OSFI Supervisory Framework

Question 1

What does OSFI’s Supervisory Framework(SW) describe?

Answer 1

Describes principles, concepts, and core process OSFI uses to guide its supervision of federally regulated financial institutions (FRFI)

Question 2

What 3 primary changes were addressed in the updated SW?

Answer 2

1 - Changes in nature of understanding risk and risk management
2 - Changes evolving in Canadian international standards
3 - Changes in FI

Question 3

In terms of international expectations, what Principles has OSFI adopted for FRFI?

Answer 3

• Basel Committee on Banking Supervision’s “Core Principles for Effective Banking Supervision”
• International Association of Insurance Supervisors’ “Insurance Core Principles and Methodology”.

Question 4

Why does OSFI rely on the work of others?

Answer 4

• Reduce scope of work
• Minimize duplication of effort

External sources of work potentially useful:
• Work of external auditor
• Work of AA
• Work of FRFI’s oversight functions: Risk Management, Compliance, Financial, Actuarial, Internal Audit, Board, SM

Other external sources include rating agencies, industry groups, domestic/international organizations, consultants.

Question 5

Identify the Key principles of OSFI’s Framework

Answer 5

• Focus on material risks
• Forward-looking, early Intervention
• Sound predictive judgment
• Understanding the drivers of risk
• Differentiate inherent risks and risk management
• Dynamic adjustment
• Assessment of the whole Institution

Question 6

Define Inherent risk
Define Material loss
Define Significant activity

Answer 6

Inherent risk: Probability of material loss due to exposure to, and uncertainty arising from, current and potential future events

Material loss: Loss or combination of losses that could impair adequacy of capital of a FRFI such that there is potential for loss to depositors or PH

Significant activity: is a LOB, unit or process that is fundamental to the FRFI’s business model and its ability to meet its overall business objectives. Judgment is used in selecting significant activities, and can be based on quantitative or qualitative reasons

Question 7

Identify OSFI Main categories of risk.
What are the possible assessment rating levels assigned to each inherent risk category?
What kind of risk is not included separately, but is an important consequence of other category risks?

Answer 7

• Credit risk
• Market risk
• Insurance risk
• Operational risk
• Regulatory compliance risk
• Strategic risk
• (Reputational risk)

Low, Moderate(Average) , Above Average, and High
*** Probability of a material loss

Question 8

When does Credit Risk arise?

Answer 8

Counterparty’s potential inability or unwillingness to fully meet contractual obligations.

Components include:
• Loan loss/principal risk
• Pre-settlement/replacement risk
• Settlement risk

Counterparties include:
• Issuers, Debtors, Borrowers, Brokers, PH, Re, Guarantors

Question 9

When does Market Risk arise?

Answer 9

Potential changes in market rates, prices or liquidity in various markets such as interest rates, credit, foreign exchange, equities, and commodities

Question 10

When does Insurance Risk?

Answer 10

Potential for claims or payouts to be made to PH or beneficiaries

Incl. uncertainties around ultimate amount of net CF from:
• Premiums, commissions, claims, payouts, settlement expenses
• Timing of receipt and payment of CF
• PH behaviour (e.g. lapses)

Question 11

When does Operational Risk?

Answer 11

Potential problems due to:
• Inadequate/failed internal process, people and systems
• External events
• Includes legal risk, potential unfavourable legal proceedings

Question 12

When does Regulatory Compliance Risk arise?

Answer 12

Potential of FRFI not complying with rules and regulations in its jurisdictions

Question 13

When does Strategic Risk arise?

Answer 13

Inability to implement appropriate business plans and strategies, make decisions, allocate resources

Question 14

Identify and describe the Levels of Quality of Risk Management (QRM)

Answer 14

1 - Operational Management
• Manages all activity’s inherent risks on a daily basis
• Identify potential loss and place adequate controls

2 - Oversight Functions(OF)
• Provide independent, enterprise-wide oversight of operational management
• OF in an FRFI: Risk Management, Compliance, Financial, Actuarial, Internal Audit, Board, SM

Question 15

What Levels of assessments can be applied to operational management, OF, and overall rating?
What levels of Direction of Quality of OF are possible?

