On 27th October 2021, the European Commission released its proposal of a new banking package, that (among other things) implements the first pillar of Basel IV into the banking regulation.
In 2010, the Basel committee of banking and supervision (BCBS) released a capital requirements package known as Basel III that was supposed to address the root causes of the 2008 financial crisis. At the time, the BCBS was fully aware that the Basel III standards as released in 2010, and as translated into the EU law in the form of the original CRR regulation of June 2013, were insufficient. The 2010 version of Basel III was a quick patch of the banking regulation intended to address the most pressing regulatory problems with finer work envisioned to be done in the future. Indeed, the BCBS has continued working on additional, more precise, or stricter requirement, culminating its work on the Basel III in December 2017. The industry meanwhile took to call these new reviewed standards the ‘Basel IV’. This title is unofficial but as the BCBS work on the Basel standards between 2010 and 2017 left no stone unturned, the title may be apt.
In 2019, the Official Journal of the EU released a regulation colloquially referred to as CRR 2 which surprised the experts by being rather limited in scope. It only concerned the reporting and disclosure of the market risk – a portion of a portion of Basel IV at a time where all parts of the framework were already out.
The release of 27th October 2021 has no smaller ambition then to bring the rest of the Basel IV framework (almost all of it) into the European Regulatory framework. This was done with distinctly European Flavour: The Basel standards tend only to apply on the cross-border institutions. In the common market of the EU, almost all banking institutions can be viewed as cross-border and therefore the Commission elects to apply its iteration of Basel standards on all of them. This required a greater degree of proportionality, to make the compliance, particularly for the smaller institutions, easier. Therefore, the requirements of CRR 3 sometimes differ from the original Basel IV.
The Banking package also introduces requirements in line with the Environmental, Social and Governance (ESG) framework pursuant to the Green Deal. The way this is done does not impact the RWAs or the Eligible Capital. CRR 3 merely requires the institutions to report them and CRD brings them into the SREP process.
Before the release of CRR 3, the EBA periodically lamented that the regulatory capital, particularly of the institutions that make use of the internal approaches, but also others, differed wildly across the institutions in a manner that could not be explained by the differences in their risk profiles. CRR 3 therefore ensures that the regulatory risk calculations reflect as much as possible the real risks. This is also a guiding principle for understanding the probable impact of the new package on the regulatory capital of the banks. For those that so far benefited from low capital requirements relative to their actual risk profiles, the increase of the regulatory capital is going to be substantial. Those institutions whose regulatory capital has been consistent with their actual risks will not see much of a change. And the institutions whose capital requirements overappreciated their risks may see a slight decrease in their capital requirements. However, on average, capital requirements will increase slightly, though their impact will be disproportional.
The current release is a Commission proposal only and still needs to go through the council and the parliament before its release in the official Journal of the EU. However, it is not expected to undergo very many additional changes and its adoption should be smooth.
Of all the changes introduced by CRR 3, the changes to the credit risk capital requirements calculations are probably the most significant for the EU banking sector. In part this is because there are major changes to both the methodologies being used, to the conditions under which they can be used and to the infrastructure they need to be accompanied with. In part this is also because the credit risk is the most important risk type for most of the European banks. Consequently, the changes to the credit risk calculations will greatly affect most EU financial institutions.
The Standardised Approach: was overhauled to capture minor differences in risks in a more granular and sensitive manner. This will make the standardised approach more allied with a real risk, but also more difficult to calculate. Whilst on the surface the changes to the Standardised approach may not look as serious as changes to some other approaches, they may still constitute some of the most impactful changes of the package.
Specifically, the new internal approach changes the determination of the exposure value of the off balance-sheet items and commitments on off balance-sheet items. This is achieved through amending credit conversion factors. Some contractual arrangements for corporates and SMEs are exempted.
The risk weights for specialised lending exposures, retail exposures, exposures with currency mismatch, subordinated debt exposures and defaulted exposures are amended. With some exposure types, CRR 3 offers more granularity in comparison to Basel IV. Equity exposures for instance have a specialised treatment for strategic equity investments. As regards the exposures secured by real estate, unlike Basel IV, which caps the property value at loan origination, CRR III continues the use of the EU’s monitoring and adjustments over time.
CRR 3 also introduces the Standardised Credit Risk Assessment Approach which can be used in parallel with External Credit Risk Assessment Approach. The institutions that use External Credit Risk Assessment Approach with a nominated eligible credit assessment institution may now benefit from a lower risk weight for their exposures to institutions and corporates. Other institutions will need to use the Standardised Credit Risk Assessment Approach for those.
The Internal Rating Based Approach: As previously stated the EBA and the commission were unhappy with differing Internal Model results for different banking institutions, that were impossible to be explained by the differences in risks. Indeed, the goal of CRR 3 in this regard is to make the IRB model outcomes more comparable across institutions as well as more indicative of the risks. This standardisation of internal models is accompanied with limitations to the application of IRB models.
