Internal ratings-based approach (credit risk)

Under the Basel II guidelines, banks are allowed to use their own estimated risk parameters for the purpose of calculating regulatory capital. This is known as the internal ratings-based (IRB) approach to capital requirements for credit risk. Only banks meeting certain minimum conditions, disclosure requirements and approval from their national supervisor are allowed to use this approach in estimating capital for various exposures.

Reforms to the internal ratings-based approach to credit risk are due to be introduced under the Basel III: Finalising post-crisis reforms standards.

Overview
The IRB approach relies on a bank's own assessment of its counterparties and exposures to calculate capital requirements for credit risk. The Basel Committee on Banking Supervision explained the rationale for adopting this approach in a consultative paper issued in 2001. Such an approach has two primary objectives -
 * Risk sensitivity - Capital requirements based on internal estimates are more sensitive to the credit risk in the bank's portfolio of assets
 * Incentive compatibility - Banks must adopt better risk management techniques to control the credit risk in their portfolio to minimize regulatory capital

To use this approach, a bank must take two major steps:
 * Categorize their exposures into various asset classes as defined by the Basel II accord
 * Estimate the risk parameters—probability of default (PD), loss given default (LGD), exposure at default (EAD), maturity (M)—that are inputs to risk-weight functions designed for each asset class to arrive at the total risk weighted assets (RWA)

The regulatory capital for credit risk is then calculated as 8% of the total RWA under Basel II.

Categorization of exposures
Each banking exposure is categorized into one of these broad asset classes:
 * Corporate
 * Sovereign
 * Bank
 * Retail
 * Equity

These corporate and retail classes are further divided into five and three sub-classes, respectively. In addition, both these classes have a separate treatment for purchased receivables, which might apply subjectivity to certain conditions.

The following paragraphs describe the asset classes in detail.

Corporate
An exposure to a corporation, partnership or proprietorship falls under this category. Some special guidelines may apply if the corporation is small or medium-sized entity (SME). As noted above, there are five sub-classes of specialized lending under this asset class -
 * Project Finance - financing industrial projects based upon the projected cash flows of the particular project
 * Object Finance - financing physical assets based upon the projected cash flows obtained primarily through the rental or lease of the particular assets
 * Commodities Finance - financing the reserves, receivables or inventories of exchange-traded commodities where the exposure is paid back based on the sale of the commodity rather than by the borrower from independent funds
 * Income-producing real estate - financing real estate that is usually rented or leased out by the debtor to generate cash flow to repay the exposure
 * High-volatility commercial real estate - financing commercial real estate, which demonstrate a much higher volatility of loss rates as compared to other forms of specialized lending

Sovereign
This generally refers to a loan made to a particular country. Under the Basel II guidelines, this class also includes the central banks of various countries, certain public sector enterprises (PSEs) and the multilateral development banks (MDBs) that meet the criteria for a 0% risk weight under the standardized approach.

Bank
Loans made to banks or securities firms subject to regulatory capital requirements come under this category. Certain domestic PSEs or MDBs that do not meet the criteria for a 0% risk weight under the standardized approach also fall in this category.

Retail
Loans made to individuals fall under this category. Credit cards, overdrafts or residential mortgages are some of the common retail lending products treated as part of this category in the IRB approach. Subject to a maximum of 1 million euros, exposures to small businesses managed as retail exposures also fall under this category.

Retail exposures are usually not managed by the bank on an individual basis for risk rating purposes, but as groups of exposures with similar risk characteristics. The sub-classes of exposures falling into this category are -
 * Residential mortgage
 * Qualifying revolving exposure (QREs) - unsecured revolving exposures where the undrawn portion of the exposure is unconditionally cancellable by the bank
 * Other retail

Equity
Direct ownership interests in the assets and income of a financial institution, or indirect interests through for example derivatives come under this category. For an exposure to qualify under this category, the return of the funds invested on the equities can be only realized through their sale or by liquidation of the issuer of these equities.

