Posted: 14 Oct. 2019 7 min. read

Credit Underwriting & Monitoring

The increased regulatory focus on credit life-cycle constitutes an opportunity for a strategic shift on the decision makers’ agenda.

On 7 October 2019, the Single Supervisory Mechanism (“SSM”) issued its supervisory priorities for 2020 based on which credit underwriting and monitoring of exposure quality remained a top priority on the agenda.

In fact, in accordance with SSM priorities both in 2019 and 2020 regulatory bodies have put special emphasis on enhancing sound underwriting practices with the aim to improve financial stability and resilience of the financial system at EU level. More specifically:

o  The European Banking Authority (“EBA”) published in June 2019 a consultation paper on its draft guidelines on loan origination and monitoring. The guidelines provide a coherent framework of best practices that aims to improve governance structures, internal processes, and mechanisms relating to credit underwriting in order to ensure that robust and prudent approaches are in place with regards to credit risk-taking, management and monitoring. On 30 September 2019, the consultation period was closed after a public hearing on 20 September in Paris.

o  The European Central Bank (“ECB”) requested from all Significant Institutions (“SIs”) under its supervision to submit on 1 July 2019 credit underwriting information templates in order to assess the quality of lending practices across EU level with a focus on new production.

o  As a response to the increased regulatory scrutiny the industry is currently undertaking a self – assessment and internal exercises in order to identify and remediate any gaps to the credit origination practices and monitoring frameworks.

The increased scrutiny to credit underwriting and monitoring can be interpreted as part of the wider response to tackle the high-level volumes of NPEs at EU level, and a shift towards more pro-active actions in order to prevent new NPE flows in the future with a focus on new production. 

Figure 1: Timeline loan origination and monitoring guidelines/ credit underwriting exercise.
Figure 1: Timeline loan origination and monitoring guidelines/ credit underwriting exercise.

Main objectives of EBA Guidelines on loan origination and monitoring

The EBA draft guidelines on loan origination and monitoring aim to ensure that credit is being granted to borrowers who, based on the terms and conditions of their credit agreement can fulfil their obligations and are secured by sufficient and appropriate collateral. Main objectives of EBA include the following:

1.    Prevent new NPE formation in the future

Ensure that institutions have in place prudential loan origination standards in order to prevent newly originated performing loans from becoming Non-performing in the future.

2.    Foster sound governance structures

Improve institutions’ practices on setting their credit risk appetite, design their credit strategy and enhance associated internal governance arrangements and mechanisms in relation to credit granting.

3.    Ensure consumer protection

Set clear objectives to include both prudential and financial stability and to ensure that the institutions’ practices are aligned with consumer protection rules and respect fair treatment of consumers.

EBA guidelines on loan origination and monitoring

In line with the Supervisory priorities 2019, the EBA guidelines highlight the regulatory expectations on the credit risk-taking, management and monitoring. Strong governance, internal controls and mechanisms on the credit risk-taking, management and monitoring are just a few examples of those expectations. More specifically:


o    Define Credit Risk Appetite Framework linked to the credit risk strategy and Bank’s business model.

o    Set out criteria for credit lending specific to product type/client segments.

o    Define the responsibilities of management body in the credit risk lifecycle.

Loan Origination – Data Requirements:

o    Gather a sufficient level of data and qualitative information required for the assessment of the borrower’s creditworthiness.

o    Ensure that the collection and verification of data are in line with credit risk policies and procedures.

Loan Origination - Borrower’s creditworthiness:

o    Perform detailed affordability checks at loan origination stage to get an accurate view on customer’s future repayment ability.

o    Have a good indication of the borrower’s ability to service all its obligations via Single Customer View.


o    Align pricing framework to the credit risk appetite and business strategies, including expected overall profitability as well as Bank’s definition of Significant Increase in Credit Risk (SICR).

o    Account for risk-adjusted performance measures, such as RORAC, RAROC, EVA driven by Bank’s Risk Appetite.

