Skip to main content
  • Market Risk

    • Market Risk Regulation

      C 164/2018 Effective from 29/8/2018
      • Introduction

        The Central Bank seeks to promote the effective and efficient development and functioning of the banking system. To this end, Banks must have a comprehensive approach to market risk management, including Board and Senior Management oversight, to ensure their resiliency and enhance overall financial stability.

        In introducing this Regulation and the accompanying Standards, the Central Bank intends to ensure that Banks’ approaches to the management of market risk are in line with leading international practices.

        This Regulation and the accompanying Standards are issued pursuant to the powers vested in the Central Bank under the Central Bank Law.

        Where this Regulation, or its accompanying Standards, include a requirement to provide information or to take certain measures, or to address certain items listed at a minimum, the Central Bank may impose requirements, which are additional to the list provided in the relevant article.

      • Objective

        The objective of this Regulation is to establish the minimum acceptable standards for Banks’ approach to market risk management, with a view to:

        i. Ensuring the soundness of Banks; and

        ii. Enhancing financial stability.

        The accompanying Standards supplement the Regulation to elaborate on the supervisory expectations of the Central Bank with respect to market risk management.

      • Scope of Application

        This Regulation and the accompanying Standards apply to all Banks. Banks established in the UAE with significant Group relationships, including Subsidiaries, Affiliates or international branches must ensure that the Regulation and Standards are adhered to on a solo and group-wide basis.

        This Regulation and the accompanying Standards must be read in conjunction with the Risk Management Regulation and Standards issued by the Central Bank, which establish the requirements for a Bank’s overarching approach to risk management.

      • Article 1: Definitions

        1. Affiliate: An entity that, directly or indirectly, controls, is controlled by, or is under common control with another entity. The term control as used herein shall mean the holding, directly or indirectly, of voting rights in another entity, or of the power to direct or cause the direction of the management of another entity.
           
        2. Bank: A financial entity, which is authorized by the Central Bank to accept deposits as a Bank.
           
        3. Board: The Bank’s Board of Directors.
           
        4. Banking Book: Positions in financial instruments that are expected to be held to maturity.
           
        5. Central Bank: The Central Bank of the United Arab Emirates.
           
        6. Central Bank Law: Union Law No (10) of 1980 concerning the Central Bank, the Monetary System and Organization of Banking as amended or replaced from time to time.
           
        7. Central Bank regulations: Any resolution, regulation, circular, rule, standard or notice issued by the Central Bank.
           
        8. Group: A group of entities that includes an entity (the 'first entity') and:
           
          1. any Parent of the first entity;
             
          2. any Subsidiary of the first entity or of any Parent of the first entity; and
             
          3. any Affiliate.

           
        1. Islamic Financial Services: Shari’a compliant financial services offered by Islamic Banks and Conventional Banks offering Islamic banking products (Islamic Windows).
           
        2. Market risk: The risk of losses in on and off-balance sheet positions arising from movements in market prices.
           
        3. Parent: An entity (the 'first entity') which:
           
          1. holds a majority of the voting rights in another entity (the 'second entity');
             
          2. is a shareholder of the second entity and has the right to appoint or remove a majority of the board of directors or managers of the second entity; or
             
          3. is a shareholder of the second entity and controls alone, pursuant to an agreement with other shareholders, a majority of the voting rights in the second entity.

              Or;
          4. if the second entity is a subsidiary of another entity which is itself a subsidiary of the first entity.

           
        1. Risk appetite: The aggregate level and types of risk a Bank is willing to assume, decided in advance and within its risk capacity, to achieve its strategic objectives and business plan.
           
        2. Risk governance framework: As part of the overall approach to corporate governance, the framework through which the Board and management establish and make decisions about the Bank’s strategy and risk approach; articulate and monitor adherence to the risk appetite and risk limits relative to the Bank’s strategy; and identify, measure, manage and control risks.
           
        3. Risk limits: Specific quantitative measures that must not be exceeded, based on, for example, forward looking assumptions that allocate the Bank’s aggregate risk appetite to business lines, legal entities or management units within the Bank or Group in the form of specific risk categories, concentrations or other measures, as appropriate.
           
        4. Risk profile: Point in time assessment of the Bank’s gross (before the application of any mitigants) or net (after taking into account mitigants) risk exposures aggregated within and across each relevant risk category based on current or forward-looking assumptions.
           
        5. Senior Management: The executive management of the Bank responsible and accountable to the Board for the sound and prudent day-to-day management of the Bank, generally including, but not limited to, the chief executive officer, chief financial officer, chief risk officer and heads of the compliance and internal audit functions.
           
        6. Subsidiary: An entity (the 'first entity') is a subsidiary of another entity (the 'second entity') if the second entity:
           
          1. holds a majority of the voting rights in the first entity;
             
          2. is a shareholder of the first entity and has the right to appoint or remove a majority of the board of directors or managers of the first entity; or
             
          3. is a shareholder of the first entity and controls alone, pursuant to an agreement with other shareholders, a majority of the voting rights in the first entity.