For the equity exposures, the internal approach cannot be used, only the standardised approach is now allowed. For the exposures to corporates with total sales greater than EUR 500 million, the foundation approach can be used in addition to the standardised approach, but not the advanced approach. In the remaining cases, where all approaches including the advanced one are allowed, the PD and LGD inputs are now subject to input floors for all but the sovereign exposures.
The divergence from Basel IV in this case consists of regional governments and local authorities as well as public sector entities getting their own separate exposure classes.
As will be explained later, the internal models are also subject to the output floors – which does mean that the institutions will be required to calculate the capital requirements for all assets using the standardised approach. This does mean that the Internal model approach carries the additional burden of all costs associated with implementing the standardised approach calculations. The capital benefits arising from the use of the internal models are simultaneously capped.
CVA risk charge operates at the intersection of market and credit risk. It arises in a final transaction when the counterparty may default and the risk driving the exposure arises primarily from a market movement.
Under the original CRR, hedging strategies that financial institutions put in place are mostly not recognised or eligible to any especially favourable capital treatment. The increased risk-sensitivity of the newly proposed framework will allow institutions to better reflect the hedging in their capital treatment.
Furthermore, adherent to the principle of proportionality, a variety of approaches are available to institutions depending on their complexity and hedging strategies. These approaches include:
The Simplified Approach: This approach is limited to the small institutions or institutions that possess a small trading book and hence are only exposed to relatively low CVA risk. More concretely, institutions that have less than 100 M EUR worth of derivatives and whose derivative position is less than 5% of their total assets. Furthermore, the institutions need the supervisors’ permission to use the simplified approach.
The computational effort to calculate CVA charge under the simplified approach should be minimal and, at least compared to most of the other approaches, the capital requirements under this methodology are not going to diverge too much from the requirements under the original CRR.
The Basic Approach: This approach is compulsory for bigger banks. It comes up with a new computation mechanism which makes its implementation somewhat more demanding. The basic approach can be further divided into:
The reduced version, which does not recognise the hedging benefits. It is rather puzzling to ascertain what institution would choose to use this approach as it combines the downsides of computational complexity and higher capital requirements with no upside from the recognition of hedging.
The full basic approach is only slightly more demanding compared to the reduced version but has the notable benefit of recognising hedging in your CVA charge.
The Basic Approach differs from the Basel approach via the introduction of the DS factor that multiplies the CVA capital charge by 0.65, thereby effectively decreasing the resulting capital charge substantially.
The Standardised Approach: This approach is still quite complex in comparison with the current approaches. It is a de-facto extension of the Basel FRTB framework onto the CVA risk charge; it is based on the risk sensitivities, which, particularly in the context of CVA, are challenging to calculate. Therefore, it is unquestionably a cumbersome approach to implement for all institutions. However, it comes with much greater benefits to the capital treatment of hedging and diversification both compared to the current CRR framework and compared to other approaches. It is subject to the supervisory approval.
True to the conventional EU regulatory policy and in contrast with Basel IV, CRR exempts exposures with sovereign, intragroup or non-financial counterparty from capital requirements on the CVA capital charge. The calculated CVA charge for these exposures still must be disclosed with the regulator – this is to allow EU regulators to further analyse the costs and benefits of this exception.
To the casual observer, the Market Risk is the most confusing component of CRR 3. This is because it was the principal component of CRR 2 in 2019. Whereas CRR 2 has indeed introduced some of the most important methodological elements of the market risk calculation, the alternative approaches it offered were for reporting and disclosure purposes only. Whilst the methodology for calculating market risk requirements was partially provided by CRR 2, the regulatory piece missed out of an arguably equally significant portion of the market risk framework – revision of the trading book boundary.
In CRR 3, the Basel FRTB framework comes in full force with new standardised and internal approaches to be used for the capital calculations and with the revised boundary between the trading and banking books.
The Trading book boundary is intended to prevent arbitraging when banks choose to allocate the assets to whatever position has the more favourable capital treatment. The new framework will determine the book by strictly defined product characteristics and trading intent. Any reallocation will have to be subject to the approval of the regulator, who will request a solid justification.
Some institutions may experience a significant impact on capital as a number of their assets may move from trading to banking book. The change of boundary is likely going to have a bigger capital effect than the changes in the modelling approaches.
The Alternative Standardised Approach: This is the European name for the new Basel standardised approach – a relic from CRR 2 where the standardised approach was used for the capital requirements and the alternative standardised approach was used for the reporting and disclosure. Its defining feature that makes it different to the one currently used under CRR is the approach to sensitivities. The combination of risk sensitivities and stress scenarios makes the new standardised approach significantly more responsive to the risk. It also allows for capital benefits arising from diversification and hedging (a feature prevalent in most risk models). Similarly to most new risk models, the new standardised approach will require a significantly more complex computational effort compared to the CRR market risk standardised approach, but this is to a large part offset by institutions having already implemented the major parts of the standardised approach for reporting purposes.
The Alternative Internal Model: Replaces the current criticised VAR framework with the expected framework. Rather than a new model, it also covers the underlying framework for market risk. The data quality criteria are most severe, particularly when modelling risk factors. The new requirements are also intended to facilitate a better integration of the pricing function between the front office and the risk calculations behind. The use of the alternative internal model will, once again, bring notable costs in terms of systems and operations, though the costs will again be somewhat lower for the institutions that already implemented it for CRR 2 Reporting/Disclosure. It is subject to regulatory approval.
