANTY WASTE ANALYTICS

Going beyond risk and compliance: Legal functions embracing digital

Corporate Tax Spring Training Trends in Tax Technology

International Finance Corporation

Scenario analysis: what is it and how can it help business deal with climate risk?

Advancing analytics and automation within internal audit

Consumer engagement Guiding your customers down the yellow brick road. Strengthening the health care customer journey

Governance in a multidimensional environment

Implementation Tips for Revenue Recognition Standards. June 20, 2017

Sample audit committee charter

pwc.co.uk Enterprise Risk Management

Managed analytics The three-minute guide

Strategies for Forecasting and Grossto-Net (GTN) Estimates in a Fluid and Fast-Paced Environment

Gross-to-Net Estimates and Accruals - Master Class

Reimagining the Risk Intelligent Enterprise

Partnering with the business to create a successful self-service analytics framework

Model Risk Management at FinTech organizations Considerations for bank charter applicants

Connectors Making shared services work at the core of the business rather than on the outskirts

High-Impact Succession Management Revealed

Internal Audit and Technology Sustainable Analytics

Maximizing value from your lines of defense

The digital fund lifecycle

Transcription:

Managing interdependencies in Current Expected Credit Loss (CECL) implementations Managing CECL interdependencies will be crucial to a successful implementation Implementing most accounting standards is a finance-only effort. However, the Financial Accounting Standards Board s (FASB) new Current Expected Credit Loss (CECL ) standard will be quite the opposite. CECL has many interdependencies across governance, modeling, credit analysis, production, and financial reporting. These interdependencies, combined with CECL being a principles-based standard, sets the stage for one of the most challenging accounting changes institutions have faced in decades. Institutions that prepare for and manage these interdependencies well will have more effective and cost-efficient CECL implementation programs. Managing the interdependencies starts with defining the target operating model, or TOM. Defining the TOM early, and with specificity, provides the necessary framework for institutions to successfully implement CECL. Throughout the CECL program, institutions should routinely review/challenge the TOM, which will identify issues early in the process and reduce the time and cost of TOM changes. This review/challenge effort can be effectively done in senior leadership workshops where the TOM is reviewed in detail from data management through disclosure. Once you have the TOM in place and have established the process by which you will review/challenge the TOM you ll be prepared to tackle the four major implementation areas and the interdependencies associated with each: Governance and oversight Models and data Technology and production Controls, accounting, and reporting CECL has many interdependencies across governance, modeling, credit analysis, production, and financial reporting.

Governance and oversight Governance and the role of the board Audit and risk committee governance efforts over the new CECL allowance process will increase for most institutions. First, audit committee focus on financial statement internal controls will increase due to a more complicated operating environment of complex models, data, operations, and disclosures. Second, given that CECL estimates will now involve reasonable and supportable forecasts, significant coordination between the risk and audit committees will be necessary to review the analysis supporting the forecast selection and its financial statement impact. Third, with more robust models that include forecasts, the relationship between quantitative and qualitative reserves will need to be carefully reviewed by both committees to avoid including the same risk in both components and thus overstating the allowance. Finally, clearly and simply telling the story regarding the current allowance will be challenging. In the end, early board involvement will prove valuable. Oversight: Management allowance committee Often institutions review and approve the allowance amount and disclosures for financial reporting purposes through a management allowance committee (MAC). For many years, institutions have enhanced the MAC s oversight of the allowance assumptions, measurement, and disclosure processes through more robust model analytics and validation, end-to-end (E2E) control effectiveness evaluations, more thorough disclosure reviews, and increased documentation. CECL will only increase the need for more critical challenge. Given that the MAC will sign off on the new CECL process and allowance each quarter, the MAC should be an integral part of the CECL program governance and should formally sign off on all crucial assumptions and decisions. Oversight: The second line of defense The adoption of CECL will require more extensive and frequent second line-ofdefense reviews. However your institution performs and tests its internal control over financial reporting (ICFR) across the first and second lines of defense, ensuring effective coordination between the groups will be key. For this reason, institutions that adopt a one-step-behind review philosophy during the CECL design, build, and implement phases and carry that cadence forward to the operating phase will benefit from early detection of internal control gaps and deficiencies. Using the one-step-behind approach, the second line of defense would review the initial internal control design in detail because the operating model will be more complicated under CECL. Furthermore, given that many legacy processes may not have been previously designed or tested at an ICFR level, these processes should receive additional attention during control design. Model validation should be completed with a one-step-behind approach as well to help avoid late-stage rework of model deficiencies. Joint audit and risk committee meetings to review the CECL allowance will be the norm. 2