             Or;
            if the first entity is a subsidiary of another entity which is itself a subsidiary of the second entity.
        1. Trading Book: Positions in financial instruments and commodities held either with trading intent or in order to hedge other elements of the trading book.
           
      • Article 2: Risk Governance Framework

        1. A Bank must have an appropriate market risk strategy and market risk governance framework that provides a Bank-wide and, if applicable, Group-wide view of market risk. This includes policies, processes, procedures, systems and controls to identify, measure, evaluate, monitor, report and control or mitigate material sources of market risk on a timely basis.
           
        2. The Board must approve the Bank’s strategies, policies and processes for the management of market risk, which must be reviewed annually.
           
        3. The Board must ensure that the Bank has in place adequate systems to identify, measure and manage market risk. Roles and responsibilities must be clearly articulated and provisions must be made for adequate separation of duties and avoiding conflicts of interest.
           
        4. The Board must ensure that the Bank has appropriate market risk management processes that provide a bank-wide and, if applicable, Group-wide view of market risk exposure. These must be consistent with the risk appetite statement, risk profile, systemic importance and capital strength of the Bank, take into account market and macroeconomic conditions and the risk of a significant deterioration in market liquidity.
           
        5. Senior Management must ensure that the strategy, policies and procedures are developed and implemented effectively. The Board must oversee the Senior Management to ensure that the strategies, policies and processes are implemented effectively and fully integrated into the Bank’s overall risk management process.
           
        6. A Bank’s policies and processes must establish an appropriate and properly controlled market risk environment, including, at a minimum, the following items:
           
          1. Effective information systems for accurate and timely identification, aggregation, monitoring and reporting of market risk exposure to the Board and Senior Management;
             
          2. Appropriate market risk limits consistent with the Bank’s risk appetite, risk profile and capital strength and with the management’s ability to manage market risk and which are understood by and regularly communicated to, relevant staff;
             
          3. Exception tracking and reporting processes that ensure prompt action at the appropriate level of the Senior Management or Board, where necessary;
             
          4. Effective controls around the use of models to identify and measure market risk and set limits; and
             
          5. Sound policies and processes for allocation of exposures to the trading book.
        1. A Bank must ensure that intra-day exposures are managed within limits established by the Board-approved market risk policies.
           
        2. A Bank wishing to establish a trading book must submit for the Central Bank’s review a trading book policy statement that specifies those activities that belong in the trading book. Any significant change in a Bank’s existing trading book policy must be promptly submitted to the Central Bank for review.
           
      • Article 3: Systems and Controls

        1. A Bank’s market risk measurement systems, monitoring and controls must enable it to maintain capital adequacy on a continuous basis and remain within its intra-day and other market risk limits.
           
        2. An independent review of a Bank’s market risk measurement system and the overall market risk management process must be earned out at least annually, as part of the Bank’s own internal auditing process, by functionally independent, appropriately trained and competent personnel.
           
        3. A Bank must capture all transactions on a timely basis.
           
        4. A Bank’s internal models must be validated internally by suitably qualified parties independent of the model development process, to ensure that they are conceptually sound and adequately capture all material market risks.
           
        5. A Bank must have its internal models validated externally by an independent and suitably qualified party on a regular basis and, in addition, on an as-needed basis.
           
        6. A Bank’s back-testing program must consist of periodic comparisons of its model results with the realized profit or loss (trading income) relating to corresponding periods.
      • Article 4: Valuation

        1. A Bank must have systems and controls to ensure that the Bank’s mark-to-market positions, whether in the banking book or trading book, are revalued frequently.
           
        2. A Bank’s valuation process must use consistent and prudent practices and reliable market data, or, in the absence of market prices, internal or industry-accepted models, verified by a function independent of the relevant risk-taking business units.
           
        3. A Bank that relies on modelling for the purposes of valuation must ensure that the model is validated by a function independent of the relevant risk-taking business units.
           
        4. A Bank must establish and maintain policies and processes for considering valuation adjustments for positions that otherwise cannot be prudently valued, including concentrated, less liquid and stale positions.
           
        5. A Bank must make appropriate valuation adjustments for uncertainties in determining the fair value of assets and liabilities.
           
        6. A Bank operating a trading book must establish an appropriate valuation methodology and measurement model.
      • Article 5: Capital

        1. A Bank must at all times hold appropriate levels of capital against unexpected losses, which may arise from its market risk exposures.
           
        2. A Bank must ensure that market risk capital requirements are met on a continuous basis.
      • Article 6: Stress Testing

        1. A Bank must include market risk exposure in its forward-looking stress-testing programs as part of its comprehensive approach to risk management.
      • Article 7: Reporting Requirements

        1. A Bank must inform the Central Bank of all significant changes in its market risk measurement systems and in its market risk profile.
           
        2. A Bank must promptly notify the Central Bank when it becomes aware of a significant deviation from its Board-approved market risk limits, policies or procedures, or becomes aware that material market risks have not been adequately addressed.
           
