I. General considerations

A. Disclosure requirements

808. The Committee believes that the rationale for Pillar 3 is sufficiently strong to warrant the introduction of disclosure requirements for banks using the Framework.

Supervisors have an array of measures that they can use to require banks to make such disclosures.

Some of these disclosures will be qualifying criteria for the use of particular methodologies or the
recognition of particular instruments and transactions.

B. Guiding principles

809. The purpose of Pillar 3 ─ market discipline is to complement the minimum capital requirements (Pillar 1) and the supervisory review process (Pillar 2).

The Committee aims to encourage market discipline by developing a set of disclosure requirements which will allow market participants to assess key pieces of information on the scope of application, capital,risk exposures, risk assessment processes, and hence the capital adequacy of the institution.

The Committee believes that such disclosures have particular relevance under the Framework, where reliance on internal methodologies gives banks more discretion in assessing capital requirements.

810. In principle, banks’ disclosures should be consistent with how senior management and the board of directors assess and manage the risks of the bank. Under Pillar 1, banks use specified approaches/methodologies for measuring the various risks they face and the resulting capital requirements.

The Committee believes that providing disclosures that are based on this common framework is an effective means of informing the market about a bank’s exposure to those risks and provides a consistent and understandable disclosure framework that enhances comparability.

C. Achieving appropriate disclosure

811. The Committee is aware that supervisors have different powers available to them to achieve the disclosure requirements.

Market discipline can contribute to a safe and sound banking environment, and supervisors require firms to operate in a safe and sound manner.

Under safety and soundness grounds, supervisors could require banks to disclose information.

Alternatively, supervisors have the authority to require banks to provide information in regulatory reports. Some supervisors could make some or all of the information in these reports publicly available.

Further, there are a number of existing mechanisms by which supervisors may enforce requirements.

These vary from country to country and range from “moral suasion” through dialogue with the bank’s management (in order to change the latter’s behaviour), to reprimands or financial penalties.

The nature of the exact measures used will depend on the legal powers of the supervisor and the seriousness
of the disclosure deficiency.

However, it is not intended that direct additional capital requirements would be a response to non-disclosure, except as indicated below.

812. In addition to the general intervention measures outlined above, this Framework also anticipates a role for specific measures.

Where disclosure is a qualifying criterion under Pillar 1 to obtain lower risk weightings and/or to apply specific methodologies, there would be a direct sanction (not being allowed to apply the lower weighting or the specific
methodology).

D. Interaction with accounting disclosures

813. The Committee recognises the need for a Pillar 3 disclosure framework that does not conflict with requirements under accounting standards, which are broader in scope.

The Committee has made a considerable effort to see that the narrower focus of Pillar 3, which is aimed at disclosure of bank capital adequacy, does not conflict with the broader accounting requirements.

Going forward, the Committee intends to maintain an ongoing relationship with the accounting authorities, given that their continuing work may have implications for the disclosures required in Pillar 3.

The Committee will consider future modifications to Pillar 3 as necessary in light of its ongoing monitoring of this area and industry developments.

814. Management should use its discretion in determining the appropriate medium and location of the disclosure. In situations where the disclosures are made under accounting requirements or are made to satisfy listing requirements promulgated by securities regulators, banks may rely on them to fulfil the applicable Pillar 3 expectations.

In these situations, banks should explain material differences between the accounting or other disclosure and the supervisory basis of disclosure.

This explanation does not have to take the form of a line by line reconciliation.

815. For those disclosures that are not mandatory under accounting or other requirements, management may choose to provide the Pillar 3 information through other means (such as on a publicly accessible internet website or in public regulatory reports filed with bank supervisors), consistent with requirements of national supervisory authorities.

However, institutions are encouraged to provide all related information in one location to the degree feasible.

In addition, if information is not provided with the accounting disclosure, institutions should indicate where the additional information can be found.

816. The recognition of accounting or other mandated disclosure in this manner is also expected to help clarify the requirements for validation of disclosures.