Answer 15

Strong, Acceptable, Needs Improvement, Weak

DQOF: Improving, Stable, Deteriorating

Question 16

What is Net Risk?
What are the different assessment levels?
What are the different direction levels?

Answer 16

Net risk is inherent risk after mitigation by Quality of Risk Management for each activity

Levels: Low, Moderate, Above Average, High
Direction levels: Decreasing, Stable, Increasing

Question 17

Discuss the importance and Overall Net Risk(ONR)

Answer 17

Importance of the net risk of the significant activity is a judgment of its contribution to the overall risk profile of the FRFI. Classified as low, medium or high.

Net risks are then combined to arrive at ONR
• ONR: assessment of the potential adverse impact that the significant activities of the FRFI collectively could have on the earnings performance and adequacy of the capital
• ONR is rated (low, moderate, above average, high) and direction is assessed

Question 18

Identify and describe 3 financial measures that are assessed in OSFI’s Framework.

Answer 18

1 - Earnings: Quality, quantity and consistency as a source of internally-generated capital
• Important to long-term viability

2 - Capital: Appropriateness of level and quality both at present/prospectively and under normal/stress condition:
• Critical for overall safety and soundness
• Higher ONR: Expect to maintain higher level of capital and stronger capital management process

3 - Liquidity:
• Critical for overall safety and soundness
• Potential inability to obtain the necessary funds to meet its on/off-balance sheet obligations as they come due

Question 19

What is a Risk matrix and a Composite Risk Rating (CRR)?

Answer 19

• Risk matrix: holistic risk assessment (record all assessments): lead to CRR
• CRR is assessment of risk profile after considering the assessments of its earnings and capital in relation to the ONR from its significant activities, and the assessment of its liquidity

Question 20

Identify and describe the Steps in The Core Supervisory Process

Answer 20

• Planning SW
• Executing SW and updating risk profile
• Reporting and intervention

Question 21

Briefly describe Planning SW step

Answer 21

• Identifies SW necessary to keep FRFI risk profile current
• SW for each significant activity is planned and prioritized after considering the net risk assessment of the activity (inherent risk, QRM) need to update OSFI and importance of activity
• Same for oversight functions

Question 22

Briefly describe Executing SW and updating risk profile step

Answer 22

• Continuum of SW:

a. Monitoring (regular review of info)
b. On/Off-site reviews
c. Testing (stress-testing on environmental factors)
d. Comparison with benchmarks

• As SW is conducted, RM updates overall risk profile

Question 23

Briefly describe Reporting and intervention step

Answer 23

• To FRFI

a. RM (OSFI) write Supervisory Letter to CEO
b. Summarizes key findings and recommendations
c. Need to be provided to AA and external auditor
d. Issued 45 days after review and FRFI must respond in 30 days

• Regulators: Provincial regulators, Canada Deposit Insurance Corporation (CDIC)
• FI supervisory committee (FISC) and senior advisory committee (SAC)
• Minister of finance

Question 24

List the Finance (Oversight function) responsibilities

Answer 24

• Financial analysis and highlight matters requiring rectifications
• Effective financial reporting system

Question 25

List the Compliance (Oversight function) responsibilities

Answer 25

• Policies and procedures for compliance
• Monitoring compliance with these policies
• Reports to SM and Board

Question 26

List the Actuarial (Oversight function) responsibilities

Answer 26

• Design, pricing and valuation of insurance product
• Reasonableness of provisions for policy liabilities
• Review models to determine exposure and adequacy of Re programs to mitigate these exposure
• Reports to SM and Board

Question 27

List the RM (Oversight function) responsibilities

Answer 27

• Identify enterprise-wide risks
• Develop models for measuring risks
• Establish policies and procedures to manage risks
• Reports to SM and Board

Question 28

List the Internal Audit (Oversight function) responsibilities

Answer 28

• Reports to SM and Board

* assess and effectiveness of operational controls and oversight

Question 29

List the SM (Oversight function) responsibilities

Answer 29

• Develop business models and associated objectives
• Develop sound corporate governance practices, ethics
• Keep Board informed

Question 30

List the Board (Oversight function) responsibilities

Answer 30

• Guiding, reviewing and approving business models and associated objectives
• Ensuring SM is qualified and competent
• Ensuring principal risks are identified and managed