Office of the Superintendent of Financial Institutions
This document outlines principles around Collateral Management Systems
(CMS) for the purposes of approving internal risk rating systems (rating
systems) for the internal ratings-based (IRB) methodology and minimum
regulatory capital calculation under Chapters 4 and 5 of OSFI’s Capital
Adequacy Requirements (CAR) Guideline A-1. An institution’s Footnote1 adherence to the broad principles outlined in this implementation note will be an important consideration in OSFI’s initial approval for IRB and ongoing use of the IRB approach.
This document is used to set out OSFI expectations relative to the minimum
standards for IRB with respect to collateral management. It articulates
principles for collateral management on the understanding that risk-based
assessments will underpin each institution’s approach to collateral
management. The document was written primarily with wholesale exposures in
mind; changes in emphasis or content may be needed for other exposure
classes and their associated risk mitigants.
Sound management and effective control of the techniques and collateral
used for credit risk mitigation is a fundamental component of effective
risk management. Institutions will use various systems and processes to
manage collateral and will need to demonstrate that they have established
effective collateral management policies, procedures and methodologies for
the purposes of IRB approval and ongoing use of the IRB approach. In
particular, institutions will need to demonstrate that the policies and
procedures are appropriate for the level of capital relief they receive
from the risk mitigation techniques employed.
Institutions use different techniques to mitigate credit risk. However,
all institutions need to establish collateral management systems and
operational procedures and processes throughout the organization that
observe principles of purpose, documentation, consistency, legal certainty
and timeliness, risk identification, valuation, inspection, verification,
operations, and reporting. The principles governing the collateral
management policies and practices should be interpreted and applied
consistently throughout the organization, but the implementation processes
can vary within and among institutions. OSFI’s supervisory processes to
approve and monitor the ongoing use of the IRB method for the calculation
of regulatory capital under CAR will include a review of adherence to the
principles outlined below.
The term collateral management systems (CMS) refers to all the systems,
methods, processes, controls, data collection and IT systems that are used
in the taking, management, valuation, maintenance and realization of
collateral held for credit risk mitigation purposes.
In order for collateral to be recognised for regulatory capital purposes,
institutions must meet all of the requirements with respect to IRB minimum
standards and other qualifying criteria outlined in CAR and demonstrate
adherence to the under-noted CMS principles. At a minimum, individual
institutions will adopt practices appropriate to their circumstances, risk
profiles and their risk assessment and business strategies.
Comprehensive collateral management principles, procedures, and processes
should be incorporated or provided for institutions’ documented risk
Institutions should establish and maintain fully documented practices and
procedures surrounding the scope, purpose, and use of the CMS, such that
they can be readily understood by and be available to users and parties
reviewing the material.
Appropriate documentation will help ensure that users understand the
objectives of the system and how well these objectives are met, thereby
reducing the possibility that the system will be used inconsistently.
Institutions will need to ensure consistency of definitions used
throughout the organization for all collateral types to ensure that data
systems capture consistent recovery rates for validation of internal loss
Definitions need to provide sufficient clarity to promote consistent
treatment of collateral, thereby avoiding interpretive differences across
different business units. To the extent that differences remain, they
should be identified and supported for purposes of acceptability in the
risk quantification process.
Institutions’ collateral management systems should ensure that all
necessary steps have been taken to fulfill legal requirements to secure an
institution’s interest in the collateral, so that it has and maintains an
enforceable security interest.
All documentation used in collateralizing a transaction should be binding
on all parties and legally enforceable in all relevant jurisdictions.
Institutions should have conducted sufficient legal review to verify this
conclusion, should have a well-founded legal basis for this conclusion,
and should re-conduct such a review, as necessary, to ensure continuing
legal enforceability. For
example, such a review may include an institution’s current practices,
including reviews of standardized forms. An institution’s documentation
and policies should ensure that it has the right to legally take control,
liquidate or otherwise deal with the collateral in a timely fashion.
Institutions will need to have policies and procedures to manage relevant
and material risks that may arise from the use of collateral to mitigate
Institutions should have clear definitions of the types of risks that
arise in respect of collateral management and the associated processes and
procedures used to manage these risks.
