CP23/23 – Identification and management of step-in risk, shadow banking entities and groups of connected clients

Privacy statement

By responding to this consultation, you provide personal data to the Bank of England (the Bank, which includes the Prudential Regulation Authority (PRA). This may include your name, contact details (including, if provided, details of the organisation you work for), and opinions or details offered in the response itself.

The response will be assessed to inform our work as a regulator and central bank, both in the public interest and in the exercise of our official authority. We may use your details to contact you to clarify any aspects of your response.

The consultation paper will explain if responses will be shared with other organisations (for example, the Financial Conduct Authority). If this is the case, the other organisation will also review the responses and may also contact you to clarify aspects of your response. We will retain all responses for the period that is relevant to supporting ongoing regulatory policy developments and reviews. However, all personal data will be redacted from the responses within five years of receipt. To find out more about how we deal with your personal data, your rights, or to get in touch please visit Privacy and the Bank of England.

Information provided in response to this consultation, including personal information, may be subject to publication or disclosure to other parties in accordance with access to information regimes including under the Freedom of Information Act 2000 or data protection legislation, or as otherwise required by law or in discharge of the Bank’s functions.

Please indicate if you regard all, or some of, the information you provide as confidential. If the Bank receives a request for disclosure of this information, we will take your indication(s) into account but cannot give an assurance that confidentiality can be maintained in all circumstances. An automatic confidentiality disclaimer generated by your IT system on emails will not, of itself, be regarded as binding on the Bank.

Responses are requested by Tuesday 5 March 2024.

Consent to publication

The PRA publishes a list of respondents to its consultations, where respondents have consented to such publication.

When you respond to this consultation paper (CP), please tell us in your response if you agree to the publication of your name, or the name of the organisation you are responding on behalf of, in the PRA’s feedback response to this consultation.

Please make it clear if you are responding as an individual or on behalf of an organisation.

Where your name comprises ‘personal data’ within the meaning of data protection law, please see the Bank’s Privacy Notice above, about how your personal data will be processed.

Please note that you do not have to give your consent to the publication of your name. If you do not give consent to your name being published in the PRA’s feedback response to this consultation, please make this clear with your response.

If you do not give consent, the PRA may still collect, record and store it in accordance with the information provided above.

You have the right to withdraw, amend or revoke your consent at any time. If you would like to do this, please contact the PRA using the contact details set out below.

Responses can be sent by email to: CP23_23@bankofengland.co.uk.

Alternatively, please address any comments or enquiries to:
Banking Groups and Structural Reform Team
Prudential Regulation Authority
20 Moorgate
London
EC2R 6DA

1: Overview

1.1 This consultation paper (CP) sets out the Prudential Regulation Authority’s (PRA) proposed rules requiring CRR firms that are not small domestic deposit takers (SDDTs) and CRR consolidation entities that are not SDDT consolidation entities to regularly assess their step-in risk. Step-in risk is the risk that a bank provides financial support to an unconsolidated entity that is facing stress, in the absence of, or in excess of, any contractual obligations to provide such support. The proposals would require firms to develop their own step-in risk policies and procedures and to report their assessment to their supervisor on proposed assessment templates. They build on the work done by the Basel Committee on Banking Supervision (BCBS) in developing its guidelines on the identification and management of step-in risk.

1.2 This CP also sets out the PRA’s proposals to transfer the European Banking Authority’s (EBA) guidelines on ‘limits on exposures to shadow banking entities’ and on ‘connected clients’ to PRA Rules and supervisory statements (SS). The PRA considers that its proposal would improve the accessibility and clarity of its policies by streamlining the relevant policy documents and improving the currently fragmented policy landscape as, for example, some of the definitions refer to repealed EU Directives.

1.3 The proposals set out in this CP would result in changes to the PRA’s policy material (PRA Rulebook parts and supervisory statements), as set out in the table below.

Proposed changes to policy material

1.4 Unless otherwise stated, any remaining references to EU or EU-derived legislation refer to the version of that legislation which forms part of retained EU law.^{footnote [1]}

Background and overview of proposals

Step-in risk

1.5 The financial crisis of 2007– 08 showed that banks might have incentives to provide support to unconsolidated entities to which they are connected beyond contractual obligations or ownership interests in such entities. This was evidenced by instances of banks providing credit or liquidity support to such entities. This risk was highlighted in the BCBS’s guidelines on the identification and management of step-in risk.

1.6 The purpose of the PRA’s proposals on step-in risk is to enable firms identify, manage, and in certain cases, mitigate this potential step-in risk by:

• introducing new PRA rules, based on the BCBS’ guidelines on step-in risk, requiring CRR firms and CRR consolidation entities to undertake an assessment of their step-in risk. (The PRA considers that it would be disproportionate to require SDDTs or SDDT consolidation entities to undertake a step-in risk assessment. So, it is not proposing to include them in the scope of application of the step-in risk rules.) This includes proposed rules requiring firms to put in place policies and procedures for conducting the assessment. A firm would then report its assessment to the PRA on reporting templates included within this consultation alongside its Internal Capital Adequacy Assessment Process (ICAAP) assessment; and
• introducing guidance for firms in an accompanying SS, which is also based on the BCBS guidelines, detailing factors that the PRA would expect them to consider in identifying potential step-in risk and in deciding, where necessary, on potential mitigating action.

Shadow banking

1.7 The crisis also revealed the risks arising from increased interconnectivity between the shadow banking system and the regulated banking system.^{footnote [2]} Contrary to the term’s possible connotations, shadow banks can play a prominent and valuable role in the economy and complement traditional banking by expanding access to credit and promoting market liquidity, maturity transformation, and risk sharing. However, these financial activities are often conducted by unregulated entities or under unsupervised conditions. These bank-like activities could be high-risk and affect the banking sector, which could impact the stability of the financial system.

