The Basel II Accord, which is compulsory and must be adopted worldwide, stipulates that banks must have new procedures for measuring and mitigating against credit and operational risk. This places the onus on banks to rigorously assess both forms of risk and to build an action plan to reduce exposure to it. This needs to be done well in advance of the 2007 deadline to ensure banks are properly prepared.
Adding to this time pressure, banks must have two years of Basel II-compliant historical risk data to work with by that deadline. Yet the research reveals that most banks are not currently in a position to meet this requirement.
Detica warns that banks are in a weak position in terms of measuring and assessing the data they have, in order to build the risk models needed to comply. Just 4% of the UK banks interviewed are ready for the crucial first step – the completion of a data readiness audit.
The research also shows that only 16% have a senior manager or director working full-time to oversee compliance. Over a third of Basel II compliance programmes have yet to start or are less than one year old.
The research interviewees, who were all Basel II programme directors or equivalent, were asked to rank the extent of current data readiness within their bank for the Basel II audit.
Disturbingly, almost half stated that they had either not started or were less than halfway there and, even more worrying, 8% did not know. Tier one banks – the larger clearing and investment banks – were in better shape, but even here over one-third rated progress as either not being started or less than halfway there.
The same people were also asked about the current ability of their organisation to quantify risk. There were marked differences between the credit risk and operational risk disciplines, with the latter much less understood. Whilst 84% of all banks said that they could quantify credit risk, this fell to just 42% for operational risk. The Basel II Accord place equal emphasis on both, so it is critical that UK banks redress this disparity as quickly as possible.
David Porter, Head of Financial Services Risk at Detica, comments:
"Clearly, some banks have made a good start in terms of meeting compliance but it would appear from the findings that the majority have not, or are under the mistaken impression that they have. Many have said for instance, that they can quantify operational and credit risk, but can they really? The figures don't bear this out - only 4% have all the data in a state of readiness to build a risk model - you cannot quantify any form of risk without the necessary information being there to do it. Getting data into the analytical risk engines from across the enterprise is the biggest deployment challenge of Basel II and cannot be left to the last minute."