Why be standardised?
It seems such a short time ago that
we were building a new capital Accord which would incentivise banks
to improve their risk management and encourage them to move along
the spectrum of the new Accord’s three stages. How rapidly things
It was always accepted that the Standardised
Approach in operational risk was not especially – or at all
(?) – risk sensitive. It was, though, a refinement of the Basic
Approach and an aspiration and step on the way to the Advanced Approach,
if that was what a bank wanted. Equally, it could be a good resting
In the QIS3 document, the qualifying
criteria were set at a reasonable level. Indeed “reasonableness”
was a word which shone through the text. As did the word “assess”,
which again suggested an appropriate level of management sophistication
and recognised the state of development of operational risk management
and methodologies. Boards would have a “fair understanding”
of the impact of high impact, low frequency events on the bank’s
risk profile; banks would “begin to systematically track operational
risk data”, including internal loss data.
Even at that level there were voices
in the industry who suggested that the criteria were too formal and
prescriptive and detected little material difference between the Standardised
and Advanced Approach criteria. They also pointed to the strange incentive
which was provided by the alphas and betas. Do nothing, apart from
adhering in a general way to sound practices, and stay on the Basic
Approach, and you would be charged 15% of Gross Income. Work and spend
and educate to meet the enhanced criteria of the Standardised Approach,
and you would be charged anything from 12% to 18% of Gross Income.
Given that the 18% kicked in for corporate finance, trading and sales
and payment and settlement, you could see who was staring down the
barrel of the gun. Why they would wish to go anywhere near the Standardised
Approach was a mystery. Why any of the betas was higher than the Basic
alpha was a greater one.
But we lived in hope, because in November
2002 the EU published its draft Directive. The qualifying criteria
were positively minimalist by comparison with the Basel Committee.
10 short and sweet lines and 4 sub-heads (and one of those was about
the impact on solvency, which is another mystery). It appeared that
at least European Services recognised the evolutionary state of operational
risk and the need, within a constituency of some 10,000 banks, for
criteria which would distinguish one set of banks from those small
institutions which would remain on the Basic standard. And the EU
put in a proposal to alleviate the burden of the capital charge for
investment firms. But no change on the betas and alphas.
Then two things happened and it’s
difficult in some ways to say which was the greater bombshell. First,
at the end of February, the US regulators absented themselves from
the Standardised Approach, or indeed any Approach other than the Advanced.
Quite where this leaves the debate, or indeed the Accord, present
and future, is anybody’s guess.
Despite, though, having retreated to
their tents, they must nevertheless have been party to the extraordinary
ramping up of the criteria for the Standardised Approach, which emerged
in Basel’s CP3 at the end of April. If the BBA, LIBA and others
thought the previous attempt was “too formal and prescriptive”
it will be fascinating to see what thy think of the current version.
Quite simply, the qualifying criteria are word for word the same as
for the Advanced Approach. Of course, regulators being regulators,
it’s not always that obvious. In one or two cases, just when
you think they’ve not copied word for word, you find that they
have – but have cunningly changed the order of the sentences!
Thankfully “assess” has survived
in the STA, whilst it’s “measure” in the AMA and
that, as regards internal loss data, STA banks must “systematically
track . . . material losses” rather than all losses over an
agreed threshold. Mind you, the threshold’s subject to a materiality
test, so perhaps there’s not so much difference there after
Of course, the beta factors remain as
before – but with one major change – the Alternative Standardised
Approach. It has been recognised that in some areas, such as credit
cards or other retail portfolios, the income earned specifically covers
budgeted operational risks, such as fraud. In many banks, also, it
can be difficult to disaggregate personal from commercial business.
So an alternative is proposed. If you want to, you can aggregate your
retail (beta 12%) and commercial (beta 15%) banking income figures
and apply a composite beta – of 15%. Then again, if you can’t
do otherwise, you can aggregate the income of the other six business
lines (betas ranging from 12 – 18%) and apply a composite –
So the bottom line is that you are now
expected to incur all the costs of putting in management processes,
which are exactly the same as the AMA, and you will then have the
privilege of being hammered for the highest beta on the market.
Is that really an encouragement –
as the regulators continue to parrot in CP3 –to “move
along the spectrum of available approaches”? Does it incentivise
banks to improve their risk management? Of course not. It simply opens
such a gap between Basic and Advanced that the STA might as well not
be there. Which is, of course, remarkably similar to where the US
appears to have got to. And where we should not be.
The Basel Accord should be about improving
risk management. It should recognise the needs and aspirations of
the thousands of banks who will be affected by the new regime, such
as those in the EU. If nothing changes, there will be little point
in their incurring the significant costs of reaching a standard close
to the AMA, to receive no benefit – possibly an increase - in
capital, as compared with staying on the Basic level. And if that
happens, the Accord will have failed and we may wonder why we ever