Article 26
Scenario analysis
1. Competent authorities shall assess an institution's compliance with the standards relating to scenario analysis, as referred to in point (iii) of Article 20(d), by verifying at least the following:
(a) |
that the institution has a robust governance framework in place relating to the scenario process that generates credible and reliable estimates, irrespective of whether the scenario is used for evaluating high severity events or the overall operational risk exposures; |
(b) |
that the scenario process is clearly defined, well documented, repeatable and designed to reduce as much as possible subjectivity and biases, including:
|
(c) |
that qualified and experienced facilitators provide consistency in the process; |
(d) |
that the assumptions used in the scenario process are based, to the maximum extent, on the relevant internal data and external data with an objective and unbiased selection process; |
(e) |
that the chosen number of scenarios, the level at, or units in, which scenarios are studied, are realistic and properly explained, and that the scenario estimates take into account relevant changes in the internal and external environments that can affect the institution's operational risk exposure; |
(f) |
that the scenario estimates are generated taking into account potential or probable operational risk events that have not yet, fully or partly, materialised in an operational risk loss; |
(g) |
that the scenario process and estimates are subject to a robust independent challenge process and oversight. |