1.8 To minimise the risks posed to firms arising from exposures to shadow banking, the EBA issued guidelines in December 2015 requiring set limits on individual exposures to shadow banking entities (SBEs) and on their aggregate exposures to SBEs.^{footnote [3]} These guidelines applied to PRA authorised firms prior to the end of the transition period of the UK’s withdrawal from the EU and the PRA continued to expect firms to comply with them afterwards and the policy statement (PS) 22/21 – Implementation of Basel standards: Final rules states that firms can continue to apply the SBE definition therein. Since January 2022, firms are also required to report to the PRA their 10 largest exposures on a consolidated basis to SBEs carrying out banking activities. This ensures the PRA has information about firms’ exposures to SBEs.

1.9 The PRA proposes to:

• transfer the EBA guidelines on limits on exposures to shadow banking into a new SS with some amendments – Identifying, monitoring, and managing exposures to shadow banking entities; and
• amend the Large Exposures (CRR) Part of the PRA Rulebook to include definitions of ‘shadow banking entities’ and ‘excluded undertakings’.

Groups of connected clients

1.10 The large exposures (LE) framework is designed to protect banks from traumatic losses caused by a sudden default of a large counterparty or a group of connected clients (GCC). The objective of the definition of a GCC is to identify clients so closely linked by idiosyncratic risk factors that it is prudent to treat them as a single risk. In 2017, the EBA issued guidelines on connected clients to specify the approach firms should take when applying the requirement to group two or more clients into a GCC.^{footnote [4]} The EBA guidelines on connected clients applied to PRA authorised firms prior to the end of the transition period and the PRA continue to expect firms to make every effort to comply with them.

1.11 The PRA proposes to:

• transfer the EBA guidelines on connected clients, with some amendments, into a new SS; and
• amend the LE (CRR) Part of the PRA Rulebook to include definitions of ‘group of connected clients’ and ‘control’ in order the make the UK rulebook more coherent.

1.12 The PRA’s proposals to define SBE, GCC and other relevant terms in the LE (CRR) Part of the PRA Rulebook, as well as transferring the EBA guidelines into SS and issuing a reporting clarification, aim to improve the accessibility and clarity of our policies, while improving the currently fragmented policy landscape in terms of identifying both SBEs and GCCs.

Scope and accountability framework

1.13 This CP is relevant to PRA-authorised UK banks, building societies, PRA-designated UK investment firms, PRA-approved holding companies and PRA-designated holding companies and other CRR consolidation entities. The proposals on step-in risk are not relevant to SDDTs and SDDT consolidation entities or firms or undertakings that expect to become an SDDT or an SDDT consolidation entity.^{footnote [5]}

1.14 The PRA has a statutory duty to consult when introducing new rules (FSMA s138J), or new standards instruments (FSMA s138S). When not making rules, the PRA has a public law duty to consult widely where it would be fair to do so. 

1.15 In carrying out its policymaking functions, the PRA is required to comply with several legal obligations. The analysis in this CP explains how the proposals have had regard to the most significant matters, including an explanation of the ways in which having regard to these matters has affected the proposals. None of the statutory panels have been consulted.

Implementation

1.16 The PRA proposes that the implementation date for the changes resulting from the proposals on step-in risk would be Thursday 1 January 2026.

1.17 Firms are expected to make every effort to comply with the existing EBA guidelines on limits on exposures to SBEs and the EBA guidelines on GCCs in the meantime. The PRA expects firms to continue to meet these expectations and requirements once these guidelines are transferred into the proposed SSs and PRA Rules.

Responses and next steps

1.18 This consultation closes on Tuesday 5 March 2024. The PRA invites feedback on the proposals set out in this consultation. Please address any comments or enquiries to CP23_23@bankofengland.co.uk. Please indicate in your response if you believe any of the proposals in this CP are likely to impact persons who share protected characteristics under the Equality Act 2010, and if so, please explain which groups and what the impact on such groups might be.

2: Step in risk

Background

2.1 The BCBS guidelines on step-in risk formed part of the G20 initiative to the ‘oversight and regulation of the shadow banking system to mitigate systemic risks, in particular risks arising due to banks’ interactions with shadow banking entities’.^{footnote [6]} Those BCBS guidelines included a framework that was intended to ‘apply more generic lessons about risk related to banks’ connections with unconsolidated entities and, as such, to identify situations where step-in risk exists and needs to be anticipated’. The BCBS noted that:

• while various initiatives had reduced the likelihood of a firm stepping in, a forward-looking approach to possible step-in situations was needed to identify possible step-in risk situations that are different from those seen in the past;
• a firm-specific assessment of step-in risk, to be evaluated by the supervisor, would be the appropriate way of identifying and managing step-in risk;
• the firm-specific assessment would not entail an automatic Pillar 1 capital or liquidity charge additional to existing capital or liquidity requirements. It would instead provide firms and supervisors with a method for identifying step-in risk and a range of possible responses for mitigating such risks; and
• firms would be responsible for choosing the most appropriate response once step-in risk was identified, which would be checked and challenged by the supervisor.

2.2 The guidelines noted that step-in risk was a possible source of reputational risk, which arises when a firm considers it may suffer negatively from the weakness or failure of an entity and ‘concludes that this impact is best mitigated by stepping in to provide financial support’.^{footnote [7]}

2.3 The proposals in this CP develop the risk management of step-in risk set out in the BCBS guidelines by requiring firms undertake regular assessments to ensure that they are appropriately identifying and managing step-in risk. They also require firms to consider whether further actions are required to mitigate such step-in risk in certain cases. Finally, the proposed individual assessments will then be reviewed and evaluated by the PRA, as envisaged in the Basel guidelines.

Step-in risk assessment

2.4 Firms may have individual or a range of exposures to unconsolidated entities where they: act as a sponsor, invest in their debt or equity, or have other contractual or non-contractual exposures that lead them to be exposed to the performance of the entity.

