Tuesday, Jul 30, 2024
TC Hub: revised Core Principles for effective banking supervision
The revised Basel Core Principles (BCPs) for effective banking supervision incorporates the evolution of supervisory best practices and experience over the years. They provide direction for supervisors as they face the fast-paced changes impacting on the banking sector.
Revisions to the Core Principles for effective banking supervision were issued by the Basel Committee on Banking Supervision on April 25, 2024. Toronto Centre responded quickly to this first update to the Core Principles since 2012, publishing a TC Insight and launching a webinar series focused on key elements of the revisions.
To learn more, please use the below table of contents to navigate to the topic and view the associated webinar.
TABLE OF CONTENTS
3. New risks – digital finance and non-bank financial intermediation
4. Risk management and business model sustainability
5. Operational resilience and macroprudential oversight
6. Financial risks and proportionality
This Toronto Centre Insight1 examines the implications for supervisors of the revised Core Principles for effective banking supervision, issued on April 25, 2024.
The Core Principles are important for banking supervisors because (a) they contain key elements of effective supervision; and (b) they form the basis for IMF and World Bank Financial Sector Assessment Programs (FSAPs).
The Core Principles were originally issued by the Basel Committee on Banking Supervision in 1997. They were substantially updated in 2012 in the aftermath of the Global Financial Crisis. The latest revisions follow a consultative document published in July 2023.
The revised Core Principles are effective immediately. They have also been incorporated into the consolidated Basel Framework.
The latest revisions reflect:
- Supervisory and regulatory developments since the 2012 update.
- The impact of recent structural trends on banks and the banking system, in particular the rapid advances in financial technology and the proliferation of non-bank financial institutions (NBFIs).
- Lessons learnt in implementing the 2012 update to the Core Principles, and experiences gained from IMF and World Bank FSAPs.
Many of the Core Principles are strengthened or amended in some way, to take account of:
- New risks, such as climate-related financial risks and the digitalization of finance.
- The growth of non-bank financial intermediation.
- Developments in risk management practices, including business model sustainability.
- The further development of operational resilience, and of systemic risk and macroprudential supervision.
- Updates to long-standing financial risks.
Each of these areas is covered in this TC Insight.
Key message:
Supervisory authorities should consider what these revisions to the Basel Core Principles imply for their supervisory powers, approaches, and practices; identify required changes; and implement these changes. Key areas for consideration include the supervision of climate-related financial risks, digital finance, business model sustainability, and operational resilience. |
Relevant Toronto Centre Notes:
Some of the Core Principles have been revised to reflect the impact of new risks, including climate-related financial risks.
The Basel Committee defines climate-related financial risks as the potential risks that may arise from climate change (physical risks) or from efforts to mitigate climate change (transition risks); their related impacts; and their economic and financial consequences.
Climate-related physical and transition risk drivers can translate into traditional financial risk categories such as credit, market, operational, liquidity, strategic, and reputational risks.
Climate-related financial risks can affect the safety and soundness of banks and financial stability. Explicit references to climate-related financial risks2 have therefore been added to some of the Core Principles, to improve supervisory practices and banks’ risk management.
In particular:
CP8: Supervisory approach – supervisors should consider climate-related financial risks in their risk assessments and in their supervisory methodologies and processes.
CP10: Supervisory reporting – supervisors should have the power to require banks to submit information that allows for the supervisory assessment of the materiality of climate-related financial risks.
CP15: Risk management process – supervisors should require banks to:
- Have comprehensive risk management policies and processes for all material risks, including climate-related financial risks, recognizing that these risks could materialize over varying time horizons that go beyond their traditional capital planning horizon.
- Include climate-related financial risks assessed as material over relevant time horizons, including in their stress testing programs where appropriate.
- Implement appropriate measures to manage climate-related financial risks where they are material.
CP26: Internal control and audit – supervisors should require banks to consider climate-related financial risks as part of their internal control framework.
