Still no end in sight for US banks' parallel run

Since last month's announcement from the US Federal Reserve on Basel III implementation, US institutions finally have certainty about their future capital requirements. Banks, the Fed said, will be forced to hold common equity Tier I capital equivalent to 7% of their risk-weighted assets reflecting a minimum ratio of 4.5% and an additional capital conservation buffer of 2.5%. Banks will also face a higher leverage ratio of 4%, rather than the 3% minimum under Basel III, which the Fed will introduce on January 1, 2014.

So while US banks now have a much clearer roadmap to execute their Basel III implementation programmes, they remain on parallel run for Basel II compliance. This means that they are still waiting to have their advanced measurement approaches (AMA) to operational risk approved.

Because the AMA was mandated for US banks, unlike UK banks for example, they have had no choice but to build AMA models to quantify their operational risk. This has meant significant investment in terms of time, expertise and money. On top of this, after going through the financial crisis and everything that brought with it, there are whisperings in the industry about the AMA starting to look somewhat irrelevant, thus giving rise to questions about whether the US's parallel run any longer serves a purpose.

Indeed in other jurisdictions questions about the AMA's relevance have been rumbling on for some time now. In August 2012, Operational Risk & Regulation investigated the AMA's standing in the UK. The approach was described as "pretty much extinct" by one of the very people who had worked with UK banks to implement the AMA – Jimi Hinchliffe, the former head of Basel II implementation in the wholesale firms division of the UK Financial Services Authority.

Meanwhile, US banks move on with their parallel runs on the way to AMA approval – but the results remain to be seen. After five years not one US bank has exited its parallel run. There is also no clear indication from the regulators as to when we can expect to see US banks exiting. The Office of the Comptroller of the Currency (OCC) says it expects to see some banks exiting this year "and the pace increasing over the next few years". But the Fed remains silent and declined to comment when asked.

This is compounded by the fact that banks in a number of European jurisdictions have had their AMA models in place for some time now. In Germany – where the AMA was mandated – 16 German institutions or groups of institutions operate on an AMA framework. Even jurisdictions that didn't mandate the AMA, such as Sweden and the Netherlands, have institutions with their AMA frameworks in place. Indeed SEB in Sweden was one of the first banks to get AMA approval back in 2008 and in the Netherlands, two of the three main banks are AMA approved – ING and Rabobank – with the third, ABN Amro, back on the way to AMA approval after having it withdrawn upon its merger with Fortis in 2010.

The US banking sector is, therefore, starting to feel a little frustrated with its protracted parallel run. And that frustration is starting to show. Questions are being asked as to why parallel run has taken so long in the US and what the delay has been in implementing Basel II. At OpRisk North America this year, Evan Sekeris, then assistant vice-president at the Federal Reserve Bank of Richmond, described US banks' failure to exit parallel run as a "black eye" for the whole US financial sector. He said that the entire industry – regulators and financial institutions alike – were collectively responsible for not "getting their act together" when it came to parallel run.

Exactly what is preventing the US financial sector from completing the parallel run is different depending on who you speak to. From models and data to timing and lack of impetus, there seem to be myriad reasons, but all leading to the same end point: no exit.

The drive for data

Coryann Stefansson, managing director of PwC's financial services regulatory practice in Washington, DC, is not so sure that US banks still being in parallel run is necessarily to be seen as a failure. She points out that the data requirements are a significant challenge that take time to address. "I would argue that the quantitative requirements around Basel, for Basel II or III – the amount of data you need in order to properly train a model that you have overwhelming confidence in, including being able to back-test results and properly refine the model based on the back-testing results and based on the data – is a huge hurdle."

She says that, since the first Bank for International Settlements publication on Basel II, there was an assumption among regulators (and banks) that banks had far more data than they actually had. She also says that it is probable that US banks thought that the regulators would be very flexible and very loose on the data requirements. "I think [banks] assumed that the regulators would say ‘your capital model is fine but we understand over time you'll be able to refine it because you'll build the data'."

But, she says, this wasn't the case: as the new capital rules involved a switch from the less risk sensitive Basel I model, which has fixed risk weights, to a risk sensitive Basel II model, regulators were very reluctant to apply a flexible approach – and when banks looked more closely at their data, they realised they didn't have the full complement of data that would be needed to support a quantitative model. "All the different elements to prescribe the risk characteristics of a loan, the risk characteristics of a certain security and so on, they didn't have it all. That is what has delayed parallel run; the lack of responsive data to a quantitative model."

But one head of operational risk says that whether you have the data or not, the AMA model is inherently flawed. He argues that banks don't have 1,000 years' worth of data – needed to meet the 99.9% percentile standard of annual operational risk loss exposure – and even if they did, banks and the industry change so drastically every few years with new products, new management and new corporate structures that it would be impossible to factor these points into the data.

"To think that you can predict what's going to happen in the future based on these past results when those results are based on factors that you are not capturing, such as having a bad management team, new regulations and so on, is simply incorrect," he says. "How can you really say that your model is going to make any sense? You have no true test for those models due to the randomness and ever-changing nature of operational risk."

But a spokesperson for the OCC jumps to the defence of the AMA. "Operational risk is the ‘newest' risk to be modelled and subject to quantification methods," she points out. "Therefore, this has been particularly challenging and the AMA is still evolving."

Model failures

At OpRisk North America, Sekeris told the conference that the models played a huge part in US banks' failure to exit parallel run thus far. He pointed out that, before the crisis, some of the models that the regulators were seeing were of an acceptable standard that in some cases exceeded expectations. "I can think of cases where we thought they were class-leading models," he said. "But then the crisis hit and it blew through the models. It completely obliterated the models."

