Supervision in a post-Basel III world

Keynote address by Mr Agustín Carstens, General Manager of the BIS, at the 13th Asia-Pacific High-level Meeting on Banking Supervision, Singapore, 28 February 2018.

BIS speech  | 
28 February 2018


Ladies and gentlemen, good morning.

I am delighted to join you today at my first Asia-Pacific High-level Meeting on Banking Supervision. I would like to thank the organisers for the invitation. Let me also take this opportunity to extend my gratitude to the Monetary Authority of Singapore for their warm hospitality and superb organisational arrangements.

One key development in the past year has no doubt been the finalisation of Basel III. It is a landmark achievement that significantly strengthens the capital and liquidity shock absorbers within the global banking system and at individual banks.

The finalisation of Basel III is a reminder of the public good that can be achieved with international cooperation, but this does not mean that we can now let our guard down and be complacent. Indeed, the heavy lifting for banking organisations and prudential authorities - that is, effective implementation of the new rules and robust supervision in the post-crisis environment - has only just begun.

In that context, my remarks will not be about the regulatory reforms but will give emphasis to the less glamorous yet equally important subject of day-to-day supervision. As all of you are undoubtedly aware, no amount of financial buffers - even those under Basel III - can ever be a substitute for effective supervision. The overall theme that I would like to convey will therefore be "going back to basics" - that is, alongside the new regulatory framework, effective supervision remains essential for fostering the safety and soundness of both individual banks and the broader financial system.

Indeed, the demands placed on supervisors are greater than ever. On the one hand, they must be able to digest and oversee a complex set of new rules. On the other, they must also have a nuanced understanding of each regulated entity's overall risk profile and be able and willing to take actions at an early stage, perhaps well before there is tangible evidence of deterioration in a bank's financial condition.

The latter responsibility, in particular, is critical because effective supervision is countercyclical in nature and can be much more powerful than any regulatory-oriented countercyclical tools that have been developed post-crisis.

With this in mind, I will talk about three key challenges in the conduct of effective supervision:

  • first, the need to maintain and, if necessary, improve the monitoring of the main traditional sources of risks, such as asset quality deterioration and provisioning;
  • second, to adjust the scope of supervisory reviews to address new risks, such as those associated with technological developments; and
  • third, to develop and utilise new forward-looking supervisory tools to enhance the supervisory review of both traditional and emerging sources of risk.

Asset quality

One key area of supervisory focus is asset quality and credit risk - that's the single biggest form of risk in most banking systems, including in Asia. Loans typically comprise the largest portion of bank assets in most jurisdictions; therefore, the quality of the loan portfolio drives an institution's earnings capacity and is a good barometer of its financial health.

With this in mind, the supervisory review of asset quality plays a key role in assessing a firm's overall risk profile and in determining whether the minimum regulatory capital requirements are sufficient in relation to a bank's identified risks.

As an example, during cyclical upswings - as is the case in many Asian countries that have benefited from favourable economic conditions, low real rates of interest, continued capital inflows, rapid credit growth and rising asset prices - loan underwriting standards and credit administration practices of banks may come under pressure.

Strong, proactive supervision can flag degradations in credit origination standards to a bank's board and senior management at an early stage. Through thematic reviews, supervisors can also determine whether a relaxation of credit underwriting has become an industry-wide issue. In these cases, the insights provided by supervisors can help inform whether changes to prudential policy or possibly macroprudential measures are needed.

When problem assets do build up, supervisors also play a crucial oversight role in ensuring the timely identification and measurement of non-performing assets. It is hard to believe but, until April 2017, when the Basel Committee on Banking Supervision (BCBS) issued guidance on the prudential treatment of problem assets1, there was no globally harmonised definition of a "non-performing exposure". With this publication, supervisory authorities now have a basis to adopt a uniform definition for a non-performing asset (NPA) - and to enforce its application through on-site supervision - which should, one hopes, foster an early identification of NPAs.

Another crucial aspect of dealing promptly with problem loans is to ensure that loan loss provisions are adequate to absorb incurred and expected losses. Indeed, unless there is integrity in the loan loss provisioning process, it is meaningless to assess capital adequacy, even under Basel III. This is because underfunded provisions necessarily overstate both reported earnings and regulatory capital. Consider also that a 5% decline in loan values will eliminate the minimum Common Equity Tier 1 capital requirements under Basel III 2.

For these reasons, supervisors play a critical oversight role to ensure that banks conduct rigorous provisioning practices on NPAs. At the same time, I am aware that in many jurisdictions - although less so in Asia - provisions are governed solely by applicable accounting rules and there are limits to what supervisors can do unless they have sufficient powers. From my vantage point, there is a case for prudential supervisors to seek powers, if not yet available, to impose adjustments to regulatory capital when accounting provisions are insufficient to cover expected losses from a prudential perspective 3.

Fintech and cyber-security

While supervisors need to stay focused on traditional risks, such as poor asset quality, they also need to be mindful of innovations that can have a bearing on prudential supervision. Fintech - the use of technology in the delivery of financial services - provides a unique opportunity to democratise finance, while it also raises a range of old risks and introduces new ones. In this regard, it may be useful to note that a recent BCBS paper on the implications of fintech developments on banks and supervisors assesses how technology-driven innovation in financial services may affect the banking industry and the activities of supervisors 4.

I am aware that fintech issues will be covered extensively at this High-level Meeting. Therefore, I will limit my remarks to three issues that can have an effect on existing supervisory processes as a means to highlight the broader supervisory implications unleashed by fintech.

