Main
>
Legal Framework
>
5.1. Credit Risk Management – Systems and Controls
FINANCIAL SERVICES LEGISLATION
RULES
BANKING BUSINESS PRUDENTIAL RULES
Initial and ongoing capital requirements
CHAPTER 5. Credit Risk and Concentration Risk
Part I. Credit Risk
5.1. Credit Risk Management – Systems and Controls
5.2. Role of Governing Body—Credit Risk
5.3. Classification of Credit exposures
5.4. Problem Assets and Impaired Assets
5.5. Using ratings from External Credit Rating Agencies (ECRAs)
5.6. Calculation of Risk-Weighted Assets (RWAs)
5.7. Calculation of RWAs – for On-Balance Sheet Exposures
5.8. Specialised lending
5.9. Risk-weights for unsecured part of claim that is past due for more than 90 days
5.10. Calculation of RWAs – for Off-Balance Sheet Exposures
5.11. Credit equivalent amounts for market-related items
5.12. Calculation of credit equivalent amounts
5.13. Policies—foreign exchange rollovers
Credit Risk Mitigation
5.14 Requirements—Credit Risk Mitigation techniques
5.15. Standard haircuts for Credit Risk Mitigation calculations
5.16. Collateral
5.17. Eligible financial collateral
5.18. Guarantees
5.19 Credit derivatives
5.20. Netting agreements
Part II Concentration risk and related matters
Entire Act

5.1. Credit Risk Management – Systems and Controls

(1) A Bank must implement and maintain comprehensive Credit Risk management systems and controls which:

  1. (a) are appropriate to the Bank’s type, scope, complexity and scale of operations;
  2. (b) enable the Bank to effectively identify, assess, monitor, mitigate and control Credit Risk and to ensure that adequate Capital is available to support the Credit Risk exposures assumed; and
  3. (c) ensure effective implementation of the Credit Risk strategy and policy.

(2) A Bank must:

  1. (a) identify, assess, monitor, mitigate and, control its Credit Risk; and
  2. (b) implement and maintain a prudent Credit Risk management policy which enables it to identify, assess, monitor, control and mitigate its Credit Risk.

(3) The Credit Risk management policy must:

  1. (a) be documented and approved by its governing body;
  2. (b) include the Bank’s risk appetite for Credit Risk;
  3. (c) be appropriate to the nature, scale and complexity of its activities and for its risk profile;
  4. (d) must establish procedures, systems, processes, controls and approaches to identify, measure, evaluate, manage and control or mitigate its Credit Risk and to ensure the integrity of its Credit Risk management;
  5. (e) must set out the organizational structure, and must define the responsibilities and roles, for managing Credit Risk;
  6. (f) ensure that its risk management framework including but not limited to tools, methodologies and, systems enable it to implement its Credit Risk management policy; and
  7. (g) be reviewed and updated at a reasonable frequency, but at least on an annual basis.

(4) A Bank’s Credit Risk management policy must establish:

  1. (a) a well-documented and effectively-implemented process for assuming Credit Risk that does not rely unduly on external credit assessments;
  2. (b) well-defined criteria for approving credit (including prudent underwriting standards), and renewing, refinancing and restructuringexisting credit;
  3. (c) a process for identifying the approving authority for credit, given its size and complexity;
  4. (d) effective Credit Risk administration, including:
  5. (i) regular analysis of counterparties’ ability and willingness to repay; and

(ii) monitoring of documents, legal covenants, contractual requirements, and collateral and other Credit Risk Mitigation techniques;

  1. (e) effective systems for the accurate and timely identification, measurement, evaluation, management and control or mitigation of Credit Risk, and reporting to the Bank’s Governing Body and senior management;
  2. (f) prudent and appropriate credit limits that are consistent with the Bank’s risk tolerance, risk profile and capital;
  3. (g) provide for process and criteria for identification and recognition of problem assets as well as systems for measurement and reporting of problem assets;
  4. (h) the criteria and responsibility for Credit Risk reporting, and the scope, manner and frequency of reporting, to the Governing Body or a committee of the governing body;
  5. (i) establish, and must provide for the regular review of, the Bank’s Credit Risk tolerance and credit exposure limits to control credit exposures of the Bank;
  6. (j) procedures for tracking and reporting exceptions to credit limits and deviations from Credit Risk management policies; and
  7. (k) effective controls for the quality, reliability and relevance of data and validation procedures. Note Guidance in respect of the contents of a Bank’s Credit Risk management policy which is required to satisfy the regulatory requirement in the Rule 5.1 is provided in Chapter 5 of the BPG issued by the AFSA.

(5) A Bank’s Credit Risk management policy must ensure that credit decisions are free of conflicts of interest and are made on an arm’s-length basis. In particular, the credit approval and credit review functions must be independent of the credit initiation function.

(6) A Bank’s Credit Risk management policy must provide for monitoring the total indebtedness of each counterparty and any risk factors that might result in default (including any significant unhedged foreign exchange risk).

(7) A Bank must give the AFSA full access to information about its credit portfolio. The Bank must also give the AFSA access to staff involved in assuming, managing, controlling and reporting on Credit Risk.

(8) The Credit Risk management policy must enable the Bank to carry out stress-tests on its credit portfolio at intervals appropriate for the nature, scale and complexity of the Bank’s business and using various scenarios based on appropriate assumptions. The policy must take into account the Bank’s Credit Risk profile (including on-balance-sheet and off-balance-sheet exposures) and tolerance in the context of the markets and macroeconomic conditions in which the Bank operates. The Bank’s Credit Risk stress testing must include procedures to make any changes to its Credit Risk management framework based on the results from the stress testing. Note Guidance in respect of a Bank’s policies for Credit Risk assessment which is required to satisfy the regulatory requirement in the Rule 5.1 is provided in paragraphs 10 and 11 of Chapter 5 of the BPG issued by the AFSA.