Stefano Corsaro

Laureato in Relazioni Internazionali presso la LUISS Guido Carli di Roma, nel corso della sua carriera universitaria ha maturato un’esperienza di studio presso la University of British Columbia (UBC), in Canada. In passato, ha collaborato con il Centro Europa Ricerche (CER) e ha partecipato a uno stage presso il Ministero degli Affari Esteri. Attualmente si occupa soprattutto di regolamentazione finanziaria e delle politiche economiche dell’UE.

Nov 122015

Executive Summary

Due to the Basel III new capital rules (see [5]) and also to the EBA stress test processes, the capital issue is still a very relevant topic for most of the European banks regardless of their size. To increase the capital ratios, e.g. the CET1 ratio, the banks can theoretically exploit 3 high level strategies: to gain more profits, to issue new equity instruments or to optimize their risk structure. The first two are not easy to perform because they depend from many external random factors and market conditions. The RWA optimization relies on numerous components, sometimes highly demanding, which can however be tested and implemented based on an efficient organization of internal tools and monitoring processes. In this firs part of the work we give a review of the problem, along with some empirical data end examples.

1 A short review of Basel III and EBA capital constraints

The rationale under the Basel regulation architecture is that banks must have enough capital to face risks. Hence, with a high-level definition, banks must satisfy the condition OWNFUNDS > RISKS. (The term Own Funds in the Basel III framework has replaced the previous “Regulatory Capital”)

This condition is more often replaced in the regulatory architecture and in the practice by a set of conditions like

Bonollo 1

RWA is the traditional Risk Weighted Assets metric, i.e. a “transformation” of the Bank (assets) size in a combined size-risk measure.

To be more precise, the Basel III own funds requirements can be stated as follows:

Bonollo 2

Detailed rules and implementation timeliness are available in [2] and [3].

The dichotomy (RWA, RISKS) is not so clear to non-specialists. It comes from the native Basel I 1988 implementation, where by some coarse tables the credit and market exposures where converted from their accounting (asset) value to the RWA, and the well famous principle CAPITAL/RWA > 8% was stated.

Due to the 1996 Market Risk amendment and to the Basel II reform (see [4]), the internal (statistical models) models came into force, hence the risk figures for the capital adequacy are strictly derived from the quantitative models.

Nevertheless, the RWA measure unit is so useful that it has been maintained, and it is sometimes defined in the regulation starting from the substantial risk metric. Namely, RWA = RISKMEASURE × 12.5. From now on, we will use the term capital requirement (or own funds requirement) instead of risk measure.

The 12.5 coefficient is in fact the inverse of the classical 8% Basel 1 term.

The Basel III regulation also introduced new constraints, such as the liquidity indicators LCR/NSFR (Liquidity Coverage Ratio/ Net Stable Funding Ratio) and the leverage threshold.

To summarize, the new strict capital requirements, the new building blocks (such as CVA -Credit Valuation Adjustment- risk), new rules for the own funds definition implied a general capital shortfall for the banks, depicted in the figure.

Bonollo 3

In other words, with the Basel III regulation the banks moved from a general excess capital situation to a capital shortfall.

Because of this issue the RWA optimization term is having a wide success, as the banks are trying to satisfy the regulation with any possible tool.

In this market framework, the EBA 2014 Stress Test required banks even more robust capital resilience. To perform in positively in the stress test, banks were obliged to exhibit an 8% CET1 ratio in baseline scenario, and 5.5% in the adverse one.

For the forthcoming 2016 EBA stress test, similar rules are being defined.

2 The Risk Map. General structure and empirical composition for Italian banks

We come back to the general condition OWNFUNDS > RISKS and to its more important specification, i.e. CET1 ratio = Common Equity / RWA ≥ 4.5%.

To understand the optimization challenge, some details are needed.

With respect to the optimization tools, the denominator is largely the most important term.

Here with “risks” we mean the Pillar I risks, namely credit, market and operational risk. Some other risks, such as the banking book interest rate risk, are relevant but contribute only to the Pillar II Economic Capital.

