Internal Capital Adequacy Assessment Process (ICAAP) Template

For Deposit-Taking Institutions using the Basel Standardized Approach to Credit Risk (DTIs), the following suggested template may be used in their ICAAP submission to OSFI. While the use of this template is not mandatory, the submitted document should cover all the elements contained in the template below. Please note that OSFI expects to receive a document that has been approved by the institution’s board.

Please note that the completion of Appendix A of this template is mandatory for submission purposes. In addition, please note that institutions must also complete an additional appendix outlining the risk assessment and quantification methodology used.

The amount of detail in the ICAAP document will vary based on the size and complexity of the institution. Supplementary information such as policies, risk management frameworks and processes can be referred to by way of appendices.

ICAAP Submission Template Elements
1Executive Summary
2Background on ICAAP
3Statement of Risk Appetite
4Material Risks
5Capital Planning
6Stress and Scenario Tests
7Integration of ICAAP into Risk Management
8Challenge & Next Steps
Two Required Appendices
ARequired Key Metrics Report
BInstitution’s Risk Assessment and Quantification Methodology

Executive Summary

This summary should provide an overview of the ICAAP methodology and results such as:

  • Confirmation that the institution (on a consolidated basis) has assessed its capital as adequate given the size and complexity of its business.
  • Commentary on the most material risks faced by the institution, why the level of risk is acceptable or, if it is not, what mitigating actions are planned.
  • Summary of the main findings of the ICAAP analysis including:
    • the level and composition of internal capital the institution believes should be held, with a comparison to the regulatory capital requirement under “Pillar 1” calculation (please complete the Key Metrics Report in Appendix A for comparison of the risk components within the institution’s Pillar 1 capital and its ICAAP assessment);
    • the adequacy of the institutions risk management processes;
    • whether the institution has adequate capital resources over its planning horizon; and
    • a summary of the target capital metrics ratified by the board -at a minimum, these should include Common Equity Tier 1 (CET1) Ratio, Total Capital Ratio and Leverage Ratio.
  • Summary of the financial position of the institution, its business strategy, balance sheet structure and projected profitability.
  • Description of the review, challenge and approval process of the ICAAP.

Background of ICAAP

This section should provide a high-level overview of the institution’s ICAAP, pulling together the institution’s risk management framework, business planning and capital management. The overview should cover relevant policies and systems used by the institution to identify, manage and monitor its risks according to its risk appetite.

Statement of Risk Appetite

This section should provide a high-level overview of the institution’s risk appetite and set out the frequency of review of the risk tolerance by management and the board.

Material Risks

This section should provide a concise description of the institution’s risk identification process and outline how the institution identifies material risk areas. Key risks which should be considered as part of an ICAAP include, but not limited to:

  • Credit risk
  • Market risk
  • Operational risk
  • Structural Interest rate risk in banking book (IRRBB)
  • Concentration risk
  • Funding risk
  • Business/Strategic risk
  • Reputation risk
  • Securitization risk
  • Residual risk
  • Any other risks identified

In a separate appendix (include as Appendix B to your ICAAP submission), please provide further detail on the institution’s risk assessment and quantification methodology, including:

  • how the institution defines each of the key risks listed above as well as any other risks identified as key based on the institution’s risk profile;
  • how the institution determines the materiality of each key risk; and
  • a description of how each material risk is then quantified for capital allocation purpose, including detailed methodology to specify data, assumptions and calculations.

At a minimum, OSFI expects DTIs to provide a Pillar II capital allocation to cover IRRBB and credit concentration risk. Where the DTI does not have a material credit risk, it should ensure capital allocation is made to cover operational/reputation risk.

Capital planning

This section should include:

  • the institution’s “baseline” capital forecasts (at least quarterly, based on annual business plan);
  • a 3-year summary forecast capital position; and
  • a description of the institution’s capital planning and management process, including an outline of how ICAAP is incorporated into this process.

Stress & Scenario Testing

This section should provide a concise description of how the institution’s stress testing program is used to support capital adequacy assessment and management.

DTIs should develop their own scenarios so that stress tests covering all its major risks and material portfolios are reported.

For deposit-taking institutions with lending exposures, an IRRBB and a real-estate market downturn stress test are, at a minimum, generally expected.

For non-deposit-taking institutions a focus on operational risk stress test, are, at a minimum, generally expected.

All institutions are encouraged to conduct a reverse engineered scenario that challenges its viability and would cause a breach in regulatory capital adequacy ratios (CET1, total capital ratio and leverage ratio). Such tests may be useful in uncovering hidden risks and interactions among risks.

As ICAAP is, first and foremost, a key internal process in the institution’s capital management and planning, stress tests used for ICAAP should be determined by the institution as deemed appropriate. However, OSFI may, at times, request institutions to conduct standardized stress tests and report the results of these stress tests, together with their impact on ICAAP. These should also be included in the Key Metrics Table laid out in Appendix A.

Integration of ICAAP into Risk Management

This section should:

  • summarize how ICAAP has been used by the institution and how it is embedded in the decision making process;
  • describe how ICAAP results have been integrated into risk limits setting and monitoring; and
  • describe how the ICAAP results are reported to the board.

Challenge & Next Steps

This section should:

  • summarize the extent of challenge and testing of the ICAAP and the control processes applied to the ICAAP calculations;
  • outline the board and senior management sign-off procedures;
  • identify the nature of any third party review of the ICAAP; and
  • identify any plans to enhance the ICAAP going forward.

ICAAP Appendix A -- Required Key Metrics Table in ICAAP Document

($'000)Pillar 1 (Minimum Regulatory Capital)
Based on 10.5% minimum
ICAAPFootnote 1
(Institution's assessment of Capital required for the risk)
ICAAPFootnote 2
(including OSFI's standardized stress test)
Footnote 3 Credit risk
Footnote 3 Market risk
Footnote 3 Operational risk
Total Pillar 1
Footnote 4 Pillar 2 risk x
Pillar 2 risk y
Pillar 2 risk z
Total Other Risks before Cross Risk Diversification
Footnote 5 Diversification Benefit
Additional Capital to cover stress testing
Additional Capital to arrive at Target Capital
ICAAP Capital
Footnote 6 Current Total Capital
Target Ratio for Total Capital
Target Ratio for CET1 Capital
Target Leverage Ratio

Table Footnotes

Footnote 1

ICAAP should describe how each material risk is quantified for capital allocation purpose, including detailed methodology to specify data, assumptions and calculations.

Return to table footnote 1

Footnote 2

This is still the FI's ICAAP but includes OSFI's standardized stress test such as interest rate shock and real estate downturn scenarios. Detailed assumptions on these tests are to be provided by the Lead Supervisor.

Return to table footnote 2

Footnote 3

If ICAAP uses different risk quantification for Pillar 1 risks, reasonable explanations should be provided for the difference in each risk type/adjustment.

Return to table footnote 3

Footnote 4

Key Metrics Table should contain all material risks/adjustments considered in ICAAP.

Return to table footnote 4

Footnote 5

If an inter-risks diversification benefit is considered, ICAAP should clearly describe rationale. Note that OSFI’s supervisory review process will generally not take into account any inter-risks diversification benefit unless it is quantified by a rigorous model with adequate support.

Return to table footnote 5

Footnote 6

If available capital used in ICAAP analysis is other than regulatory capital, ICAAP should provide definition used (e.g. economic; common equity, etc.).

Return to table footnote 6