OSFI Supervisory Framework Flashcards
What does OSFI’s Supervisory Framework(SW) describe?
Describes principles, concepts, and core process OSFI uses to guide its supervision of federally regulated financial institutions (FRFI)
What 3 primary changes were addressed in the updated SW?
1 - Changes in nature of understanding risk and risk management
2 - Changes evolving in Canadian international standards
3 - Changes in FI
In terms of international expectations, what Principles has OSFI adopted for FRFI?
- Basel Committee on Banking Supervision’s “Core Principles for Effective Banking Supervision”
- International Association of Insurance Supervisors’ “Insurance Core Principles and Methodology”.
Why does OSFI rely on the work of others?
- Reduce scope of work
- Minimize duplication of effort
External sources of work potentially useful:
• Work of external auditor
• Work of AA
• Work of FRFI’s oversight functions: Risk Management, Compliance, Financial, Actuarial, Internal Audit, Board, SM
Other external sources include rating agencies, industry groups, domestic/international organizations, consultants.
Identify the Key principles of OSFI’s Framework
- Focus on material risks
- Forward-looking, early Intervention
- Sound predictive judgment
- Understanding the drivers of risk
- Differentiate inherent risks and risk management
- Dynamic adjustment
- Assessment of the whole Institution
Define Inherent risk
Define Material loss
Define Significant activity
Inherent risk: Probability of material loss due to exposure to, and uncertainty arising from, current and potential future events
Material loss: Loss or combination of losses that could impair adequacy of capital of a FRFI such that there is potential for loss to depositors or PH
Significant activity: is a LOB, unit or process that is fundamental to the FRFI’s business model and its ability to meet its overall business objectives. Judgment is used in selecting significant activities, and can be based on quantitative or qualitative reasons
Identify OSFI Main categories of risk.
What are the possible assessment rating levels assigned to each inherent risk category?
What kind of risk is not included separately, but is an important consequence of other category risks?
- Credit risk
- Market risk
- Insurance risk
- Operational risk
- Regulatory compliance risk
- Strategic risk
- (Reputational risk)
Low, Moderate(Average) , Above Average, and High
*** Probability of a material loss
When does Credit Risk arise?
Counterparty’s potential inability or unwillingness to fully meet contractual obligations.
Components include:
• Loan loss/principal risk
• Pre-settlement/replacement risk
• Settlement risk
Counterparties include:
• Issuers, Debtors, Borrowers, Brokers, PH, Re, Guarantors
When does Market Risk arise?
Potential changes in market rates, prices or liquidity in various markets such as interest rates, credit, foreign exchange, equities, and commodities
When does Insurance Risk?
Potential for claims or payouts to be made to PH or beneficiaries
Incl. uncertainties around ultimate amount of net CF from:
• Premiums, commissions, claims, payouts, settlement expenses
• Timing of receipt and payment of CF
• PH behaviour (e.g. lapses)
When does Operational Risk?
Potential problems due to:
• Inadequate/failed internal process, people and systems
• External events
• Includes legal risk, potential unfavourable legal proceedings
When does Regulatory Compliance Risk arise?
Potential of FRFI not complying with rules and regulations in its jurisdictions
When does Strategic Risk arise?
Inability to implement appropriate business plans and strategies, make decisions, allocate resources
Identify and describe the Levels of Quality of Risk Management (QRM)
1 - Operational Management
• Manages all activity’s inherent risks on a daily basis
• Identify potential loss and place adequate controls
2 - Oversight Functions(OF)
• Provide independent, enterprise-wide oversight of operational management
• OF in an FRFI: Risk Management, Compliance, Financial, Actuarial, Internal Audit, Board, SM
What Levels of assessments can be applied to operational management, OF, and overall rating?
What levels of Direction of Quality of OF are possible?
Strong, Acceptable, Needs Improvement, Weak
DQOF: Improving, Stable, Deteriorating
What is Net Risk?
What are the different assessment levels?
What are the different direction levels?
Net risk is inherent risk after mitigation by Quality of Risk Management for each activity
Levels: Low, Moderate, Above Average, High
Direction levels: Decreasing, Stable, Increasing
Discuss the importance and Overall Net Risk(ONR)
Importance of the net risk of the significant activity is a judgment of its contribution to the overall risk profile of the FRFI. Classified as low, medium or high.
Net risks are then combined to arrive at ONR
• ONR: assessment of the potential adverse impact that the significant activities of the FRFI collectively could have on the earnings performance and adequacy of the capital
• ONR is rated (low, moderate, above average, high) and direction is assessed
Identify and describe 3 financial measures that are assessed in OSFI’s Framework.
1 - Earnings: Quality, quantity and consistency as a source of internally-generated capital
• Important to long-term viability
2 - Capital: Appropriateness of level and quality both at present/prospectively and under normal/stress condition:
• Critical for overall safety and soundness
• Higher ONR: Expect to maintain higher level of capital and stronger capital management process
3 - Liquidity:
• Critical for overall safety and soundness
• Potential inability to obtain the necessary funds to meet its on/off-balance sheet obligations as they come due
What is a Risk matrix and a Composite Risk Rating (CRR)?
- Risk matrix: holistic risk assessment (record all assessments): lead to CRR
- CRR is assessment of risk profile after considering the assessments of its earnings and capital in relation to the ONR from its significant activities, and the assessment of its liquidity
Identify and describe the Steps in The Core Supervisory Process
- Planning SW
- Executing SW and updating risk profile
- Reporting and intervention
Briefly describe Planning SW step
- Identifies SW necessary to keep FRFI risk profile current
- SW for each significant activity is planned and prioritized after considering the net risk assessment of the activity (inherent risk, QRM) need to update OSFI and importance of activity
- Same for oversight functions
Briefly describe Executing SW and updating risk profile step
• Continuum of SW:
a. Monitoring (regular review of info)
b. On/Off-site reviews
c. Testing (stress-testing on environmental factors)
d. Comparison with benchmarks
• As SW is conducted, RM updates overall risk profile
Briefly describe Reporting and intervention step
• To FRFI
a. RM (OSFI) write Supervisory Letter to CEO
b. Summarizes key findings and recommendations
c. Need to be provided to AA and external auditor
d. Issued 45 days after review and FRFI must respond in 30 days
- Regulators: Provincial regulators, Canada Deposit Insurance Corporation (CDIC)
- FI supervisory committee (FISC) and senior advisory committee (SAC)
- Minister of finance
List the Finance (Oversight function) responsibilities
- Financial analysis and highlight matters requiring rectifications
- Effective financial reporting system
List the Compliance (Oversight function) responsibilities
- Policies and procedures for compliance
- Monitoring compliance with these policies
- Reports to SM and Board
List the Actuarial (Oversight function) responsibilities
- Design, pricing and valuation of insurance product
- Reasonableness of provisions for policy liabilities
- Review models to determine exposure and adequacy of Re programs to mitigate these exposure
- Reports to SM and Board
List the RM (Oversight function) responsibilities
- Identify enterprise-wide risks
- Develop models for measuring risks
- Establish policies and procedures to manage risks
- Reports to SM and Board
List the Internal Audit (Oversight function) responsibilities
- Reports to SM and Board
* assess and effectiveness of operational controls and oversight
List the SM (Oversight function) responsibilities
- Develop business models and associated objectives
- Develop sound corporate governance practices, ethics
- Keep Board informed
List the Board (Oversight function) responsibilities
- Guiding, reviewing and approving business models and associated objectives
- Ensuring SM is qualified and competent
- Ensuring principal risks are identified and managed
