WHITE PAPER

CHALLENGES IN IMPLEMENTING
A COUNTERPARTY RISK
MANAGEMENT PROCESS

Authored by David Kelly (Quantifi)

• Key data and technology challenges

• Current trends and best practices

www.quantifisolutions.com
About the Author

David Kelly
David Kelly, Director of Credit Product Development, Quantifi, brings almost 20
years of experience as a trader, quant, and technologist to Quantifi. He has
previously held senior positions at some of the largest financial institutions
including Citigroup, JPMorgan Chase, AIG and CSFB. At Citigroup, he was the
senior credit trader on the Global Portfolio Optimisation desk, responsible for
actively managing the credit risk in derivatives positions. Prior to this, he ran
the JPMorgan Chase Global Analytics group, where he was responsible for
front-office pricing models and risk management tools for the global derivatives
trading desks including the firm’s first CVA system. An enrolled member of
the Society of Actuaries, Mr.Kelly holds a B.A. in economics and mathematics
from Colgate University and has completed graduate work in mathematics at
Columbia University and Carnegie Mellon.
Challenges in Implementing a
Counterparty Risk Management Process

Introduction
Most banks are in the process of setting up counterparty risk management processes or improving
existing ones. Unlike market risk, which can be effectively managed by individual trading desks or traders,
counterparty risk is increasingly being priced and managed by a central CVA desk or risk control group since
the exposure tends to span multiple asset classes and business lines. Moreover, aggregated counterparty
exposure may be significantly impacted by collateral and cross-product netting agreements.

Gathering transaction and market data from potentially many trading systems, along with legal agreements
and other reference data, involves significant and often underestimated data management issues.
The ability to calculate credit value adjustments (CVA) and exposure metrics on the entire portfolio,
incorporating all relevant risk factors, adds substantial analytical and technological challenges. Furthermore,
traders and salespeople expect near real-time performance of incremental CVA pricing of new transactions.
Internal counterparty risk management must also be integrated with regulatory processes.

In short, the data, technological, and operational challenges involved in implementing a counterparty
risk management process can be overwhelming. This paper outlines the key challenges, starting with an
overview of the main business objectives, followed by a discussion of data and technology issues, and
current trends in best practices.
Objectives
The objectives in setting up a counterparty risk management process can be split into three categories – CVA
pricing, exposure management, and regulatory requirements. The following is a summary of the objectives to
provide context for the data and technology discussions.

CVA Pricing
CVA is the amount banks charge their counterparties to compensate for the expected loss from default. Since
both counterparties can default, the net charge should theoretically be the bilateral CVA, which includes a debt
value adjustment (DVA) or gain from the bank’s own default. CVA pricing can be split into the inter-bank and
corporate customer markets. New legislation, including the Dodd-Frank Bill in the U.S. and the European Market
Infrastructure Regulations (EMIR), along with Basel III, are mandating or incentivising clearing and increased use
of collateral over CVA as the principal means for managing counterparty risk in the inter-bank market.

Uncollateralised exposure is more prevalent in the corporate derivatives market and banks compete
aggressively on CVA pricing. CVA pricing is inherently complex for two reasons. First, the incremental (or
marginal) CVA for each trade should reflect the application of collateral and netting agreements across all
transactions with that counterparty. Second, CVA pricing models not only need to incorporate all of the
risk factors of the underlying instrument, but also the counterparty’s ‘option’ to default and the correlation
between the default probability and the exposure, i.e., right- or wrong-way risk.

Given the complexity, two problems arise. Some banks are not able to compete for lucrative corporate
derivatives transactions because they do not take full advantage of collateral and netting agreements with their
counterparties in calculating CVA. Or, they win transactions because their models under-price some of the risks
and subject the bank to losses. The complexity is compounded by the need for derivatives salespeople to make
an executable price in near real-time.

Risk Management
While CVA covers the expected loss from counterparty defaults, there is also the risk of unexpected losses,
as well as mark-to-market gains and losses on the CVA. These risks are managed through a combination
of exposure limits, reserves and replication or hedging. Unexpected losses are calculated by simulating
exposures through time, taking into account netting and collateral agreements, and using the potential
future exposure (PFE) profile at a specified percentile, e.g. 99%, and the counterparty’s default probability to
calculate the unexpected loss or economic capital (EC), net of CVA.

