Last week the federal banking agencies released interagency supervisory guidance designed to create new, and higher, best practices for counterparty credit risk (CCR) management at banking organizations—including banks, bank holding companies, and U.S. branches and offices of foreign banks. As a result of the release, all banking organizations will need to review their existing policies and procedures against the new guidance. Although the guidance builds on existing standards, based on our work with a number of banking organizations in our global credit risk management practice, we believe that the guidance will require changes and upgrades for many organizations. Moreover, in our view, this guidance is the first of a number of regulatory pronouncements in the area of credit risk management that banking organizations should expect this summer and through the end of the year. For example, the final rules on credit exposure reports to significant companies under Section 165(d) of the Dodd-Frank Act are expected by August, proposed rules on the concentration limits for systemically important firms to counterparty credit exposure in Section 165(e) of the Dodd-Frank Act are expected sometime this summer, and finally, between now and the end of the year, the Federal Reserve and the other banking agencies are expected to clarify how and to what extent they propose to implement Basel III, including the CCR requirements under Basel III.
The guidance is generally applicable to all banking organizations, although it is targeted most directly to the largest dealers with significant derivatives portfolios and suggests that less complex organizations should be able to tailor the guidance to their risk profiles. We recommend that, as banking organizations review their current policies and procedures for compliance with the guidance, they also think ahead to these other anticipated regulatory developments and, to the extent possible based on what is currently known, develop an integrated approach to the operational, compliance and systems changes that will be required as a result of these developments. The following observations in this newsflash are designed to help that process and assume that the reader is already familiar with the contents of the guidance.
CCR and Credit Exposure Reports. The guidance suggests that banking organizations should formalize CCR exposure limits, monitor exposures against established thresholds, and maintain adequate information systems and risk controls to measure CCR and mitigate limit exceptions. Similar concerns about the timeliness and accuracy of exposure aggregation capabilities, adequate measurement of correlation risks, and the ability to monitor and manage counterparty exposure limits and concentration risks underlie both this supervisory guidance and the credit exposure reporting requirements for bank holding companies with total assets over $50 billion and systemically important nonbank financial companies under Section 165(d) of the Dodd-Frank Act.
Credit exposure reports will require the largest bank holding companies to be able to aggregate credit exposures to a significant company across the institution. Among other suggestions, the guidance recommends that banking organizations should measure, monitor and control CCR concentrations by legal entity and across the organization, as well as by business line, industry, and geographic region, and that banking organizations be able to view the various forms of exposures in a single report and/or system. This focus on legal entities is also found in the proposed rule on resolution plan requirements under Section 165(d) of the Dodd-Frank Act. As a result, it is possible that, for many banking organizations, the project management, gap analysis and systems upgrades required for credit exposure reports and living wills should be coordinated with the guidance and that changes should be approached holistically.
CCR and Concentration Limits. The Dodd-Frank Act also limits bank holding companies with total assets over $50 billion and systemically important nonbank financial companies from having credit exposure to any unaffiliated company that exceeds 25% of the capital stock and surplus of the company. That requirement, contained in Section 165(e) of the Dodd-Frank Act, is subject to rulemaking by the Federal Reserve, and proposed rules are expected to be issued sometime later this summer. Among the issues likely to be raised by the expected rulemaking is the extent to which the definitions of credit exposure under Section 165(e) and current exposure, as detailed in the supervisory guidance, are consistent.
CCR and Basel III. The guidance also reflects certain of the approaches to CCR exposures under Basel III, although implemented independently of any required regulatory capital calculations. It looks as if the banking agencies, regardless of how broadly or narrowly they expect to implement Basel III, have decided to extract some of the prudential ideas of Basel III on CCR management and turn them into broadly applicable guidance.
Intersection with Swaps Rules. The proposed rules previously issued by the joint federal banking agencies requiring covered swap entities to collect initial and variation margin stated that covered swap entities are not required to collect initial or variation margin from commercial end user counterparties as long as the covered swap entity’s exposure to the commercial end user is below credit exposure limits that have been established under appropriate credit processes and standards. The federal banking agencies have clarified that the issued guidance does not alter that position.
Specific Guidance Regarding Governance. The guidance sets forth some specific principles for governance and oversight of CCR, which may represent a change in practice for some firms.
- Senior management and the board of directors are responsible for setting risk tolerances for CCR; measuring, monitoring and controlling CCR exposures; and developing and implementing effective policies and procedures.
- Senior management and the board of directors are also responsible for ensuring that internal audit and risk management functions cover CCR.
- Senior management should receive comprehensive CCR exposure reports at least monthly.
Legal and Operational Risk Management. The guidance suggests that banking organizations should ensure proper control of, and access to, legal documentation and netting and collateral terms through automated processes and systems, and should conduct a review of the legal enforceability of collateral and netting agreements for all relevant jurisdictions at least annually. Netting should be reflected in risk management systems only if there is an internal or external written legal review that expresses a high level of confidence that such netting agreements are enforceable. The guidance also suggests that banking organizations establish sound margin policies and practices including, among other things, the establishment of internal guidelines for cross-product margining as well as procedures to monitor and report legal risks associated with commingling or rehypothecation of collateral posted by the institution, as well as rehypothecation of collateral received by the institution. We believe these requirements may be a change for some institutions.
Central Counterparty Exposures. Among the recommendations in the guidance is that banking organizations review at least annually central counterparties where exposures exist, including a due diligence evaluation of the central counterparty’s risk management framework.
 See Office of the Comptroller of the Currency, Federal Deposit Insurance Corporation, Board of Governors of the Federal Reserve System, Office of Thrift Supervision, Interagency Supervisory Guidance on Counterparty Credit Risk Management (June 29, 2011), available here.
 See Davis Polk, FDIC Releases Joint Notice of Proposed Rulemaking on Resolution Plans and Credit Exposure Reports (April 5, 2011), available here.
 See The Board of Governors of the Federal Reserve System, Regulatory Reform Milestones, Implementing the Dodd-Frank Act: The Federal Reserve Board’s Role, Initiatives Planned: July to September 2011, available here (last updated July 5, 2011).
 See Basel Committee on Banking Supervision, Basel III: A global regulatory framework for more resilient banks and banking systems (revised June 2011), available here.
 See Office of the Comptroller of the Currency, Board of Governors of the Federal Reserve System, Federal Deposit Insurance Corporation, Farm Credit Administration, Federal Housing Finance Agency, Notice of Proposed Rulemaking, Margin and Capital Requirements for Covered Swap Entities, 76 Federal Register 91, at 27564 (May 11, 2011), available here.