2.5 The PRA therefore proposes to introduce new risk management rules requiring firms to undertake a forward-looking assessment to identify such unconsolidated entities that could present step-in risk: ie the step-in risk assessment. The proposed rules would require firms to:

• put in place policies and processes to identify and evaluate its relationship with certain unconsolidated entities where they are exposed to them in the manner outlined in 2.4 above;
• consider whether there are any indicators of significant step-in risk in relation to those entities that have been assessed as being material;
• determine whether mitigating action is needed when significant step-in risk is identified; and
• report their assessment of step-in risk to the PRA at the same time as their ICAAP.

2.6 The proposed stages in the step-in risk assessment are set out below.

Scope and level of application

2.7 In developing the proposals set out in this CP, the PRA has aimed to adopt a proportionate approach. The PRA therefore proposes that the assessment would:

• not apply to SDDTs and SDDT consolidation entities, as they are less likely to be exposed to the types of unconsolidated entities that would give rise to step-in risk;
• only apply at consolidated level for most firms (and at sub-consolidated level where a firm must meet requirements at that level), as set out below, as the PRA considers those levels sufficient to capture step-in risk effectively (firms that are not a member of a consolidation group would undertake the assessment on an individual basis). So, references to firms in this Chapter should also be taken to refer to CRR consolidation entities; and
• be submitted to the PRA at the same time as its ICAAP to ensure that the submission frequency of the step-in risk assessment is proportional to individual firms’ risk profiles.

Identification and assessment of step-in entities

Formulation of policies and procedures

2.8 The PRA proposes that firms establish a set of policies and procedures relating to step-in risk, which they would follow in undertaking their step-in risk assessment. These documents would describe their approach to the identification and management of step-in risk. This would include:

• detailing the person responsible within the firm for the step-in risk assessment to ensure that the firm’s lines of accountability are clear;
• describing the firm’s approach to the assessment of significant step-in risk, including the firm’s approach to the indicators of step-in risk (ie factors that may point towards a firm stepping in to provide support for an unconsolidated entity);
• describing the firm’s approach to assessing the materiality of step-in entities; and
• describing the process used to obtain the information necessary for the step-in risk assessment.

2.9 These policies and procedures would be considered by the firm’s supervisor as part of their review of a firm's initial step-in risk assessment and periodically thereafter. Firms would be required to update their policies and processes at least every three years.

Identification of entities to be evaluated

2.10 The PRA proposes that, in undertaking their step-in risk assessment, firms should first identify all relevant unconsolidated entities where they are: a sponsor, a debt or equity investor, or have other contractual or non-contractual involvement.^{footnote [8]} The proposed rules set out a non-exhaustive list of the types of unconsolidated entities that should be included within the step-in risk assessment. This means, for example, entities that are financial institutions or ancillary services undertakings will be included.

2.11 On the other hand, the proposed rules exclude certain entities that a firm is connected to that are already subject to prudential regulatory regimes, such as banks and insurance companies, from being assessed for potential step-in risk. Further, the BCBS guidelines included the concept of ‘collective rebuttal’. This suggested that an entity should be excluded from a step-in risk assessment where national legislation or regulation prohibits a firm from stepping in with respect to a particular entity. The PRA does not consider this a ground for excluding that entity from its analysis. However, where firms consider that there are prohibitions in place that would mitigate step-in risk with regard to certain entities, they may wish to include those details within their step-in risk assessment when considering whether step-in risk is significant.

Exclusion of immaterial entities

2.12 The PRA proposes that once the relevant entities have been identified, firms would then consider their relationship with them. The first step would be to determine whether an entity is material. The firm’s policy would include a materiality threshold. This might, for example, be based on a proportion of a firm’s capital (eg Common Equity Tier 1 (CET1) capital) or total assets. So, if the entity is sufficiently small (both individually and when considered alongside other similar entities) it can then exclude it from its consideration of whether step-in risk is significant. The PRA proposes, however, that these entities should nevertheless be reported as having been excluded in the overall step-in risk assessment that is reported to the PRA. In addition, while the step-in risk assessment will generally be carried out on a consolidated basis, the PRA would expect firms’ materiality policies to reflect that there may be circumstances where a possible step-in entity or entities are material for a PRA-authorised firm within its group, but not for the consolidated group as a whole (this is likely to involve the firm setting a threshold relating to each authorised firm, as appropriate). As such, those examples should be considered further rather than being excluded as ‘immaterial’ at this stage of the analysis.

Assessment of the remaining entities against indicators

2.13 Once any immaterial entities have been excluded, the PRA proposes that firms should then assess the remaining entities against the indicators of step-in risk taking into account the considerations relating to the entity set out in the rules (eg the purpose and design of the entity) to determine whether step-in risk is significant. The indicators, along with any other factors that the firm considers relevant, in light of the purpose and design of the entity should be considered both individually and in combination. This should help firms to consider the nature of their relationship with a step-in entity and whether it is likely to incentivise the firm to step-in during a time of stress (ie due to the potential reputational risks involved).

2.14 The draft SS in Appendix 2 sets out:

• expectations around firms’ consideration of the indicators of step-in risk (eg the nature and degree of sponsorship, and the degree of influence);
• further PRA expectations as to what firms should consider in relation to that list of indicators, including illustrative examples;
• a non-exhaustive list of the types of entities that the PRA would expect firms to consider in undertaking their step-in risk assessment.

2.15 Following this assessment, the PRA proposes that a firm should document instances where step-in risk is insignificant (where it has found no or relatively weak indications of step-in risk) and those where it is significant (where there is a strong indication of potential step-in). These should be reported to the PRA on the templates proposed in Appendix 3. The PRA also proposes that the firm should outline its approach to assessing significance in its policies.

Determination of the estimation method and appropriate actions

2.16 The step-in risk assessment has been designed as a risk management tool for firms to identify and manage any potential step-in risk. However, where there is a significant step-in risk based on the firm’s assessment (eg where several indicators of step-in risk are engaged or a single indicator indicates step-in risk), the PRA would also expect the firm to consider what action it might take to mitigate that risk. So, the PRA is also proposing to outline a non-exhaustive list of potential responses to step-in risk that a firm might consider taking where it identifies such risks on a forward-looking basis. These range from setting or revising a firm’s internal limit in relation to exposures to SBE to adjusting the amount of liquidity or capital the firms hold.