To decline the problem in a practical perspective, we show in the below table the risk map for the top 5 five Italian banks, as of 2015, June 30th (for the data preparation, the authors thank Eva Pianalto).

Bonollo 4

It is worth to note that credit risk is the main contributor to the total risk. Only in two banks (OpRisk + MarketRisk) exceed the 15% of the whole RWA.

This first data suggest that the optimization project must focus on the credit risk building block.

We want to point out that the different risk figures depend from the combination of three different drivers:

  • The relative amount of the bank exposure to each risk. Ceteris paribus, of the bank has a bigger trading portfolio, it will show a higher RWA% for that risk
  • The average risk intensity per € of exposure. Example: given the same exposure and contractual features (e.g. real estate mortgages), a portfolio with high quality rating debtors will imply a lower capital absorption.
  • The risk measurement methodology. This is probably the most important but strangely the most misquoted driver. Example:  the approval of the internal IRB model for the credit generally allows a bank to calculate the capital requirement K( ) with a formula that gives a significant capital relief with respect to the standard external rating based model

Coming back to the table, the different relative weight does not depend only on the size of the trading book, nor the net open risky positions, but also on the methodology used for the measurement. We recall that not all banks use internal models for the different risk classes.

We now focus further on the credit risk capital requirement, and we briefly review the internal IRB models and the formula for the requirement. In the following, RW stands for the risk weight, hence

Capital Requirement = EAD × RW

RWA = Capital Requirement × 12.5

A)    Exposures to governments, financial institutions, corporates

Bonollo 5

B)     Exposures to SME – small enterprises

Bonollo 6

C)     Retail exposures

Bonollo 7

In the above formula, M represents the maturity, b and adjustment coefficient. R is the loading factor that links the single counterparty to the single risk factor of the Basel model, finally N( ) represents the normal distribution and G( ) its inverse. For details about this model see [7]. Some different rules for R, according to the counterparty sector and size, are given.

2 Which Paths for the Optimization? What Banks (should) optimize?

The RWA optimization issue is a hot problem for most of the European bankers. Many celebrated advisory companies have devoted a huge amount of research and commercial actions to it. See as clear examples [1] and [6].

Nevertheless, the problem has not been stated in a systematic form.

In the present first part of the work we avoid excessive technical details, but we recall that any optimization problem must be defined by some standard components.

  • The objective function f( ) to be optimized. In this context, we can select:
    • min RWA
    • MAX (CET1 ratio) = MAX (OwnFunds / RWA). We observe that some “filters” for the numerator depend from some of the same inputs of the RWA quantity, hence the two formulations are not always equivalent.
    • Any other strategic quantity for the bank
  • The decision variables X = (x1,…, xN), i.e. the variables from which the objective function depend. These are the variables that the bank can actually move to a more convenient level. The variables in this case can be stated in numerous different ways. Examples
    • X = the weight of the different exposures in the bank strategic asset allocation
    • X = the amount of the collaterals for the credit risk mitigation
    • X = the average maturity of the mortgages
  • A set of constraints in the very general form g(X)K. Usually the optimal theoretical point is not feasible due to budget constraints, regulatory constraints, market conditions, and so on.

In this general set-up, the optimizing strategies can be categorized in the following approaches:

  1. Strategic asset allocation. This is a high level point. How much of the bank total assets to put in the trading book? Which leverage level for the bank? Equity trading or carry and grade with the ECB funding? Large loans with the large corporate high rating sector or diversification in the retail consumer loans?
  2. Credit Process efficiency and Data Quality improvement. While for market risk the RWA calculation is mainly an algorithmic task, subject to strict backtesting thresholds, in credit risk a large set of details are involved in the many calculation rules, due to product and counterparty fragmentation. Banks should therefore be rigorous in the global end-to-end calculation. Example: In Basel III a credit support factor (CSF) is prescribed for exposures to small enterprises where the annual sales are less than 1.5mln €. This CSF allows to reduce dramatically the RWA, i.e. RWA (CSF) = RWA × 0.7619.  To take advantage of this rule, a bank must insert and update this variable in their database. If not, they cannot apply the CSF. Missing data is one of the key reasons of the RWA deterioration.
  3. Mathematical optimization. For a part of the credit exposures, we can have a (M,N) relationships between the M debtors and the N collaterals (real or personal). We can look at it as a graph. Each collateral has a fair value, with some hair-cuts rules. Each exposure has its own EAD. The allocation process is the step where each collateral is assigned for a given amount to each exposure. Among the many feasible choices, one (or some) of them can minimize the RWA.