Foundation and advanced approaches
To calculate capital requirements for all banking exposures, there are three main elements


 * Risk parameters - Probability of default (PD), Exposure at default (EAD), Loss Given Default (LGD), Maturity (M)
 * Risk-weight functions - Functions provided as part of the Basel II regulatory framework, which maps the risk parameters above to risk-weighted assets
 * Minimum requirements - Core minimum standards that a bank must satisfy to use the internal ratings-based approach

The accord provides two broad approaches that a bank can follow:
 * Foundation approach

In this approach, banks calculate their own PD parameter while the other risk parameters are provided by the bank's national supervisor
 * Advanced approach

In this approach, banks calculate their own risk parameters subject to meeting some minimum guidelines.

However, the foundation approach is not available for Retail exposures.

For equity exposures, calculation of risk-weighted assets not held in the trading book can be calculated using two different ways: a PD/LGD approach or a market-based approach.

Minimum requirements
To adopt the IRB approach and its continued use, a bank must satisfy certain minimum requirements that it can demonstrate to the national supervisor. They are described in the following twelve sub-sections.

Composition
The minimum requirements state that estimates of risk parameters must
 * Reflect borrower and transaction characteristics
 * Provide for meaningful differentiation of risk
 * Be accurate and consistent in the estimation of risk

The risk parameters must also be consistent with their use in making risk management decisions.

The minimum requirements apply to all asset classes.

Compliance
To adopt the IRB approach, a bank must demonstrate ongoing compliance with the minimum requirements. If a bank does not satisfy the minimum requirements at any point of time, they must submit to the supervisor a plan outlining how they intend to return to compliance along with definite timelines. Supervisors may take appropriate action or require the banks to hold additional capital in case of non-compliance.

Rating system design
Rating system refers to the entire mathematical and technological infrastructure a bank has put in place to quantify and assign the risk parameters. Banks are allowed to use multiple ratings systems for different exposures, but the methodology of assigning an exposure to a particular rating system must be logical and documented; banks are not allowed to use a particular rating system to minimize regulatory capital requirements.

A rating system must be designed based on two dimensions
 * Borrower characteristics indicating the propensity of the borrower to default
 * Transaction specific factors like the nature of the product, terms of repayment, collateral, etc.

For retail exposures, delinquent exposures should be identified separately from those that are not.

A rating system typically assigns a borrower to a particular grade based on their probability of default. To avoid excessive concentration of borrowers in one particular grade, a bank must have a minimum of seven borrower grades for non-defaulted exposures and one for those that default. For retail exposures, banks should be able to quantify the risk parameters for each pool of exposures.

Rating systems must be clear and well documented. They must enable a third party, like internal audit or independent reviewer, to replicate the assignment of ratings and their appropriateness. All relevant up to date information must be used in the assignment of ratings. A bank must be conservative in its estimates if there is a lack of data to accurately quantify the risk parameters.

Credit scoring models are allowed to play a role in the estimation of the risk parameters as long as sufficient human judgment not captured by the model is taken into account to assign the final rating to a borrower. The bank must also satisfy the supervisor that the data used to build these models are representative of its exposures, and there is no distortion in the calculation of regulatory capital due to the use of these models. Banks must also have in place a system governing the use of these models and whether they are fit for purpose for ongoing use; such a system must consider the stability of the model as well as its ability to predict default accurately.

Rating system operations
The requirements state that for corporate, sovereign or bank exposures all borrowers and guarantors must be assigned a rating as part of the loan approval process. The process by which a rating is assigned and the actual ratings assigned must be reviewed periodically by a body independent of those making loan approval decisions. Ratings must be reviewed at least once a year.

All data relevant to assignment of ratings must be collected and maintained by the bank. The data collected is not only beneficial for improving the credit risk management process of the bank on an ongoing basis, but also required for necessary supervisory reporting.

Banks are also required to regularly stress test their rating systems considering economic downturn scenarios, market risk based events or liquidity conditions that may increase the level of capital held by the bank. These stress tests should not only consider the relevant internal data of the bank, but also macro-economic factors that might affect the accuracy of the rating system.

Corporate governance and oversight
The rating systems should be approved by the Bank's board of directors and they should be familiar with the management reports created as part of the rating systems. Senior management should regularly review the rating system and identify areas needing improvement. Reporting is required to include
 * risk profile by grade
 * migrations across different grades
 * risk parameter estimates for each grade
 * a comparison of the actual default rates against the expected as predicted by the rating system

Banks must have independent functions responsible for development and ongoing monitoring of the rating systems.

An internal audit function, or equally independent function, must review the rating system at least once a year and the findings from such a review must be documented.