Both supervisors and banks should consider climate-related financial risks in a flexible and proportionate manner, given the degree of heterogeneity and evolving practices in this area.
Key message:
Supervisory authorities should build climate and biodiversity-related risks into their supervision by:
|
Relevant Toronto Centre Notes:
Climate Change. January 2017. Climate Change: Issues for Banking Supervisors. July 2019. Stress Testing and Climate Change. June 2020. Climate Change: Issues for Securities Supervisors. May 2021. Adapting Macroprudential Frameworks to Climate Change Risks. March 2022. A Climate and Biodiversity Risks Toolkit for Financial Supervisors. February 2023. Introduction for Supervisors to Scenarios and Stress testing of Climate Risks. May 2023. Supervisory Stress Testing: A Primer. March 2024. Supervision of Stress Testing by Financial Institutions. March 2024. |
3. New risks – digital finance and non-bank financial intermediation
The Basel Committee notes that technology-driven innovation and digital finance are changing both the way that banking services are provided and customer behaviours. The use of new technologies, the emergence of new products, new entrants, and the proliferation of non-bank financial institutions (NBFIs) create both opportunities and risks for supervisors, banks, and the financial system.
This is reflected in the revised Core Principles:
Digital finance
CP1: Responsibilities, objectives and powers and CP10: Supervisory reporting – supervisors should be able to access relevant information irrespective of where it is stored, and to review the overall activities of a banking group, including those undertaken by service providers and by any NBFIs within a banking group.
CP15: Risk management process – the Basel Committee considers this Principle to already be sufficiently broad to cover many of the risks to banks arising from digitalization.
CP25: Operational risk and operational resilience – the revised version of this Principle highlights the importance of operational resilience, given that banks are increasingly relying on third parties for the provision of technology services, which creates additional points of cyber risk and potential system-wide concentrations.
NBFIs
NBFIs supplement banks in providing financial services, but their activities can also affect the stability of the financial system and increase the potential for contagion risks through their interconnections with banks.
CP4: Permissible activities – the revised version of this Principle strengthens the expectation that supervisors should monitor risks to banks from the range of different NBFIs.
CP8: Supervisory approach – the Core Principles have long recognized that supervisors should remain alert to the risks arising from NBFI activities and their potential impact on the banking system.
CP15: Risk management – the revised version of this Principle highlights step-in risk3 more explicitly as a risk that banks should be actively managing (where applicable).
CP17: Credit risk – the revised version of this Principle places greater emphasis on how banks should manage counterparty credit risk.
Key message:
Supervisory authorities should identify the growth of technology-driven innovation, digital finance and NBFIs in their financial sectors; the risks they pose to supervisory objectives; and the need to change supervisory practices to reflect these developments. In particular, supervisory authorities should:
|
Relevant Toronto Centre Notes:
Supervision of Cyber Risk. December 2018. Cloud Computing: Issues for Supervisors. November 2020. Operational Resilience: The Next Frontier for Supervisors? April 2021. Supervisory Implications of Artificial Intelligence and Machine Learning. July 2022. Cyber Risk: Determining and Delivering a Supervisory Strategy. July 2023. Supervising Fintech. November 2023. |
Associated Webinar:
Speakers:
Socorro Heysen, Superintendent, Banks, Insurance and Pension Fund Administrators, Peru; Board Member, Toronto Centre
Francesca Hopwood Road, Head, BIS Innovation Hub, London Centre
Moderator:
Jennifer Elliott, Advisor, Monetary and Capital Markets Department, IMF; Board Member, Toronto Centre
Read the transcript here. Read their biographies here.
Watch the Webinar:
Listen to the Podcast:
4. Risk management and business model sustainability
The Basel Committee wants banks to institute a sound risk culture, to maintain strong risk management practices, and to adopt and implement sustainable business models.
The revised Core Principles make clear that the assessment of business model sustainability is a key component of effective supervision.
