Deutsche Bundesbank

12/28/2021 | Press release | Distributed by Public on 12/28/2021 06:39

“A wake-up call for all supervisors” Interview published in Börsen-Zeitung

Interview conducted by Tobias Fischer and Bernd Neubacher.
Translation: Deutsche Bundesbank

Mr Wuermeling, since the European Commission presented its proposal for implementation of the Basel III capital rules, the impact assessments have varied significantly. The Bundesbank puts the increase in capital requirements for German banks at between 6% and 8%, the Commission says 25%, and the Association of German Pfandbrief Banks forecasts an even higher increase. Why is that?

Explaining that to anyone unfamiliar with the topic is indeed anything but easy, but there are reasons why the numbers vary. The number 25 comes from an impact study by the European Banking Authority (EBA), which differs from our figures in two key respects. The first is that the EBA only examined a sample of what are predominantly large banks. The effects there are considerably greater because for the most part, these institutions work with internal models. And the second is that the EBA based its impact study on a stricter implementation of the Basel requirements than envisaged in the Commission's draft. That draft proposal contains a whole raft of exceptions, specific features and transitional arrangements that reduce the increase in minimum required capital (MRC) significantly. It's understandable that all this can be confusing. And in the debate every bank then picks out the number that makes its own burden look particularly high.

So in fact, the debate surrounding Basel III is less a technical matter than a highly political one.

Higher risks mean that more capital has to be set aside. I would call that highly sensible, rather than highly political. Our internal calculations indicate that the minimum required capital will increase by 6% when the key reform elements enter into force in 2030. And when further transitional periods expire in 2032, this number will go up by another 4 percentage points, leaving us with an overall increase of 10%. This makes our banks safer and is manageable for the market as a whole. However, if the handful of outliers are omitted, these increases will be halved, leaving them at 3% and 5%, respectively.

Transitional periods that stretch all the way to 2032 look like they are being used by the Commission to kick one can or another further down the road.

I wouldn't say that. It's time the European banks still need to mitigate the impact by adjusting their balance sheet structure, amongst other things. But then, as of 2032, the requirements will be in force - that's something every bank can and should count on.

As far as the funding of SMEs without external ratings is concerned, which looks set to become significantly more expensive for large banks, transitional periods are useful not only for the banks but for supervisors and regulators as well. Debate has been ongoing for some time now about what those ratings might look like. Why has a solution been out of reach so far?

As things stand today, the bulk of loans to small and medium-sized enterprises will continue to benefit from the existing privileges, even without a rating. That's something the adoption of Basel III in the EU will not change either. If at all, more capital would need to be set aside for roughly 15% to 20% of the loans as of 2032. The issue here is more that many SMEs aren't interested in being rated by external agencies, and understandably so. That is why they are also not prepared to shoulder the high costs this involves simply on account of the relevance for their banks.

Could the Bundesbank not offer these ratings free of charge, as is the case in France or Belgium?

We could do that and we do so already, albeit solely for our own use in order to value the collateral that banks wishing to participate in our monetary policy operations provide. Also, enterprises are happy to use their "eligibility" status as a seal of approval when they issue borrowers' note loans. What is more, the EU Regulation on Credit Rating Agencies states that central banks are admissible as credit rating agencies for supervisory purposes. However, we fear a certain conflict of interests if one office at the Bundesbank prepares a credit rating and that credit rating is then used in the office next door by the supervisors. That is not as much of a problem for other central banks. The Bundesbank, however, would prefer to see a market solution.

Do I sense a concern in what you're saying that a credit rating prepared by the Bundesbank might turn out to be a flop and damage the central bank's reputation?

I can put your mind at ease here. No, you see, we already draw up more than 25,000 credit ratings each year, but these are for monetary policy purposes, not for prudential supervision. Here, too, we might make a wrong call, but thanks to our expertise and experience those instances have been extremely rare so far.

It has also been said that the credit rating agencies are unwilling to provide credit ratings because it's not worth their while.

It would appear that the credit rating agencies do not feel that they can provide simple credit ratings that satisfy the regulatory requirements at reasonable prices.

Isn't that an admission that regulators have failed? After the financial crisis, regulators wanted to harness the credit rating agencies, and now these agencies are continuing to earn margins that are so lucrative that the SME ratings business seems crummy by comparison.

That's not a question of regulation at the end of the day. If credit rating agencies want to concentrate on certain segments, that's a business policy decision they make, and that should be respected.

What would a solution look like?