For example, information in the annual financial statements would generally be audited and additional material published with such statements must be consistent with the audited statements.

In addition, supplementary material (such as Management’s Discussion and Analysis) that is published to satisfy other disclosure regimes (e.g. listing requirements promulgated by securities regulators) is generally subject to sufficient scrutiny (e.g. internal control assessments, etc.) to satisfy the validation issue.

If material is not published under a validation regime, for instance in a stand alone report or as a section on a website, then management should ensure that appropriate verification of the information takes place, in
accordance with the general disclosure principle set out below.

Accordingly, Pillar 3 disclosures will not be required to be audited by an external auditor, unless otherwise
required by accounting standards setters, securities regulators or other authorities.

E. Materiality

817. A bank should decide which disclosures are relevant for it based on the materiality concept.

Information would be regarded as material if its omission or misstatement could change or influence the assessment or decision of a user relying on that information for the purpose of making economic decisions.

This definition is consistent with International Accounting Standards and with many national accounting frameworks.

The Committee recognises the need for a qualitative judgement of whether, in light of the particular
circumstances, a user of financial information would consider the item to be material (user test).

The Committee is not setting specific thresholds for disclosure as these can be open to manipulation and are difficult to determine, and it believes that the user test is a useful benchmark for achieving sufficient disclosure.
 

F. Frequency

818. The disclosures set out in Pillar 3 should be made on a semi-annual basis, subject to the following exceptions. Qualitative disclosures that provide a general summary of a bank’s risk management objectives and policies, reporting system and definitions may be published on an annual basis.

In recognition of the increased risk sensitivity of the Framework and the general trend towards more frequent reporting in capital markets, large internationally active banks and other significant banks (and their significant bank subsidiaries) must disclose their Tier 1 and total capital adequacy ratios, and their components *, on a quarterly basis.

Furthermore, if information on risk exposure or other items is prone to rapid change, then banks should also disclose information on a quarterly basis.

In all cases, banks should publish material information as soon as practicable and not later than deadlines set by like requirements in national laws. **

* These components include Tier 1 capital, total capital and total required capital.

** For some small banks with stable risk profiles, annual reporting may be acceptable. Where a bank publishes information on only an annual basis, it should state clearly why this is appropriate.

G. Proprietary and confidential information

819. Proprietary information encompasses information (for example on products or systems), that if shared with competitors would render a bank’s investment in these products/systems less valuable, and hence would undermine its competitive position.

Information about customers is often confidential, in that it is provided under the terms of a legal agreement or counterparty relationship.

This has an impact on what banks should reveal in terms of information about their customer base, as well as details on their internal arrangements, for instance methodologies used, parameter estimates, data etc.

The Committee believes that the requirements set out below strike an appropriate balance between the need for meaningful disclosure and the protection of proprietary and confidential information.

In exceptional cases, disclosure of certain items of information required by Pillar 3 may prejudice seriously the position of the bank by making public information that is either proprietary or confidential in nature.

In such cases, a bank need not disclose those specific items, but must disclose more general information about the subject matter of the requirement, together with the fact that, and the reason why, the specific items of information have not been disclosed.

This limited exemption is not intended to conflict with the disclosure requirements under the accounting standards.

II. The disclosure requirements*

820. The following sections set out in tabular form the disclosure requirements under Pillar 3. Additional definitions and explanations are provided in a series of footnotes.

* In this section of this Framework, disclosures marked with an asterisk are conditions for use of a particular approach or methodology for the calculation of regulatory capital.

A. General disclosure principle

821. Banks should have a formal disclosure policy approved by the board of directors that addresses the bank’s approach for determining what disclosures it will make and the internal controls over the disclosure process.

In addition, banks should implement a process for assessing the appropriateness of their disclosures, including validation and frequency of them.

B. Scope of application

822. Pillar 3 applies at the top consolidated level of the banking group to which this Framework applies (as indicated above in Part 1: Scope of Application).