The Basel Committee emphasizes that when conducting business model analysis the supervisor should assess the soundness of a bank’s forward-looking strategies to generate sustainable returns over time, and its capacity to execute its business plan and strategy, taking account of potential changes in banks’ operating environments (including the challenges posed by technology-driven innovation and digital finance). The ultimate responsibility for designing and implementing sustainable business strategies lies with a bank’s board.
CP8: Supervisory approach and CP15: Risk management process – these Principles have been revised to include new requirements for banks and their supervisors to assess the sustainability of banks’ business models.
CP14: Corporate governance – the revisions to this Principle place greater emphasis on banks’ corporate culture and values (including their alignment with compensation systems); ensuring that bank boards have appropriate skills, diversity, and experience; and promoting board independence and renewal.
CP15: Risk management process – this Principle has been revised to bring together the requirements that supervisors should impose on banks to undertake stress testing, and emphasizes the need for banks to focus on risk culture, risk appetite frameworks, and risk data aggregation.
CP20: Transactions with related parties – this revised Principle introduces a minimum definition of related parties; enhances the approval process for granting and managing related party transactions; clarifies the application of limits; and improves associated reporting requirements.
CP29: Abuse of financial services – this Principle is revised to align the requirements on banks with the latest Financial Action Task Force recommendations, and requires banks to implement group-wide programs to address money laundering, proliferation financing, and terrorist financing.
Key message:
Supervisory authorities should reflect these revised Principles on governance and risk management in their regulatory requirements, supervisory expectations, and supervisory practices. In particular, supervisory authorities should:
|
Relevant Toronto Centre Notes:
Improving Corporate Governance in Regulated Firms. January 2016. Supervising Corporate Governance During Crises. April 2020. Supervision of Money Laundering and Terrorist Financing. October 2020. Supervising Corporate Governance: Pushing the Boundaries. January 2022. Supervision of Stress Testing by Financial Institutions. March 2024. |
Associated Webinar:
Speakers:
Elsie Addo Awadzi, Deputy Governor, Bank of Ghana; Board Member, Toronto Centre
William Burn, Managing Director, Supervision Methods, Standards and Controls, Office of the Superintendent of Financial Institutions, Canada
Moderator:
Clive Briault, Chair, Banking Advisory Board, Toronto Centre
Read the transcript here. Read their biographies here.
Watch the Webinar:
Listen to the Podcast:
5. Operational resilience and macroprudential oversight
The Basel Committee notes that significant efforts have been made in recent years to strengthen operational resilience, so banks are better able to withstand, adapt to and recover from severe operational risk-related events, such as cyber attacks, technology failures, natural disasters, and pandemics.
CP25: Operational risk and operational resilience – this Principle has been revised to cover operational resilience, not just operational risk, so it focuses on how banks respond to and recover from operational disruptions.
The Principle has been extended to enhance the supervisory focus on the effectiveness of banks’ governance, operational risk management, business continuity planning and testing, mapping of interconnections and interdependencies, third-party dependency management, incident management, cyber security, and information and communication technology.
Macroprudential oversight
The previous update of the Core Principles in 2012 required supervisors to apply a system-wide macro perspective to the supervision of banks to assist in identifying and analyzing systemic risks and taking pre-emptive action to address them. These requirements have been strengthened to reflect experience with macroprudential policy and supervision, including:
CP3: Cooperation and collaboration and CP13: Home-host relationships – greater emphasis is placed on the importance of close cooperation, both domestically and internationally, between the relevant authorities with responsibility for banking supervision, macroprudential policy, and financial stability.
CP8: Supervisory approach – this Principle clarifies the role of the supervisor in assessing and mitigating risks to banks and the banking system.
CP9: Supervisory techniques and tools – supervisors should have a process to assess and identify systemically important banks in a domestic context.
CP16: Capital adequacy – supervisors should have the ability to require banks to maintain additional capital (for example a counter-cyclical capital buffer or sectoral capital requirements) in a form that can be released in the event of system-wide shocks.