Many people like to think that strategy (1) is the most important. But the time to implement strategic policies is very often too long with respect to some urgent capital problems.

Moreover, strategies (2) and (3) are less constrained by exogenous market events, and when eligible they can determine an improvement of the CET1 ratio of some dozens of basis points.

In the second part of this work we will develop some practical applications to highlight these points.


[1] Accenture (2014), “Basel III RWA Optimization: Going beyond Compliance”, Working paper.

[2] Basel Committee on Banking Supervision (2014), “Basel III summary Table”,

[3] Basel Committee on Banking Supervision (2014), “Basel III Phase-In Arrangements”,

[4]  Basel Committee on Banking Supervision (2006), “Basel II: International Convergence of Capital Measurement and Capital Standards: A Revised Framework – Comprehensive Version”, BCBS paper 128,

[5] EU (2013), “Regulation (EU) No 575/2013 on prudential requirements for credit institutions and investment firms”.

[6] McKinsey (2012), “Capital Management: Banking’s new imperative”, McKinsey Working papers on Risk, n.38.

[7] Gordy M.B. (2002), “A Risk-Factor Model Foundation for Ratings-Based Bank Capital Rules”.

Nov 122015

Although many controls (like the risk assessment, the customer due diligence, the transaction monitoring, the escalation of suspicions and liaison with the authorities) are in common, there are key differences between preventing the Money Laundering (ML) and the Financing of Terrorism (FT): the money launder seeks to disguise the origins of illicit funds, while a person funding terrorism may also use legitimately-held funds to pursue illegal aims.

In October 2013 the European Supervisory Authorities (ESAs = EBA + EIOPA + ESMA) published a preliminary report on the Risk-Based Supervision (RBS) of Anti-Money Laundering (AML) and Counter Financing of Terrorism (CFT).

Later, on the 20th of May 2015, the European Parliament and the Council issued the Directive (EU) 2015/849 on the prevention of the use of the financial system for the purposes of Money Laundering (ML) and Financing of Terrorism (FT). The directive makes clear that a Risk-Based Supervision helps in managing those risks and sets out a number of requirements to be met by the competent authorities when applying the RBS; it also requires the ESAs to issue guidelines on both the characteristics of the RBS and the steps to be taken when conducting the supervisions. The directive requires the ESAs to issue guidelines on the risk factors to be considered by the firms and on the measures they should take to adjust the due diligence.

In response to this, on the 21st of October 2015, the joint committee of the ESAs launched a public consultation, that closes the 22nd of January 2016, on two guidelines on the AML and CFT:

  • the consultation paper on the Risk-Based Supervision Guidelines is addressed to competent authorities responsible for supervising the compliance of credit and financial institutions where the AML/CFT obligations are applicable. The Guidelines specify the characteristics of a risk-based approach and the actions to be taken to ensure that the allocation of resources is appropriate for the level of ML and FT risk;
  • the consultation paper on the Risk-Factors Guidelines is addressed to both competent authorities and credit and financial institutions. Competent authorities can understand how to assess the adequacy of the ML/TF risk assessment and of the controls on credit and financial institutions; the latter can understand how to make informed decisions on the management of individual business relationships and occasional transactions. The guidelines specify the risk factors to consider when assessing ML and FT and the adjustments to make (if any) to the due diligence measures.

