Banking Union

Implementation of EBA SREP guidelines by the ECB Characteristics of the SSM supervisory approach
Characteristics of the SSM supervisory approach
The SREP is used to calibrate additional capital and liquidity requirements beyond Pillar 1 minimum requirements. The SSM analyses the internal methodologies and conducts its own calculations for Pillar 2 during the SREP using a three-step approach:
DG IV
Methodology and standard developments division Forward-looking, risk-based analysis
1 2 3
Risk assessment system
Capital and liquidity quantification methodologies Single Resolution Mechanism (SRM)
ICAAP and ILAAP review Determination of required capital and liquidity
SSM supervisory manual Evaluation of risks and respective controls
buffers based on the risk assessment
Implementation into their DG I/II Stronger focus on quantitative assessments
supervisory approach Significant banks supervision divisions
To be applied by
Single Rule Book
SSM decision
DG III Outcome of analysis and corrective actions
Less significant banks supervision division Peer group comparison
Guidance to NCA via

EBA guidelines for common procedures and methodologies for the SREP

Categorisation of institutions Key indicator monitoring

Categories based Systemically important 1 Medium to large 2 Small to medium 3 Other 4 … requirement to quarterly
For all SREP elements … Indicators used for … … will impact Role of competent authorities
on size, structure, analyse indicators, such as:
internal organisation • Global systemically important institutions • Domestically operating institutions or institutions with sizable cross-border activities • Domestically operating institutions or institutions with non-significant cross-border operations Small non-complex domestic
and nature, scope (G-SIIs) • Institutions operating in several business lines, including non-banking activities • Institutions operating in a limited number of business lines, offering predominantly credit institutions that do not fall into 1. Business model analysis • CRR metrics, e.g. CET1 ratio, LCR, CVA • Overall risk assessment • SREP scores • Define the indicators and respective thresholds
and complexity of • Other systemically important institutions (O-SIIs) • Institutions offering credit and financial products to retail and corporate customers products with a limited offer of financial products categories 1 to 3 2. Internal governance and controls • Financial and risk indicators, e.g. RWA, EAD, EL, VaR • Establish escalation procedures in order to detect
• Peer group analysis • Supervisory planning
activities • Other institutions determined by competent • Non-systemically important specialised institutions with significant market shares in • Specialised institutions with less significant market shares in their lines of business or payment 3. Risks to capital • Market based indicators, e.g. CDS, equity prices, interest and investigate adverse developments
authorities their lines of business or payment systems, or financial exchanges systems, or financial exchanges 4. Risks to liquidity and funding rate curves • Time series analysis • Supervisory measures • Monitor development of indicators, also relative to
Quarterly • Recovery plan indicators (BRRD) peer group
• External data and macroeconomic indicators, e.g. GDP, • Evaluate the potential impact on the institution
Level of engagement Ongoing engagement with institution’s management body and senior management; engagement with institution for assessment of each Risk-based engagement with institution’s management body and senior management as well as Engagement with management
unemployment, inflation when indicators deteriorate
and dialogue element engagement with the institution for the assessment of material risk elements body and senior management
• Reassess the SREP score when indicators deteriorate
at least every three years

Every Every
Every year Results of key indicator monitoring are used for all SREP components and can trigger ad-hoc investigations
two years three years