Many banks strictly rely on reserves and exposure limits to manage these risks but the trend is towards
more active management. Hedging CVA has become increasingly important to offset significantly higher
regulatory capital requirements and to reduce the impact of CVA volatility on the bank’s earnings. The main
problem is that some of the risks can’t be effectively hedged. For example, there may be limited or no
liquid CDS referencing some of the counterparties and there are complex correlation and second-order risks
that can be difficult to quantify and hedge. The difficulties are amplified by the computational constraints in
running Monte Carlo simulations on the entire portfolio for each perturbed input.

Regulatory Requirements
Subject to approval, the Internal Model Method (IMM) specified in the Basel accord allows banks to use their
own models to calculate regulatory capital. The counterparty default risk charge is calculated using current
market data, either implied or calibrated from historical data. Banks using market-implied or risk-neutral
calibrations, appropriate for hedging, must also run the simulations with historical calibrations. Three-years
of historical data are required, including a period of stress to counterparty credit spreads. The data must be
updated quarterly or more frequently if warranted by market conditions. The counterparty default risk charge
is the greater of the charge based on current market data and the charge based on the stress calibration.
Basel III introduces a CVA risk capital charge, as CVA losses were greater than unexpected losses in many
cases during the recent crisis. The charge is the sum of the non-stressed and stressed CVA VaR, based
on changes in credit spreads over a three-year period. For the stressed CVA VaR, the three-year period
includes a one-year period of stress to counterparty credit spreads. Banks need not include securities
financing transactions (SFTs) in the CVA risk capital charge unless the risk is deemed material. Cleared
transactions are also omitted. However, eligible credit hedges should be included in all calculations. The
total regulatory capital charge for counterparty risk is the sum of the counterparty default risk charge and
CVA risk capital charge.

Regulatory approval is contingent on model validation. Back-testing of representative portfolios over several
historical dates covering a wide range of market conditions is the primary mechanism for validating the
capital model. Back-testing involves comparing exposure projections with realised exposures for selected
time buckets, e.g., one year. Banks must also perform stress tests on the principal market risk factors to
identify general wrong-way risks, concentrations of risks among industries or regions, and large directional,
basis and curve risks. Reverse stress testing to identify plausible loss scenarios may also be required.

Summary

The key objectives of the counterparty risk management process can be summarised as follows:

• Central storage of counterparty legal entity structures, including a history of corporate actions
and credit events
• Central storage of collateral & netting legal agreements by counterparty
• Ability to load all OTC derivatives and other counterparty transactions from various booking systems
• Collateral position management and integration with counterparty risk calculations
• Market data required to value counterparty transactions, plus market-implied and historical
volatilities and correlations for generating exposure distributions, and default probabilities for
calculating CVA, DVA and economic capital
• Near-time incremental CVA pricing of new trades, reflecting collateral & netting agreements
• CVA pricing models that incorporate all dimensions of risk, including right- and wrong-way risk
• Expected exposure (EE) and potential future exposure (PFE) profiles for counterparty limit
monitoring on a daily basis
• CVA, DVA and economic capital calculations for expected and unexpected loss management
• CVA sensitivities across all risk factors for actively managing counterparty risk
• Credit hedges reflected in exposure and loss metrics, and market hedges reflected in CVA sensitivities
• Regulatory counterparty risk capital calculation using market-implied and historical calibrations,
including a stress calibration
• Historical CVA VaR using the recent three-year period and a stress period
• Back-testing of representative portfolios over multiple time periods to validate exposure projection model
• Stress testing to identify wrong-way risks and concentrations
• Reporting of all counterparty risk metrics minimally by counterparty, industry, and region with
diagnostic drill-down capabilities
Data
Based on the objectives, data requirements can be segregated into reference data, market data,
counterparty transactions and collateral positions.

Reference Data
Reference data generally means detailed terms and conditions for securities and information on legal entities,
including historical ratings, corporate actions and credit events. For counterparty risk purposes, the scope
expands to netting and collateral agreements, through master agreements and credit support annexes (CSAs).
There may be additional netting agreements to facilitate cross-product netting across master agreements.

Collateral agreements impose a cap on counterparty exposure by collateralising the exposure above a
specified threshold. For exchange-traded and cleared transactions, the threshold is effectively zero. The
threshold(s) may be unilateral or bilateral and may adjust according to the counterparty’s rating or other
trigger. Collateral agreements also specify the frequency of collateral calls and the closeout period. The
closeout period, or ‘margin period of risk’, is the amount of time between requesting and receiving collateral
before default is assumed. The collateral agreement may also specify acceptable types of collateral and
corresponding haircuts.

Market Data
A fundamental counterparty risk measure is current exposure (CE), or the mark-to-market value of all
positions by counterparty, which may be netted and collateralised according to legal agreements stored
in the reference database described above. In order to calculate CE, all market data required by curve
calibrators and pricing models must be sourced. For a large trading book, this can mean quoted prices and
volatilities across interest rates, FX, commodities, equities and credit.

