In 2022, the PRA will continue to focus on financial resilience, operational resilience, the financial risks of climate change, and diversity and inclusion. Credit and model risk, together with regulatory reporting and data quality, and the LIBOR to risk-free rate transition will remain under scrutiny. And regulatory change, including the development of a targeted resolution framework for insurers, will also be on the agenda.
On 12 January, the PRA issued three Dear CEO letters, for UK Deposit Takers (PDF 380 KB), International Banks (PDF 367 KB) and Insurers (PDF 372 KB), updating firms on its supervisory priorities for 2022. The letters set out specific supervisory priorities, together with comments on additional areas of supervisory focus, across several common themes:
UK Deposit Takers | International Banks | Insurers |
---|---|---|
Financial resilience (with specific callouts for credit risk and model risk) | Financial resilience | Financial resilience |
Operational risk and resilience | Operational risk and resilience | Operational risk and resilience |
Financial risks arising from climate change | Financial risks arising from climate change | Financial risks arising from climate change |
Risk-free rate transition |
Risk-free rate transition | Risk-free rate transition |
Regulatory Reporting and data quality | Regulatory Reporting and data quality | Third country branches seeking authorisation in the UK |
Diversity and inclusion | Diversity and inclusion | Diversity and inclusion |
Financial resilience (including credit and model risk for UK banks)
Of paramount importance in all three letters is Financial Resilience, as reflected in the ability of the financial sector to continue to support businesses and households. Although the banking sector currently appears resilient to economic outcomes that are much more severe than the Monetary Policy Committee's forecast, firms' earnings have benefited from significant macro-economic and governmental support measures.
The full impact of the pandemic on credit portfolios has not yet been realised and recovery is likely to be uneven across sectors as official support schemes are withdrawn.
For banks:
- As the environment evolves, and to reflect broader structural changes such as the acceleration of digitalisation in the banking sector, UK and international banks should be proactive in assessing the challenges and implications for the sustainability of their business models. The letter to international banks notes that this will be particularly important for firms that have lost market share as certain sectors became more concentrated during the pandemic.
- Banks should monitor closely credit risk and traded risk in their portfolios, particularly as official support measures are withdrawn. The letter to UK banks calls out the need for further work to embed high quality Expected Credit Loss (ECL) practices and strengthen processes under stress.
- The PRA will continue to engage with UK banks to assess the robustness of their credit risk management processes through a risk-based blend of thematic and firm-specific reviews.
- Follow-up work should be expected on small and medium sized enterprises and on some portfolios subject to challenging economic conditions once the four current thematic reviews (wholesale problem debt management, unsecured personal loans, buy-to-let, and IFRS 9 retail models) are complete.
- Risks associated with remediation of cladding and wider fire safety issues will be monitored closely, together with emerging risks from the competitive landscape in terms of pricing relative to risk, including newer products such as “buy now pay later”.
- Deficiencies in UK banks' model risk management (MRM) frameworks across development, testing, change management and governance remain a concern. In 2022, the PRA will increase its focus on the implementation of Internal Ratings Based (IRB) Hybrid mortgage models, the IRB Roadmap for non-mortgage portfolios and IRB aspirant firm model applications. Effectiveness of MRM practices and remediation actions will be under scrutiny.
- The resilience of UK banks and building societies will be explored further through the Bank of England's 2022 stress test under the Annual Cyclical Scenario.
- For both UK and International banks, the letters also highlight the deficiencies in banks' risk management governance and frameworks that were revealed by the default of Archegos Capital Management. Firms will be expected to consider concentrated and leverage exposures and improve counterparty risk management. Where firms engage in equity finance and broader prime brokerage activities, the PRA will focus particularly on risk culture, incentive structures and alignment of remuneration with risk management practices.
For insurers:
- Both life and general insurers are expected to monitor credit risk within their portfolios and the impact on provisions. Some life insurers may have greater exposure to credit and concentration or, in certain cases, liquidity risk.