Core process: SREP elements

1. Business model analysis (BMA) 2. Assessment of internal governance and controls 3. Assessment of risks to capital 4. Assessment of risks to liquidity and funding
Risk to liquidity Risk to funding
1. Preliminary assessment • Identify main activities, product lines, geographies, market positions Overall internal • Is the organisation fit for purpose? Measuring risk to capital
• Identify the institution‘s peer group on the basis of the rival product/business governance framework • Does the management know the institution’s structure and risks?
• Are adequate policies in place e.g. to avoid conflicts of interest, outsourcing? Credit and Interest Rate Risk in the
lines targeting the same source of profits Market risk Operational risk Is funding stable & market
counterparty risk Banking Book (IRRBB) Liquidity risks
Sources of information for access assured?
Corporate and risk culture • Has the institution a corporate and risk culture adequate for its business and risk
assessments should include Are liquidity buffers Funding profile and plan
2. Identification of the areas of • Identify the business lines which are most important for future business model appetite? 1. Assessment of materiality of risk
amongst others: sufficient?
focus for the BMA sustainability and the ones most likely to increase vulnerabilities • Are there independent whistle-blowing processes? 2. Evaluation of the nature, composition and sub-categories of risk categories
• Assess supervisory reviews and findings, internal and external audits, strategic • Is the culture clearly communicated across all levels? 3. Evaluation of the accuracy and prudency of methodologies
plans and peer comparisons 4. For credit and counterparty risk, e.g. assessment of the quality of the credit portfolio, the applied credit risk mitigation techniques, the level
Strategic plans Organisation and • Is the number of members of the management body adequate and do they of loan loss provisions and CVA 1. Identify the short and medium term liquidity needs by: 1. Analyse the funding profile by evaluating:
functioning of the demonstrate a sufficient level of commitment and independence? 5. For market risk, e.g. evaluation of profitability and market concentration risk • Calculating the liquidity needs and availability over different • Sufficiency of stable funding instruments
3. Assessment of the business • Develop an understanding of macroeconomic and market trends as well as management body • Is the management body effective? 6. For operational risk, e.g. assessment of the significance of operational risk exposures and reputational risk time horizons • Maturity mismatches
Financial reporting
environment strategic peer group intentions (analysis of competitive landscape) • Adequacy of internal control procedures? 7. For interest rate risk in the banking book, e.g. evaluation of scenario analysis and stress testing results • Assessing if the LCR is appropriate and reflects the liquidity • Whether the funding profile and level of asset encumbrance
needs adequately could increase funding costs
Regulatory reporting Risk management • Review an institution’s ICAAP and ILAAP and determine their (1) soundness, (2) 2. Evaluate whether the liquidity buffer and counterbalancing 2. Assess the stability of the funding profile, e.g.:
4. Quantitative analysis of the • Analyse and assess the institution’s profitability, balance sheet, concentrations Assessment of risk management and controls
framework, including effectiveness and (3) comprehensiveness capacity are sufficient to meet the liquidity needs by • Significance of certain asset classes
current business model and risk appetite taking the recent past and future trends into account
Internal reporting ICAAP & ILAAP • Review of stress testing programs and determine the appropriateness of, e.g. scenarios, assessing: • Funding metrics, e.g. loan/deposit ratio and NSFR
assumptions and methodologies Risk identification and Risk management, • Volume of assets to be liquidated • Concentration in funding sources
5. Qualitative analysis of the • Assess external and internal dependencies, reliance on reputation, strength of Policies and procedures • Quality and classification of liquid assets, using the LCR • The impact of an increased demand for unsecured debt due
Recovery plans measurement monitoring, reporting
current business model the relationships and areas of competitive advantage Internal control • Do independent control functions and clear decision making processes exist? specifications to asset encumbrance
framework, including • Are adequate risk reporting policies and compliance functions established, approved by • Capability to sell liquid assets swiftly 3. Examine the current and future market access:
ICAAP internal audit function the management body? Respective risk strategy and 3. Conduct independent liquidity stress tests to assess liquidity • The volume of funding demands on certain markets or
Organisational framework Internal control framework
6. Analysis of the strategy and • Quantitative and qualitative analysis of strategic plans and projected financial appetite needs and buffers counterparties compared to the capacities of these institutions
financial plans performance, including the underlying success drivers and assumptions as well as Information systems and • Does accurate and reliable risk data exist (up-to-date, complete)?
ILAAP 4. Compare the funding risk to the funding plan
execution capabilities business continuity • Can on-demand data requests be met?
Assessing whether own funds suffice to cover risks to capital Governance and risk management requirements
Third party reports, e.g. external Remuneration policies and • Is the remuneration policy in line with the risk profile, corporate values and risk
7. Assessment of the business • The institution’s current business model’s ability to generate acceptable returns
audits practices appetite? Determining total SREP and overall capital
model viability over the following 12 months Capital requirements Additional considerations
• Ratio of variable and fixed remuneration is appropriate – are the provisions on the requirements Appropriate framework to identify, Consistency between policies/
• Assess the acceptability of returns against ROE, funding structure, risk appetite Adequate implementation of
limitation of the variable component complied with? measure, manage, monitor and procedures and the liquidity risk
Other studies, e.g. macro-pru- liquidity stress tests
Overall capital requirements SREP own funds depend on the identified Excessive leveraging is assessed by report risks tolerance
dential reports 8. Assessment of the • The sustainability of the institution’s strategy on its ability to generate acceptable Recovery plan • Are adequate recovery plans available? • CRD IV counter-cyclical buffer (0–2.5%) risks to capital while taking expected and • Comparing the leverage ratio to peers
sustainability of the returns over the next three years arrangements • CRD IV conservation buffer (2.5%) unexpected losses over a one year horizon as • Evaluating its distance to the regulatory
institution’s strategy • Assess the plausibility of assumptions and the risk level • Macro-prudential requirements (0–5%) well as model and governance deficiencies minimum
In addition, the following aspects are assessed on the consolidated level: Total SREP capital requirements (TSCR) into account. SREP, CRD IV and macro- • Considering stressed events Integration into the Effective internal limit Adequate liquidity Sufficient technical and
• Is the legal structure transparent? • CRR own funds requirements (8%) prudential buffers have to be reconciled to Analysis whether OCR and TSCR can be held overall risk strategy and control system contingency plan human resources
9. Identification of key • Examples: unrealistic strategy, excessive concentrations or volatility, excessive risk • Does an institution-wide strategy and information system exist? • SREP additional own funds requirements avoid double counting. stable over the economic cycle and stress
vulnerabilities taking, funding structure concerns and external issues • Implementation of group policies on subsidiary level? scenarios