        3. Banks must report to the Central Bank on market risk in the format and frequency prescribed in the Standards.
      • Article 8: Islamic Banking

        1. A Bank offering Islamic financial services must ensure that its comprehensive approach to market risk management incorporates appropriate measures to comply with Shari’a rules and principles and related Shari’a control functions.
      • Article 9: Enforcement

        1. Violation of any provision of this Regulation and the accompanying Standards shall be subject to supervisory action as deemed appropriate by the Central Bank.
      • Article 10: Interpretation of Regulations

        1. The Regulatory Development Division of the Central Bank shall be the reference for interpretation of the provisions of this Regulation.
      • Article 11: Cancellation of Previous Notices

        1. This Regulation and the accompanying Standards replace all previous Central Bank regulations with respect to market risk.
      • Article 12: Publication and Application

        1. This Regulation and the accompanying Standards shall be published in the Official Gazette in both Arabic and English and shall come into effect one month from the date of publication.
    • Market Risk Standards

      C 164/2018 Effective from 29/9/2018
      • Introduction

        1. 1. These Standards form part of the Market Risk Regulation. All Banks must comply with these Standards, which expand on the Regulation. These Standards are mandatory and enforceable in the same manner as Regulation.
        2. 2. A Bank’s Board is in ultimate control of the Bank and accordingly ultimately responsible for market risk management. There is no one-size-fits-all or single best solution. Accordingly, each Bank could meet the minimum requirements of the Regulation and Standards in different ways and thus may adopt an organizational framework appropriate to the risk profile, nature, size and complexity of its business and structure. The onus is on the Board to demonstrate that it has implemented an approach that adequately addresses market risk. Banks are encouraged to adopt leading practices that exceed the minimum requirements of the Regulation and Standards.1
        3. 3. The Standards follow the structure of the Regulation, with each article corresponding to the specific article in the Regulation.

        1 The Central Bank will apply the principle of proportionality in the enforcement of the Regulation and Standards, whereby smaller Banks may demonstrate to the Central Bank that the objectives are met without necessarily addressing all of the specifics cited in the Standards.

      • Article 1: Definitions

        1. 1. Affiliate: An entity that, directly or indirectly, controls, is controlled by, or is under common control with another entity. The term control as used herein shall mean the holding, directly or indirectly, of voting rights in another entity, or of the power to direct or cause the direction of the management of another entity.
        2. 2. Bank: A financial entity, which is authorized by the Central Bank to accept deposits as a Bank.
        3. 3. Banking book: Positions in financial instruments that are available for sale or expected to be held to maturity. The following instruments must be assigned to the banking book:
          1. a. Unlisted equities;
          2. b. Instruments designated for securities warehousing;
          3. c. Real estate holdings;
          4. d. Retail and small and medium-sized enterprise credit;
          5. e. Equity instruments in a fund in which the Bank cannot look through the fund daily or obtain daily prices for its investment in that fund;
          6. f. Derivative instruments that have instruments of the type specified in 1.3.a through 1.3.e above as underlying assets;
          7. g. Instruments held for the purpose of hedging a particular risk of a position in the types of instruments of the type specified in 1.3.a through 1.3.e above; and
          8. h. Any other instrument as may be determined by the Central Bank.
        4. 4. Board: The Bank’s Board of Directors.
        5. 5. Central Bank: The Central Bank of the United Arab Emirates.
        6. 6. Central Bank Law: Union Law No (10) of 1980 concerning the Central Bank, the Monetary System and Organization of Banking as amended or replaced from time to time.
        7. 7. Central Bank regulations: Any resolution, regulation, circular, rule, standard or notice issued by the Central Bank.
        8. 8. Financial instrument: Any contract that gives rise to both a financial asset of one entity and a financial liability of another entity. Financial instruments include primary financial instruments (or cash instruments) and derivative financial instruments. A financial asset is any asset that is cash and or, the right to receive cash or another financial instrument. A financial liability is a contractual obligation to deliver cash or another financial asset or to exchange financial liabilities under conditions that are potentially unfavourable.
        9. 9. Group: A group of entities that includes an entity (the ‘first entity’) and:
          1. a. any Parent of the first entity;
          2. b. any Subsidiary of the first entity or of any Parent of the first entity; and
          3. c. any Affiliate.
        10. 10. Independent price verification: The process by which market prices or model inputs are regularly verified for accuracy. Independent price verification is distinct from daily marking-to-market. Independent price verification entails a higher standard of accuracy in which the market prices or model inputs are used to determine profit and loss figures, whereas daily marks are collected primarily for management reporting in between reporting dates.
        11. 11. Islamic Financial Services: Shari’a compliant financial services offered by Islamic Banks and Conventional Banks offering Islamic banking products (Islamic Windows).
        12. 12. Market risk: The risk of losses in on- and off-balance sheet positions arising from movements in market prices. For the purposes of these Standards, these risks are,
          1. a. In the trading book of the bank, the risks pertaining to interest rate related instruments and equities, and
          2. b. Throughout the bank, the risks pertaining to foreign exchange and commodities.
        13. 13. Marking-to-market: Valuation of positions at readily available close-out prices in orderly transactions that are sourced independently. Examples of readily available close-out prices include exchange prices, screen prices, or quotes from several independent reputable brokers. Marking-to-market may be performed by dealers. Daily marking-to-market is distinct from independent price verification.
        14. 14. Marking-to-model: Any valuation, which has to be benchmarked, extrapolated or otherwise calculated from a market input.
        15. 15. Parent: An entity (the ‘first entity’) which:
          1. a. holds a majority of the voting rights in another entity (the ‘second entity’);
          2. b. is a shareholder of the second entity and has the right to appoint or remove a majority of the Board of directors or managers of the second entity; or
          3. c. is a shareholder of the second entity and controls alone, pursuant to an agreement with other shareholders, a majority of the voting rights in the second entity;