The Risk-Based Supervision Guidelines are designed to foster a consistent and effective supervisory within the EU and are based on the same approach already described in the preliminary report of 2013. They set out high-level principles complemented with sufficient details to achieve a supervisory convergence while leaving rooms to the authorities to adjust their approach to be in line with the laws and regulations of their financial sector. The guidelines may create one-off costs for the authorities that do not have a RBS in place or wish to review it and, consequently, for the supervised firms. These costs are unlikely to be significant. After the assessments, firms whose risk profile is heightened will be subject to a more sever supervisory, while firms whose risk profile is lowered will be subject to less sever supervisory than the current. As the latter are likely to be far more numerous than the former, the application of these guidelines will generate a net benefit for the financial sector as a whole.

In line with the interpretation given by the Financial Action Task Force (FATF), the guidelines describe the RBS as a cyclical process, where the competent authorities may group less risky firms into clusters to consider as a single subject of assessment:


  • step 1: authorities obtain information on both domestic and foreigners ML/FT threats which affect the relevant markets. The extent of information should be proportionate to the nature and size of the subject of assessment. Competent authorities should exchange information with each others.
  • step 2: authorities use these information to get a holistic view of the risk associated to each subject of assessment. An overall risk profile is assigned to the subject. To facilitate comparisons, it is worthy to define different categories of risk profile (low, medium, high) and a professional judgment is needed to validate the results.
  • step 3: authorities plan supervisory activities for each subject of assessment, allocating resources based on the risk assessment of step 2; they decide the focus, depth, duration and frequency of on/off-site activities, and the need of technical expertise
  • step 4: authorities carry out periodic reviews of their risk assessments, to ensure they are up to date with enough resources allocated.

The Risk-Factors Guidelines are drafted to be consistent with the existing international standards: this ensure the compliance of both authorities and firms while fostering the consistent application of a risk-based approach across the EU. They have to be adopted within two years of the Directive entering in force, that is no later than 26 June 2016. The guidelines apply to all firms (sector specific guidelines are supplemented) and provide information on what they need to consider when determining the level of ML/FT risks, and which type of Due Diligence (Simplified or Enhanced) is more appropriate. The guidelines allow firms to adopt policies and procedures that are proportionate to the nature, scale and complexity of their activities, with a net impact of costs that is likely to be close to zero. On the other hands, authorities will have to review their existing regulatory guidelines and this will produce one-off costs, that are largely absorbed by the ones arising from the implementation of the national legislations that transpose Directive (EU) 2015/849.

As pointed out in these guidelines, to manage the ML/FT risks, firms should

  • perform a business-wide risk assessment (proportionate to the nature and size of each firm) to understand whether they are exposed and which area of their business should be prioritized;
  • use the above findings to define the appropriate level and type of Customer Due Diligence (CDD) they will apply to individual business relationship and occasional transactions
  • ensure they have systems and controls in place capable of identifying emerging ML/TF risks and cooperate with other representative from the industry to establish a culture of information sharing and company ethics.

The risk factors to be considered in the risk assessment can be broadly classified in:

  • customer risk factors
  • countries and geographic areas risk factors
  • products, services and transaction risk factors
  • delivery channel risk factors

and the information about them should come from a variety of sources (like the European Commission, the National governments, the regulators, the Financial Intelligence Units, the industries bodies, the media sources, the commercial and statistical organizations and academia). The risk factors can be weighted differently depending on their relative importance and they can therefore vary from product to product or customer to customer and from one firm to another. Expert judgement plays a key role.

The CDD consist in identifying the customer and its beneficial owner, verifying their identities, establishing the purpose and intended nature of the business relationship and conducing a periodic monitoring. As stated by the Directive, and Enhanced CDD should be applied in case the customer is a Politically Exposed Person, the firm enters into a relationship with a respondent institution of non-EEA states or in high risk third countries and in case the transaction are complex, unusually large or have no obvious economic or lawful purpose.

Finally, the supplementary guidelines organized per type of business cover: correspondent and retail banks, electronic money issuers, money remitters, wealth management, trade finance providers, life insurance undertakings, investment managers and providers of investment funds.