7th MaRisk amendment expected in 2nd half 2022
After the application of the EBA guidelines on loan origination and monitoring for significant institutes in June 2021, the publication of the 7th MaRisk amendment is expected for the second half of 2022. As a result, the new requirements will soon also be relevant for less important institutions as well.
Requirements affect all bank segments and the whole master credit process
Although existing German MaRisk circulars already cover parts of the EBA guidelines on loan origination and monitoring, the effort for German less significant institutes to implement the expected requirements of the 7th MaRisk amendment are still considered high.
The Guidelines are divided into the following sections: internal governance, loan origination and procedures, pricing, valuation of immovable and movable property and the monitoring framework. Due to the comprehensive requirements, the whole master credit process must be reviewed throughout the segments Private Banking, Retail Banking and Corporate Banking.
Institutions should have appropriate data infrastructure as well as relevant policies and procedures to support the credit-granting process and for the purposes of credit risk management and monitoring throughout the life cycle of the credit facilities.
Although the current practice within the banking sector at least for less significant institutions may differ, the topics “Environment, Social and Governance” (ESG) factors, sensitivity analyses, key risk indicators and IT data infrastructure will have the largest impact for the implementation of the requirements among the others.
While ESG criteria for investment decisions are now widely available, the consideration of ESG criteria for loan granting is a special challenge for banks, because not all borrowers are large, listed companies obliged to publish ESG relevant information. Furthermore, the primary use of external data for ESG assessment may not meet the bank’s own claim. As a result, banks will have to deal with collecting information about/from clients themselves for at least some of their borrowers (who maybe have not yet dealt with ESG risks at all themselves). In the case of borrowers with external available information, the question remains how can be it integrated into the creditworthiness assessment process and into the existing IT data infrastructure.
Additionally, banks which plan to originate environmentally sustainable credit facilities should develop, as part of their credit risk policies and procedures, specific details for those lending policies and procedures.
Although the creditworthiness assessment had to consider the future repayment capacity even before, the requirements to perform a detailed sensitivity analysis under idiosyncratic and market events are quite new. Considering this banks must build a process including scenarios for their single- or multifactor sensitivity analyses for classical lending to corporates (medium-sized and large enterprises) and consumers. Until now, this has mainly been the case for cash-flow oriented financings like leverage transactions
Part of the sensitivity analysis should also be the new key risk indicators (KRI) which banks should implement and apply within the monitoring framework. From our Infosys Consulting perspective, banks should focus on a limited number of such KRIs, but ensure the consistent use from credit granting up to early warning and monitoring. Thresholds should be defined, and an escalation process should be put in place.
Besides the mentioned business specific topics, the appropriate data and IT infrastructure throughout the life cycle of the credit facilities (technology-enabled innovation for credit granting and models for creditworthiness assessment and credit decision-making excluded at this point) is expected to be a further major challenge while implementing the regulatory requirements.
At least, the European Bank Authority allows a phase-in of requirements for addressing data gaps in the monitoring of already existing credit facilities up until 30th June 2024. Probably the BaFin will also tolerate a transition period.
ESG and data infrastructure are large challenges
Even if gaps are already identified and implementation measures perhaps are in progress, the consistent integration of all requirements and the need for a data infrastructure over the whole credit lifecycle are still a significant challenge for banks. BaFin intends to keep the principle-based approach and will allow further application of proportionality for less significant banks. Specifically, the consideration of ESG factors and data collection to assess those risk will remain a challenge. At the same time, banks as well as companies will have to disclose information on ESG related risks to the authorities (EBA ITS 2022/01 on prudential disclosures on ESG risks, NFRD, CSRD, SFDR, etc.).
In order to meet all these requirements, it will be crucial to link the various requirements in an efficient way.
Dr. Eric G. Krause
Partner, Infosys Consulting
Eric has more than 19 years of experience in the banking industry and heads up our financial services sector in Germany. He joined Infosys Consulting in 2014 from PricewaterhouseCoopers where he was an advisory partner and prior to that, has held various senior management positions at Capgemini and KPMG. Eric started his career as a banker, working for HVB/UniCredit and Dresdner Kleinwort Benson, before moving to consultancy. He holds a doctoral degree from Universität St. Gallen (HSG), CH.
Senior Principal, Infosys Consulting
Dieter Ries is Senior Principal within our financial services practice in Germany with a focus on risk and compliance. He brings deep expertise in managing internal investigations and gained experience in the credit business during his work as a credit officer in a private bank. He has more than 25 years experience within the financial services domain and worked with numerous international clients in merger, post-merger and core banking projects. Dieter holds a Diploma in economics and is certified project manager.
Principal Consultant, Infosys Consulting
René Merkofer is Principal Consultant within our financial services practice in Germany with a focus on credit business and risk management areas. He has more than 14 years experience within the financial services domain. René managed the implementation of several regulatory requirements for a German bank and led the development and implementation of a digital lending platform for private wealth management clients. René holds a Diploma in business administration from Goethe University Frankfurt. He has a credit risk management certification from the Frankfurt School of Finance & Management.