Institutions’ policies should explicitly define how and when to value,
re-value, inspect, and verify collateral.
Collateral valuation estimates should be conservative to allow for the
imprecision inherent in most collateral value estimates, particularly
where there is no readily available market value.
Different asset types, collateral types and borrowers’ risk profiles may
require different processes and procedures for valuation, frequency of
evaluation (and re-evaluation), and inspection and verification.
Institutions’ policies should explicitly document and define the
requirements for each process and the rationale for the approach adopted.
Mark-to-market policies and procedures for financial collateral must be
explicit and incorporate suitable control mechanisms.
Certain collateral types may require periodic verification and/or physical
examination. Consequently, institutions should establish policies and
procedures around these activities and track the application of these
requirements to ensure consistency of application and control.
Institutions should document appropriate early warning indicators for
various collateral types, where they find such indicators appropriate and
provide the action requirements to be followed as a result of material
changes to collateral value. Institutions should document their processes
around the design and review of what they consider appropriate early
warning indicators for various collateral types. In addition, institutions
should document the associated action requirements that should be followed
as a result of material changes to these early warning signals.
Institutions should examine all relevant and material data to ensure a
complete collateral data set for the purposes of assessing the
risk-mitigation benefits of collateral and developing internal loss
The examination of relevant and material data should include a review of a
variety of data such as the collateral type, the loan to value parameters,
the historical collateral values by obligor, the valuation and revaluation
criteria, the collection costs tied to loans, the physical location of
collateral (where applicable), and the associated recovery rates.
Institutions will need to ensure that the internal reporting and analysis
capability of the CMS supports key risk identification and mitigation and
can therefore be used to inform risk management.
In addition to analysis of loss and recovery experience, the system must
include internal reporting and analysis capabilities in order to provide
ongoing support to the risk management process (see Appendix I.9).
Institutions will need to comply with all the disclosure requirements
under Part 4: The Third Pillar – Market Discipline – of the new Basel
framework as they relate to credit risk mitigation, including general
credit risk exposures, disclosures specific to portfolios subject to IRB
approaches, and credit risk mitigation-specific disclosures.
The Third Pillar of the new Basel framework sets out the disclosure
requirements for IRB institutions in respect of the credit risk mitigation
techniques they employ. Institutions should therefore ensure their CMS
support such disclosure requirements.
There are numerous policies and procedures that institutions will likely
be required to undertake to ensure their CMS are appropriate. Institutions
should perform activities that are appropriate for their credit risk
portfolios and support the credit risk mitigation techniques employed.
Collateral management principles should be incorporated into institutions’
risk management policies.
Risk management policies should be comprehensive and clear as they relate
to collateral management. Collateral management principles should be
established for an institution, including any principles that are specific
to business units. Policies and procedures should be reflected in the
collateral management processes and systems that have been (or will be)
implemented. The impact of compliance and non-compliance with these
principles should be well understood by those responsible for
implementing, maintaining and monitoring the system.
An institution’s policies should be consistent across the institution for
collateral definitions and data collection. Institutions’ policies should
give clear direction as to what constitutes relevant and material risks as
they relate to collateral for credit risk mitigation. CMS should be
sufficiently robust to assess relevant and material risks on an ongoing
While it is recognized that business units within an institution will have
different types of collateral classes that are prevalent and used for
credit risk mitigation purposes, the definitions of these collateral
classes need to be consistent across the enterprise. Definitions need to
provide sufficient clarity to avoid interpretive differences that might
arise from different practices and treatments across different business
units within an institution.
Policies and procedures should address what constitutes material changes
to collateral risks and what, if any, additional procedures are to be
followed and actions taken as a result of these changes.
Data collection has to be sufficient for estimating PD or LGD and
calculating capital under CAR. Institutions’ policies should clearly
define how collateral values would be captured and used for purposes of
collateral management, and exceptions to an established treatment should
be tracked to provide evidence of the validity and impact of such
Financial institutions should establish and maintain fully documented
policies and procedures surrounding the scope, purpose and use of CMS,
such that they can be readily understood by and be available to users
across the institution.