Monitoring Framework:

o    Manage and monitor credit risk exposures in line with Bank’s credit risk appetite, strategy, policies and procedures.

o    Develop early warning triggers and introduce specific key indicators at a cluster customer level.

Collateral Valuation:

o    Detailed guidance on setting out the approach to the collateral evaluation from origination to the end of valuation (reference to both movable and immovable property).


Figure 1: Timeline loan origination and monitoring guidelines/ credit underwriting exercise.
Figure 2: Indicative impact areas of the Draft EBA guidelines based on Deloitte’s assessment

ECB’s review on credit underwriting

Key components of the reporting template requested by the ECB are higher granularity of data, calculation of a broad set of key risk indicators (KRIs) and portfolio statistics based on the IFRS 9 framework. More analytically:


o    Granularity of data for both existing and new loans from 2016 to 2018.

o    Granularity of data by asset class as follows: RRE, CRE, SME, Corporates, Large Corporate, Consumer credit.

Key Risk Indicators

o    Collection and aggregation of quantitative and qualitative key risk metrics such as: Loan to Value (LTV), Loan to Income (LTI), Loan Service to Income (LSTI), Debt Service to Income (DSTI), Debt Service Coverage Ratio, (DSCR).

Rating and Pool Stats

o    Reporting IFRS 9 credit risk parameters; classification of business volumes based on 12m PDs and on LGD, metrics definitions across a number of different portfolios and asset classes; and linkage of PDs to pricing information: Probability of Default (PD), Exposure at Default (EAD), Loss Given Default (LGD), Pricing.

Figure 3: Set of quantitative and qualitative KRIs request by European Central Bank

Business implications

─ Risk Appetite, Strategy, Policy & Governance

o    Credit risk appetite should be cascaded down to the organization’s business lines. A mix of top-down and bottom-up approach is appropriate in order to define credit risk appetite and provide the rationale for inclusion or exclusion of risks and risk classes into the Risk Appetite Framework (RAF).

o    Credit risk strategy, policy and procedures should be aligned to the institution’s credit risk appetite and overall RAF. Institution’s credit risk strategy should specify the scope of the total credit risk of the institution, the desired composition of the credit portfolio and the desired diversification and concentration.

o    Specific credit risk metrics and limits should be included in the credit risk appetite and strategy and combine backward-looking and forward-looking indicators. Such indicators should include key aspects of the credit facilities including their business lines, asset classes and sectors. These indicators should be tailored to the business model and complexity of the Bank.

Figure 4: Cascaded risk appetite, proactive risk strategies and credit risk limits

─ Loan Origination and Credit Approval Process

o    Granularity of quantitative and qualitative information (i.e. affordability assessment, sensitivity analysis, cash flow analysis) is required to assess customer’s credit quality prior to credit-granting decisions.

o    It is noteworthy to mention that a robust Data Infrastructure can support the granularity and accuracy of data required for the borrower’s affordability assessment. It can also be used for the purposes of credit risk management and monitoring throughout the lifecycle of the credit facility.

Figure 5: 10 areas of focus regarding the loan origination and approval processes.

─ Pricing considerations

o    Risk, operating and capital costs are main components to be considered in order to develop and implement a comprehensive pricing framework.

o    Lifetime effects, expected loss, profit expectations, provisions and RWA calculations should be considered as part of your pricing methodology in order to drive greater long term profitability.

Figure 6: Pricing through risk adjustment measures.

─ Monitoring

o    Back-tested leading metrics, covenant compliance and other monitoring activities will result in the embedding of early warning indicators in processes.

Figure 7: Monitoring process and early warning indicators.

Linkage with IFRS 9 requirements

The introduction of IFRS 9 and Expected Credit Loss (ECL) model revealed the need for higher granularity on credit risk data as well as business implications on lending practices including pricing considerations, product design, and monitoring of credit risk.

The introduction of specific metrics based on IFRS 9 – Point in Time – parameters, as required by the ECB’s credit underwriting exercise, might change the perception over optimal lending growth and overall strategy depending on priorities set and time horizon. Advantages and disadvantages of IFRS 9 PiT parameters must be taken into consideration.