            Or;

          4. d. If the second entity is a subsidiary of another entity which is itself a subsidiary of the first entity.
        16. 16. Residual risk: The risk exposure after controls are considered.
        17. 17. Risk appetite: The aggregate level and types of risk a Bank is willing to assume, decided in advance and within it risk capacity, to achieve its strategic objectives and business plan.
        18. 18. Risk governance framework: As part of the overall approach to corporate governance, the framework through which the Board and management establish and make decisions about the Bank’s strategy and approach to risk management; articulate and monitor adherence to the risk appetite and risks limits relative to the Bank’s strategy; and identify, measure, manage and control risks.
        19. 19. Risk limits: Specific quantitative measures that may not be exceeded, based on, for example, forward-looking assumptions that allocate the Bank’s aggregate risk appetite to business lines, legal entities or management units within the Bank or Group in the form of specific risk categories, concentrations, or other measures, as appropriate.
        20. 20. Risk Management function: Collectively, the systems, structures, policies, procedures and people that measure, monitor and report risk on a Bank-wide and, if applicable, Group-wide basis.
        21. 21. Senior Management: The executive management of the Bank responsible and accountable to the Board for the sound and prudent day-to-day management of the Bank, generally including, but not limited to, the chief executive officer, chief financial officer, chief risk officer and heads of the compliance and internal audit functions.
        22. 22. Subsidiary: An entity (the ‘first entity’) is a subsidiary of another entity (the ‘second entity’) if the second entity:
          1. a. holds a majority of the voting rights in the first entity;
          2. b. is a shareholder of the first entity and has the right to appoint or remove a majority of the board of directors or managers of the first entity; or
          3. c. is a shareholder of the first entity and controls alone, pursuant to an agreement with other shareholders, a majority of the voting rights in the first entity;
            Or;
          4. d. If the first entity is a subsidiary of another entity that is itself a subsidiary of the second entity.
        23. 23. Trading book: Positions in financial instruments and commodities held either with trading intent or in order to hedge other elements of the trading book. Any instrument held for one or more of the following purposes must be assigned to the trading book:
          1. a. Short-term resale;
          2. b. Profiting from short-term price movements;
          3. c. Locking in arbitrage profits;
          4. d. Hedging risks that arise from instruments meeting criteria 3.16.a through 3.16.c above; and
          5. e. Any other instrument as may be determined by the Central Bank.
      • Article 2: Risk Governance Framework

        1. 1. A Bank must establish, implement and maintain a market risk governance framework, which enables it to identify, assess, monitor, mitigate and control market risk. The market risk framework consists of policies, processes, procedures, systems and controls.
        2. 2. The market risk governance framework must be documented and approved, maintained and overseen by the Board and must provide for a sound and well-defined framework to address the Bank’s market risks.
        3. 3. A Bank’s market risk management processes must be integrated with the Bank’s overall risk management processes. Banks that have trading books must develop separate and specific trading book policy statements and risk frameworks.
        4. 4. The Board and Senior Management must be actively involved in the market risk control process and must regard risk control as an essential aspect of the business to which significant resources need to be devoted. In this regard, the daily reports prepared by the market risk management function must be reviewed by a level of management with sufficient seniority and authority to enforce both reductions of positions taken by individual traders and reductions in the Bank’s overall risk exposure.
      • Article 3: Systems & Controls

        • General

          1. 1. The Board must ensure compliance with a documented set of internal policies, controls and procedures concerning the operation of the market risk measurement system. Documentation in the form of a market risk manual or policy must provide a useable and understandable overview of the basic principles of the market risk management system and an explanation of the empirical techniques used to measure market risk.
        • Risk Factors

          1. 2. A Bank must specify in its market risk measurement system an appropriate set of market risk factors (market rates and prices that affect the value of the Bank’s market-related positions) that are sufficient to capture the risk inherent in the Bank’s portfolio of on- and off-balance sheet trading positions.
        • Interest Rates

