Disclosure

Recordkeeping and Disclosure Provisions Associated with Stress Testing Guidance
(FR 4202; OMB No. 7100-0348)
Introduction
All banking organizations should have the capacity to understand fully their risks and the
potential impact of stressful events and circumstances on their financial condition. The U.S.
federal banking agencies have previously highlighted the use of stress testing as a means to
better understand the range of a banking organization’s potential risk exposures. The 2007–2009
financial crisis underscored the need for banking organizations to incorporate stress testing into
their risk management practices, demonstrating that banking organizations unprepared for
stressful events and circumstances can suffer acute threats to their financial condition and
viability.
Description of Information Collection
General Stress Testing Principles
A banking organization should develop and implement an effective stress testing
framework that should include several activities and exercises, and not just rely on any single test
or type of test, since every stress test has limitations and relies on certain assumptions. The uses
of an organization’s stress testing framework should include, but not be limited to: augmenting
risk identification and measurement; estimating business line revenues and losses; informing
business line strategies; assessing capital adequacy and enhancing capital planning; assessing
liquidity adequacy and informing contingency funding plans; contributing to strategic planning;
and assisting with recovery planning.
All risk measures, including stress tests, have an element of uncertainty due to
assumptions, limitations, and other factors associated both with the use of measures based on
past performance and with forward-looking estimates. An organization should document the
assumptions used in its stress tests and note the degree of uncertainty that may be incorporated
into the tools used for stress testing. In many cases, it may be appropriate to present and analyze
test results not just in terms of point estimates, but also including the potential margin of error or
statistical uncertainty around the estimates. Furthermore, all stress tests, including welldeveloped quantitative tests supported by high-quality data, employ a certain amount of expert or
business judgment that should be made transparent. In some cases, when credible data are
lacking and more quantitative tests are operationally challenging or in the early stages of
development, an organization may choose to employ more qualitatively-based tests, provided
that they are properly documented and their assumptions are transparent. Regardless of the type
of stress tests used, an organization should understand and clearly document all assumptions,
uncertainties, and limitations, and provide that information to users of the stress testing results.
Governance Over the Stress Testing Framework
Governance over an organization’s stress testing framework rests with the organization’s
board of directors and senior management. As part of their overall responsibilities, an
organization’s board and senior management should establish a comprehensive, integrated and

effective stress testing framework that fits into the broader risk management of the organization.
While the board is ultimately responsible for ensuring that the organization has an effective
stress testing framework, it should task senior management with implementing that framework.
Senior management duties should include establishing adequate policies and procedures and
ensuring compliance with those policies and procedures, assigning competent staff, overseeing
stress test development and implementation, evaluating stress test results, reviewing any findings
related to the stress test performance, and taking prompt remedial action where necessary.
Senior management, directly and through relevant committees, also should be responsible
for regularly reporting to the board on stress testing developments and results from individual
and collective stress tests as well as on compliance with stress testing policy. Board members
should actively evaluate these reports, ensuring that the stress testing framework is in line with
the organization’s risk appetite, overall strategy and business plans, and directing changes where
appropriate.
An organization should have written policies, approved and annually reviewed by the
board, that direct and govern the implementation of the stress testing framework in a
comprehensive manner. Policies, along with procedures to implement them, should







describe the overall purpose of stress testing activities,
articulate consistent and sufficiently rigorous stress testing practices across the entire
organization,
indicate stress testing roles and responsibilities, including controls over external
resources used for any part of stress testing (such as vendors and data providers),
describe the frequency and priority with which stress testing activities should be
conducted,
indicate how stress test results are used and by whom,
be reviewed and updated as necessary to ensure that stress testing practices remain
appropriate and keep up to date with changes in market conditions, organization products
and strategies, organization exposures and activities, the organization’s established risk
appetite, and industry stress testing practices.