One the one hand, standard risk costs and equity costs are more precise when they move with an expected credit loss model over the next 12m, more likely resulting in an accurate estimate of expected and unexpected losses. Moreover, the use of IFRS 9 PDs will enhance viability and foster common understanding among the organization since risk and business will have a single point of reference when discussing credit risk.

One the other hand, the loan approval process may decline or drive away viable business, for example, higher risk profile clients who have a long-standing relationship with the Bank and may overall be a steady source of risk-adjusted return. Furthermore, standard risk and equity costs will become more volatile based on IFRS 9 PiT risk metrics, creating unpredictability and uncertainty in the lending strategy.

Figure 8: Indicative example of Bank A shifting lending focus to large revenue, high ROE, low RWA clients.

Action plan for decision makers

In this evolving landscape, decision makers should act timely and strategically by considering not only how to meet regulatory requirements but also how to address the business implications behind them in order to achieve possible synergies with other initiatives currently in place and take advantage over their peers. Proposed steps for an accurate and proper implementation of the guidelines include but are not limited to the following:

1.    Assessment of current state and gap analysis:

o    Identification of the main areas of analysis with a focus on governance, strategies, processes and systems.

o    Group areas for assessment in line with the regulatory guidelines.

o    Gap analysis between ‘as-is’ state and regulatory requirements.

2.    Prioritisation of actions for remediation:

o    Prioritisation of identified gaps based on complexity and priority.

o    Identification of actions set out in guidelines for the design and implementation of the processes, to ensure the requirements alignment and credit processes optimization.

3.    Business & other functions support:

o    Data Infrastructure solution requirements gathering based on the gap analysis undertaken to support the estimation of cost & effort required.

o    User requirements gathering based on the gap analysis undertaken to support the estimation of cost & effort required for business implementation.

o    Identification of the business functions to be involved in the implementation.

Both the EBA’s guidelines and ECB’s review on underwriting standards represent a fundamental shift towards an era where the focus is being put back to the very core activity of commercial Banking business (i.e. lending) and as such this can be viewed as an opportunity for Greek Banks to start changing their agendas back again to the re-assessment of their business models and lending strategies for the first time after the financial crisis. As it is evident from the 2020 SSM priorities published on 7 October 2019, regulatory focus is expected to remain high on the area for next years in order to strengthen future resilience and as such timely and persuasive responses from Banking institutions are vital in order to get things right at the first time and ensure that sound mechanisms are in place in order to prevent problems in the future.   

Contact us

Alithia Diakatos

Alithia Diakatos

Partner | Risk Advisory

Alithia is Equity Partner and Risk Advisory Leader at Deloitte Greece and over the years she has offered numerous clients her valuable experience on various risk advisory projects in different industries. She focuses on assisting clients in the following areas: IT & Specialized Assurance, Internal Controls System, Accounting & Reporting, Internal Audit, Digital /AI Controls/Algorithms, Cyber, Crisis & Resilience, Strategy & Brand, Sustainability, Regulatory & Compliance, Financial Risk Management, Financial Crime and Corporate Governance.

Spyridon Bisisidis

Spyridon Bisisidis


Spyridon has extensive professional experience of over 10 years in the Financial Services sector which includes a significant number of consulting and advisory projects across all three lines of defense plus statutory audit. Recent experience as team leader includes large scale advisory projects in the context of IFRS 9 implementation at A-IRB Banks in Greece and abroad, participation at statutory audits of systemically important financial institutions as impairment methodologies subject matter expert, IRB and IFRS 9 credit risk models development and validation as well as Management Consulting Projects focusing on regulatory and strategic issues.

Chara Stamou

Chara Stamou


Chara joined Deloitte’s Financial Risk Management as a Manager after spending more than 7 years at Deloitte UK in London. Chara specializes in Credit Risk Transformation including Target Operating Model (TOM) and Automation of Credit Underwriting Processes. Other areas of expertise include IRB assessment, IFRS 9 key processes design and process flows optimization, and Risk Appetite Framework.