2.17 The PRA, however, would expect a firm to determine its own response to step-in risk based on the circumstances of each case. This includes considering whether there is any mitigation already in place where step-in risk has been identified (whether required by PRA rules or otherwise). There would be no default presumption as to how a firm might respond to step-in risk in a particular case. The approaches taken would be subject to discussion between the firm and the PRA when the step-in risk assessment is reviewed.

2.18 The PRA notes that the BCBS guidelines included a ‘punitive ex-post capital charge’ as a potential supervisory response where a firm steps in to support an entity. Those guidelines described that proposed response as a way of deterring banks from stepping in. The PRA does not propose to include this element in its proposed approach. However, if a firm stepped in to support an entity that it had not identified in its step-in risk assessment, this may indicate risk management failings. As such, the PRA may consider whether a temporary Pillar 2 management and governance scalar might be appropriate in those circumstances, while those weaknesses are remedied.

Reporting to the PRA

2.19 To help firms conduct and report their step-in risk assessments effectively, the PRA proposes introducing three new templates (Appendix 3). The first (SI0) will include general information relating to the reporting firm. The second (SI1) will detail all of the unconsolidated entities initially identified for the step-in risk assessment (this will include entities excluded as ‘immaterial’; material entities where no or only weak indicators of step-in risk have been identified; and material entities where strong indicators of step-in risk have been identified). The third template (SI2) will ask firms to detail how they have decided whether material entities exhibit significant or insignificant step-in risk (including a detailed discussion and analysis of each of the relevant indicators of step-in risk, and any other factors the firm considers relevant), and the mitigating action that they propose to take where entities with significant step-in risk have been identified. The PRA would expect these entities and the description of the mitigating actions to be reported individually on the second template. The reporting instructions also set out some of the types of entity that a firm is likely to want to consider in putting together its step-in risk assessment, with further details of these entity types set out in Annex 1 of the draft SS in Appendix 2.

Step-in risk consolidation requirement

2.20 The PRA also proposes introducing a rule in the Groups Part of the PRA Rulebook to make it clear that the PRA may exercise the power to consolidate certain subsidiaries or participations where substantial step-in risk exists under CRR Article 18(8) in accordance with section 55M of the Financial Services and Markets Act (the provision is already mentioned in the SS15/13 – Groups). This will complement the introduction of the step-in risk assessment, as it is possible that such circumstances may emerge once firms undertake step-in risk assessments. However, as noted in the proposed SS, the PRA expects that the application of a consolidation requirement is likely to be limited in practice.

PRA objective analysis

2.21 This proposal is intended to reduce the likelihood of step-in risk events from crystalising, and to address the associated risks arising from the undercapitalisation and under-provision of liquidity via off-balance sheet vehicles. This would advance the PRA’s objective of promoting the safety and soundness of firms.

2.22 The potential undercapitalisation and under-provision of liquidity via off-balance sheet vehicles provides banks with the capacity to use complex financial engineering to give a funding cost advantage. Smaller banks usually do not have such capacity. The step-in risk assessment would therefore advance the PRA’s secondary competition objective by reducing larger banks’ funding cost advantage arising from the use of off-balance sheet vehicles in circumstances where they determine that additional financial resources are needed to mitigate identified step-in risk.

2.23 The PRA has also assessed whether the proposals in this CP advance its secondary objective to facilitate the international competitiveness of the UK economy and its growth in the medium to long term, subject to alignment with relevant international standards. The PRA considers the changes proposed in this CP are unlikely to have a material impact on UK growth or international competitiveness. However, the PRA considers that, in undertaking step-in risk assessments that introduce internationally agreed guidelines in all material respects, firms are likely to be more resilient as they identify, monitor and manage risks that might otherwise have been unanticipated. This may have the positive impact of instilling confidence among investors and firms and help to ensure that the UK remains competitive and attractive as a place to do business.

Cost benefit analysis (CBA)

2.24 The PRA has considered how to address step-in risk in a proportionate manner that best serves its primary and secondary objectives, is consistent with the published Basel guidelines on step-in risk and allows for an efficient implementation by firms. The PRA’s proposed scope of application would ensure that the requirement only applies to firms for which step-in risk is more likely to exist. The proposed frequency of the assessment would further align supervisory oversight with firms’ risk profiles. The burden on firms would also be reduced by the PRA’s proposed templates, which would assist them in reporting and monitoring their step-in risk. Importantly, only firms with material step-in entities would be expected to produce a detailed assessment and the associated mitigating actions.

2.25 The PRA provides below quantitative estimates of the likely costs and benefits of the step-in risk assessment. The lack of sufficiently granular data, notably on the likely costs associated with step-in risk crystalising, indicates that these estimates should only be treated as indicative. They are sensitive to the underlying assumptions described below and are therefore subject to substantial uncertainty.

Benefits

2.26 The benefits of the step-in risk assessment arise from reducing the probability of step-in risk events materialising in the future. Given the current lack of data on step-in risk, the PRA estimated instead the benefits associated with a reduction of the losses that firms might incur from unconsolidated entities to which they are exposed (those losses potentially being realised by a firm stepping in to bring the entities onto its balance sheet).

2.27 The PRA considered the overall potential losses to unconsolidated entities reported by firms in their annual accounts;^{footnote [9]} the size of unconsolidated entities is large creating substantial potential risk. The PRA assumed that firms’ potential losses would be only around 75% of those amounts (ie to take into account possible mitigants). The PRA also assumed that firms would only ‘step-in’ by bringing these amounts onto their balance sheet once every 33 years (ie during a systemic banking crisis). The estimated benefits of implementing the step-in risk assessment based on this methodology are around £224 million per firm for small firms and £484 million per firm for large firms.^{footnote [10]} (These estimated benefits assume that step-in risk would be fully mitigated. However, these benefits would be reduced to the extent that step-in losses occurred in practice despite mitigants being in place).

