Читать книгу Non-financial Risk Management in the Financial Industry - Группа авторов - Страница 109

For each risk indicator, different tolerance levels are defined, with the aim of providing straightforward, actionable guidance on how to evaluate the current situation – i.e. whether observed performance is ordinary or whether it is a symptom of emerging anomalies. The definition of thresholds at KRI level addresses the mandate expressed by the regulator, as risk limits are expected to be specific, measurable and reportable.[10]

As a matter of fact, RAFs bridge risk prioritisation coming from risk assessments (i.e. specific areas of focus) with operational KRI-based reporting and specific thresholds to activate remedial actions.

The process is usually articulated in the following three steps:

 Historical data analysisThe core of threshold setting, in line with regulator’s recommendations to “avoid defining limits only based on market references or existing regulatory limits.”[11]

 Fine-tuning through peers’ benchmarking and back-testingMostly used to identify potential adjustments to the thresholds defined through the historical data analysis.

 Expert judgementThresholds identified are typically refined based on expert insights, which embed, for example, market practice, regulatory guidance, relevant changes in the business model.

Given possible deficiencies in the internal data sources available (e.g. limited sample with few data points, high variability in distribution with large difference between minimum and maximum values for a given risk), financial institutions may decide to run simulations, to compare and identify the most suitable and robust methodology to apply.

Pragmatic examples of these three steps are provided below.