          1. 3. A Bank must specify a set of risk factors corresponding to interest rates in each currency in which the Bank has interest-rate-sensitive on- or off-balance sheet positions. The number of risk factors used must be driven by the nature of the Bank’s trading strategies and must include, at a minimum, the following:
            1. a. Modelling of the yield curve using one of a number of generally accepted approaches, for example, by estimating forward rates of zero coupon yields.
            2. b. Dividing the yield curve into various maturity segments in order to capture variation in the volatility of rates along the yield curve. There typically will be one risk factor corresponding to each maturity segment.
            3. c. For material exposures to interest rate movements in the major currencies and markets, modelling the yield curve using a minimum of six risk factors. The number of risk factors used ultimately must be driven by the nature of the Bank’s trading strategies. For instance, a Bank with a portfolio of various types of securities across many points of the yield curve and that engages in complex arbitrage strategies would require a greater number of risk factors to capture interest rate risk accurately.
          2. 4. The risk measurement system must incorporate separate risk factors to capture spread risk (e.g. between bonds and swaps). These include but are not limited to specifying a completely separate yield curve for non-government fixed-income instruments (for instance, swaps or municipal securities) and estimating the spread over government rates at various points along the yield curve.
        • Exchange Rates

          1. 5. A Bank must specify risk factors corresponding to the exchange rate between the domestic currency and individual foreign currencies in which its positions are denominated.
        • Equities

          1. 6. For equity prices, there must be risk factors corresponding to each of the equity markets in which the Bank holds significant positions. The sophistication and nature of the modelling technique for a given market must correspond to the Bank’s exposure to the overall market as well as its concentration in individual equity issues in that market.
          2. 7. At a minimum, there must be a risk factor that is designed to capture market-wide movements in equity prices (e.g. a market index). Positions in individual securities or in sector indices could be expressed in “beta-equivalents”2 relative to this market-wide index. Alternatively, a Bank may identify risk factors corresponding to various sectors of the overall equity market (for instance, industry sectors or cyclical and non-cyclical sectors), or specify risk factors corresponding to the volatility of individual equity issues.

          2 A “beta-equivalent” position would be calculated from a market model of equity price returns (such as the Capital Asset Pricing Model) by regressing the return on the individual stock or sector index on the risk-free rate of return and the return on the market index.

        • Commodities

          1. 8. A Bank must specify risk factors corresponding to each of the commodity markets in which it holds significant positions. A Bank’s commodity risk factors must, at a minimum, include the following:
            1. a. Directional risk, to capture the exposure from changes in spot prices arising from net open positions;
            2. b. Forward gap and interest rate risks, to capture the exposure to changes in forward prices; and
            3. c. Basis risk, to capture the exposure to changes in the price relationships between two similar, but not identical, commodities.
          2. 9. For a Bank with relatively limited positions in commodity-based instruments, a less complex specification of risk factors would be acceptable. Such a specification would likely entail one risk factor for each commodity price to which the Bank is exposed. In cases where the aggregate positions are quite small, it might be acceptable to use a single risk factor for a relatively broad sub-category of commodities (for instance, a single risk factor for all types of oil.) For more active trading, the model must also take account of variation in the “convenience yield” between derivatives positions such as forwards and swaps and cash positions in the commodity.
        • Options

          1. 10. If a Bank’s risk appetite statement includes taking option positions, the market risk measurement system must specify risk factors corresponding to the implied volatilities of those options, to capture the risk of gain or loss resulting from changes in volatility of those positions.
          2. 11. The following criteria apply to the measurement of options risk:
            1. a. Bank’s models must capture the non-linear price characteristics of options positions; and
            2. b. Each Bank’s risk measurement system must have a set of risk factors that captures the volatilities of the rates and prices underlying option positions, including Vega risk. Banks with relatively large and/or complex options portfolios must have detailed specifications of the relevant volatilities.
        • Internal Review

          1. 12. The Board-approved policies must provide for an independent review by the internal audit function of the market risk measurement system at least annually. The review must include both the activities of the business trading units and of the independent risk management function. At a minimum, a review must specifically address the following:
            1. a. The organization of the market risk management function, adequacy of the documentation of the market risk management system and process and the approval process for risk pricing models and valuation systems used by front-and back-office personnel;
            2. b. The scope of the market risks captured by the market risk measurement system’s models; the accuracy and appropriateness of the risk measurement system (including any significant changes); the accuracy and completeness of position data; the accuracy of calculation and risk transformation calculations; integration of market risk measures into daily risk management; accuracy and appropriateness of volatility and correlation assumptions and (if using the historical simulation approach) calculations of historical rate movements; and the integrity of the management information system with respect to market risk;
            3. c. The verification of the consistency, timeliness and reliability of the data sources used to run internal models, including the independence of such data sources;
            4. d. The validation of any significant change in the market risk measurement process, including the evaluation of conceptual/methodological soundness, as well as developmental evidence;
            5. e. Evidence of ongoing model monitoring, including process verification and benchmarking;
            6. f. The verification of the model’s accuracy through frequent back-testing of outcomes analysis, including key internal parameters; and
            7. g. The process used to produce the calculation of market risk capital.
          • Models