2.28 The benefits of firms undertaking a step-in risk assessment are also likely to include improving confidence in firms and, potentially, the wider financial sector, where external stakeholders consider that firms’ resilience has been improved through their understanding and risk-managing their step-in risk. This confidence may also have a positive impact on broader economic output if it improves the perceived resilience of the financial sector.

2.29 Step-in risk is a risk that contributed to increasing the magnitude of the financial crisis. The worsening of economic conditions associated with unmitigated step-in risk was however not accounted for in the quantitative estimates presented above due to methodological constraints. The PRA, however, considers that the step-in risk assessment would help limiting the negative spill-over effects of step-in events.

Costs

2.30 There would be two types of costs to firms from operationalising the step-in risk assessment within their business: one-off implementation costs and ongoing costs. The PRA has estimated these costs, using responses to a survey on reporting and disclosure requirements. The PRA has compared the scope of those changes to the proposals in this CP, and based on this and the survey estimates, has estimated the cost per firm of the step-in risk assessment distinguishing between small and large firms. The cost per firm was then matched to the population of firms likely to be affected to estimate total costs, and the net present value was determined by using a discount factor. There is, however, considerable uncertainty around these estimates, which reflects the limited sample available to the PRA.

2.31 Table 2 sets out the estimated costs of implementing the step-in risk assessment based on the methodology described above. The PRA computed three types of costs estimates: high, medium, and low; table 1 presents the range between low and high estimates, suggesting that the actual costs are likely to be in-between. On average, the estimated one-off and ongoing costs to the industry are estimated to be approximately £0.7 million and £2.8 million, respectively.

2.32 In summary, the PRA expects that both large and small firms would break even in terms of costs versus benefits if only a small fraction of the potential losses were realised during a one in 33 year event (only 0.05% of the losses would need to be realised for large firms and 0.007% for small firms using the high estimate of total costs in Table 1 above as a proportion of the total benefits noted above). Firms may break-even less often than that to the extent that they could rely on further mitigation against such risks (ie if the benefits were lower than estimated). Another possibility is that the probability of a financial crisis is lower than 3% due to the regulatory reform implemented since the financial crisis of 2007–08; however, a probability of crisis of 1% still creates large benefits due to the large size of existing unconsolidated entities as reported by firms.^{footnote [11]} Alternatively, they break-even more often if there are other or further measures that firms would need to take in the absence of regularly assessing step-in risk (ie if the benefits were higher than estimated). This could include providing liquidity support beyond or even in the absence of a contractual obligation to do so. A further example might be higher additional costs that a firm might incur should they suffer reputational damage leading to market pressures from not stepping in to support an unconsolidated entity. Finally, in the absence of the proposed risk assessment framework, firms may suffer from further regulatory and market damage (eg reduced access to debt markets) due to reduced solvency ratios after stepping in to support unconsolidated entities that were not properly assessed.

‘Have regards’ analysis

2.33 In developing these proposals, the PRA has had regard to the FSMA regulatory principles, the aspects of the Government’s economic policy set out in the HMT recommendation letter of December 2022. Where the proposed rules in this CP are ‘CRR rules’ (as defined in section 144A of FSMA), or rules applying to holding companies (section 192XA of FSMA), the PRA has also taken into consideration the matters to which it was until recently required to have regard to when making such rules.^{footnote [12]} The Financial Services and Markets Act 2023 includes a measure to amend to FSMA regulatory principles. This adds a regulatory principle relating to the UK’s net zero emissions target. The PRA has had regard to this matter. The following factors, to which the PRA is required to have regard, were significant in the PRA’s analysis of the proposal:

1. The principle that a burden or restriction which is imposed on a person should be proportionate to the benefits which are expected to result from the imposition of that burden (FSMA regulatory principles): In light of the principle that a burden or restriction should be proportionate to its benefits, the PRA considered whether it would be more proportionate to set different levels and scope of application for the step-in risk assessment. However, given that the proposals exclude SDDTs from the requirements, and given that the requirements would not apply on an individual basis (except for firms that are not part of a consolidation group), the PRA considers that the proposals in this CP are the most proportionate option.

2. The need to use the PRA’s resources in the most efficient and economical way (FSMA regulatory principles): The PRA considers that it has applied an approach that reduces the amount of time and resource it needs to spend on reviewing the step-in risk assessment. In particular, the proposals include standardised templates that would effectively assist supervisors in reviewing the step-in assessment.

3. The responsibilities of the senior management of PRA-authorised persons in relation to compliance with requirements imposed by the PRA (FSMA regulatory principles): When designing the proposals, the PRA considered how to emphasise the need for senior management responsibility in taking decisions. The proposed rules presented in Appendix 1 specify that it is a firm’s management body that would approve the policies and procedures in relation to step-in risk, as well as the step-in risk assessment.

4. The desirability of the PRA exercising its functions in a way that recognises differences in the nature of businesses carried on by different persons (FSMA regulatory principles): With SDDTs excluded from the requirement, the PRA considers that the step-in risk assessment would only be undertaken by firms most susceptible to step-in risk.

5. The principles that regulators should ensure clear information, guidance, and advice is available to help those they regulate meet their responsibilities to comply, and should ensure that their approach to their regulatory activities is transparent (Legislative and Regulatory Reform Act 2006): The PRA’s proposed SS in Appendix 2 seeks to provide detailed guidance to firms on how they ought to conduct the step-in risk assessment.

2.34 The PRA has had regard to other factors as required. Where analysis has not been provided against a ‘have regard’ for this set of proposals, it is because the PRA considers that ‘have regard’ to not be a significant factor for this set of proposals. The statutory panels were not consulted for the proposals described above.