Phil Aquilino, director in KPMG's advisory practice in Falls Church, Virginia, agrees that US banks have had significant challenges with their models since the crisis. "A lot of the models didn't hold up as well as one would have liked [during the crisis]," he says. "I think there has been more emphasis on the non-operational risk models, so I think the credit modelling, for example, is much further along."

He also points out that an area of challenge for operational risk modelling for US banks is the flexibility that was built into Basel II around operational risk. "It has taken a long time for a consensus between the banks and the regulators on what that model and approach really should look like," he says. "There was an expectation that as the operational risk approaches begin to mature that there would be greater convergence across the industry, but certainly the expectation wasn't one size fits all."

Uncertainty around the model requirements for US banks' parallel run is echoed by other commentators. Gavan Corr, chief operating officer at New York-based service provider Cycle Computing, points out that one of the biggest issues for banks in parallel run has been the amount of "grey area".

"It's very difficult to pin down specifically what had to be deployed," he says. "There was a lot of wiggle room there and operationally people looked at it from multiple ways, and still do if you look at it very broadly across the industry."

He says that even with something with such a specific framework as Basel II, there is still so much room for interpretation. "When everybody has a different view on what exactly is being asked for, it doesn't really help," he points out.

PwC's Stefansson says the business structures of advanced approach banks have also played a part in the challenges they have faced regarding data for their AMA models. "If you think about it, through the 1990s banks went quite rapidly through a number of mergers and acquisitions where they weren't working on a very streamlined IT platform, so being able to pull data from multiple silos and legal entities and then combine it gave rise to a lot of issues because they didn't have comparable data across the same types of products, across all the legal entities."

Not only that, but there is also a lack of motivation both internally and externally when it comes to getting out of parallel run, according to Corr. "Internally there has been very little impetus to do this because it isn't front and centre in anybody's mind other than compliance. If we look externally, I don't believe I have had a single conversation with anybody who has told me ‘yes we're getting real pressure from the regulators to move this forward'."

Poorly timed

Timing has also proven unfortunate for US banks and the AMA. Aquilino points out that the financial crisis hit just around the time institutions were starting to enter Basel II in the US and work on their parallel run. "The crisis had a lot of effects on parallel run," he says. "For one thing it distracted a lot of senior management attention and time. It was a huge distraction for management in these institutions."

Externally, regulators were also scrambling to deal with the financial crisis, meaning their attention was averted from parallel run. Internal and external efforts to shore up capital and liquidity took precedence over parallel run, Aquilino says. He adds that the launch of the Supervisory Capital Assessment Program (Scap) in the aftermath of the crisis also took up much-needed attention. This combined with post-crisis stress-testing efforts meant parallel run took a back seat.

"Scap required a lot of the same skill sets as parallel run," Aquilino says. "And in many ways a lot of the same skill sets that focused on Basel II were also needed for the stress-testing effort. These are a good example of how there were internal and external stresses in terms of expertise and how resources needed to be allocated, which I think in itself was a huge challenge."

The OCC's spokesperson argues that the US's high standards are the reason parallel run has followed the path it is currently on. "Each bank enters parallel run at its own pace and each has made progress at a different pace. There are very high standards in the US and banks have been challenged to meet them," she says.

But the head of operational risk is not convinced. He argues that the AMA model itself is simply flawed, especially in its reliance on the 1,000-year loss standard – and this is the reason parallel run has not turned out as expected. "There are many problems with it," he says. "There are large holes in the basic theory that many people in the industry acknowledge and then people expect the right answer at the end. It's based on a faulty foundation and that faulty foundation is that somehow with a mathematical equation you're going to tell me what your worst loss is going to be in 1,000 years. Without understanding your ‘maximum loss potential' how can you judge your expected and unexpected losses? That is nowhere in the model."

The industry is awash with rumours about whether there is an end in sight for US banks' parallel run. The head of operational risk says he heard the exit phase for US banks' parallel run was coming at the end of last year. "The firms that are working on this are really frustrated. Eight months ago they were told that there was going to be an exercise where everyone gets approved at the same time. But that never happened."

Stefansson is a little more positive. "I think you're going to find a firm come out soon," she says. "But I speak in ‘Fed talk' when I say soon – probably within the next few quarters you should see a firm come out."

She says she thinks there is a struggle with the Federal Reserve about when to let banks exit. "Do you allow a firm to come out of parallel run when you still know there might be issues with validation or there are issues within a model? Do you let them exit the parallel run and then work on it afterwards? Or do you hold them to fix every one of these things before you let them out of parallel run? And it is a normal regulatory dilemma because you always worry that if you give them the carrot, are they still going to do the right thing?"

Corr says there is a lot of speculation regarding regional and smaller banks reaching the end of their parallel run. "Maybe they can come out as they are a little more flexible and can come out and say we're already compliant. It's a lot easier to do that if you don't have big or as global a portfolio as maybe some of the largest banks."

And the head of operational risk dismisses this as somewhat futile anyway. "I don't know how it helps anybody even if they get approval," he says. "The only thing they can say is ‘yes we were successful in getting approval' but what does that really mean? Years ago they were talking about this being a competitive edge; but it is never going to be a competitive edge."

He adds that US banks may end up with much higher capital levels with the AMA than they would on the standardised approach, even when it includes a regulatory capital buffer. "From a business perspective you look at this and go ‘okay we spent all this money, we have done all this, it has been years and years in the baking, it has cost a lot of manager attention and what is the prize at the end for our investment? What do we get?' You get more capital than the guy next door to you. This is a real dilemma. And for the future I don't have any clue what they are going to do, to be honest with you."