5 Proven Approaches: A Roadmap to Enhance Your Internal Risk Rating System

When embarking on the road to building your internal risk rating system, it is essential to have a roadmap. For many, the start of the journey is understanding your regulatory requirements. The destination is regulatory approval.

In this blog, we map out 5 pit stops along the road that will pave an easier way towards enhancing your internal risk rating system.

Roadmap to Enhance Your Internal Risk System

The first stop along the road is confirming the conceptual soundness of your internal risk rating models. We consider conceptual soundness as part of the diagnostic phase. Just as an auto mechanic would look under the hood of your car, your validation team should effectively challenge your documentation, model design, governance, controls and compare to leading practices. I’d like to take a moment to focus on documentation.

Validation Document Technical Documentation Bank Scorecard

Here we have a screenshot of the S&P Capital IQ validation or technical documentation and a partial table of contents. Not having validation or technical documentation is like driving your car without headlights. It’s a must have!

The second stop along the road to regulatory approval is Outcome Analysis. Just like you would take a new car for a test drive, with models you need to test their performance. Outcome analysis can be further broken down between benchmarks and backtesting. Benchmarking works, but, really only for low default models, and backtesting works for higher default or more consumer oriented models.

The third stop, the implementation phase, is driven by Probability of Default or PD Scorecards. PD tools are the most fundamental components of an internal risk rating system. Not surprisingly, given the S&P Capital IQ perspective, our emphasis is on low default PD Scorecards.

Transparency of Risk Factors, Weights and Benchmarks

On this slide, you have a hypothetical example of an S&P Capital IQ Scorecard. Notice the broad dimensions of financial and business risk, the simplified risk factors of profitability and competitiveness, risk weights, the numerical risk scores, and the mapped risk grades to the 20 point S&P scale. To help meet regulatory requirements, scorecards must be well documented, transparent, consistent, replicable, sector specific, updated at least annually, and aligned to observable default rates.

The fourth stop along the road is a robust Loss Given Default or LGD framework. LGD approaches include expert judgment, hybrid, and quantitative models. However, we find most institutions moving towards a hybrid approach. Hybrid LGD approaches allow you to leverage your existing data and fill in the gaps through a systemic and well researched expert judgment process.

The fifth and final stop along the road is the Internal Risk Mapping step. Mapping your scorecard output to default rates is necessary, Otherwise, your scoring would simply be a rank ordering - in other words, not mapping your scorecard output to the default rate is like driving a car without a speedometer!

Here are 2 key guidelines to keep in mind:

  1. Your observable default rates need to span multiple business cycles.
  2. They should be mapped to 3rd-party scales such as Standard and Poor’s.

Watch Bob Durante’s video to further explore his Roadmap to Enhance Your Internal Risk Rating System.

Subscribe to Insights