            1. 13. The Board must ensure that Board-approved policies adequately provide for market risk measurement methodologies commensurate with the risk profile, nature, size and complexity of the Bank’s business and structure. A Bank that has a trading book must have a robust modelling framework. Development, internal approval and ongoing use of models and other market risk management methodologies must be governed by Board-approved policies and procedures, which at a minimum must address initial and ongoing validation, valuation and independent review by the internal audit function.
            2. 14. The risk management function must produce and analyse daily reports on the output of the Bank’s market risk measurement models, including an evaluation of the relationship between measures of risk exposure and trading limits. This function must be independent from business trading units and must report directly to Senior Management.
            3. 15. A Bank’s internal risk measurement models must be closely integrated into the day-to-day risk management process of the Bank. Model output must be an integral part of the process of planning monitoring and controlling the Bank’s Market Risk profile.
            4. 16. The Market Risk measurement system must be used in conjunction with internal trading and exposure limits. In this regard, trading limits must be related to the Bank’s risk measurement model in a manner that is consistent over time and that it is well understood by both traders and Senior Management.
            5. 17. A Bank must include in its internal models risk factors deemed relevant for pricing. Any proxies used must show a good track record of the actual position held; for example, an equity index for a position in an individual stock.
          • Internal Validation

            1. 18. A Bank using models must provide for initial and on-going validation by a risk management function independent of the risk-taking functions of the internal model and when any significant changes are made to the model. More frequent validation is required where there have been significant structural changes in the market or changes to the composition of the portfolio which might lead to the model no longer being adequate.
            2. 19. A Bank’s model validation must not be limited to profit or loss attribution and back-testing, but, at a minimum, also must include tests to demonstrate that any assumptions made within the internal model are appropriate and do not underestimate risk. This may include normal distribution assumption, the use of the square root of time to scale from a one day holding period to a 10 day holding period or where extrapolation or interpolation techniques are used, or pricing models.
            3. 20. Testing for model validation must use hypothetical changes in portfolio value that would occur were end-of-day positions to remain unchanged. It therefore excludes fees, commissions, bid-ask spreads, net interest income and intra-day trading.
            4. 21. Additional tests are required, which may include but are not limited to:
              1. a. Testing carried out for longer than required for the regular back-testing program (for instance 3 years). The longer period generally improves the power of the back-testing. A longer time period may not be desirable if the model or market conditions have changed to the extent that historical data is no longer relevant;
              2. b. Testing carried out using confidence intervals in addition to the 97.5 percent and 99 percent interval required under the Basel quantitative standards;
              3. c. Testing of portfolios below the overall Bank level;
              4. d. The use of hypothetical portfolios to ensure that the model is able to account for particular structural features that may arise, for example, where data histories for a particular instrument do not meet the quantitative standards and where the Bank has to map these positions to proxies;
              5. e. Ensuring that material basis risks are adequately captured. This may include mismatches between long and short positions by maturity or by issuer; and
              6. f. Ensuring that the model captures concentration risk that may arise in an undiversified portfolio.
          • External Validation

            1. 22. The validation of the accuracy of a Bank’s models by an independent appropriately qualified specialist at a minimum (e.g. an external auditor) must include the following steps:
              1. a. Verifying that the internal validation processes are operating in a satisfactory manner;
              2. b. Ensuring that the formulae used in the calculation process as well as for the pricing of options and other complex instruments are validated by a qualified unit, which in all cases must be independent from the trading area;
              3. c. Checking that the structure of internal models is adequate with respect to the Bank’s activities and geographical coverage;
              4. d. Checking the results of the Bank’s back testing of its internal measurement system (for example, comparing model estimates with actual profits and losses) to ensure that the model provides a reliable measure of potential losses over time. A Bank must make the results as well as the underlying inputs to its model calculations available to the independent specialist; and
              5. e. Making sure that data flows and processes associated with the risk measurement system are transparent and accessible. In particular, it is necessary that the independent specialist has access as required to the model’s specifications and parameters.
      • Article 4: Valuation