Models and data Developing expected credit loss models in an iterative manner will enable optimization of model-centric decisions regarding governance, technology, production, accounting, and disclosure requirements. Rationalize CECL model fit-for-use analysis CECL modeling decisions should align with model decisions used for other business purposes, and, importantly, institutions should expect questions from auditors and regulators about the consistency with other models used for stress testing, pricing, and forecasting. Making sure there is a formal, ongoing process to determine that initial model alignment remains intact will be a necessary element of the quarterly validation process. Reasonable and supportable forecasts For the first time, institutions are required to incorporate reasonable and supportable economic forecasts into the allowance models that estimate credit losses. This addition, coupled with the already complex credit quality indicators currently in today s models, results in multiple new modeling dimensions for many portfolios. Additionally, the required reversion period presents another layer of modeling complexity. For example, the model platform should be flexible enough to allow management to respond to economic changes or model ineffectiveness by adding new forecast elements or changing both the reversion period and quantitative method. Understandability of model results will be of the utmost importance to the board, senior management, and analysts alike. Efficient model production cycle The timely production of expected credit loss estimates and the related disclosures could place a significant burden on an institution s computational infrastructure and staff. Institutions may be challenged to meet the timelines to comply with the requirements of CECL, as the demands of CECL compliance on resources will be more intensive relative to those of legacy requirements. Grow into a robust data set To help ensure timely CECL implementation, don t boil the ocean to obtain the best data. Use the data available and buy additional data until there is enough history you can leverage. Using external data to ensure a more robust data set will help model performance, but be sure to consider qualitative overlays for the model risks of using third-party data. Models and data are at the core of CECL; connecting them in the right way with the E2E process will help minimize potential surprises. Understandability To satisfy the required period-over-period and vintage disclosures, institutions need to understand model output and changes in the resultant allowance for credit losses at a more granular level than today. The impacts of changes to the various inputs need to be comprehensible and transparent to all users, not just those with knowledge of quantitative methods. 3

Technology and production Few institutions have sophisticated E2E technology platforms to process the current allowance methodology; rather, most have platforms built over decades, evolving in a piecemeal fashion to meet changing demands. Beyond improving the allowance technology platform itself, developing a new CECL production process will challenge all institutions. Defining the technology business requirements early, including the interdependency driven by modeling performance decisions and accounting and disclosure demands, will help minimize project rework. Flexibility is the key business requirement CECL requires a flexible, sustainable, and scalable technology and production platform to support the robust and complex requirements of CECL s lifetime loss estimates and be responsive to internal modifications, changes in the external economic environment, and the inevitable evolving accounting interpretations. Interrelated with the model build effort, the technology platform needs to support calculating period-over-period change attribution for the factors that drive allowance results. Beyond the quarterly close process, risk and finance functions need the ability to perform periodic, real-time scenario analysis to support business demands. Specifically, the platform must support strategic and annual planning processes, as well as product pricing, stress testing, and other corporate requirements. The use of CECL credit metrics and loss estimates in other internal processes for example, management accounting and compensation will only increase over time. Speed is the key production requirement Consider the volume of information needed for CECL vs. what is used today. More complex models require more data and greater processing time for model execution. Additionally, adding CECL s reasonable and supportable forecast requires more data to be run faster. Faster model and production platforms also help minimize the need for costly and difficult upstream system process changes. Further, processing time likely should be shorter than it is today given that the allowance output will require more in-depth review by multiple functions before final approval by the MAC and the board. Control is the key financial reporting requirement Because the technology platform serves as part of the system of record for accounting recognition, controls must function and be tested at an appropriate ICFR level. Also, today many allowance processes have manual controls; but given the nature of CECL, technology controls or controls performed with artificial intelligence or robotics process automation, would be more efficient and effective. Extensive end-user computing controls and process logs to capture and document changes in model configuration settings, inputs, assumptions, and loan data must be in place and available for first-line assertion, second-line validation, and third-line review. CECL technology and production business requirements demand flexibility, speed, and control. 4