Impact on mutuals

2.35 The PRA considers that the impact of the proposed rule changes on mutuals is expected to be no different from the impact on other firms. The is because the proposals would apply equally to all in-scope firms (ie those that are not SDDTs or SDDT consolidation entities) including mutuals.

Equality and diversity

2.36 The PRA considers that the proposals do not give rise to equality and diversity implications.

3: Shadow banking entities

3.1 Shadow banking can complement traditional banking by expanding valuable access to credit in support of economic activity or by supporting market liquidity, maturity transformation and risk sharing.^{footnote [13]} However, SBEs are potentially vulnerable to runs and liquidity problems, interconnectivity and spill overs between SBE and the regulated banking sector, excessive leverage and procyclicality as well as opaqueness and complexity that is often observed across multiple SBE.

3.2 In an effort to mitigate the risk of spill overs between the shadow banking system and the regulated banking sector, the EBA issued guidelines on limits on exposures to SBEs. According to these guidelines, firms are required to set limits, as part of their internal processes, on their individual exposures to SBEs and on aggregate exposures to SBEs. PRA authorised-firms are expected to make every effort to comply with these guidelines as set out in the PRA’s approach for interpreting EU guidelines and recommendations.

3.3 Since January 2022, Article 394 in the LE (CRR) Part of the PRA Rulebook, applies the requirement from the CRR on firms to report to their 10 largest exposures to SBEs that carry out banking activities outside the regulated framework, on a consolidated basis. This helps to ensure that the PRA has sufficient information about firms’ exposures to SBEs to monitor the risks that such exposures may pose.

3.4 SBEs are not defined in the Capital Requirements Regulation (CRR) or in the PRA Rulebook. Instead, the PRA set out in PS17/21 that firms can continue to use the definition of SBE as set out in the EBA guidelines.

3.5 The number of policy materials needed to correctly implement this policy creates unnecessary complexity. This chapter sets out the PRA’s proposals to improve the accessibility and clarity of this policy.

3.6 The PRA proposes to:

• transfer the definition of ‘shadow banking entities’ and ‘excluded undertakings’ as set out in the EBA guidelines to the LE (CRR) Part of the PRA Rulebook with some amendments, for example to update references to retained EU law which is due for repeal; and
• transfer the current EBA guidelines on limits on exposures to SBEs into a new SS with some amendments.

3.7 The PRA proposes to make the following minor changes to the definitions:

• to update previous references to the EU and retained EU law due for repeal; and
• to include sovereign and governmental agencies of the UK and equivalent third country entities in the definition of ‘excluded undertakings’. This is to clarify that these entities should not be captured under the definition of SBEs.

3.8 The PRA proposes to transfer the following sections of the EBA guidelines to an SS without making any material changes:

• requirements regarding limits on exposures to SBEs;
• the principal approach for setting limits to exposures to SBEs; and
• the fallback approach.

PRA objective analysis

3.9 These proposals are intended to ensure that firms continue to set internal limits on their exposures to SBEs, reducing the risk of high interconnectivity between the banking sector and shadow banking. In addition, the proposals to define SBEs in the PRA Rulebook are intended to help firms to correctly identify SBEs for these purposes and to ensure correct reporting of exposures to SBEs. This would advance the PRA’s objective of promoting the safety and soundness of firms.

3.10 The PRA has also assessed whether the proposals in this CP advance its secondary objectives to facilitate effective competition and the international competitiveness of the UK economy and its growth in the medium to long term, subject to alignment with relevant international standards. The PRA considers the changes proposed in this CP are unlikely to have a material impact on UK growth or international competitiveness. Rather, the PRA expects that the introduction and implementation of enforceable criteria for identifying and managing exposures to SBEs will strengthen the LE framework by clarifying the entities which fall within the scope of SBEs, improving the quality of reporting. This will allow for more accurate monitoring of sectoral concentration risk, as well as eliminating the cost advantage that large banks may have over smaller banks with small or no exposures to SBEs, thus making it easier for firms to apply the principles of the LE framework clearly and contribute to a level-playing field within the UK financial system.

Cost benefit analysis

3.11 The EBA guidelines have effectively supported UK firms in identifying exposures to SBEs, as well as subsequent monitoring and management in light of the potential for increased sectoral concentration risk ensuring a proportionate response was applied to all firms.

3.12 Under the proposals to amend the rules and introduce a new SS, UK firms would continue to benefit from the effects of the original guidelines’ measures. In addition, implementing the proposals would improve the accessibility of the PRA Rulebook and enable firms to better monitor and manage exposures to SBEs, as well as improving the quality of the data reported on LE. These proposals would help firms in meeting Fundamental Rule 3 (to act in a prudent manner befitting of safety and soundness) and Fundamental Rule 6 (to organise and control affairs responsibly and effectively).

3.13 The proposed measures would not require substantial new resources from the PRA to supervise firms or to review the regulatory returns. The proposals aim to help firms to better identify exposures to SBE and as a result, the time and resources required to review the LE regulatory data items will be significantly reduced. Furthermore, the measures would not require the introduction of additional administrative procedures to firms, since no substantive changes are being introduced, nor would there be additional resources requirements or any detrimental impact on their capital quality. In addition, there are no expected market impacts from the introduction of the proposed measures.