        1. 1. A Bank must mark-to-market at least on a daily basis its market risk positions. The more prudent side of bid/offer must be used, unless the Bank is a significant market maker in a particular position type and it can close-out at mid-market. A Bank must maximize the use of relevant observable inputs and minimize the use of unobservable inputs when estimating fair value using a valuation technique. However, observable inputs or transactions may not be relevant, such as in a forced liquidation or distressed sale, or transactions may not be observable, such as when markets are inactive. In such cases, the observable data must be considered, but may not be determinative.
        2. 2. A Bank may use mark-to-model only where marking-to-market is not possible, but it must be able to demonstrate to the Central Bank that this approach is prudent. When marking-to-model, an extra degree of conservatism is appropriate. The Central Bank will consider the following in assessing whether a mark-to-model valuation is prudent:
          1. a. Senior Management must be aware of the elements of the trading book or of other fair-valued positions which are subject to mark-to-model and must understand the materiality of the uncertainty this creates in the reporting of the risk/performance of the business;
          2. b. Market inputs must be sourced, to the extent possible, which show satisfactory track record of the actual position held. The appropriateness of the market inputs for the particular position being valued must be reviewed regularly;
          3. c. Where available, generally accepted valuation methodologies for particular products must be used as far as possible;
          4. d. A Bank’s model must be based on appropriate assumptions which have been assessed and challenged by suitably qualified parties independent of the development process. This can take the form of a Technical Committee. The model must be developed or approved independently of the risk-taking functions and must be independently tested;
          5. e. There must be formal change control procedures in place and a secure copy of the model must be held and periodically used to check valuations;
          6. f. The independent risk management function must be aware of the weaknesses of the models used and how best to reflect those in the valuation output;
          7. g. The model must be subject to periodic review to determine the accuracy of its performance (e.g. assessing continued appropriateness of the assumptions, analysis of profit and loss versus risk factors, comparison of actual close out values to model outputs); and
          8. h. Valuation adjustments must be made as appropriate (for example, to cover the uncertainty of the model valuation).
        3. 3. As part of its procedures for marking-to-market, a Bank must establish and maintain procedures for considering valuation adjustments. A Bank using third-party valuations must consider whether valuation adjustments are necessary. Such considerations are also necessary when marking-to-model.
        4. 4. A Bank must, at a minimum, formally consider credit valuation adjustments, unearned credit spreads, close-out costs, operational risks, early termination, investing and funding costs, future administrative costs and, where appropriate, model risk.
        5. 5. The Board-approved polices must provide for independent verification of market prices or model inputs by a unit independent of the risk taking functions, at least monthly and depending on the nature of the market/trading activity, more frequently. Senior Management must take appropriate action to ensure the elimination of inaccurate daily marks.
        6. 6. Where pricing sources are more subjective, such as when only one available broker quote is provided, prudent measures, such as valuation adjustments must be taken as appropriate.
        • Back-Testing

          1. 7. The independent risk management function must conduct a regular back-testing program and profit and loss attribution program including but not limited to comparison of the risk measure and profit or loss values generated by the model against actual daily changes in portfolio value, as well as hypothetical changes based on static positions.
          2. 8. A Bank’s back-testing program must cover a minimum period of 250 business days.
          3. 9. A Bank’s back-testing program must include a formal evaluation of instances where trading outcomes are not covered by the risk measures (termed ‘exceptions’) on at least a quarterly basis, using the most recent twelve months modelled results and profit data. The Bank must document all exceptions generated from its ongoing back-testing program, including an explanation for the exceptions. A Bank must have the capacity to perform back-testing analysis both at the level of the whole portfolio and at the level of sub-portfolios or books that contain material risk.
          4. 10. A Bank must perform back-tests using both actual trading outcomes and hypothetical trading outcomes. Hypothetical trading outcomes are calculated by applying the day’s price movements to the previous day’s end-of-day portfolio. When performing back-tests using actual trading outcomes, a Bank must use clean trading outcomes, i.e. actual trading outcomes adjusted to remove the impact of income arising from factors other than market movements alone, such as fees and commissions, brokerage, additions to and releases from reserves which are not directly related to market risk (such as administration reserves).
      • Article 5: Capital

        1. 1. A Bank must calculate a capital charge for interest rate risk, options risk and equity positions in the trading book. Equity exposure, foreign exchange risk and commodity risk and options risk must be calculated on the Bank’s entire positions. Options risk must also be calculated for options on foreign exchange or commodities positions not belonging to the trading book. In addition, a Bank must take into account other relevant market risk exposures, including but not limited to interest rate risk in the Banking book, as part of the Internal Capital Adequacy Assessment Process to ensure that it holds adequate capital against all market risks.
      • Article 6: Stress Testing