Disclosures related to individual banks within the groups would not generally be required to fulfil the disclosure
requirements set out below.

An exception to this arises in the disclosure of Total and Tier 1 Capital Ratios by the top consolidated entity where an analysis of significant bank subsidiaries within the group is appropriate, in order to recognise the need for these subsidiaries to comply with this Framework and other applicable limitations on the transfer of
funds or capital within the group.

177 Entity = securities, insurance and other financial subsidiaries, commercial subsidiaries, significant minority
equity investments in insurance, financial and commercial entities.

178 Following the listing of significant subsidiaries in consolidated accounting, e.g. IAS 27.

179 Following the listing of subsidiaries in consolidated accounting, e.g. IAS 31.

180 May be provided as an extension (extension of entities only if they are significant for the consolidating bank) to the listing of significant subsidiaries in consolidated accounting, e.g. IAS 27 and 32.

181 Surplus capital in unconsolidated regulated subsidiaries is the difference between the amount of the
investment in those entities and their regulatory capital requirements.

182 See paragraphs 30 and 33.

183 A capital deficiency is the amount by which actual capital is less than the regulatory capital requirement. Any
deficiencies which have been deducted on a group level in addition to the investment in such subsidiaries are
not to be included in the aggregate capital deficiency.

184 See paragraph 31.

185 See paragraph 30.

186 Innovative instruments are covered under the Committee’s press release, Instruments eligible for inclusion in
Tier 1 capital (27 October 1998).

187 See paragraph 33.

188 Representing 50% of the difference (when expected losses as calculated within the IRB approach exceed total
provisions) to be deducted from Tier 1 capital.

189 Including 50% of the difference (when expected losses as calculated within the IRB approach exceed total
provisions) to be deducted from Tier 2 capital.

190 Banks should distinguish between the separate non-mortgage retail portfolios used for the Pillar 1 capital
calculation (i.e. qualifying revolving retail exposures and other retail exposures) unless these portfolios are
insignificant in size (relative to overall credit exposures) and the risk profile of each portfolio is sufficiently
similar such that separate disclosure would not help users’ understanding of the risk profile of the banks’ retail
business.

191 Capital requirements are to be disclosed only for the approaches used.

192 Including proportion of innovative capital instruments.

D. Risk exposure and assessment

823. The risks to which banks are exposed and the techniques that banks use to identify, measure, monitor and control those risks are important factors market participants consider in their assessment of an institution.

In this section, several key banking risks are considered:

credit risk, market risk, interest rate risk and equity risk in the banking book and operational risk.

Also included in this section are disclosures relating to credit risk mitigation and asset securitisation, both of which alter the risk profile of the institution.

Where applicable, separate disclosures are set out for banks using different approaches to the assessment of regulatory capital.

1. General qualitative disclosure requirement

824. For each separate risk area (e.g. credit, market, operational, banking book interest rate risk, equity) banks must describe their risk management objectives and policies, including:

• strategies and processes;

• the structure and organisation of the relevant risk management function;

• the scope and nature of risk reporting and/or measurement systems;

• policies for hedging and/or mitigating risk and strategies and processes for monitoring the continuing effectiveness of hedges/mitigants.

2. Credit risk

825. General disclosures of credit risk provide market participants with a range of information about overall credit exposure and need not necessarily be based on information prepared for regulatory purposes.

Disclosures on the capital assessment techniques give information on the specific nature of the exposures, the means of capital assessment and data to assess the reliability of the information disclosed.

193 Table 4 does not include equities.

194 That is, after accounting offsets in accordance with the applicable accounting regime and without taking into
account the effects of credit risk mitigation techniques, e.g. collateral and netting.

195 Where the period end position is representative of the risk positions of the bank during the period, average
gross exposures need not be disclosed.

196 Where average amounts are disclosed in accordance with an accounting standard or other requirement which
specifies the calculation method to be used, that method should be followed.

Otherwise, the average exposures should be calculated using the most frequent interval that an entity’s systems generate for management, regulatory or other reasons, provided that the resulting averages are representative of the bank’s operations.

