Banking - Q1 2022

Generally, we have observed that firms are still very busy in achieving compliance with IFPR and many areas are still WIP – especially around compiling the Internal Capital and Risk Assessment (ICARA).

If you and/ or your colleagues have any relevant questions on ICARA or the IFPR process, please let us know by emailing regulatoryaffairs@mazars.co.uk.

There have been several new updates issued by the Bank of England and the Prudential Regulation Authority (PRA) on areas of focus for regulated banks in the UK. The first and foremost being the publication of their supervisory priorities for 2022, aimed at international banks and deposit takers operating in the UK. Here is a list in a nutshell.

Regulatory reporting

The PRA has reinforced the focus that firms should have on regulatory reporting. Adding on from the September 2021 Dear CEO letter, the PRA has emphasized that firms must take steps to ensure the quality of their controls, governance, and data. Specifically, for deposit takers, the PRA continues to remain disappointed with the quality of firms’ returns; and has reiterated that correcting this issue should be a priority for firms.

• What management should consider: Firms should be clear on how they can demonstrate their conformity to the PRA’s direction to banks on the data, controls and governance aspects of regulatory reporting. Failure to prioritise this could lead to expensive s166 reviews, and judging from the PRA’s messaging on this matter over the last few months, we expect there to be a number of such reviews to be commissioned this year. More on this matter here.

Climate change

The PRA has noted that some firms have a long way to go in terms of implementing the provisions of Supervisory Statement 3/19 (SS3/19); and firms must be able to demonstrate compliance with it – especially deposit takers. The overarching message for branches and subsidiaries of international banks is to apply the SS3/19 requirements proportionately, to ensure sound risk management framework.

• What management should consider: Firms should undertake an internal review to assess their compliance with the provisions of the SS3/19 as we expect the PRA be intrusive in their assessment of firms’ progress on this matter.

Operational risk and resilience

The PRA has warned that firms should be mindful of operational risks crystallising as staff return to work after the pandemic; and that firms should adopt the Prevent, Learn, Adapt and Respond framework to cope with such disruptions.

• What management should consider: Firms should ensure that their approach to managing operational risk clearly demonstrates how this framework is implemented and not only rely on existing frameworks such as Business Continuity Planning and general Operational Risk Management frameworks.

Risk-free rate transition

Whilst the end-of-2021 transition was successful, both the PRA and FCA are set to closely monitor firms’ progress on the ongoing transition of London Interbank Offered Rate (LIBOR) contracts.

• What management should consider: With the expectation that the regulator will closely “monitor” progress, firms should ensure that their reporting/MI on LIBOR transition is being regularly produced to a high standard and is available to be promptly sent to the regulator.

Finance resilience

The PRA hinted at the need for firms to focus on their risk management frameworks (RMF) – specifically on the impact of withdrawal of government support; digitalisation; and lessons learned from the default of Archegos Capital Management.

• What management should consider: Firms – especially those that are Category one, two or three – should ensure that the relevant sections of their RMFs can be neatly linked to liquidity risks arising from the withdrawal of government support, business strategy (specifically cyber risks, and operational risks due to innovation and the use of technology) and oversight of counterparty credit risks.

Diversity and inclusion

In perhaps the clearest message on this matter from the PRA thus far, the regulator has stated that firms must challenge themselves on how they can improve diversity across all levels of the organisation.

• What management should consider: Firms should get ahead of the curve and undertake an internal review of Diversity & Inclusion although it is not a regulatory requirement, yet. Some major banks have already started taking strides towards this.

Credit risk and model (for deposit takers only)

Thematic reviews on lending by SME banks are imminent; and the PRA has reinstated that firms should focus on remediating weaknesses in the development, testing, validation, change management and governance of their internal models.

• What management should consider: Firms should visit the Dear CFO letter from 2021 where the PRA covered their expectations on model risk, in detail. Given the repetition in the PRA’s messaging on this matter over the last few months, firms should formally review the maturity of their internal models’ operating environment.

Other notable developments

The PRA has published a paper outlining the industry’s responses on its discussion about the forthcoming strong and simple regime. We summarised our thoughts on this publication here. There are no immediate steps that management needs to take.

There have also been some changes to the Remuneration rules that apply to firms. The biggest changes have been in the criteria for identifying Material Risk Takers (MRTs) in firms. The PRA has reinforced its messaging on strengthening individual accountability in firms, and now requires an uptick in the qualitative approach to identification and treatment of MRTs from 2022 onwards.

• What management should consider: Firms will need to ensure that their approach to identifying MRTs is in line with the new expectations, and where firms are planning on using the flexibility afforded by the PRA to relax any pre-existing elements of their remuneration protocols – their impact on individual accountability and overall risk culture should be assessed and documented.

We also published an article on changes to regulatory reporting that will apply from 1 January 2022.

• What management should consider: Firms must ensure that they are using the correct/updated templates for their regulatory reporting.