        1. 1. A Bank must have a forward-looking stress-testing program that addresses market risks as well as other Pillar 1 risks and any relevant Pillar 2 risks. Consideration of market risks must include liquidity implications as well as impacts on earnings and capital.
        2. 2. A Bank’s stress scenarios must cover a range of market risk factors that can create extraordinary losses or gains in trading portfolios, or make the control of risk in those portfolios very difficult. Stress scenarios need to shed light on the impact of such events on positions that display both linear and nonlinear price characteristics (for instance options and instruments that have options-like characteristics).
        3. 3. A Bank’s stress tests must be both of a quantitative and qualitative nature, incorporating both market risk and liquidity aspects of market disturbances. Quantitative criteria must identify plausible stress scenarios to which a Bank could be exposed. Qualitative criteria must emphasize that the two major goals of stress testing are to evaluate the capacity of the Bank’s capital to absorb potential large losses and to identity steps the Bank can take to reduce its risk and conserve capital. This assessment is integral to setting and evaluating the Bank’s management strategy and the results of stress testing routinely must be communicated to Senior Management and periodically to the Board.
        4. 4. From time to time, the Central Bank may require Banks to carry out stress tests based on Central Bank prescribed scenarios. A Bank must combine the use of stress scenarios as prescribed by the Central Bank with internally developed stress tests to reflect the specific risk characteristics of its portfolio. A Bank must submit the following information on stress testing to the Central Bank:
          1. a. Supervisory scenarios requiring no simulations by a Bank: A Bank must make information on the largest losses experienced during the reporting period available to the Central Bank. This loss information must be compared to the level of capital that results from a Bank’s internal measurement system. For example, it could provide the Central Bank with a picture of how many days of peak day losses would have been covered by a given value-at-risk or expected shortfall estimate;
          2. b. Supervisory scenarios requiring simulations by a Bank: A Bank must subject its portfolios to a series of simulated stress scenarios and provide the Central Bank with the results. These scenarios could include testing the current portfolio against past periods of significant disturbance. A second type of scenario would evaluate the sensitivity of the Bank’s market risk exposure to changes in the assumptions about volatilities and correlations. Applying this test would require an evaluation of the historical range of variation for volatilities and correlations and evaluation of the Bank’s current positions against the extreme values of the historical range. Due consideration must be given to the sharp variation that at times has occurred in a matter of days in periods of significant market disturbance. (for example, the global financial crisis and earlier major market disturbances involved correlations within risk factors approaching the extreme values of 1 or −1 for several days at the height of the disturbance); and
          3. c. Scenarios developed by the Bank itself to capture the specific characteristics of its portfolio: A Bank must develop its own stress tests which it identifies as most adverse based on the characteristics of its portfolio (such as adverse regional developments combined with a sharp move in oil prices). The market shocks applied in the tests must reflect the nature of portfolios and the time it could take to hedge or manage risks under severe market conditions. The Bank must provide the Central Bank with a description of the methodology used to select and carry out the scenarios as well as with a description of the results derived from these scenarios. The stress tests must also address:
            1. i. Illiquidity/gapping of prices;
            2. ii. Concentrated positions (in relation to market turnover);
            3. iii. One-way markets;
            4. iv. Non-linear products/deep out-of-the-money positions;
            5. v. Events and jumps-to-defaults; and
            6. vi. Other risks that may not be captured appropriately in the models (in the case of VaR models for example, these may include but are not limited to: recovery rate uncertainty, implied correlations, skew risk, default risk, migration risks and shocks to the exchange rate regime).
        5. 5. Senior Management must review the stress test results periodically, but at least monthly and such results must be reflected in the policies and limits set by management and the Board. Stress test results must be used in the internal assessment of capital adequacy. The Bank must take prompt steps to manage vulnerabilities identified in stress testing, which can include but are not limited to hedging against identified outcomes, reducing the size of exposures or increasing capital.
      • Article 7: Reporting

        1. 1. A Bank must submit to the Central Bank on a quarterly basis the Report on Market Risk Exposures. A Bank must calculate the number of exceptions in back-tests using trading outcomes and provide this information to the Central Bank in such form and frequency as the Central Bank may specify.
      • Article 8: Islamic Banking

        1. 1. A Bank offering Islamic financial services must have in place an appropriate framework for market risk management, including reporting, in respect of all assets held, particularly those that do not have a ready market and/or are exposed to high price volatility.
        2. 2. A Bank offering Islamic financial services must develop a market risk strategy including the level of acceptable market risk appetite taking into account contractual agreements with fund providers, types of risk-taking activities and target markets in order to maximize returns while keeping exposures at or below the pre-determined levels. The strategy must be reviewed at least annually, communicated to relevant staff and disclosed to fund providers. The strategy must provide for guidelines governing risk-taking activities in different portfolios of restricted investment account holders and applicable market risk limits.
        3. 3. A Bank offering Islamic financial services must ensure that its strategy includes a definition of its risk appetite for tradable assets and that its risk appetite is adequately supported by capital held for that purpose.
        4. 4. A Bank offering Islamic financial services must be able to quantify market risk exposures and assess exposure to the probability of future losses in its net open asset positions. The Bank must incorporate a detailed approach to valuing its market risk positions where no direct market prices are available. This may include appropriate forecasting techniques to assess the potential value of these assets.
        5. 5. Where available valuation methodologies are deficient, a Bank offering Islamic financial services must assess the need to:
          1. a. allocate funds to cover risks resulting from illiquidity, new assets and uncertainty in assumptions underlying valuation and realization; and
          2. b. establish a contractual agreement with the counterparty specifying the methods to be used in valuing the assets.
        6. 6. A Bank offering Islamic financial services must apply the same risk management policies and procedures to assets held on behalf of restricted investment account holders as it does to assets held on behalf of shareholders and unrestricted investment account holders.
        7. 7. Where a Bank offering Islamic financial services plays the role of market maker to restricted investment account holders, the resultant liquidity risk must be managed appropriately.