Basel III: Impacts of the reform on banks' internal control activities
The Basel III reform comes into force in 2013 with a gradual implementation of new standards that should spread out until the end of 2019. Unlike the Basel II reform, which clearly defined the actions to put in place in order to improve the internal control activities in financial institutions, the Basel III reform remains on the surface regarding this matter. One of the few papers on this subject, the new version of "Enhancing corporate governance for banking organizations," initially published by the Basel Committee on "Internal Control" in September 1999, has been made available to banks in October 2010. However, the launch of new projects, especially in the field of counterparty and liquidity risk, will have an impact on the internal control of banks and therefore will have to be flexible to face the new requirements.
First of all, the control plan will be revised to include in its scope of action the new Basel III requirements. Thereafter, each business level that is involved in the domains of internal control, operational control, daily monitoring, compliance and internal audit will be impacted in specific ways.
As for counterparty risk, the integration of the "General Wrong Way Risk" could have a significant impact on the nature of controls in the process. The "General Wrong Way Risk" is the risk that the probability of counterparty default is correlated to the value of the contract for non-specific reasons (for example through macro-economic factors ). Considering this risk, although difficult to grasp, should lead to a strong tightening of controls at the operational level. As a matter of fact, for each entity involved, these risks should be identified and analyzed by the operations departments, enabling the development of proper strategies to cover them. This will involve the development of stress tests for the determination of risk factors which are positively correlated with the creditworthiness of the counterparty at more detailed level than was the case before. These scenarios have to stretch to the simulation of major crises where connections between risk factors are subject to fluctuations. Only after the execution of these tests, the formalization of new control plans can be established with the explicit aim to identify and to ensure the level of exposure of financial institutions by product, by region and by industry, but also on more specific criteria that are related to the nature of their activities. In the medium term, these controls could easily be automated and connected to internal reporting functionalities, providing the Internal Audit business and the Risk Management an overall view of the frequency, location and granularity of stress tests.
As for liquidity risk, certainly in a post-crisis period marked by major failures of many financial institutions, the main objective will be to strengthen the soundness of banks through the implementation of new ratios. One of the requirements, the introduction of the "Net Stable Funding Ratio" (NSFR), aims to encourage banks to finance their long-term borrowings with long-term resources (and not by short-term resources as currently is the case). For example, a bank will have an incentive to favor mortgage loans rather than consumer loans. Again, the Basel III reform should have an immediate impact on operational controls. Indeed, for each type of transaction, banks could estimate the reached volume within what is defined as tolerable. By way of example, a counselor in retail banking could be authorized to issue only x consumer credits per month, where "x" is fixed according to the levels of liquidity to reach. Limitations on the number of transactions could also be estimated on a geographical basis according to the type of industry or to other criteria related to specific activities of the concerned institutions. Thereafter, procedures for exceptional excess could be established by teams that are responsible for the day-to-day monitoring.
Finally, the Basel III reform aims to strengthen prudential supervision (Pillar 2 of the reform) through improved transparency of operations within financial institutions. This demand for transparency will primarily affect the nature of controls performed by the Internal Audit. This function is now responsible for the overall analysis of banking products and operations, for example they can go so far as to question the origin of the various tranches of securitization transactions. The management teams of Business Activity Monitoring and Compliance will also be impacted, more particularly the role of controllers. The latter will be responsible for drafting procedures and initiatives, such as "Know Your Structure", based on the work performed by the Internal Audit department and based on the recommendations of the General, Financial, and Risk Management teams.
As a result, the impact of the Basel III reform on internal control activities could represent a significant cost for financial institutions in the short to medium term since a considerable reorganization and a profound strengthening of the processes will have to take place. This cost will obviously be more important for institutions whose development level of the Internal Audit business is currently less advanced. In the short term, banks could be confronted with the need to reorganize their internal control activities to meet the new standards. In the medium term, these new regulations could also generate additional costs for information systems, due to the fact that a number of checks (initially manually carried out by the monitoring workforce) and day-to-day controls could be automated by relying on features that are likely to be offered by different software editors.
Fluctuations in the interest rate risk cause changes in the value of the derivative transactions, but could also impact the credit worthiness of the counterparty.