I could well imagine that automated credit ratings are possible at a reasonable expense with the aid of digital technologies, big data and a bit of imagination. But the final step of the credit rating process always needs to be the analyst's expert judgement.

The years ahead will see the economy undergoing a large-scale transformation in the wake of the pandemic towards more digitalisation and more sustainability. Is there any concern here that the finalisation of Basel III might obstruct the funding needed to make that happen?

We have heard that argument raised almost every time the capital requirements have been tightened in the past. But it has never been right. So we are not all that shocked by this assessment this time either. Right now, we are seeing a huge surplus of deposits in the system, some of which are yielding negative rates of 0.5%. At the same time, banks have €165 billion in excess capital available to back loans. Basel will probably tie up roughly €20 billion of that figure once the transitional periods expire in ten years. I see no signs of capital being scarce. It may well be that certain banks with tight capital resources will perhaps be particularly challenged as a result. But there are enough other institutions that can step in.

What should prevent banks from providing loans for the necessary investment?

Funding transformation is altogether different from conventional corporate banking business: the risks are far greater than those of traditional funding business because this investment is over a far longer timeframe. In some areas, it is not a conventional loan that is necessary but more of an equity-like instrument. Banks may potentially not be able or willing to meet these funding needs. That would be understandable as conventional deposits are not used for such venture capital financing. And risky financing ties up a lot of capital. It is therefore quite possible that a large portion of this business will therefore bypass the banking system. As a result, capital market investors from all over the world would be funding transformation on their own even though our banks have, in principle, enough deposits at their disposal for refinancing purposes.

What can be done?

One conceivable option might be, for instance, fund-based solution: the local "house bank", which knows its customers, brokers financing through a fund. However, its shares are then refinanced in a diversified manner by having additional risk takers step in and assume given tranches. The house banks, though, would then take the senior tranche into their own safe custody account holdings. This would mean that they conduct the operation indirectly, yet on a secure foundation and subject to a lower capital requirement.

Supervisory legislation has contributed to banks now avoiding risks. Does something have to change there?

We will have to get used to the idea that transformation financing will involve German banks taking more risks, and they will have to do this, too, in order to perform their economic function. We as supervisors therefore also do not want to stand in institutions' way but naturally keep an eye out to ensure that risk management and capital requirements are complied with even when the institutions engage in riskier financing.

They will only do that if, under the supervisory framework, there is financial benefit in it for them.

Good point. The risks surrounding transformation finance have to be properly priced, of course. And on that score, we have been witnessing a certain loss of market discipline in recent years. I would hope for a revival of discipline and that appropriate risk premia are charged for higher risks. These could then also cover the higher costs of capital and any potential defaults.

Do supervisors also need to learn to tolerate more risk?

It is not the job of supervisors to dissuade banks from taking risks. To be fair, there actually was such a tendency, especially in the aftermath of the financial crisis, and it still exists to a degree - take venture capital, for instance. Yet the risks won't go away but will only migrate from the banking system to the shadow banking sector, which has its own issues - take Archegos, for example.

And its own returns: regulated real estate banks are currently taking care of bread-and-butter business and private debt is assuming the lucrative tranches.

It doesn't do the German banking system any favours if earnings are constantly being shifted to the non-banking sector. That will dry out the banking industry as a whole in the long run. And that is therefore why I think that banks should not be afraid to increasingly take acceptable risks. However, our response will certainly not be less supervision and softer requirements.

Banks also face non-financial risks, such as cyber risks. Are they doing enough about them?

In the past few years, banks have become considerably more sensitive. Progress has been made, but vulnerabilities still remain. With regard to cybercrime, it is a race against the clock, as we are currently seeing regarding the Log4j flaw. Attacks are becoming ever more subtle, more refined, more professional. In the past five years, we have seen a doubling of cybercrime cases reported to the police in Germany. The vast majority of IT incidents reported to us by banks, however, are still attributable to negligence, such as updates being installed either too late or not at all. Our focus is therefore not just on fending off cyberattacks but equally on enhancing resilience.

Has the Bundesbank been successfully attacked?

Fortunately, we have not suffered any successful attacks that could have caused any major damage. However, we are also going to considerable lengths to protect ourselves. As the Bundesbank Executive Board member in charge of IT, I can assure you of this.

For preventative purposes, banks all over Europe are advised to expose themselves to controlled hacker attacks. BaFin and the Bundesbank were both involved in the initiation of this process and are responsible for it in Germany. What has the response been?

Banks have shown remarkably great interest. We did not expect demand to be so great at the outset. We are pleased that the response has been great, and experience with the initial tests has been very good.