‘Have regards’ analysis

3.14 In developing these proposals, the PRA has had regard to the FSMA regulatory principles, the aspects of the Government’s economic policy set out in the HMT recommendation letter of December 2022. Where the proposed rules in this CP are ‘CRR rules’ (as defined in section 144A of FSMA), or rules applying to holding companies (section 192XA of FSMA), the PRA has also taken into consideration the matters to which it was until recently required to have regard to when making such rules.^{footnote [14]} The Financial Services and Markets Act 2023 includes a measure to amend to FSMA regulatory principles. This adds a regulatory principle relating to the UK’s net zero emissions target. The PRA has had regard to this matter. The following factors, to which the PRA is required to have regard, were significant in the PRA’s analysis of the proposal:

1. The principle that a burden or restriction which is imposed on a person should be proportionate to the benefits which are expected to result from the imposition of that burden (FSMA regulatory principles): The requirement to report exposures to SBEs only applies on a consolidated basis and will not apply on an individual basis. The PRA considers that the proposals in this CP are therefore the most proportionate option. Furthermore, the existing EBA guidelines includes a materiality threshold of 0.25% of Tier 1 capital to reduce the burden of application for firms by allowing them to disregard immaterial exposures that are unlikely to pose special risk. This element will be retained in transferring the guidelines into an SS. Firms are already required to report their 10 largest exposures to SBEs and expected to set internal limits on exposures to SBEs, and although the proposals and clarifications in this CP might require a firm to review their existing policies and practices, the PRA considers that this is the most proportionate approach.

2. The need to use the PRA’s resources in the most efficient and economical way (FSMA regulatory principles): The PRA considers that this approach reduces the amount of time and resource needed to review regulatory issues relating to SBEs. Bringing the definition of SBEs into the PRA Rulebook and clarifying the PRA’s expectations regarding how firms should treat exposures to SBEs would likely reduce the burden of supervisory support required to implement the approach, as well as the burden of pursuing potential reporting errors that impact on effective monitoring.

3. The responsibilities of the senior management of PRA-authorised persons in relation to compliance with requirements imposed by the PRA (FSMA regulatory principles): When designing the proposals, the PRA considered how to emphasise the need for senior management responsibility in taking decisions. The guidance presented in the proposed SS specify that a firm’s management body would be responsible for approving the policies and procedures in relation to SBEs.

4. The desirability, of the PRA exercising its functions in a way that recognises differences in the nature of businesses carried on by different persons (FSMA regulatory principles): The proposals are aimed at helping firms identify SBEs in order to identify and report their 10 largest exposures to SBEs and would not directly impact on the nature of businesses carried on by different persons. The existing expectation that firms set their own internal limits on individual exposures to SBEs and aggregate exposures to SBEs allows firms to consider the nature of their businesses carried on by different persons.

5. The principles that regulators should ensure clear information, guidance, and advice is available to help those they regulate meet their responsibilities to comply, and should ensure that their approach to their regulatory activities is transparent (Legislative and Regulatory Reform Act 2006): The PRA’s proposed SS in Appendix 6 seeks to provide detailed guidance to firms on how they ought to identify, monitor, and manage exposures to SBEs based on varying degrees of information that firms are expected to have available to them regarding the underlying exposure.

3.15 The PRA has had regard to other factors as required. Where analysis has not been provided against a ‘have regard’ for this set of proposals, it is because the PRA considers that ‘have regard’ to not be a significant factor for this set of proposals.

Impact on mutuals

3.16 The PRA considers that the impact of these policy proposals on mutuals is expected to be no different from the impact on other firms. The EBA guidelines upon which the proposals rest have already contributed to proportionality, and these elements will be retained throughout when the relevant sections of the guidelines are moved to PRA Rules and an SS.

Equality and diversity

3.17 The PRA considers that the proposals do not give rise to equality and diversity implications.

4: Groups of connected clients

4.1 A prudential framework for LE requires firms to identify, manage and control the risk of significant losses that could result from a firm’s LE to a single client or GCC.^{footnote [15]} The LE framework is an important complement to risk-weighted capital requirements. Its objective is to ensure that the maximum possible loss a bank could incur if a single client or GCC were to suddenly fail would not threaten a firm’s ability to continue as a going concern. As a result, it helps to promote the safety and soundness of firms.

4.2 GCCs are defined in the CRR as, broadly, entities that constitute a single risk because one of them, directly or indirectly, has control over the others or entities that constitute a single risk because they are so interconnected that if one of them were to experience financial problems, the others would also be likely to encounter financial problems.^{footnote [16]}

4.3 In November 2017, the EBA published guidelines on connected clients. These guidelines specify the approach firms should take when applying the requirement to group two or more clients into a ‘group of connected clients’ because they constitute a single risk. PRA authorised-firms are expected to make every effort to comply with these guidelines as set out in the PRA’s approach for interpreting EU guidelines and recommendations.

4.4 The approach set out in the EBA guidelines closely follows the approach set by the Basel standards on measuring and controlling LE.^{footnote [17]} For this reason, the proposals in the chapter aim to enhance the legal standing of our approach to applying the requirements to form GCCs by transferring the definitions and criteria into the PRA Rulebook and transfer any remaining guidelines into a new SS, with some amendments.

4.5 In order to improve the accessibility and clarity of our policies as well as improving the currently fragmented policy landscape, the PRA proposes to:

• transfer the EBA guidelines on connected clients into a new SS, with some amendments; and
• amend the LE (CRR) Part of the PRA Rulebook to include definitions for ‘group of connected clients’ and ‘control’.

4.6 The PRA is not proposing to make any changes to the definition of GCC other than clarifying that the Scottish Government, the Welsh Government and the Northern Ireland Executive shall each be treated as regional governments for this purpose.

4.7 The definition of control closely follows the definition of control in the UK CRR but will be updated to make reference to sections 1162 of the Companies Act 2006 and the criteria for identifying a parent undertaking to define control. The PRA consider that this does not change the substance of the definition as the criteria remain the same.

4.8 The PRA consider that including these definitions in the LE (CRR) Part of the PRA Rulebook would make it more accessible and clearer for firms when assessing requirements for LE purposes.

4.9 These proposals do not affect the definitions of ‘group of connected clients’ and ‘control’ in the UK CRR which will remain relevant for UK CRR Article 123(c),^{footnote [18]} Article 147(5)(a)(ii),^{footnote [19]} Article 172^{footnote [20]} and Article 501.^{footnote [21]} They will also remain relevant for Article 428 in the Liquidity (CRR) Part of the PRA Rulebook.^{footnote [22]} These definitions will remain in place until repealed by the Financial Services and Markets Act 2023 but would no longer be relevant for the LE (CRR) Part of the PRA Rulebook.