The basis used for calculating averages need be stated only if not on a daily average basis.

197 This breakdown could be that applied under accounting rules, and might, for instance, be

(a) loans, commitments and other non-derivative off balance sheet exposures,

(b) debt securities, and

(c) OTC derivatives.

198 Geographical areas may comprise individual countries, groups of countries or regions within countries. Banks
might choose to define the geographical areas based on the way the bank’s portfolio is geographically
managed. The criteria used to allocate the loans to geographical areas should be specified.

199 This may already be covered by accounting standards, in which case banks may wish to use the same
maturity groupings used in accounting.

200 Banks are encouraged also to provide an analysis of the ageing of past-due loans.

201 The portion of general allowance that is not allocated to a geographical area should be disclosed separately.

202 The reconciliation shows separately specific and general allowances; the information comprises: a description
of the type of allowance; the opening balance of the allowance; charge-offs taken against the allowance during
the period; amounts set aside (or reversed) for estimated probable loan losses during the period, any other
adjustments (e.g. exchange rate differences, business combinations, acquisitions and disposals of
subsidiaries), including transfers between allowances; and the closing of the allowance. Charge-offs and
recoveries that have been recorded directly to the income statement should be disclosed separately.

203 A de minimis exception would apply where ratings are used for less than 1% of the total loan portfolio.

204 This information need not be disclosed if the bank complies with a standard mapping which is published by the relevant supervisor.

Credit risk: disclosures for portfolios subject to IRB approaches

826. An important part of this Framework is the introduction of an IRB approach for the assessment of regulatory capital for credit risk.

To varying degrees, banks will have discretion to use internal inputs in their regulatory capital calculations.

In this sub-section, the IRB approach is used as the basis for a set of disclosures intended to provide market
participants with information about asset quality.

In addition, these disclosures are important to allow market participants to assess the resulting capital in light of the exposures.

There are two categories of quantitative disclosures: those focussing on an analysis of risk exposure and assessment (i.e. the inputs) and those focussing on the actual outcomes (as the basis for providing an indication of the likely reliability of the disclosed information).

These are supplemented by a qualitative disclosure regime which provides background information on the assumptions underlying the IRB framework, the use of the IRB system as part of a risk management framework and the means for validating the results of the IRB system.

The disclosure regime is intended to enable market participants to assess the credit risk exposure of IRB banks and the overall application and suitability of the IRB framework, without revealing proprietary information or duplicating the role of the supervisor in validating the detail of the IRB framework in place.

205 Equities need only be disclosed here as a separate portfolio where the bank uses the PD/LGD approach for
equities held in the banking book.

206 In both the qualitative disclosures and quantitative disclosures that follow, banks should distinguish between
the qualifying revolving retail exposures and other retail exposures unless these portfolios are insignificant in
size (relative to overall credit exposures) and the risk profile of each portfolio is sufficiently similar such that
separate disclosure would not help users’ understanding of the risk profile of the banks’ retail business.

207 This disclosure does not require a detailed description of the model in full — it should provide the reader with a broad overview of the model approach, describing definitions of the variables, and methods for estimating
and validating those variables set out in the quantitative risk disclosures below.

This should be done for each of the five portfolios.

Banks should draw out any significant differences in approach to estimating these variables within each portfolio.

208 This is to provide the reader with context for the quantitative disclosures that follow. Banks need only describe main areas where there has been material divergence from the reference definition of default such that it
would affect the readers’ ability to compare and understand the disclosure of exposures by PD grade.

209 The PD, LGD and EAD disclosures below should reflect the effects of collateral, netting and guarantees/credit derivatives, where recognised under Part 2. Disclosure of each PD grade should include the exposure weighted-average PD for each grade. Where banks are aggregating PD grades for the purposes of disclosure, this should be a representative breakdown of the distribution of PD grades used in the IRB approach.