Scoring 1 – 4 Scoring 1 – 4 Scoring 1 – 4 Scoring 1 – 4

Early intervention and macro-prudential measures

Scale 1 No risk identified 2 Low level of risk 3 Medium level of risk 4 High level of risk 5 Failing or likely to fail
Overall SREP score of 1 – 4 or F Directive 2014/59/EU (Art. 27) defines early intervention tools, e.g.: Macro-prudential measures
Overall • Score represents the institution’s viability • Implementation of recovery plan measures • Competent authorities are to assess whether the macro-prudential measures
assessment • Overall score is not necessarily the simple average of the four scores • Certain decisions to be approved by shareholders adequately address the risks at the level of single institutions
Business model risk Internal controls and governance Capital resources Liquidity resources
Assessment • Determination of the overall score at the discretion of the supervisory authorities • Replace members of the management body • Competent authorities may extend macro-prudential measures on an institution-
is based on: • Restructuring of debt specific basis if measures are deemed inappropriate for the respective institution
Risk management framework Overall quantitative assessment Interaction between these factors • Change the business strategy

Supplement supervisory measures

Directive 2013/36/EU (CRD IV, Art. 104 &105) defines the supervisory powers, e.g.:
• Determine additional own funds and liquidity requirements Supervisory measures might Business model Internal governance & controls Credit & counterparty risk Operational risk Market risk IRRBB Liquidity risk Funding risk
Supervisory • Increase governance, controls and involvement of the management body be applied to all SREP Changes in the financial plan Change governance and organisational Enhance collateral management, credit risk Increase operational risk mitigation, e.g. Restrict or reduce investments in certain Demand different internal limits Change the composition of liquid assets Reduce dependency on certain funding
measures • Curtail risk appetite and limits, e.g. modify the risk appetite, improve ICAAP, ILAAP, and stress testing procedures and models components individually, structures or the structure and composition measurement and controls through control points and insurance products and introduce caps, limits or restriction on markets
• Require net profits to be used to increase own funds and prohibit dividend distribution to shareholders examples include: of the management body funding concentrations
• Enhance documentation, IT systems, reporting (including an increase in the reporting frequency)

Supervisory Review and Evaluation Process (SREP)