  1. Credit underwriting: Our traditional view of credit underwriting standards is being transformed in the fintech space, where players use "big data" and mine information from social media to develop algorithms in evaluating creditworthiness. Supervisors need to understand these methodologies not only to perform backward-looking analysis when a loan turns sour, but also to spot evolving problems. A key question here is how supervisors will judge the quality of credit underwriting under these new methodologies.
  2. Scale and speed of fintech: Fintech by its nature has both a need (small-sized, high-volume transactions) and ability to scale much faster than traditional banks. Therefore, the notion of what constitutes "rapid growth" - a traditional area of concern for supervisors - will be challenged by the fintech model. In this regard, supervisors need to be particularly astute in their supervisory risk assessments, as any underlying problems that go undetected can multiply much more quickly than what supervisors may be accustomed to.
  3. Cyber-security: Cyber-risk is a key area of concern, particularly as more consumers and businesses rely on digital platforms to transact financial services. Authorities are taking different approaches to regulating and supervising cyber-risks 5. On the regulatory front, differences begin at a fundamental level, starting with whether the nature of cyber-risk is amenable to specific regulatory requirements. Supervisory approaches are also evolving and practices appear to be an extension of their existing risk-based supervisory frameworks that cover technology and cyber-risks. Whether existing approaches are sufficient to address the growing threat posed by cyber-attacks must now become a key area of supervisory focus.

Designing a "fit for purpose" regulatory and supervisory regime applicable to technological developments is a formidable challenge. Regulators have a difficult balancing act, as they need to ensure all relevant risks are contained, provide a level playing field, and at the same time foster an innovative, competitive and secure financial ecosystem that can be trusted.

Back to basics: make supervision more forward-looking

I mentioned at the beginning of my remarks that effective supervision is an essential complement to the regulatory reforms. One simple way to think about the Basel III reforms is to view them as enhanced capital and liquidity buffers that need to be contextualised against the various risks a banking organisation is inherently exposed to (that is, credit, market, interest rate, liquidity, operational, business and other material risks). An assessment of these risks - and how well they are managed - can only be addressed through the practice of supervision.

Indeed, it is only through the supervisory review process that supervisors can form opinions of an institution's overall risk profile, which, in turn, drives a range of supervisory actions designed to address problems at an early stage, before earnings and capital of the bank are affected.

Arriving at such decisions, however, is easier said than done. It requires the exercise of sound judgment backed by critical analysis. Let me provide one example to illustrate.

Perhaps the leading indicator of a bank's future risk profile is the quality and effectiveness of a bank's governance and risk management practices. Supervisors are usually expected to take actions when risk management shortcomings are identified, depending on the nature of their findings. But what exactly constitutes "sound risk management"? And at what point do weaknesses in risk management become a supervisory concern?

There are no simple answers. Yet, given the significance of these assessments in constraining excessive risk-taking at banks, opportunities exist to share methodologies and exchange views among supervisors and - I might add - risk managers at banks, to achieve mutually desired outcomes.

Since the financial crisis, more emphasis has been placed on the development of new supervisory tools that have come to be labelled as "forward-looking supervision". These tools include supervisory scrutiny of the sustainability of business models; a review of compensation arrangements to ensure that incentives do not encourage excessive risk-taking; and an assessment of the culture and behaviour of banks, in some cases through the use of behavioural psychologists.

Collectively, these new supervisory methodologies are welcome developments, but only time will tell whether these tools can be effective in applying early intervention measures while a bank's financial condition remains sound.

Concluding remarks

Let me conclude with three key messages:

  • First, completion of the Basel III reforms is a significant milestone and provides much needed regulatory certainty to the banking sector.
  • Second, effective supervision continues to be an important, but sometimes forgotten, element of the post-crisis reforms. It provides context to, and reinforces, Basel III. In a post-crisis world, supervisors will need to stay focused on traditional risks such as asset quality. At the same time, they must keep an eye on emerging risks, such as the evolving fintech landscape and the way it can transform our traditional approaches to identifying and assessing risk. In both cases, they will need to utilise new forward-looking assessment tools and to better employ existing ones to identify and resolve problems at an early stage.
  • And third, although it may not be sufficiently emphasised, perhaps the most powerful countercyclical tool available to prudential authorities is their army of front-line supervisors. They are the eyes and ears of policymakers and they see first-hand the impact of, for instance, monetary policy decisions on bank behaviour and risk-taking. Working in concert with risk managers at banks, supervisors are best positioned to say "no", even when society and indeed some governments are saying "yes".

With these considerations in mind, I believe that our Financial Stability Institute (FSI) can play a key role in advancing the supervisory agenda. Through its publications and outreach events such as this High-level Meeting, the FSI facilitates the exchange of supervisory experiences and approaches on a range of prudential issues. It also contributes to capacity-building for supervisors around the world.

I therefore wish you a productive meeting with fruitful discussions. Thank you very much for your attention.

2    This relationship would hold, for example, if loans comprised 100% of total assets. For the purposes of this illustration, the impact of retained earnings on regulatory capital is not considered.

3    For further information on the interactions between accounting and prudential provisioning frameworks, see F Restoy and R Zamil, "Prudential policy considerations under expected loss provisioning: lessons from Asia", FSI Insights, no 5, October 2017.

4    Basel Committee on Banking Supervision, Implications of fintech developments on banks and supervisors, February 2018.

5    See J Crisanto and J Prenio, "Regulatory approaches to enhance banks' cyber-security frameworks", FSI Insights, no 2, August 2017.

Related information