210 Outstanding loans and EAD on undrawn commitments can be presented on a combined basis for these
disclosures.

211 Banks need only provide one estimate of EAD for each portfolio. However, where banks believe it is helpful, in order to give a more meaningful assessment of risk, they may also disclose EAD estimates across a number
of EAD categories, against the undrawn exposures to which these relate.

212 Banks would normally be expected to follow the disclosures provided for the non-retail portfolios. However,
banks may choose to adopt EL grades as the basis of disclosure where they believe this can provide the reader with a meaningful differentiation of credit risk. Where banks are aggregating internal grades (either PD/LGD or EL) for the purposes of disclosure, this should be a representative breakdown of the distribution of those grades used in the IRB approach.

213 These disclosures are a way of further informing the reader about the reliability of the information provided in
the “quantitative disclosures: risk assessment” over the long run. The disclosures are requirements from yearend
2009; In the meantime, early adoption would be encouraged. The phased implementation is to allow banks sufficient time to build up a longer run of data that will make these disclosures meaningful.

214 The Committee will not be prescriptive about the period used for this assessment. Upon implementation, it
might be expected that banks would provide these disclosures for as long run of data as possible — for
example, if banks have 10 years of data, they might choose to disclose the average default rates for each PD
grade over that 10-year period. Annual amounts need not be disclosed.

215 Banks should provide this further decomposition where it will allow users greater insight into the reliability of
the estimates provided in the ‘quantitative disclosures: risk assessment’. In particular, banks should provide
this information where there are material differences between the PD, LGD or EAD estimates given by banks
compared to actual outcomes over the long run. Banks should also provide explanations for such differences.

216 At a minimum, banks must give the disclosures below in relation to credit risk mitigation that has been
recognised for the purposes of reducing capital requirements under this Framework.

Where relevant, banks are encouraged to give further information about mitigants that have not been recognised for that purpose.

217 Credit derivatives that are treated, for the purposes of this Framework, as part of synthetic securitisation
structures should be excluded from the credit risk mitigation disclosures and included within those relating to
securitisation.

218 If the comprehensive approach is applied, where applicable, the total exposure covered by collateral after
haircuts should be reduced further to remove any positive adjustments that were applied to the exposure, as
permitted under Part 2.

219 Net credit exposure is the credit exposure on derivatives transactions after considering both the benefits from
legally enforceable netting agreements and collateral arrangements. The notional amount of credit derivative
hedges alerts market participants to an additional source of credit risk mitigation.

220 This might be interest rate contracts, FX contracts, equity contracts, credit derivatives, and commodity/other
contracts.

221 This might be Credit Default Swaps, Total Return Swaps, Credit options, and other.

222 For example: originator, investor, servicer, provider of credit enhancement, sponsor of asset backed
commercial paper facility, liquidity provider, swap provider.

223 For example, credit cards, home equity, auto, etc.

224 Securitisation transactions in which the originating bank does not retain any securitisation exposure should be shown separately but need only be reported for the year of inception.

225 Where relevant, banks are encouraged to differentiate between exposures resulting from activities in which
they act only as sponsors, and exposures that result from all other bank securitisation activities that are
subject to the securitisation framework.

226 For example, charge-offs/allowances (if the assets remain on the bank’s balance sheet) or write-downs of I/O
strips and other residual interests.

227 Securitisation exposures, as noted in Part 2, Section IV, include, but are not restricted to, securities, liquidity
facilities, other commitments and credit enhancements such as I/O strips, cash collateral accounts and other
subordinated assets.

228 The standardised approach here refers to the “standardised measurement method” as defined in Part 2,
Section VI C.

229 Unrealised gains (losses) recognised in the balance sheet but not through the profit and loss account.

230 Unrealised gains (losses) not recognised either in the balance sheet or through the profit and loss account.

Read more about our Certified Basel ii Professional (CBiiPro) program

Read more about our Certified Pillar 2 Expert (CP2E) program

Read more about our Certified Pillar 3 Expert (CP3E) program