Use of internal ratings
Banks must satisfy the 'use test', which means that the ratings must be used internally in the risk management practices of the bank. A rating system solely devised for calculating regulatory capital is not acceptable. While banks are encouraged to improve their rating systems over time, they are required to demonstrate the use of risk parameters for risk management for at least three years prior to obtaining qualification.

Risk quantification
Overall requirements
 * Except for retail exposures, PD for a particular grade must be a long-run average of one year default rates for that grade
 * For those bankings using the advanced approach, a long run default-weighted average EAD must also be estimated
 * The internal estimates must take into account all relevant internal and external data available
 * The estimates must be based on sound historical and empirical evidence and not purely judgmental
 * A layer of conservatism should be added to the parameter estimates to control for errors during their estimation

Definition of default
 * Borrower is unlikely to pay its credit obligations in full
 * Borrower is 90 days past due on payment - for overdrafts, a breach on provided credit limit results in it being 'past due'
 * Borrower has been placed in bankruptcy protection
 * For retail exposures, a borrower defaulting on a particular exposure need not result in all exposures to the borrower being in default

Loss, when estimating LGD, is economic loss and not accounting loss. This means that all material direct and indirect costs, as well as recoveries, must be discounted back to the point of default. The bank must clearly demonstrate the choice of the discount rate to the supervisor.

Important considerations in quantifying risk parameters include:
 * PD estimates may be derived based on one or more of the following techniques - internal default experience, mapping to external data, statistical default models.
 * For retail exposures, the primary driver of PD estimates must be internal data.
 * Seasoning effects should be considered for retail exposures.
 * LGD estimates should be based on economic downturn conditions.
 * LGD estimates should be based on historical recoveries as well as any existing collateral.
 * For exposures already in default, LGD should be estimated as the best estimate of expected loss on the asset considering the current economic climate.
 * For closed-end exposures, EAD must not be lower than the current outstanding balance owed to the bank.
 * For revolving exposures, EAD should take into account any undrawn commitments.
 * For corporate, sovereign or bank exposures, LGD and EAD estimates should be based on a full economic cycle and must not be shorter than a period of seven years.
 * For retail exposures, the estimates should be based on minimum five years of data unless the bank can demonstrate that recent data is more informative than longer-period data in the sense that the reliance on only the recent data yields a better predictor of the estimates than the longer-period data would.

Validation of internal estimates
Banks must have well-defined processes to estimate the accuracy and consistency of their rating systems.

Supervisory LGD and EAD estimates
Banks using the foundation approach use supervisory estimates of EADpreCCF and LGD. However, they must meet the minimum requirements of the standardized approach for recognition of eligible collateral.

Requirements for recognition of leasing
Leases other than those that expose the bank to residual value risk are accorded the same treatment as exposures collateralised by the same type of collateral.

Calculation of capital charges for equity exposures
The capital charge for equity exposures is defined in the Basel Accord as follows -

The capital charge is equivalent to the potential loss on the institution’s equity portfolio arising from an assumed instantaneous shock equivalent to the 99th percentile, one-tailed confidence interval of the difference between quarterly returns and an appropriate risk-free rate computed over a long-term sample period.

Further requirements are summarized below -
 * Estimated losses should be based on sound statistical judgment and should be stable under adverse market movements
 * Models should be adjusted to demonstrate that it provides a conservative estimate of long-run loss experience
 * The Accord does not require the use of a particular kind of model but requires that all risks be embedded in the process.
 * Stress testing taking into account various assumptions on volatility and hypothetical scenarios should be conducted
 * The models should be integrated into the risk management process; including setting hurdle rates and evaluating risk-adjusted performance
 * The models must be regularly monitored by an independent team and all assumptions verified

Disclosure requirements
Banks must meet the disclosure requirements as mandated by the third pillar of the Basel framework. Failure to meet these requirements makes the bank ineligible to use the IRB approach.

Treatment of expected losses and recognition of provision
A bank is required to compare the total expected losses with the total eligible provisions. If the expected loss amount is less than the provisions, the supervisor must consider if this is a true picture of reality, and, if so, then include the difference in Tier II capital. The expected losses for equity exposures under the PD/LGD approach is deducted 50% from Tier I and 50% from Tier II capital.