- The PRA expects boards to have a clear understanding of exposure to credit downgrades and defaults, the potential impact on financial position and ability to recover from losses. In addition, adequate risk management should be in place, with the board setting appropriate risk appetites, ensuring that risk appetites are applied across the business and assessing positions against a range of scenarios.
- Insurers should monitor risks around economic inflation and understand the potential impact on the cost of claims. They should consider the impact of both economic and social inflation over a range of scenarios and factor both into prudent reserving decisions.
- The PRA has seen limited evidence of general insurers considering their aggregate exposures to non-affirmative (so called ‘silent’) cyber risk. Following the recent COVID business interruption case, the regulator is concerned that firms may place too much reliance on rarely tested policy exclusions which could be threatened in an extreme event.
- The financial resilience of the insurance sector will be assessed by the 2022 Insurance Stress Test (IST) (PDF 380 KB) which will commence in Q3.
Operational Resilience
The PRA expects all firms to continue to develop their security controls and capabilities to manage increasing cyber risk. All firms should test their resilience against cyber threats.
By 31 March 2022, all in-scope firms must meet the expectations set out in the PRA's 2021 operational resilience policy (SS1/21). This means they must have identified and mapped their important business services, set impact tolerances for these, and initiated a programme of scenario testing.
Under the PRA's policy on outsourcing and third-party risk management (SS2/21) firms must maintain an updated register of their outsourcing arrangements. They should also ensure that their important business services can remain within impact tolerances when relying on outsourcing or third-party providers (UK insurers are particularly dependent on third-party outsourcing).
Financial risks arising from climate change
All PRA-supervised firms are expected to take a forward-looking, strategic, and ambitious approach to managing climate-related financial risks that is proportionate to the scale of the risks and the complexity of their operations.
Progress in embedding the supervisory expectations set out in SS3/19 (PDF 880 KB) has been inconsistent across firms. From 2022, climate-related financial risks will be a core part of the PRA's supervisory approach and will be included in all relevant elements of the supervisory cycle. The letters reference the recent Climate Adaptation Report — see our article here.
As understanding, data, tools, and best practice evolve, firms will be expected to refine their approaches. The PRA will focus on how firms quantify climate-related risks and incorporate those risks into business strategies, decision-making, and risk-taking and will deploy the full range of supervisory tools where firms' progress is deemed insufficient.
Insurers are encouraged to conduct further research on emerging climate-related risks such as the potential impact of litigation risk on their balance sheets and the impact of physical risks on assets and liabilities.
Insurers - regulatory change and third country branches
The PRA acknowledges insurers' contributions to the Government review of Solvency and the Quantitative Impact Study (QIS). In early 2022, the PRA plans to augment the QIS data through “detailed technical engagement” on policy measures, ahead of a formal consultation later in the year.
The PRA is also working with the Government to develop a targeted resolution regime for the insurance sector, the next step in the process outlined in Sam Woods' “Brave New World” speech at the ABI in March 2021.
Finally, the PRA is continuing to look at ways to improve its authorisation process for insurance-linked securities (ILS) vehicles and other wholesale insurance firms to ensure a proportionate and risk-based approach.
Through 2022 and 2023, the PRA expects to process approximately 150 third country branch applications from insurers currently operating under the Temporary Permissions Regime (TPR) - firms are asked to cooperate in an open and transparent manner to expedite this process.
Diversity and inclusion
In all three letters, the PRA reiterates its ambition to encourage diversity within firms in support of its objective to promote the safety and soundness of firms. Firms are expected to consider the themes set out in the 2021 Discussion Paper, challenge themselves to understand their gaps and consider where they can make progress. For more on the Discussion Paper, see here.
Connect with us
- Find office locations kpmg.findOfficeLocations
- kpmg.emailUs
- Social media @ KPMG kpmg.socialMedia
Stay up to date with what matters to you
Gain access to personalized content based on your interests by signing up today