Key message:
Supervisory authorities should ensure that their supervisory approaches and practices are sufficiently wide-ranging to cover the revised Core Principles in these areas, including:
|
Relevant Toronto Centre Notes:
Associated Webinar:
Panelists:
Chuchi G. Fonacier, Deputy Governor, Central Bank of Philippines
Jessica Chew, Deputy Governor, Bank Negara Malaysia
Moderator:
Bill Coen, Former Secretary General, Basel Committee on Banking Supervision; Board Member and Chair, Finance, Audit and Risk Committee, Toronto Centre
Read the transcript here. View their biographies here.
Watch the Webinar:
Listen to the Podcast:
6. Financial risks and proportionality
The Basel Committee notes the need to reflect the Basel III Framework and other developments in the Core Principles relating to financial risks, including:
CP16: Capital adequacy – supervisors should apply a non-risk-based measure (a leverage ratio) to complement risk-based approaches in constraining leverage in banks and the banking system.
CP17: Credit risk – revisions to this Principle strengthen the requirements on banks’ credit risk management practices, and place greater emphasis on risks relating to counterparty credit risk and securitization transactions.
CP18: Problem exposures, provisions, and reserves – this Principle has been revised to reflect the introduction of expected credit loss (ECL) provisioning.
CP19: Concentration risk and large exposure limits – the definition of connected counterparties and large exposure limits is aligned with the large exposures framework.
CP23: Interest rate risk in the banking book – revisions to this Principle reflect the potential impact of customer behaviours on interest rate risk assumptions.
However, no significant changes are made to CP24: Liquidity risks, despite the liquidity-driven bank failures in March 2023. CP24 is already quite wide-ranging and covers some of the lessons emerging from those failures, but some revisions to this Principle may be required once the Basel Committee has reviewed whether changes need to be made to the Basel III Framework.
More generally, the Basel Committee reiterates the importance of proportionality, noting that the Core Principles should:
- Be applicable to a wide range of jurisdictions whose banking sectors may include a broad spectrum of banks (from large internationally active banks to small, non-complex deposit-taking institutions). A proportionate approach is required, both to the requirements that supervisors impose on banks and to how supervisors discharge their own functions.
- Allow for different approaches to supervision, to reflect specific country circumstances and the context in which supervisory practices are applied.
- Recognize that the appropriate intensity of supervision for banks varies, with more time and resources devoted to larger, more complex, or riskier banks. Risk-based supervision focuses supervisory resources where they can be utilized optimally, concentrating on outcomes and moving beyond passive assessment of compliance with rules.
Key message:
Supervisory authorities should already be adopting these revisions to the Core Principles as they implement (or plan to implement) Basel III; and be considering proportionality as they implement (or plan to implement) risk-based supervision. |
Relevant Toronto Centre Notes:
Risk-Based Supervision. March 2018. Pillar 2 and Beyond: Issues for Supervisors in Implementing Basel II and Basel III. June 2020. |
Associated Webinar:
Speakers:
Nathalie Aufauvre, Secretary General, L'Autorité de contrôle prudentiel et de résolution (ACPR), Banque de France
Bill Coen, Former Secretary General, Basel Committee on Banking Supervision; Board Member and Chair, Finance, Audit and Risk Committee, Toronto Centre
Moderator:
Babak Abbaszadeh, President and CEO, Toronto Centre
Read the transcript here. Read their biographies here.
Watch the Webinar:
Listen to the Podcast:
1This TC Insight was written by Clive Briault, Chair, Toronto Centre Banking Advisory Board.
2The revised Basel Core Principles refer only to climate-related financial risks. They do not explicitly cover risks relating to biodiversity loss.
3The risk that a bank decides to provide financial support to an unconsolidated entity that is facing stress, in the absence of, or in excess of, any contractual obligations to provide such support.