(a)

the adequacy of the definitions, processes and criteria used by the institution for assigning or reviewing the assignment of exposures to grades or pools, including the treatment of overrides, in accordance with Article 24;

(b)

the integrity of the assignment process as referred to in Article 173 of Regulation (EU) No 575/2013, including the independence of the assignment process, as well as the reviews of the assignment, in accordance with Article 25.

(a)

review the institution’s relevant internal policies and procedures;

(b)

review the roles and responsibilities of units responsible for origination and renewal of exposures and units responsible for the assignment of exposures to grades or pools;

(c)

review the relevant minutes of the institution’s internal bodies, including the management body, or committees;

(d)

review the institution’s internal reports regarding the performance of the assignment process;

(e)

review the relevant findings of the internal audit or of other control functions of the institution;

(f)

review the progress reports on the efforts made by the institution to correct shortcomings in the assignment or the review process and to mitigate risks detected during audits;

(g)

obtain written statements from or interview the relevant staff and senior management of the institution;

(h)

review the criteria used by the personnel responsible for human judgement in the assignment of exposures to grades or pools.

(a)

review the functional documentation of the relevant IT systems;

(b)

conduct sample testing and review documents relating to the characteristics of an obligor and to the origination and maintenance of the exposures;

(c)

perform their own tests on the data of the institution or require the institution to perform specific tests;

(d)

review other relevant documents of the institution.