The market-implied volatilities used by pricing models to mark positions can also be inputs to the simulation
engine that generates market scenarios and the distribution of counterparty exposures through time. Risk
metrics such as EE and PFE are calculated from these exposure distributions. CVA, DVA and economic
capital also require counterparty default probabilities, derived from credit spreads or historical data.
Correlations between the counterparty’s default probability and each risk factor are needed to value right-
and wrong-way risk. Correlations between risk factors may also be needed to manage the dimensionality
of the simulations.

The Basel guidelines impose further requirements on market data. While current market-implied data may
be used for some calculations, Basel III forces banks to use historical volatilities and correlations, calibrated
over a three-year period, in generating exposure distributions. An additional three-year period that
includes a period of significant stress to counterparty credit spreads is required for the default risk capital
and CVA VaR calculations. The historical data set should also support back-testing of the exposure model.
Banks are expected to ensure that market data is scrubbed and verified, stored in a secure database, and
independent of business lines.

Transactions
In most cases, OTC derivatives account for the largest share of counterparty risk. Securities financing
transactions typically make up another significant portion of transactions but are often less risky due to shorter
maturities. Hedges such as CDS and other credit derivatives should also be included. While only specific credit
hedges are recognised for regulatory capital relief, other products referencing underlying market risk factors
may be used to hedge CVA sensitivities.
OTC transactions pose the biggest challenge. For most banks, the vast majority are interest rate and FX
derivatives. OTC derivatives may contain customised cash flows and/or exotic payoffs, which must be
communicated to the counterparty risk system. Some of the economic terms and conditions may also come
from the reference database.

Counterparty collateral positions are also important. Most collateral is cash and highly rated securities,
although the increased emphasis on collateral funding is causing banks to explore other forms. Ideally,
the counterparty risk system would revalue the collateral along with the transactions in calculating net
counterparty exposure in order to reflect mark-to-market risk of the collateral.

• Securities • IR, FX, commodities

• Legal entities & equities prices
• Ratings • Credit spreads (PDs)
• Corporate actions • Market volatilities
• Credit events • Historical voltilities
• Master agreements • Correlations
& CSAs • Historical data
• Cross-product
netting agreements Reference Market
Data Data

Transactions Collateral

• OTC derivatives • Cash

• Securities Financing • Securities
Transactions • New types
• Credit hedges • Haircuts
• CVA market hedges • Funding
Technology
The counterparty risk management objectives and corresponding data requirements summarised in the
previous two sections translate into a very challenging technology agenda. Data management is certainly
a top priority, as well as robust CVA pricing and risk analytics. Centralising counterparty risk management
for the entire trading book places a high priority on scalability, while providing near-time performance
for marginal pricing of new trades. Given the large amount of information, a configurable reporting
environment is a necessity. For regulatory approval, the infrastructure must also support back-testing,
stress testing and VaR. Each of these issues is addressed below.

Data Management
Most banks have multiple systems for reference data, market data, and transactions, which may be different
for each business unit. These systems may be further sub-divided into front-office analytical tools and back-
office booking systems, each with its own repository of reference data. There may also be several internal and
external sources for market data. The counterparty risk system must integrate with potentially many of these
systems in order to extract the data needed to produce a comprehensive set of counterparty risk metrics.

Systems integration presents several technical challenges. Source systems may be built with a variety of
technologies, such as C++, Java, and .NET, which means the counterparty risk system may have to ‘speak’
many languages. Some systems may have well-developed interfaces and APIs while others may not, which not
only adds to the cost of development but also increases the failure rate in terms of missing or erroneous data.

Related issues include symbology mapping and data conversion. Source systems may use their own
symbols to identify securities and other parameters, such as holiday codes and reference indices. Use of
industry standard ticker symbols lessens the problem but invariably, the counterparty risk system must be
able to interpret a variety of naming conventions. Source systems also store data in proprietary formats.
While loading the data, the counterparty risk system must convert it into its own format. Expanded use
of open XML formats, such as FIXML and FpML, as more products become standardised for clearing, is a
positive development.

Once the systems have been connected and data translations in place, the counterparty risk system must
receive incremental updates from the upstream systems. Daily updates are sufficient for most purposes but
incremental CVA pricing depends on up to date position and market data.

