Basel 3.1 implementation in UK delayed… once again Basel 3.1 represents the final set of international banking reforms in response to the Global Financial Crisis. The reforms aim to enhance banks' risk measurement and capital requirement calculations, striving to make capital ratios more consistent and comparable across institutions. But in consultation with HM Treasury, the PRA has decided to delay the implementation of Basel 3.1 in the UK by one year, to 1st January 2027. This adjustment was proposed to allow the regulator for additional time to observe the rollout of the reforms in the United States. The delay appears to stem primarily from the potential impact on proposed reforms of the Fundamental Review of the Trading Book (FRTB) front, which includes revised boundaries between trading and banking books, a more sensitive standardised approach for Market Risk, and the introduction of the Non-Modellable Risk Factors charge. Whilst this affects primarily banks with significant trading or investment banking activities, the regulator has chosen to take a comprehensive pause of the entire Basel 3.1 regulation to reassess the entire suite of reforms. But the reaction from more traditional banks in the UK with significant Credit Risk exposure is mixed. In our latest European IRB survey, clients reported that the new set of rules could lead to potential capital release for some of the Standardized Approach (SA) and Foundation Internal Ratings-Based (FIRB) portfolios. Conversely, firms with significant Advanced Internal Ratings-Based (AIRB) portfolios have deemed the approach conservative and have welcomed the delay. On the other hand, our belief is that the PRA will be less lenient regarding day-one compliance, as the regulatory text has been available in draft form since 2022. It is also notable that the model output floors have remained unchanged. This means that once the rules come into effect in 2027, banks will need to achieve the required levels of capital by 2030, effectively shortening the transition period to two years. Another greatly understated driver of the delay might stem from concerns about stifling the British economy, which has struggled to regain its footing post-COVID, with more stringent prudential regulation. This push ‘from within’ has been already observed elsewhere: Across the pond, Jay Powell, Chair of the Fed, commented back in 2024 that ‘broad and material changes’ were coming to the proposed Basel Endgame framework. Republican lawmakers have consistently expressed scepticism about the reform and have repeatedly called for the program to be scrapped. The ‘Endgame’ is set to become effective on 1st July, 2025. However, the new administration holds the future of the American banking regulatory landscape in its hands: Trump might push to simplify the reform or scrap the framework completely. Many domestic banks, lacking international operations, may advocate for abandoning current proposals in favour of frameworks that better suit the American context. On the contrary, recent bank failures have cast doubt on the resilience of smaller regional firms in the US, potentially strengthening the argument for a stricter framework aligned with international practices. Closer to home, Continental Europe seems to be taking the middle ground, as the Basel 3.1 rules became effective, with some modifications, in January 2025. But the most interesting point is that the FRTB part of the regulation has been pushed back 1 January 2026. On the Credit Risk front, a 2023 ECB survey determined that corporate-oriented financial institutions would be the worst hit by the reforms. While some capital release is expected from the model outputs, the output floor means that the overall benefit is negated in full. This puts the EU on an alternative, steadier path compared to the uncertain US and hesitant UK approaches. This disparity of rules require transcontinental banking institutions to dedicate increased resources to ensure compliance in the US, the UK, and Europe. Future-proofing activities and ensuring that the ability to act quickly remains in place in case new short-term steer emerges from the regulators will be fundamental to ensure risk transformation projects remain compliant once implemented. Some questions remain unanswered: will the US scrap the FRTB reforms completely? will the PRA modify the ‘near final’ regulatory text to align with the Fed? will Europe continue in its sure path towards complete Basel IV adoption? For now, we’ll just have to wait and see… Co-authored with Cian Mellett       Matias Coggiola is a Manager at Oliver Wyman and specialises in Credit Risk modelling methodology and regulatory compliance. Prior to consulting, Matias spent several years as an industry practitioner working within a range of financial institutions across three continents. Matias joined Oliver Wyman in 2024 to help expand the Risk Delivery capability. Cian Mellett is a Manager at Oliver Wyman and specialises in the development of Credit Risk models. Prior to joining Oliver Wyman, Cian worked for an Irish consultancy delivering a suite of credit risk models for Irish Pillar Banks across multi-year programs. Cian joined Oliver Wyman's Risk Delivery Team in 2024.

