This latest installment in our series about capital adequacy requirements discusses capital reporting and disclosure requirements. This series was inspired by the FDIC’s recent announcement about a joint agency proposal revising the capital requirement framework for banks with total assets of $100 billion or more. The proposal would implement the final components of the Basel III agreement and further strengthen the banking system following the banking turmoil in March 2023.
Doran Jones believes this is a good time for banks to review their regulatory capital framework. In our experience, banks tend to focus on meeting the required amount of regulatory capital. We recommend that banks take a more wholistic approach to assessing their framework because that is exactly what the regulators are going to do when they perform an examination. According to the Office of Comptroller of the Currency, “The core assessment of a bank’s capital adequacy and the assignment of the capital component rating include an analysis of many different risks and factors, individually and in the aggregate, that affect a bank’s capital. Examiners’ assessments of capital adequacy consider the totality of a bank’s circumstances beyond meeting minimum regulatory capital ratios (i.e., the OCC’s conclusions on a bank’s capital adequacy may differ significantly from conclusions that might be drawn solely from an evaluation of compliance with minimum regulatory capital requirements).”
Regulators rate a bank’s capital adequacy based on each bank’s specific circumstances, not just minimum risk-weighted standards. Factors that affect a regulator’s capital adequacy rating include:
- Amount and quality of capital
- The bank’s overall financial condition
- The composition of the balance sheet, including intangible assets and the associated risks (concentration risk, market risk, etc.)
- The amount, composition and trend of problem assets, and the adequacy of related valuation reserves
- Access to credit markets and additional sources of capital
- The effectiveness of capital planning activities
- The risk level of off-balance sheet activities
- The amount quality and trend of earnings
- The bank’s growth strategy and track record of managing growth
This installment to our series on Capital Adequacy addresses regulatory expectations around reporting and disclosures.
Reporting and Disclosures
Reporting is a critical component of a bank’s capital management process. In addition to the regulatory reporting requirements, regulators expect robust internal reporting to senior management and the board as part of their oversight responsibilities to manage and monitor capital.
Internal management reporting should include:
- timely reporting of the findings of internal monitoring, testing and audit reviews, and regulatory examinations
- remediation plans for addressing serious issues identified during internal or external reviews and progress reports on the remediation efforts
- periodic reports that compare targets from the bank’s capital plan to actual capital ratios and forwards the comparison to the board
- periodic reports to monitor compliance with targets and limits on dividends, minimum capital ratios, and capital levels
- reports that identify trends in capital earnings and liquidity levels
- results of stress tests
- assessments of material risks and controls relating to capital adequacy
- timely and detailed reporting of concerns about compliance with applicable laws and regulations
- reports that identify material capital adequacy and dividend issues
Banks are expected to have adequate controls over regulatory reporting processes such as quarterly call reporting to ensure the accuracy and timeliness of the reports. Reporting exceptions should be tracked and corrected in a timely manner. The root cause of repeated and material errors should be analyzed and remediated with senior management oversight.
Banks with total consolidated assets of $50 billion or more are required to make public disclosures on their public website or in a public financial report. The disclosures must include general information about the bank, their capital adequacy and structure, credit risk and its mitigation, counterparty risk exposure, certain equities, securitization, and non-trading interest rate risk. These banks should have a formal board-approved disclosure policy.
Doran Jones Recommends
An annual review of the bank’s capital risk management reporting policies and processes to verify that it is appropriate for the bank’s activities and risk levels. We recommend the use of a monthly dashboard that captures critical metrics related to capital and earnings for the current month versus the previous month, planned versus actual where appropriate, and monthly trends going back at least a year. The dashboard should include metrics such as capital adequacy ratio, risk weighted assets, economic capital, return on risk weighted assets, return on economic capital, tier I capital, tier II capital, leverage ratio, capital conservation buffer (or countercyclical capital buffer), and net interest margins. Ideally, the dashboard would also cover such key risk metrics around credit, asset liability management, interest rates, and liquidity.
Conclusion
It should not be surprising that, following the string of bank failures earlier this year, regulators are shining a spotlight on capital adequacy as a critical component of bank safety and soundness. Banks should be taking a proactive approach to reviewing their capital management processes and controls to avoid any unpleasant surprises when their regulators inevitably perform an in-depth examination.
Technology Considerations
Many banks, especially small- and mid-sized banks, are utilizing spreadsheet based EUCs to perform capital adequacy calculations. These spreadsheets need to be quite large and complex (often employing complex macros) and are very error-prone and inefficient. These spreadsheets are not only subject to data entry error but also errors resulting from erroneous spreadsheet logic, formulas, and links to outside data. In fact, studies by Raymond Panko at the University of Hawaii show that 90% of spreadsheets with more than 150 rows contain errors, and the European Spreadsheet Risks Interest Group estimated that more than 90% of all spreadsheets contain errors. Another risk associated with EUCs is that turnover can create a problem if critical knowledge of the EUC is lost.
These banks should be considering looking at tailored technology solutions to automate their capital adequacy processes that are tailored to their specific size, complexity, and business model. Such solutions can consist of basic financial risk automation (FRM) services to modular asset liability management solutions such as Moody’s that can be integrated with security trading platforms to monitor the volume, mix, maturity structure, interest rate sensitivity, and liquidity of the bank’s assets and liabilities that provides a comprehensive strategic planning and risk management solution.
Automated Regulatory Reporting using tools like AxiomSL are being used extensively by banks because of increasingly frequent, complex, and dynamic reporting requirements.
Doran Jones can provide the regulatory compliance and risk management expertise with extensive technological knowledge and experience to design and implement a cost-effective solution that will increase efficiency and lower risk by upgrading your risk and compliance systems or identifying and remediating gaps in existing processes.
Contact us to learn how a strategic partnership with Doran Jones can provide you with cost-effective solutions by leveraging our expertise with these and other critical risk and compliance functions.