Analytics
Analytical components can be categorised into pricing models, the simulation engine, and market data
calibrators. Most institutions have their own proprietary libraries of pricing models for front-office pricing and
hedging. Ideally, the bank would use the same pricing models for counterparty risk to ensure consistency.
Market data calibrators provide the market-implied and historical volatilities and correlations as inputs to the
simulation engine.

The simulation engine uses pricing models in generating the exposure distribution over a specified set of
future dates. The first step is to simulate market scenarios using a risk neutral or historical calibration. The next
step is to value each transaction over all scenarios and time steps to create the exposure distribution. The
exposures are aggregated by counterparty ‘netting set’, according to legal netting agreements. Collateral
terms are then applied to determine uncollateralised exposure by netting set.
In applying collateral thresholds, the ‘margin period of risk’ and collateral mark-to-market risk must be
considered. EE, PFE and various Basel metrics including expected positive exposure (EPE) can be directly
calculated from the exposure distribution. The final step is to ‘integrate’ the exposure distribution to calculate
CVA, DVA and economic capital. Incorporating right- and wrong-way risk into these calculations is important,
especially for credit derivative transactions, and non-trivial to implement.

Several analytical issues arise in performing the above steps. First and foremost, pricing models must be
able to perform forward valuations for the simulated market scenarios. Early termination or mutual ‘put’
features should be reflected. For path-dependent and other exotic payoffs, the simulation engine should
provide sufficient path-level information to the pricing model to prevent valuation inconsistencies (and
performance bottlenecks) from having to run simulations within the simulation.

In order for pricing models to re-use market scenarios or paths, the simulation engine should use risk neutral
calibrations of the various risk factors. For example, if pricing models use a Libor market model, e.g., BGM,
to price interest rate derivatives, the simulation engine should use the same model, which means calibrating
forward rates, volatities and correlations from current market data. This calibration can also be used to
calculate CVA sensitivities for hedging purposes. The simulation engine must also support calibrations
based on historical data to calculate the various metrics required by Basel.

Performance & Scalability

For a large bank, the counterparty risk system may price something on the order of one million transactions
over one thousand scenarios and one hundred time steps, or 100 billion valuations. If the bank actively
hedges CVA, the number of valuations is roughly multiplied that by the number of sensitivities required.
Pricing models must be as efficient as possible in order to generate counterparty risk metrics on a daily
basis. Since banks prefer to use their own pricing models for consistency, additional tuning or substitution
of less sophisticated models for valuation of complex products, at the expense of some accuracy, may be
necessary. Another approach is to use pre-calculated pricing grids to reduce the number of valuations.

Scalability can also be addressed through parallel processing. Distributing computations across servers and
processor cores using grid technology and multi-threading should allow acceptable levels of performance
to be achieved by adding hardware resources. Of course, complexity and potential for failure increases with
the amount of hardware.

Re-running simulations on the entire portfolio to determine the impact (marginal price) of a new transaction
is not practical for intra-day pricing. The typical solution involves saving valuations at the netting set level for
each scenario and time step in the database. Marginal pricing is then reduced to simulating the new trade
along the same scenarios and time steps and aggregating with the saved netting set valuations, re-applying
netting and collateral agreements. Of course, adjustments or re-simulation may be necessary for changes in
portfolio composition or significant market moves.
Reporting
With the huge amount of data involved and analytical complexity, the ability to view the various counterparty
risk metrics across a variety of dimensions is absolutely essential. At the very least, the system should show
CE, EE, PFE, CVA, DVA and economic capital by counterparty, industry and region. The system should also
display EE and PFE profiles along specified future time buckets out to the maximum maturity date. The ability
to inspect reference, market and transaction data inputs is vital in verifying calculated results and tracking
down errors. The system must also provide reports for back-testing, stress testing and VaR outputs with similar
aggregation and drill-down capabilities.

Back-testing, Stress Testing & VaR

The counterparty risk system’s infrastructure must provide back-testing, stress testing and full-reval historical
VaR. For back-testing, the system should record all data necessary to simulate exposures for representative
portfolios over multiple historical dates. Stess testing functionality should support configuration of a set of shifts
to any or all of the current market data used to value the portfolio. Flexibility to ‘steepen’ or ‘flatten’ curves
must be provided, as well as shifting basis spreads. VaR is similar to stress testing in that it involves a set of
shifts. The shifts are derived from a time series of historical market data, typically daily. In some institutions,
the market risk group provides a set of shift ‘files’ that the risk system should load to run VaR and stress tests.

