BaFin - Navigation & Service

Go to:

Topic Risk management Risk models in the banking sector

Article from BaFin's 2017 annual report

In 2017, work focused on further enhancing the requirements for the appropriate use of internal models in bank management and regulation.

Basel III finalised

The comparability of internal model results across institutions has been a subject of sometimes fierce debate since the financial crisis. After years of intensive consultations, the Basel reform package was finally adopted in December 2017.1

Internal models will now not be abolished, as had been feared. BaFin and the Bundesbank had campaigned for continuing to allow the use of internal models for many portfolios in order to enable a risk-sensitive approach to calculating capital. From BaFin's point of view, internal models are not an end in themselves, but are instead intended to strengthen an institution's risk management – as well as to ensure that capital is adequately calculated.

The purpose of the revised Basel regulatory framework is to limit unintended excessive variances in capital requirements calculated using internal models. Regrettably, there was not enough differentiation between intended and unintended variability, so that a minimum capital requirement based on the less risk-sensitive standardised approaches was ultimately chosen. For banks using internal models, this output floor (72.5 percent) limits the amount of capital benefit a bank can gain to 27.5 percent, relative to using the standardised approaches.

It remains to be seen how seriously the new rules will impact on the banks' capital requirements as well as on risk control and risk management.

Targeted Review of Internal Models

The SSM's Targeted Review of Internal Models (TRIM) project continued successfully in 2017. Launched in 2016, this multi-year project aims to ensure that capital requirements are the same for identical risk positions throughout the SSM and to standardise and strengthen the supervision of internal models within the SSM. Through TRIM, BaFin also wants to contribute to rebuilding confidence in the use of models to calculate risk and capital requirements, which has been shaken since the financial crisis.

In 2016, model experts of the national competent authorities and of the ECB formulated "supervisory expectations" for banks and guidelines for model reviewers in respect of areas selected for special attention. Since the beginning of 2017, checks have been conducted in supervisory interviews and reviews to establish whether the main European banks using internal models meet these expectations. To this end, 120 reviews for the credit, market and counterparty risk types were scheduled for 2017 and the first half of 2018; of this number, over 90 had been started by the end of 2017 and over a quarter of them completed. The credit risk reviews focus on model-specific issues for the retail business and small and medium-sized enterprises exposure classes. Reviews relating to selected methodology issues in the institutions, large corporates and special financing exposure classes are scheduled to start in September 2018.

Simultaneously with these reviews and supervisory visits, the working groups of the project supplemented and refined the supervisory expectations they had developed, taking comments made by the industry into account.2 The supervisory expectations and guidelines continue to be adjusted in response to experience gathered during the ongoing reviews. There will be consultation with the banks on the final standards towards the end of the project, before they are ultimately adopted by the Supervisory Board of the SSM.

The good, close cooperation between the model experts of the national competent authorities and the ECB in the TRIM project is a significant factor contributing to the very successful progress of the project to date. This cooperation should therefore be strengthened and sustained beyond the end of the TRIM project.

Supervisory benchmarking

As in the previous year, a supervisory benchmarking exercise of the internal approaches pursuant to Article 78 of the Capital Requirements Regulation (CRR)3was conducted in 2017. The supervisory credit risk benchmarking in 2017 focused on portfolios of the "sovereign", "institutions" and "large corporates" exposure classes. Since only relatively few defaults are generally observed in these exposure classes, they are also referred to as low-default portfolios (LDPs).

As expected, the comparison of the banks participating in this process showed a certain level of variability in risk-weighted assets (RWA). However, in most cases this could be attributed to simple reasons, such as differences in the proportion of exposures in default, the portfolio composition and the geographical mix. This variability is desirable, because it is caused by different risks, which are meant to be measured by the risk-sensitive process. Any variability not attributable to these causes is further investigated jointly by the EBA, the national competent authorities (NCAs) and in the SSM. In most cases, the participating banks were able to explain and justify any variances from benchmarks calculated as part of the supervisory benchmarking exercise on the basis of the European sample.

  1. 1 See chapters I 4 and III 1.1.
  2. 2 https://www.bankingsupervision.europa.eu/ecb/pub/pdf/trim_guide.en.pdf.
  3. 3 Regulation (EU) 2013/575, OJ L 167/1.

Did you find this article helpful?

We appreciate your feedback

Your feedback helps us to continuously improve the website and to keep it up to date. If you have any questions and would like us to contact you, please use our contact form. Please send any disclosures about actual or suspected violations of supervisory provisions to our contact point for whistleblowers.

We appreciate your feedback

* Mandatory field

Publications on this topic

Format Article Erscheinung: from 08.05.2025 Reg­is­ters of in­for­ma­tion and no­ti­fi­ca­tion re­quire­ments: iden­ti­fy­ing con­cen­tra­tions in IT ser­vices

Although there are advantages when companies in the financial sector use third-party service providers for their IT, it gives rise to interconnectedness and dependencies. The new requirement to maintain a register of information creates transparency – for financial entities and supervisors alike. This article outlines what financial entities must now bear in mind and what BaFin is doing to ease …

Format Article Erscheinung: from 28.02.2025 Prepar­ing for DO­RA: “We’ve stepped it up a notch”

Companies in the financial sector have had to apply DORA since 17 January 2025. Jens Obermöller, Director-General of IT Supervision at BaFin, talks about how companies and supervisors have been preparing for the new rules – and what will happen next.

Format Article Erscheinung: from 12.12.2024 „A pal­pa­ble con­tri­bu­tion to­wards re­duc­ing bu­reau­cra­cy“

Small institutions can now benefit from additional simplified requirements in the area of risk management. That is thanks to a new supervisory statement published by BaFin. Chief Executive Director Raimund Röseler provides background information as well as some surprising insights.

Format Article Erscheinung: from 04.12.2024 Sim­u­lat­ing at­tacks to en­hance se­cu­ri­ty

Cyberattacks continue to pose a great risk to the financial industry. Special tests can simulate the tactics, techniques and methods of potential attackers. Which companies are required to undergo the tests?
By Hanno Burgau and Lucas Pausewang, BaFin IT Supervision

Format Article Erscheinung: from 13.08.2024 Trans­paren­cy en­sured by re­port­ing re­quire­ments

(BaFinJournal) Starting in January 2025, major ICT incidents will have to be reported to BaFin. What exactly is at stake here? What will happen with the reports? And what role will BaFin play? By Benedikt Queng and Michael Göddecke, BaFin IT Supervision

All documents