You have announced that supervisors want to take a closer look at other non-financial risks, too.

We see growing risks stemming from the digitalisation of banks. For instance, institutions are increasingly using algorithms in their conventional banking operations, including in areas that are relevant to risk. Besides this, artificial intelligence (AI), machine learning and other methods are being used for credit assessments, liquidity management or the calculation of equity capital, for example. Not only does this enhance efficiency, it also helps prevent human error in many cases. On the other hand, these analytical tools entail their own operational risks and model risks. In principle, we follow the same approach we use to inspect banks' internal models. The use of digital tools must be comprehensible, data quality must be assured, and deployment must be consistently monitored.

What is your approach here?

We are not asking banks and supervisors to be able to fully explain the results of artificial intelligence or machine learning. That's simply not possible, in fact, because the machine learns by itself. Instead, we require adequate monitoring and understanding of the model so that any undesirable behaviour can be identified in good time. This is important to us insofar as AI is used in risk-relevant areas.

The European Commission is proposing an approval requirement for algorithm-based credit assessments.

But banking supervision should be kept under one roof. Powers and responsibilities should not be fragmented. We don't see the need for such approval for banks - let alone from a separate body. Banking supervisors are keeping a sufficiently close eye on these challenges. A wider-ranging approval requirement for certain applications could even end up hindering innovation.

What is the most important non-financial risk, in your opinion?

Definitely cyber risk, because of the size of the impact it can have. In Greece, for example, a few years ago, a cyber incident more or less brought the entire banking system to a temporary standstill. Fortunately, the cases we have seen up to now have been limited. But I don't think we are yet aware of the true extent of the potential fallout from cyber incidents.

What does 2022 have in store for supervisory practice? Will the Wirecard incident now have repercussions for all institutions?

Of course, the Wirecard scandal was a wake-up call for all supervisory authorities, particularly in terms of digital and globally-scaled business models. We are pleased to see that BaFin is therefore setting new priorities, by establishing focus supervision, for instance. We are playing an active part here through our analytical role in the supervisory system. Of course, we have taken a critical look at what improvements we could make, too. It may be necessary to set different priorities or reallocate resources in order to deal with new risks. To this extent, we are considering strengthening supervision of such specific institutions and, given limited resources, relieving the supervisory pressure at smaller and less risky banks, also in the interests of proportionality.

That will be music to the ears of networked institutions. Does that also mean that, like BaFin, the Bundesbank will be altering the structure of its banking supervision?

To address this issue, we have launched a comprehensive strategy process, which is not yet complete, however. The basic structure of our banking supervision has proven its worth, though, and is not up for debate.

When will you have the results?

We are expecting the first concrete results over the course of next year - of course, it will then take longer to implement measures.

And what does the change of government mean for the Bundesbank? To put it bluntly, does it matter to the Bundesbank who the new Federal Finance Minister is?

The Bundesbank is independent. In that sense, the coalition deal does not affect our work. At the same time, the coalition agreement will have a significant impact on the political environment in which we operate - a fact that we welcome. With regard to green finance, this includes a clear commitment to risk orientation in the area of supervision. We don't believe it is within our remit to encourage banks to gear their portfolios towards certain environmental or other political aims. For example, a green asset ratio is not a supervisory metric.

What impact does the Bundesbank expect the fourth wave of the coronavirus pandemic to have?

Of course, we observed the fluctuations on the financial markets after the discovery of the Omicron variant, as well as the dip in certain economic indicators such as the ifo index. Banks' risk management therefore still needs to closely monitor market risk. And the fourth or even, as some fear, the fifth coronavirus wave, with its restrictions on retail in the important Christmas trading period, for example, could also affect credit risk, especially for enterprises that are already in a weakened position. But the situation as such is no longer new and, so far, there have not been any large-scale credit losses. This is mostly due to government support for enterprises, which was recently extended until the end of June. So we still don't know the extent of the actual losses incurred by enterprises and thus on banks' balance sheets. At the same time, economic agents are gathering more and more experience with the pandemic and are therefore coping better and better with partial lockdowns and restrictions. I believe that focusing so closely on the impact of the pandemic might even result in a certain tendency to overlook other risks, which may be larger as well as longer-term.

What sources of risk are you thinking of, exactly?

I'm thinking, for example, of a potentially more persistent bout of inflation and an accompanying rise in interest rates, which we are already seeing in the United States and other countries. This could lead to a perceptible materialisation of market and interest rate risk.

© Börsen-Zeitung. All rights reserved.