The Simplified Standardised Approach: This approach resembles the standardised approach under the original (2013) CRR. The approach can be retained by the banks that are not exposed to significant market risk. This only is an option for companies with small trading books (the size of the institution's business that is subject to market risk is less than 500 M EUR and 10% of its total assets). For companies with larger trading books, this approach is no longer an option.
The Basel IV framework introduces a new approach to calculating the capital requirements for Operational risk – the standardised approach which is to replace all existing operational risk models. This means that under CRR 3, the Basic Indicator Approach, the Advanced Measurement Approach (a variant of Internal model) and the old Standardised Approach will no longer be used with no substitution for internal models.
This is convenient for the regulator because it makes the operational modelling of all institutions quite comparable. However, great care was taken when constructing the new standardised model requirements to make sure they could adequately accommodate to multiple different business models.
Under the Basel standards, the capital requirements for new operational risk are given by the Business Indicator component multiplied by the Internal risk Multiplier. The business indicator component is composed of:
multiplied by a percentage that is dependent on the size of the business indicator 12% for a bucket of up to 1B EUR, 15% for the bucket above 1B but below 30B EUR and 18% for anything above 30B EUR. As the business indicator is based on P&L, it is stable and aligned across multiple business models. Notably, the banks with higher interest margins are not facing punitive capital requirements.
The Internal loss multiplier should adjust the baseline capital requirements to the operational loss experience of the bank. It is calculated using historical Operational losses of the bank. CRR 3 however makes a surprising use of an exemption primarily envisioned for less developed countries and removes the ILM from the requirements altogether. The capital requirements for operational risk are given by the Business Indicator Component only. This may help some of the EU banks with shaky history.
Additionally, some smaller size banks may be further exempted from additional Operational-risk related regulatory burdens by their national supervisors.
The banks that elect to use the internal model for calculating their risk requirements – subject to all limitations, also need to re-calculate all the requirements using the standardised approach. This is because CRR 3 does not allow the overall capital requirements calculated under the IRB to ultimately go below 72.5% of what they would have been if they had been calculated using standardised approaches.
On the one hand, this limits the benefit of the use of the internal models. On the other hand, it imposes significantly greater modelling costs on the Internal Approach by institutions. The impact of these costs is that much harder because, under the new framework, both internal models and Standardised approaches are already significantly more complex to calculate.
Whilst this requirement is still not as strict as the output floor imposed on the major institutions in the US, it could be argued that the output floors by themselves may be the most fundamental alteration of the capital requirements since Basel II.
The European Regulators are aware that the output floor requirements will be difficult to meet. Therefore, they introduce the transitional provisions that define the output floor at 50% in 2025 and gradually increase year by year all the way to 72.5% by 2030. Some additional provisions spread the impact on output floors for exposures to unrated companies, low-risk mortgages, and derivatives over 8 years to 2033. New treatments of equity exposures and unconditionally cancellable commitments also get a special treatment.
CRR 3 introduces a big change to the European Banking industry. The combination of changes to the credit risk (which is the main risk driver in the EU), and output floor will be particularly strongly felt across the EU.
The new requirements are computationally difficult and institutionally challenging. They require a variety of tools and data, all of which will be costly. The additional burdens placed on the internal modelling together with the limitations imposed on its benefits via output floors as well as the fact that the internal approach is not even allowed to be used in some cases, will all likely result in institutions flocking into the Standardised Approaches. The Regulator does foresee that this will happen and already has provisions to facilitate the transfers from internal to standardised approaches.
However, the complexity of the standardised approaches has also increased considerably which will place a burden on smaller institutions particularly, although some provisions exist to help them.
However, it is not all doom and gloom. The institutions have already been privy to the Basel IV requirements as of December 2017. In this context, the proposal of CRR 3 brings both an air of certainty regarding the future regulatory landscape, and relief because, difficult though it may be, it does carry a lot of simplifications, particularly for smaller institutions, compared to Basel IV. It is also marginally less strict in terms of capital impact.
As in any challenge, there could be an opportunity. Although the new standards are computationally challenging and although they will on average lead to an increase in capital, they will also be more sensitive to risk and respond better to hedging. Previously in the EU, hedging did not provide a particularly favourable capital treatment and therefore was perhaps exploited to a lesser degree then possible under the new CRR 3 framework. Its introduction may well lead to the introduction of some new hedging strategies that will result in smaller risk, which will in turn be reflected in capital requirements.
Originally, Basel IV was supposed to be implemented by 2022, but the COVID pandemic has shifted the Basel deadline to 2023. It was expected that the EU would implement the reforms traditionally late, perhaps in 2024. However, when the standards came out, we were still a little bit surprised by the implementation deadline, which is 1st January 2025, with some provisions only to be implemented in 2030’s. Indeed, this is another way that the European Regulators are trying to make the standards more bearable for the EU institutions – by giving them more time to apply.