Professional Documents
Culture Documents
CCAR - Comprehensive Capital Analysis and Review Recommendation Approach
CCAR - Comprehensive Capital Analysis and Review Recommendation Approach
CCAR - Comprehensive Capital Analysis and Review Recommendation Approach
COMPREHENSIVE CAPITAL
ANALYSIS AND REVIEW (CCAR)
CFO ATTESTATION – RECOMMENDED
APPROACH
The context
Comprehensive Capital Analysis and
Review or CCAR as it is popularly
known, is today a well-known term in
the mainstream financial news media.
CCAR is a regulatory framework that the
Federal Reserve (Fed) introduced in 2011
to ensure that large financial institutions
have robust capital planning processes
and adequate capital.
On January 21, 2016, the Fed issued the FR Y-14M (collectively, the FR Y-14 it, with the bank’s CFO and management
final version of a new rule that would Forms), to make certain attestations on held accountable for the same. The
require the chief financial officer (CFO) those forms. effective date which was initially set for
of BHCs that are overseen by the Federal June 30, 2016, has since been extended
In keeping with the focus on risk data and
Reserve’s Large Institution Supervision to December 31, 2016, giving banks more
reporting, this CFO-attestation rule sets a
Coordinating Committee and are required time to implement processes and systems
formal expectation about accuracy of the
to report on Forms FR Y-14A, FR Y-14Q, and to comply with this rule.
reported data and controls surrounding
Internal controls for Attestation that the CFO is responsible for internal controls over
accuracy of actual reporting of the data and the actual data reported are materially
reported data correct to the best of the CFO’s knowledge
Attestation that actual data being reported are subject to internal controls
Effectiveness of that are the joint responsibility of the CFO and senior management and
internal controls these internal controls over reporting are effective as per the Internal
Control – Integrated Framework outlined in the COSO report
Audit of internal Attestation that internal controls are audited annually by internal audit
controls or compliance staff, and are assessed regularly by management
Reporting of material
Attestation to promptly report any material weaknesses in internal
weaknesses
controls and any material errors or omissions in submitted data
or errors
• Audit of internal
controls
BHCs will need an integrated response and extend existing infrastructure and requirements cohesively, at a minimum,
that brings together multiple initiatives capabilities where possible, and establish the following four initiatives are necessary:
to effectively address all the attestation new processes and systems to plug
requirements. They should leverage the gaps. To tackle all the attestation
Controls
assessment
CCAR
process
repository CFO
attestation
capability
set Data
flows
CCAR report
taxonomy
To define a roadmap for compliance with and maturity of existing platforms and workarounds to meet the various
the CFO attestation rule, BHCs need to capabilities. deadlines established by the Fed with
assess the completeness and readiness of a clear roadmap to the end goal which
Given tight deadlines, the game plan to
the organization across the four initiatives should be a highly automated and
an integrated and automated solution
– process repository, controls assessment, integrated platform.
could involve early phases with manual
data traceability, and report taxonomy
Report /
Can initiate, accept, Control
Data
owners reject, upload evidence owners
CFO
Attestation Tool
Key capabilities
• Integration with CCAR
ecosystem
• Annotations / Commentary with access to:
• Workflow
• Notifications
• Scheduling
• Ability to retrigger for
adjustments
Typical sources are Typical sources are Typical sources are Typical sources are
document regulatory reporting GRC solutions, reporting solutions, data
management systems (e.g., Axiom, SharePoint-based quality systems, data
systems, Lombard, OneSumX). solutions, defect management,
SharePoint-based Spreadsheets. controls testing, etc.
solutions.
However, firms should invest in laying significant bandwidth from specialized services operating model which can help
the foundation by defining an attestation finance and risk subject matter experts reduce the recurring cost of compliance
framework and plan to leverage a (SMEs), moving towards a common with this rule and afford opportunities
strategic attestation tool. platform with well-defined procedures to optimize the overall attestation
will enable a fast transition to a shared process further.
While the first few cycles may require
Nikhil Bhingarde
Senior Principal, Infosys Consulting
Nikhil has over 17 years of professional and consulting experience focused on program management, business
process improvement, and SDLC implementations. He has worked with both buy and sell side clients in the US
and EMEA in implementing transformational projects in finance / books and records, regulatory remediation /
compliance, and risk-finance integration.
Amit Kumar
Senior Principal, Infosys Consulting
Amit has more than 14 years of business and IT consulting experience working with banking and asset
management clients in the US, Japan, UK, and India. His expertise lies in IT strategy, business transformation, and
program management especially in areas of finance transformation, regulatory reporting, and compliance.
© 2018 Infosys Limited, Bengaluru, India. All Rights Reserved. Infosys believes the information in this document is accurate as of its publication date; such information is subject to change without notice. Infosys
acknowledges the proprietary rights of other companies to the trademarks, product names and such other intellectual property rights mentioned in this document. Except as expressly permitted, neither this
documentation nor any part of it may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, printing, photocopying, recording or otherwise, without the
prior permission of Infosys Limited and/ or any named intellectual property rights holders under this document.