Controls, accounting, and reporting E2E controls: The CECL backbone Internal controls are the backbone of CECL and should not be thought of as an after-the-fact compliance exercise. A solid ICFR environment will not only facilitate appropriate governance and oversight, but also will assist in achieving a more efficient closing and reporting process. During the build phase of CECL, the first line of defense should coordinate closely with risk, finance, technology, and other areas to build, document, and assess the effectiveness of internal controls. Given the complex nature of CECL model execution and the multiple hand-offs within and between functional groups during the production cycle, ensuring adequate segregation of duties is paramount. The Securities and Exchange Commission s (SEC) quarterly certification regarding ICFR effectiveness is the ultimate score card for internal controls over the allowance for credit losses. The SEC s internal control evaluation model requires that institutions assess whether an identified control weakness could result in a material error, not whether it did result in a material error. Thus, if internal control deficiencies are identified in the allowance process, proving a material error could not have occurred is difficult given the magnitude of the allowance estimate and its importance to financial statement users. This risk may be CECL s biggest risk, and, in the end, adequately investing in the CECL control environment will pay dividends. Controls: Model validation The increased complexity associated with the implementation of the life-of-loan loss models will place increased stress on model governance controls at many institutions. First, the adoption of the standard will typically increase the total number of models subject to model validation. Second, for existing models that may have previously been used only for stress testing or risk analytics, the decision to use those models for financial statement measurement could require more frequent and/or extensive validation. Additionally, back testing the life-of-loan models will be more complex and time consuming than the back testing of existing allowance models with set loss emergence periods. To address these increased model validation demands, institutions should ensure that adequate resources are available for validation. Controls: Data management For most institutions, the adoption of CECL will require data that have not been utilized for financial reporting purposes including historical, forward-looking, and third-party data. While portions of the data already may be subject to some validation, all data now used in the allowance process will need to be controlled and tested at a more rigorous ICFR level. The use of additional data elements also is likely to result in the utilization of data from applications and data warehouses that are not currently subject to the level of IT controls expected of financial reporting systems. As institutions identify these data elements, they should consider whether the same data are also available in systems that are already subject to ICFR IT controls, and leverage the data from those sources where practicable. Where new data sources are required, the first-line technology organization should proactively identify and document the additional ICFR IT controls. Accounting: The policy starting point Given that CECL is principles-based and not prescriptive, it is imperative that institutions establish their accounting policy decisions early, which may be the easy part. Operationalizing the accounting decisions will be complicated, so thorough and timely review processes by accounting, risk, technology, operations, and internal audit will help avoid costly rework or workarounds. Early external auditor feedback on accounting policy decisions, and operationalizing those policies, will avoid costly rework. Additionally, real-time, robust accounting policy documentation will be worth the investment and add clarity in communications internally and with external auditors and regulators. Establishing a one-step-behind control review philosophy between the first/ second/third lines of defense will prove a worthwhile investment. 5

Reporting: A lens into the allowance estimation process Establishing an external disclosure philosophy and approach early will provide institutions a framework to evaluate project decisions such as model design and processing capabilities, data quality levels, production cycle time, scope of data analytics, and reporting. In addition, early external disclosure decisions will enable more frequent and in-depth dialogue among executive management and with the board that will help improve disclosure quality. Further, institutions also should design internal information requirements that will ensure management, including the MAC, is provided sufficient, accurate information appropriate for effective oversight of the allowance amount and process. CECL requires quantitative and narrative disclosures designed to enable a user of the financial statements to understand: 1) inherent credit risk, 2) management s estimate of expected credit losses, and 3) changes in such estimates that have taken place within the financial reporting period. Within this context, institutions disclosures are likely to vary widely, minimizing comparability and, in turn, increasing the focus on each institution s disclosure quality. External disclosures using a less-is-more philosophy, with the disclosures having strong predictive value, may provide investors with the best insights. The nature of disclosures regarding the reasonable and supportable forecasts about the future will likely be a focus of financial statement users. Lacking other options, analysts may focus on institutions reasonable and supportable forecast disclosures to draw period-overperiod comparisons for the institution and all institutions across the industry. Developing disclosures that help investors predict future credit losses under CECL will be a daunting challenge for institutions. CECL is sure to be a challenging though not insurmountable change effort. Because institutions will need to first define the target operating model and then manage multiple and complex interdependencies, implementing CECL will be more difficult than normal product enhancements change efforts. Further, the importance of measuring the adequacy of the allowance for credit losses to financial statements users suggests there will be a high degree of scrutiny on the CECL change effort and its ongoing measurement under the new lifetime loss paradigm. Institutions that invest time and resources early and adequately across the organization will reap the rewards in the end. 6

Developing and implementing CECL estimation models Contact us Deloitte CECL leadership Corey Goldblum Principal +1 404 220 1432 cgoldblum@deloitte.com Greg Norwood Managing Director Deloitte Risk and Financial Advisory +1 571 766 7804 grnorwood@deloitte.com Jonathan Prejean Managing Director Deloitte Risk and Financial Advisory +1 703 885 6266 jprejean@deloitte.com Troy Vollertsen Partner Deloitte Audit & Assurance +1 703 885 6356 tvollertsen@deloitte.com Peter Wilm Managing Director Deloitte Risk and Financial Advisory +1 215 246 2446 pwilm@deloitte.com Authors Gregory Norwood Managing Director Jonathan Prejean Manging Director This publication contains general information only and Deloitte is not, by means of this publication, rendering accounting, business, financial, investment, legal, tax, or other professional advice or services. This publication is not a substitute for such professional advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified professional advisor. Deloitte shall not be responsible for any loss sustained by any person who relies on this publication. About Deloitte Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ( DTTL ), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as Deloitte Global ) does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the Deloitte name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Copyright 2018 Deloitte Development LLC. All rights reserved.

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback