On May 14 , the Federal Reserve Board, Office of the Comptroller of the Currency, and the Federal Deposit Insurance Corporation jointly issued guidance for stress testing by banking institutions with more than $10 billion in assets.
The guidelines issued by these banking regulators do not implement stress testing requirements in either the Dodd-Frank Act or the Federal Reserve Board's capital plan rule. Those requirements will be implemented as separate proposals by the respective agencies.
Among the best practices highlighted in the new guidance:
- A banking organization should ensure that the stress testing framework is not isolated within its risk management function, but is firmly integrated into business lines, capital, and asset-liability committees, and other decision-making bodies. The board of directors and senior management should play key roles in ensuring strong governance and controls.
- As part of their overall responsibilities, a bank's board and senior management should establish a comprehensive, integrated, and effective stress testing framework that fits into the broader risk management of the organization. While the board is ultimately responsible for ensuring an effective stress testing framework, senior management will generally have responsibility for implementing it.
- Senior management duties should include establishing adequate policies, ensuring compliance, assigning competent staff, overseeing stress test development and implementation, evaluating results, and taking prompt remedial action where necessary.
- Senior management, directly and through relevant committees, should be responsible for regularly reporting to the board on stress testing developments (including the process to design tests and develop scenarios) and results, as well as on compliance with stress testing policy. Board members should actively evaluate and discuss this information, ensuring that the framework is in line with the risk appetite, overall strategy, and contingency plans.
- The banking organization should have written policies, approved and annually reviewed by the board, that direct and govern the implementation of the stress testing framework. Policies, and the procedures to implement them, should describe the overall purpose of these activities; indicate roles and responsibilities; describe the frequency and priority with which stress testing is conducted; indicate how results are used and outline instances in which remedial actions should be taken. Tests should be reviewed and updated as necessary to ensure they are kept up-to-date with changes in market conditions and industry practices, as well as the bank's products, strategies, risk appetite, exposures, and activities.
- A stress testing framework should include, but not be limited to, augmenting risk identification and measurement; estimating business line revenues and losses and informing business line strategies; identifying vulnerabilities and assessing the potential impact; assessing capital adequacy and enhancing capital planning; assessing liquidity adequacy and informing contingency funding plans; contributing to strategic planning; enabling senior management to better integrate strategy, risk management, and capital and liquidity planning decisions; and assisting with recovery and resolution planning.
- In addition to routine tests, organizations should have the flexibility to conduct new ad hoc stress tests in a timely manner to address rapidly emerging risks.
- “Scenario analysis”—in which historical or hypothetical scenarios assess the impact of various events and situations—should include operational, reputation, and legal risks. It should account for known shortcomings of other risk-measurement practices. For example, market risk value-at-risk (VaR) models generally assume liquid markets with known prices. And scenario analysis could shed light on the effects of a breakdown in liquidity and of valuation difficulties.
- Scenario design for “enterprise-wide stress testing” involves hypothesizing macroeconomic, market-wide, and/or firm-specific events that affect the organization as a whole. These scenarios should incorporate the potential simultaneous occurrence of both firm-specific and macroeconomic and market-wide events, considering system wide interactions and feedback effects. For example, price shocks may lead to significant portfolio losses, rising funding gaps, a ratings downgrade, and diminished access to funding.
- It is advisable to consult with a large set of individuals within the banking organization—in various business lines, research, and risk areas—to gain a wide perspective on how enterprise-wide scenarios should be designed. At least some scenarios should be of sufficient severity to challenge the viability of the banking organization and should include instantaneous market shocks and stressful periods of extended duration (not just a one- or two-quarter shock after which conditions return to normal).