PRIMER: Pillar 2 of the Basel banking framework


Our latest explainer looks at the innovation in international banking regulation and how it has evolved since its initial introduction

Pillar 2 of the Basel framework has been one of the most important innovations in international banking regulation in recent decades. Of an evolutionary nature, pillar 2 must be adjusted to reflect changing banking business models, the increasing complexity of the financial sector, and a turbulent environment. Its importance was particularly emphasised during the Covid-19 crisis and, in many jurisdictions, pillar 2 has already started to assume an important role in expanding the importance of climate risk within the prudential banking regulation.

What is pillar 2 and what are its origins? 

Pillar 2 was intended to ensure that banks have adequate capital to support their business risks and use better risk management techniques in monitoring and managing those risks. 

The process was first introduced in an environment enthusiastic about internal models and increasingly exposed to new risks resulting from technological innovation and globalisation, as part of a comprehensive reform of the international prudential regulation carried out in 2004 as Basel II.

See also: Basel III finalisation: completing the jigsaw

The objectives were to incentivise banks to better measure and manage their risks and to make capital requirements more risk-sensitive than under the previous rules (Basel I and Basel I.5). The Basel Committee on Banking Supervision (BCBS) acknowledged that the banks' business models and some risks are too heterogeneous to be fully and adequately captured by the existing rules and that it would be necessary to require banks to develop their own methods for the quantification and management of those risks.

The key idea was to complement the minimum capital requirements prescribed by regulators (pillar 1 under new Basel II and still current architecture) with tailored supervisory measures based on a thorough analysis of the banks' risk profiles (pillar 2). Additionally, public disclosure requirements (pillar 3) looking to promote market discipline completed the picture.

Viewed as an international agreement, pillar 2 represents a milestone in efforts to harmonise supervisory principles and practice across jurisdictions. The global standard has been transposed in the EU through the Capital Requirements Directive (CRD) and EBA Guidelines on common procedures and methodology for Supervisory Review and Evaluation Process. Furthermore, for the Euro area covered by the Banking Union and the Single Supervisory Mechanism, the European Central Bank (ECB) has developed the ICAAP Guide and ILAAP Guide.

What are the objectives of pillar 2?

The theoretical and practical foundation for pillar 2 can be understood in the context of two concepts: one, a holistic approach enshrined in the enterprise-wide risk management, and two, a capital management approach based on economic capital. While pillar 1 of the Basel regulatory capital framework deals only with the capital requirements for credit, market, and operational risk as well as regulatory liquidity ratios calculated according to more or less sophisticated regulatory approaches; pillar 2 focuses on the economic and internal perspective of banks' capital and liquidity adequacy.

Furthermore, to ensure comprehensive risk coverage, under pillar 2, banks are required to have in place adequate procedures and systems to ensure that their capital and liquidity adequacy is sufficient with regards to all material risks to which they are or could be exposed. Additionally, pillar 2 is intended to provide incentives so that banks have adequate capital to support the risks arising in their operations but also develop and use better risk management techniques in monitoring and managing these risks.

What is the structure of pillar 2? Pillar 2 encompasses a twofold process known as the Supervisory Review Process (SRP). The first part requires banks to design a formalised, documented and comprehensive approach for determining optimal capital levels, known as the Internal Capital Adequacy Assessment Process (ICAAP) and adequate liquidity or Internal Liquidity Adequacy Assessment Process (ILAAP). The second part, the Supervisory Review and Evaluation Process (SREP), asks supervisors to review and evaluate the ICAAP and ILAAP within the broader context of assessing risk profiles as well as internal risk management and control systems.

The SRP should ensure that banks have sufficient capital to support all material risks to which there are exposed. It should therefore reinforce the link between risk and capital and liquidity resources so that the bank’s risk management strategy, approaches, and systems are integrated with its capital and liquidity planning. As such, SRP extends beyond SREP and ICAAP/ILAAP to include ongoing supervisory monitoring.

What are the four principles of pillar 2? Pillar 2 should be tailored to the risks, needs and circumstances of a particular jurisdiction and bank. Therefore, we might view it as the ‘principles-based’ complement to the ‘rules-based’ pillar 1.

The pillar 2 framework has been built around four principles, the first one addressed to banks, the remaining ones to supervisors.