Analytics Reporting

• CE, EE, PFE, CVA, EC

• Large cross-asset • Back-test exposure
by counterparty,
• Multiple data sources • Simulation engine portfolios projections vs.
industry & region
• Systems integration • Risk-neutral & historical • Pricing model Realizations
• EE & PFE profiles
• Symbology mapping calibrations performance • Curve steepening
over time
• Data format • Netting & collateral • Near-time CVA pricing & flattening stress
• Data inspection &
conversions • Right/wrong-way risk • CVA sensitivities scenarios
drill-downs
• Incremental updates • Exotic payoffs • Daily and intra-day • Stress basis spreads
• Back-testing, stress
metrics • Full reval historical VaR
testing, VaR outputs
Performance & Back-testing, Stress
Data Management Scalability Testing & VAR
Trends
Post crisis, the ability for senior management to get a comprehensive view of the bank’s counterparty risks
is a critical priority. Consolidated risk reporting has been elusive due to front-office driven business models.
As influential revenue producers, trading desks have maintained a tight grip on data ownership, model
development and front-office technology. This has resulted in a proliferation of systems, making the job of
aggregating risks across business lines excessively complicated. Continuous development of new types of
derivative payoffs and structured products has exacerbated the problem. But the failures and near failures of
several global banks have changed the traditional mentality. Banks are now taking a ‘top-down’ approach to
risk management. Decision-making authority is transitioning from the front-office to central market and credit
risk management groups. This authority includes tighter controls on data and technology.

A key component of the top-down approach to risk management is the central CVA desk or counterparty
risk group. This group is responsible for marginal CVA pricing of new trades originated by the individual
business units and then managing the resultant credit risk. In practice, the CVA desk sells credit protection
to the originating trading desk, insuring them against losses in the event of a counterparty default. There
are several advantages to this approach. Housing counterparty risk in one place allows senior management
to get a consolidated picture of the exposures and proactively address risk concentrations and other
issues. It also addresses the competitive CVA pricing issues described in a previous section. As banks
continue to ramp up active management of CVA, having a specialised group allows careful management of
complex risks arising from liquidity, correlation and analytical limitations.

The reasons for not creating a central CVA desk or counterparty risk group tend to be practical issues
particular to the institution. Decentralised infrastructures may make the data and technology challenges
too great to ensure provision of meaningful consolidated counterparty risk metrics on a timely basis. Some
banks have aligned counterparty risk management by business line in order to more effectively manage
the data and analytical issues at the expense of certain benefits, like netting. For centralised CVA desks,
there is also the challenge of internal pricing and P&L policies. Most banks position CVA desks as utility
functions that simply attempt to recover hedging costs in CVA pricing.

Recent regulatory activity has also had a profound impact on counterparty risk management, mostly due
to central clearing requirements and higher capital ratios. Mandating central clearing for an expanding
scope of derivative products effectively moves counterparty risk out of complex CVA and economic capital
models and into more deterministic and transparent margining formulas. The heavily collateralised inter-
dealer market is also undergoing significant changes due to the widening of Libor basis spreads during the
crisis. A new standard for pricing collateralised trades is emerging, based on OIS discounting. Institutions
are now looking more closely at optimising collateral funding through cheapest-to-deliver collateral, re-
couponing existing trades to release collateral, and moving positions to central counterparties in order to
access valuation discrepancies or more favorable collateral terms.

It is expected that most corporate derivatives transactions will remain exempt from clearing mandates since
banks provide valuable hedging services in the form of derivative lines. The cost of extending these lines is
increasing due to significantly higher regulatory capital requirements. Therefore, competitive CVA pricing and
economic capital optimisation will remain priorities for corporate counterparty risk management alongside
collateral and clearing processes.
ABOUT QUANTIFI
Quantifi is a leading provider of analytics, trading and risk management software for the Global Capital Markets. Our
suite of integrated pre and post-trade solutions allow market participants to better value, trade and risk manage their
exposures and respond more effectively to changing market conditions.

Founded in 2002, Quantifi has over 120 top-tier clients including five of the six largest global banks, two of the three
largest asset managers, leading hedge funds, insurance companies, pension funds and other financial institutions across
15 countries.

Renowned for our client focus, depth of experience and commitment to innovation, Quantifi is consistently first-to-
market with intuitive, award-winning solutions.

For further information, please visit www.quantifisolutions.com

CONTACT QUANTIFI
EUROPE NORTH AMERICA ASIA PACIFIC
16 Martin’s Le Grand 230 Park Avenue 111 Elizabeth St.
London, EC1A 4EN New York, NY 10169 Sydney, NSW, 2000

+44 (0) 20 7397 8788 +1 (212) 784-6815 +61 (02) 9221 0133

enquire@quantifisolutions.com