Maintenance and updates to documented policies and procedures should be
ongoing. Controls should be put in place to ensure that updates and
changes to policies and procedures are documented in a timely fashion.
Institutions should have established procedures and practices that
explicitly define how to value each collateral type and establish clear
practices for the frequency of re-valuations, and should explicitly define
how and when to inspect each collateral type.
Institutions should have documented guidelines for conservatively
estimating, on an ongoing basis and as appropriate, the market value of
the collateral, taking into account factors that could affect that value
(e.g., the liquidity of the market and obsolescence or deterioration) of
the collateral. Policies and procedures for monitoring and/or revaluation
should include triggers for increased frequency of monitoring.
Institutions should have systems in place for requesting and ensuring
prompt receipt of additional collateral for transactions whose terms
require maintenance of collateral values at specified thresholds.
Requirements for inspection for the same collateral type may differ across
business lines. Policies should delineate these differences, which should
be reasonable and based on sound principles.
Institutions’ collateral policies should clearly articulate and define
permissible prior charges or liens on the specific collateral. There
should be processes in place to ensure that only such permissible prior
charges or liens exist for security taken.
Institutions should have CMS that ensure all steps necessary have been
taken to fulfil legal requirements to secure the organization’s interest
in the collateral.
Institutions should have operational procedures and risk management
processes in place that ensure relevant and material documentation used in
collateralizing a transaction is binding on all parties and legally
enforceable in all relevant jurisdictions. Institutions should have
conducted sufficient legal reviews to verify this conclusion, should have
well-founded legal bases for the conclusion, and should re-conduct such
reviews as necessary to ensure continuing enforceability.
The legal mechanism under which the collateral is pledged or transferred
must ensure that institutions have the right to liquidate or take legal
possession (in accordance with the terms of the documentation and the
requirements of the jurisdiction) of the collateral in a timely manner in
the event of the default, insolvency, or bankruptcy (or other defined
credit event) of the obligor and, where applicable, the custodian holding
the collateral. The ability to act in a timely manner is particularly
important for collateral that is subject to rapid price/valuation changes
such as debt securities.
Institutions’ policies and procedures should define responsibility for
obtaining, monitoring and maintaining enforceable security interests.
Institutions should have clear and robust procedures for the timely
liquidation of collateral to ensure observation of any legal conditions
required for declaring the default of the borrower and prompt liquidation
of the collateral in the event of default.
CMS should be sufficiently robust to track collateral liquidation dates,
proceeds from disposition of collateral, where appropriate, and costs
incurred and paid.
Institutions’ collateral valuation practices should take into account the
interdependence (or not) of borrower and collateral.
Risk management policies at each institution will define what constitutes
interdependencies between borrower and collateral. In particular,
institutions should address, in a conservative manner, cases where the
credit quality of the counterparty and the value of the collateral have a
material positive correlation.
In reflecting collateral loss estimates, institutions will need to
consider the extent of any interdependence between the risk of the
borrower and that of the collateral or collateral provider. An
institution’s assessment would have to conservatively address any
significant degree of dependence, as well as any currency mismatch between
the underlying obligation and the collateral. The associated internal
estimates (e.g., LGDs) would have to be grounded in historical recovery
rates on the collateral and should not be based solely upon the
collateral’s estimated market value. Use of third party data, where
relevant and material, could be used to supplement internal data.
Institutions should be able to demonstrate that the capital benefit claims
are appropriate considering the robustness of credit risk mitigation
Institutions should test their collateral management policies and
procedures to ensure that systems are robust and reliable and appropriate
for capital benefits of credit risk mitigants.
Internal reporting and analysis will likely need to consider many areas.
Some illustrative examples of those areas include:
Institutions should develop measures appropriate to their respective CMS
in respect of internal reporting and analysis. These measures need not
include all of the above examples in every instance.
Banks and bank holding companies to which the Bank Act applies
and federally regulated trust or loan companies to which the Trust and
Loan Companies Act applies are collectively referred to as
Return to footnote 1 referrer