The leading knowledge platform for the financial technology industry
The leading knowledge platform for the financial technology industry

A-Team Insight Blogs

CEBS Publishes Concentration Risk Guidelines: Data Management Systems to be Thrown into Spotlight

In line with planned risk related deliverables, the Committee of European Banking Supervisors (CEBS) has published another consultation paper, this time on the management of concentration risk under the supervisory review process. The paper is available for comment until 31 March next year and is aimed at providing market participants with a holistic approach to concentration risk management. Furthermore, CEBS expects its members to apply the finalised guidelines by the end of next year.

Firms are now expected to identify and assess all aspects of concentration risk, rather than concentrate on credit risk measurement, as has previously been the case with regards to traditional analysis. In the draft revised guidelines CEBS is taking a broader approach to concentration risk management and suggests that it is not sufficient to analyse concentration risk only within a risk type (intra-risk analysis), but that analysis of concentration risk across risk types (inter-risk analysis) is also necessary, including credit, market, operational and liquidity risks.

As CEBS explains: “Concentration risk refers not only to risk related to credit granted to individual or interrelated borrowers but to any other significant interrelated asset or liability exposures which, in cases of distress in some markets/sectors/countries or areas of activity, may threaten the soundness of an institution.”

The draft revised guidelines update the guidelines on technical aspects of the management of concentration risk under the supervisory review process, which were first published on 14 December 2006. They also complement the principles set out in the CEBS’s Guidelines on the application of the supervisory review process, which is part of the Basel II framework review. The guidelines set out in the paper build upon CEBS’s Guidelines on the Application of the Supervisory Review Process under Pillar II and should be read together with CEBS’s guidelines on the revised large exposures regime, and CEBS’s high level principles for risk management.

The idea behind moving from credit risk assessment to concentration risk assessment is to better identify a firm’s risk exposures as a whole. These are the exposures that have the potential to produce losses large enough to threaten the financial institution’s health or ability to maintain its core operations, or to produce a material change in its risk profile, according to CEBS. It is a recognition that risk data should not be dealt with in a siloed manner, as these risks are all related to each other and need to be tracked in conjunction to each other.

CEBS directly states that firms need to ensure that their data management systems are up to the task: “an institution should have adequate data management systems to enable it to identify concentrations arising from different (types of) exposures”. This is a call for not just risk management technology investment, but also investment in the fundamental data infrastructure of the firm.

CEBS does not recommend that a one size fits all approach should be adopted with regards to concentration risk reporting requirements from the regulatory community, however. It stresses that smaller and less complex firms are more likely to be affected by credit risk than any other risk type and thus do not need to be subject to the same level of scrutiny.

Of course, bringing all this siloed risk data together will be challenging for most large financial institutions and will likely drive spending on risk IT (along with the veritable cartload of other risk related regulations) next year. However, although CEBS may have been granted more clout in the regulatory community, it does not have the teeth to threaten firms if they fail to comply with its recommendations. More likely, is that national regulators will be charged with tackling this area and demanding that firms provide concentration risk reports on a regular basis (a la the Financial Services Authority’s liquidity risk reporting regime).

In the meantime, there is enough of a basis within the guidelines for those firms that wish to stay one step of the regulators to be able to restructure their governance and risk management frameworks. It will likely be a costly process, as most risk data is held in completely separate silos. It will be up to individual institutions whether they choose to rip out and replace this patchwork of systems or (as is seemingly the norm in the financial services industry) create tactical linkages between each of the systems.

As well as highlighting fundamental deficiencies in firms’ data architectures, the challenge of concentration risk reporting will also likely throw data standardisation issues into the spotlight. Counterparty data tracking and disparities around securities identification between firms will thus be evident. All of this means that data will certainly be a key issue in 2010.

A public hearing will be held on the subject on 12 March 2010 at CEBS’s premises in London, from 10am to 1pm to allow interested parties to share their views. CEBS has indicated a 31 December 2010 deadline for implementation of the recommendations and says it will be conducting an implementation study a year after this date to assess who has yet to take action. You have been warned.

Related content


Recorded Webinar: Meeting the requirements of the EU’s ESG Disclosure Regulation

The EU Sustainable Finance Disclosure Regulation (SFDR) is central to the European drive towards a sustainable financial market. As such, it is complicated and multi-faceted, and makes rigorous demands on financial firms to source large volumes of ESG data and meet numerous reporting obligations. Key elements of disclosure include sustainability risk, principle adverse impacts, and...


IFPR – The UK’s New Prudential Regime: Is Your Firm Ready?

By Murray Campbell, CASS Business Consultant, AutoRek. The Investment Firm Prudential Regime (IFPR) comes into effect in the UK on January 1, 2022, and will overhaul the prudential regulations that are currently applicable to MiFID investment firms. This will bring significant changes to the way investment firms assess their capital adequacy and monitor associated risks....


Data Management Summit New York City (Redirected)

Now in its 8th year, the Data Management Summit (DMS) in NYC explores the shift to the new world where data is redefining the operating model and firms are seeking to unlock value via data transformation projects for enterprise gain and competitive edge.


Regulatory Data Handbook 2021/2022 – Ninth Edition

Welcome to the ninth edition of A-Team Group’s Regulatory Data Handbook, a publication dedicated to helping you gain a full understanding of regulations related to your organisation from the details of requirements to best practice implementation. This edition of the handbook includes a focus on regulations being rolled out to bring order and standardisation to...