Banks have to implement risk quantification methodologies that are robust, sufficiently stable, risk-sensitive and adequate for their individual circumstances (i.e. they are in line with their risk appetite, market expectations, business model, risk profile, size and complexity). They also need to apply a high level of conservatism to ensure appropriate consideration of tail events and any uncertainties arising from risk quantification methodologies and from the determination of projections. Key parameters in this respect are confidence levels, correlation and scenario assumptions.
Each bank has to establish, calibrate and maintain its risk quantification methodologies in alignment with its own risk appetite, and the stress scenarios also need to be tailored to the bank’s individual circumstances, risk profile, strategy and risk tolerance level. Vendor models are no exceptions either: understanding and adequately customising them remain the responsibility of the bank.
Instead of starting from scratch, banks may opt for complementing their existing rating models with climate scenarios and stochastic simulations. They can also adapt the parametrisation of their portfolio models to account for systematic economic effects through increased correlations and/or adjusted volatility parameters based on climate scenarios or representative stress events such as the current energy crisis. It is not necessary to start with very advanced models such as Climate Value-At-Risk, but the applied methodologies will likely mature in the future.
The ECB’s ICAAP Guide stresses that “risks are not expected to be excluded from the assessment because they are difficult to quantify or the relevant data are not available”, instead tailored approaches and expert judgements (together with appropriate proxies and estimations) need to be applied to compensate for the lack of data and/or sufficiently established methodologies. The risks which are difficult to quantify, such as various C&E risks, also have to be factored appropriately into all relevant risk management and control processes.