4.10 Finally, the PRA proposes to transfer the guidelines in a new SS without any substantive changes.

PRA objective analysis

4.11 This proposal is intended to ensure that firms continue to correctly identify GCCs, reducing the risk that the failure of one client will likely lead to multiple client failures and subsequently lead to the failure of the firm. This would advance the PRA’s objective of promoting the safety and soundness of firms.

4.12 The PRA has also assessed whether the proposals in this CP advance its secondary objectives to facilitate effective competition and the international competitiveness of the UK economy and its growth in the medium to long term, subject to alignment with relevant international standards. The PRA considers the changes proposed in this CP are unlikely to have a material impact on UK growth or international competitiveness. Rather, the introduction of enforceable criteria for recognising GCCs will strengthen the LE framework by ensuring firms correctly identify their exposures to GCCs. This should also ensure a fair application of LE limits across all firms which will contribute to creating a level-playing field.

Cost benefit analysis

4.13 The purpose of the EBA guidelines is to clarify and apply the concept of interconnection, in particular when control issues or economic dependency should lead to the grouping of clients because they constitute a single risk. These guidelines supported the LE framework’s objective of limiting firms’ potential losses and the impact that a counterparty default could have on the stability of an institution and the banking sector.

4.14 The purpose of the changes proposed in this chapter is to improve the accessibility and clarity of the PRA’s policies in PRA-developed documents, rather than equivalent EU documents. By implementing the proposed rule instrument and the associated SS, UK firms would continue to use the same guidelines to assess whether two or more clients should be treated as a GCC. These proposals will help firms in meeting Fundamental Rule 3 (act in a prudent manner), Fundamental Rule 5 (effective risk strategies and risk management systems) and Fundamental Rule 6 (organise and control affairs responsibly and effectively).

4.15 The proposed measures would not require substantial new resources from the PRA to supervise firms. The measures will also not require the introduction of additional administrative procedures to firms, cost additional resources or affect their capital quality. In addition, there are no expected market impacts from the introductions of these measures.

‘Have regards’ analysis

4.16 In developing these proposals, the PRA has had regard to the FSMA regulatory principles, the aspects of the Government’s economic policy set out in the HMT recommendation letter of December 2022. Where the proposed rules in this CP is a ‘CRR rule’ (as defined in section 144A of FSMA), or rules applying to holding companies (section 192XA of FSMA), the PRA has also taken into consideration the matters to which it was until recently required to have regard to when making such rules.^{footnote [23]} The Financial Services and Markets Act 2023 includes a measure to amend to FSMA regulatory principles. This adds a regulatory principle relating to the UK’s net zero emissions target. The PRA has had regard to this matter. The following factors, to which the PRA is required to have regard, were significant in the PRA’s analysis of the proposal:

1. The principle that a burden or restriction which is imposed on a person should be proportionate to the benefits which are expected to result from the imposition of that burden (FSMA regulatory principles): The efforts that firms put into the investigation of economic dependencies among their clients should be proportionate to the size of the exposures. Therefore, the guidelines require firms to strengthen their investigations, by extensive research of any type of ‘soft information’ as well as information that goes beyond the firms’ clients, in all cases where the sum of all exposures to one individual client exceeds 5% of Tier 1 capital. The definition of GCCs sets out a proportionate alternative grouping approach for firms’ exposures to sovereign entities and their direct subsidiaries. These elements will be retained upon the proposed transfer of the guidelines into an SS.

2. The need to use the PRA’s resources in the most efficient and economical way (FSMA regulatory principles): The PRA considers that it has applied an approach that reduces the amount of time and resource it needs to spend on reviewing regulatory issues relating to GCCs. Bringing the definitions relating to GCCs into the PRA Rulebook and clarifying the PRA’s expectations regarding how firms should group their exposures to GCCs will likely reduce the burden of supervisory support required to implement the approach, as well as the burden of pursuing reporting errors that impact on effective monitoring. Correctly assessing for GCCs is an important element to ensure a robust and prudent LE Framework.

3. The responsibilities of the senior management of PRA-authorised persons in relation to compliance with requirements imposed by the PRA (FSMA regulatory principles): When designing the proposals, the PRA considered how to emphasise the need for senior management responsibility in taking decisions. The proposed SS in Appendix 7 outlines an expectation that: firms establish appropriate control and management procedures for identifying GCCs; senior management ensures that adequate processes for the identification of connections among clients are documented and implemented; and that firms review management procedures on a periodic basis.

4. The desirability, of the PRA exercising its functions in a way that recognises differences in the nature of businesses carried on by different persons (FSMA regulatory principles): The proposals are aimed at helping firms identify GCCs to correctly apply the LE limits to their exposures and monitor levels of concentration risk. This measure applies to all firms and is a prudent measure to protect any firm from large losses. The PRA has not identified any adverse impact when considering different business models.

5. The principles that regulators should ensure clear information, guidance, and advice is available to help those they regulate meet their responsibilities to comply, and should ensure that their approach to their regulatory activities is transparent (Legislative and Regulatory Reform Act 2006): By including GCC rules and definitions in the PRA Rulebook the PRA also contributes to making the new rules and supervisory expectations more accessible and clearer to UK firms.

4.17 The PRA has had regard to other factors as required. Where analysis has not been provided against a ‘have regard’ for this set of proposals, it is because the PRA considers that ‘have regard’ to not be a significant factor for this set of proposals.

Impact on mutuals

4.18 The PRA considers that the impact of the proposed rule changes on mutuals is expected to be no different from the impact on other firms. The reason for this is because the EBA guidelines upon which the proposals rest have already contributed to proportionality, and these elements will be retained throughout when the relevant sections of the guidelines are moved to the SS.

Equality and diversity

4.19 The PRA considers that the proposals do not give rise to equality and diversity implications.