Response to consultation on draft Regulatory Technical Standards on assessment methodologies for the Advanced Measurement Approaches for operational risk

Go back

Q2: Do you support the treatment under an AMA regulatory capital of fraud events in the credit area, as envisaged in Article 6? Do you support the phase-in approach for its implementation as set out in Article 48?

UniCredit Group supports the purpose to add in AMA regulatory capital the treatment of fraud events in the credit area.
Nevertheless we would like to emphasize that categorising losses due to fraud in the credit space as operational risk losses will require the active support of the credit risk management functions; it is also evident that such rules should also be included within the Regulatory Guidelines on Credit Risk.
Due to the impact that the treatment would have on the operational risk and credit management areas and on the IT systems of the Group, we submit our request to review the delivery of phase-in approach for its implementation.
In order to understand correctly the new provisions, we hereafter submit to your attention some doubts and some questions.

Art 6(2) (a), 6(2) (b)
We do appreciate the efforts for clarifying the boundary between credit and operational risks. Nevertheless we would need some more clarifications on the criteria to adopt for the correct identification of the fraudulent use of credit funds.
Consider, for example, a customer with three loans paid out in three different years, one after another. Faked financial statements were given in the last year/for the last loan only. Which loss amount of operational risk should be recorded? What is the pure credit risk? The total outstanding amount of the customer related solely to the third loan? How to handle back payments/returns on collaterals? LLP of the customer or LLP of the single loan?

Article 6, 2 (c) (d) (e), Article 6, 2 (a) (b)
We find extremely challenging the different treatment of the credit position in case of frauds, based on the identity of the customer.
The treatment of this category of events could be very time consuming if applied also on the current “open credit positions” of the Bank, as it would be not easily feasible to analyze all the credit transactions already in place. It would require knowledge of the whole cycle of life of each product/position that could be difficult to perform on products/position negotiated/opened in the past.

Art 6 (3)
The required adjustment is extremely challenging as the threshold adopted for the pure operational risk losses is very low and not applicable to frauds events in credit related losses. For this reason we would like to keep the thresholds separated for the two loss categories. We propose to apply a reference that different thresholds on internal data can be applied within the AMA model.

We fully agree to having a phase in approach for the implementation. In order to make a feasible working plan with reachable deliveries, we however suggest the extension of the proposed timelines.

Q3: Do you support the collection of ’opportunity costs/loss revenues‘ and internal costs at least for managerial purposes, as envisaged in Article 7(2)?

We agree that the identification and analysis of “opportunity costs / lost revenues” as well as of “internal costs such as overtime and bonuses” resulting out of operational risk events may provide valuable information for managerial purposes. However, we believe that the inclusion of opportunity costs and internal costs in the scope of operational risk data collection as a compulsory element could be very challenging, mainly due to the difficulties on their identification and, quantification. In our opinion, we would suggest that the provision should be rather formulated as an option to collect opportunity cost, lost revenues and internal costs in cases where it is deemed relevant by an institution an institution-internally defined threshold.

Q4: Do you support the items in the lists of operational risk events in Articles 4, 5 and 6, and the items in the list of operational risk loss in Article 7? Or should more items be included in any of these lists?

We consider the list as complete.

Q5. Do you support that the dependence structure between operational risk events cannot be based on Gaussian or Normal-like distributions, as envisaged in Article 26 (3)? If not, how could it be ensured that correlations and dependencies are well-captured?

We support that the dependence structure between operational risk events cannot be based on Normal-like distributions (e.g. imposing a cap to 5 on degrees of freedom of Student-t copula) , unless it is feasible to provide strong evidences based on empirical data that the Normal-like distributions are acceptable.

Q6: Do you support the use of the operational risk measurement system not only for the calculation of the AMA regulatory capital but also for the purposes of internal capital adequacy assessment, as envisaged in Article (42)(d)?

We support the use of the operational risk measurement system not only for the calculation of the AMA regulatory capital but also for the purposes of internal capital adequacy assessment. In UniCredit Group, the operational risk measurement system is already used for both AMA regulatory capital and internal capital adequacy assessment.

Upload files

Name of organisation

Unicredit Group