1)      Bank’s own assessment of capital (and liquidity) adequacy: Banks need to demonstrate that internal capital/liquidity targets are consistent with the overall risk profile. The ICAAP/ILAAP processes measure and monitor all material risks to which the bank is exposed.

2)      Supervisory review process: Supervisory authorities should regularly assess the extent to which the bank has a robust internal process for assessing capital adequacy and risk position.

3)      Capital above regulatory minimum: Supervisors expect banks to operate above pillar 1 minimum capital requirements.

4)      Supervisory intervention: Supervisors should intervene at an early stage to prevent capital from falling below the minimum requirements. Therefore, they should be able to, for example, restrict the dividends or require raising additional capital.

What is comprehensive risk coverage? As for the scope of the risks, under pillar 2, banks have to address all material risks, including those for which quantitative models are not possible or not yet satisfactory. Besides risks already explicitly included under pillar 1 (credit, market, operational), banks should particularly include interest risk in the banking book (IRRBB).

IRRBB can be defined as the risk that changes in market interest rates reduce the profitability and the economic value of a portfolio of assets and liabilities. In the case of assets and liabilities in the trading book, interest rate risk is seen as a part of market risk and treated under pillar 1. However, for interest risk in the banking book, the global standard opted for the pillar 2 approach, although recent revisions provide for a certain standardisation with measurement based on the economic value of equity (EVE) and net interest income (NII) sensitivities.

See also: PRIMER: market risk – a banking regulation perspective 

Other risks that are typically included in banks’ risk profile within pillar 2 are strategic, business and reputational risks. However, having in mind the flexible and adjustable nature of pillar 2, it is clear that – after disclosures under pillar 3 – climate risk is also finding its way through this part of the overall prudential framework.

What is SREP? The common SREP framework, for example, as developed by the EBA, is built around the following major components:

1)      Categorisation of institutions: The application of the principle of proportionality in the SREP is driven by the categorisation of institutions into four categories based on their size, risk profile, scope, and nature and complexity of their activities.

2)      Monitoring of key indicators: Regular monitoring of key risk indicators supports the SREP by flagging changes in the bank’s risk profile.

3)      Business model analysis (BMA): Business model analysis includes the assessment of a bank’s business model includes business model viability (i.e. the ability to generate acceptable returns from a supervisory perspective over the next 12 months, and business model sustainability (i.e. a more forward-looking concept that refers to a bank’s ability to generate acceptable returns from a supervisory perspective through an entire cycle).

4)      Governance and controls assessment: As part of the overall governance assessment, supervisors should determine whether the internal governance framework of an institution is adequate given its risk profile, size, nature and complexity.

During SREP, the supervisors assess:

a)       ‘Risks to capital’, which covers credit risk, market risk, interest rate risk in the banking book and operational risk; and

b)      ‘Risk to liquidity’, which reflects a bank’s ability to cover ad hoc cash needs in times of economic uncertainty when depositors may withdraw much more money than usual.

What are pillar 2 buffers? After considering the outcome of the assessment of ‘risks to capital’, supervisors quantify the additional capital needed to cover material risks. Specifically, the EU regulatory framework provides for two pillar 2 add-ons on top of pillar 1 and its buffers.

1)      Pillar 2 requirement (P2R) that is binding and should be met at all times, and

2)      Pillar 2 guidance (P2G) that is a non-binding capital expectation at a level above the overall capital requirements.

In the context of recent developments, there is a possibility that the recently initiated climate stress test initiated by the ECB might have an impact on banks’ capital requirements.

The UK approach, for example, also builds on two buffers under the SREP: one, pillar 2A: binding requirement, and two, pillar 2B: non-binding requirement.

However, the US approach to the assessment of banks’ risks relies on two distinct frameworks: the CCAR (Comprehensive Capital Analysis and Review) and a capital rule. CCAR is targeted at the largest banks, but unlike the EU and UK approaches is a supervisory led top-down exercise based on dynamic balance sheet, where banks’ capital plans are embedded into the assessment. If the CCAR results are not deemed adequate, the regulators may also require, for instance, amendments to dividend distributions or a capital issuance.

See also: US Regulatory Developments


We use cookies to provide a personalized site experience.
By continuing to use & browse the site you agree to our Privacy Policy.
I agree