Very good questions. I’ve come across this as well on operational resilience and cyber, where the challenges are similar Some thoughts on this (also with the ex-regulator hat on): Management bodies should acknowledge the challenge and be thoughtful around how to address this, e.g. through training; reporting; succession planning etc. We recently heard from a regulator that they were worried that sometimes these topics are ‘outsourced’ to one person on the exec/ Board who understands it, whereas they are looking for broader skills and knowledge in the group. Again I think this is important to acknowledge, including the fact that building those muscles take time In terms of ‘evidencing’ appropriate oversight and challenge by the Board, when supervisors look at meeting minutes they would expect to see critical questions being asked and a level of discussion (rather than the Board just ‘noting’ things) The quality of the materials and reports being presented to the Board is very important, both data, but also someone bringing out the ‘so what’ and in particular where there are areas of judgement and uncertainty, and where there are trade-offs

I have seen the following: Percentage of the Business/Institutional portfolio in high transition risk sectors Proportion of the mortgage portfolio exposed to high physical risks (by 2050 under a 4-degree warming scenario is one specific example). Believe this is based on property level assessment and then some % increase in PD. Some reputational ones around ESG scores However, I don’t believe anyone would set the thresholds at a level that would likely be binding. So skeptically, I think this is just for reporting and transparency at the moment – which is probably right given the limitations of climate risk modeling

We’ve seen a variant of this issue in US/Canada, with the large Canadian Banks generally having IRB approval at the Group level (including for their main US loan books) and their US subsidiaries being on standardized In this case, there is no incentive for the US entity to seek IRB approval - but US regulators do care about the risk rating systems from a bank supervision perspective, which has raised some of the same questions about whether group models are suitable. Those banks have generally taken a view aligned to a previous poster, i.e., using local models for middle market and below, and trying to align to group models for larger companies and FI's On the last point, I'll say that we've seen US regulators challenge the support for those decisions heavily, but at least in some cases it seems to have stood up to that challenge.  In one case where the bank's prior analysis and documentation didn't provide great support, they are being pushed to redevelop those as well, though they are trying to do so in a way that they can ultimately extend back to group as well, for a C&I model that was getting a bit long in the tooth anyway

I'll just flag that a Canadian bank who had decided to extend several of their existing "global" models to their US subsidiary based on similar logic, and while the logic makes sense broadly, they ran into significant issues with their US subsidiary’s regulator about the way they did it I would primarily attribute the root causes of those issues to: Operating model for how those decisions were taken and where they were reviewed and challenged – the Group development and validation teams led the substantive assessment of “fit-for-use”, and while there were some US stakeholders involved, the ones most involved were not very senior in stature, and often deferred to the expertise of Group.  But those US stakeholders then couldn’t / didn’t do a good job of credibly defending those decisions to their regulators, leading the regulators to question if US senior management had been sufficiently involved in determining that these models were appropriate for the US portfolio The documentation they produced justifying and validating the use of these models in the US was a narrow “fit for use assessment”, which taken as a standalone artifact fell far short of the comprehensive model documentation and validation expectations of SR 11-7.  This led regulators to question the “effective challenge” provided by US model risk management and more broadly by US senior management

The short answer is yes they should definitely be included. The group risk report is the bare minimum that should be included for a GSIB in terms of internal reports and you can go from there Will to share some pages on the latest interpretation of the scope of BCBS239 by the ECB. A bit more expansive that the traditional industry approach but that is really going to be the new bar. We also have a full BCBS239 benchmarking database that covers 20+ banks (including most European GSIBs) and all dimensions of BCBS239 so maybe your client wants to participate in it

There is certainly precedent for this in loss forecasting, given various companies that need to follow both IFRS9 and CECL at different legal entity levels, and/or to follow different stress testing guidance for different regulators.   I can’t think of a case where I’ve seen it for the primary credit risk rating models however (at least not for literally the same exposures receiving two different ratings)

Thanks a lot, this was very helpful!

Very interesting point. Would be great to know OW's experience with feedback from other players.