Revised Approach to Financial Regulation and Supervision Standards Assessments in FSAP Updates

The Financial Sector Assessment Program (FSAP) is a central instrument for the Fund and Bank to promote financial sector soundness in member countries. The FSAP uses quantitative analysis and qualitative tools to help identify the risks and vulnerabilities of a country’s financial system, ascertain the sector’s developmental needs, and prioritize policy responses. Detailed assessments of the observance of relevant financial sector standards and codes, and the associated Reports on Observance of Standards and Codes (ROSCs) have been an important component of the FSAP.


The Financial Sector Assessment Program (FSAP) is a central instrument for the Fund and Bank to promote financial sector soundness in member countries. The FSAP uses quantitative analysis and qualitative tools to help identify the risks and vulnerabilities of a country’s financial system, ascertain the sector’s developmental needs, and prioritize policy responses. Detailed assessments of the observance of relevant financial sector standards and codes, and the associated Reports on Observance of Standards and Codes (ROSCs) have been an important component of the FSAP.

I. Introduction/Summary

1 The Financial Sector Assessment Program (FSAP) is a central instrument for the Fund and Bank to promote financial sector soundness in member countries The FSAP uses quantitative analysis and qualitative tools to help identify the risks and vulnerabilities of a country’s financial system, ascertain the sector’s developmental needs, and prioritize policy responses. Detailed assessments of the observance of relevant financial sector standards and codes, and the associated Reports on Observance of Standards and Codes (ROSCs) have been an important component of the FSAP.

2 Both the FSAP and the financial standards that are assessed as part of the FSAP have evolved over time. With 125 FSAPs (including 3 regional FSAPs) and 48 FSAP Updates completed as of end-June 2009, the program has covered close to two-thirds of the Bank and Fund’s membership. At the same time, the emphasis has shifted from delivering initial, comprehensive FSAP assessments to more streamlined and less resource-intensive assessment updates. However, a competing trend has been the expansion and increased complexity of financial standards and assessment methodologies, which have had to keep pace with developments in financial markets. One consequence has been that standards assessments have become more resource-intensive, both for FSAP teams and for country authorities.

3 As a result, questions have arisen regarding how best to prioritize financial standards assessed in FSAPs, ensure their quality, and communicate effectively their findings. In particular:

  • Reflecting efforts to streamline and better focus the FSAP process and economize on resources, the average number of formal standards assessments has declined over time from a peak of about three per initial FSAP in FY02, to less than one in FY08 and FY09. Associated ROSCs, which are included in the Financial System Stability Assessment (FSSA) issued to the Fund Board, have declined concurrently.

  • Instead, staff often prepares technical notes or summary updates of previous comprehensive assessments when undertaking FSAP updates. These analyses may be less resource-intensive, because they do not require a comprehensive assessment, but at the cost of (i) transparency, since technical notes are not, as a rule, issued to the Board with the FSAP assessment; and (ii) effectiveness, given that a formal and comprehensive review has been found to spur authorities to take action to ensure full compliance and their commitment to reform.

  • Given the increasing complexity of the financial regulation and supervision standards, there is a risk that, under the status quo with a fixed level of resources devoted to individual assessments, the quality of the assessment will deteriorate. Assessors, in some cases, may lack sufficient time to both conduct an analysis of a country’s formal compliance with a standard, as evidenced in laws and regulations, while also reviewing the implementation and overall effectiveness of a supervisory regime—a key dimension of the assessors’ contribution to FSAP assessments.1

4 To help address these concerns, staff proposes a modification to the existing requirement that a financial (regulation and supervision) ROSC2 must be based on a comprehensive detailed assessment. Specifically, it is proposed that:

  • initial assessments of any financial (regulation and supervision) standard would remain a full assessment of all principles; and

  • in subsequent assessments, staff would undertake either a full ROSC reassessment or a partial ROSC update. In the latter case, this would involve a reassessment of only selected principles comprising a given standard. Where this option is exercised, to protect the integrity of the ROSC process, the principles selected for reassessment would be determined in advance of the mission and on the basis of clear criteria and methodology to be developed in collaboration with the corresponding standard-setting bodies (SSBs). Such criteria would center on the management of key risks and vulnerabilities, whether previously identified or newly emerging.3

Table 1.

Standards and Codes for which ROSCs may be prepared

article image
Source: Financial Stability Board / International Monetary Fund.Note: “In the area of insolvency and creditor rights, a standard has not yet been endorsed by both Boards of the Bank and the Fund for purposes of FSAP/ROSCs.”

5. These modifications would support the drive for more risk-focused FSAP assessments in the context of the re-focusing of the Fund.4 World Bank staff is in agreement, and informal consultation with standard setters suggests that they would have no objections to this proposal—as long as the principles assessed are indeed based on the risk profiles and needs of individual country circumstances. These modifications are contemplated only for financial (regulation and supervision) ROSCs.5

II. Background—the Evolving FSAP Program

6. Detailed assessments of standard and codes and summary ROSCs have represented an important component of FSAP evaluations of a country’s regulatory, supervisory, infrastructure, and market integrity framework. These assessments involve benchmarking a country’s regulations and financial policies and practices against a set of international standards and codes that have been developed by the different standard-setting bodies.6 Using methodologies that have been formulated by the SSBs, the assessor identifies areas of weakness and makes recommendations to assist the authorities in developing strategies and setting priorities to address short-term risks and vulnerabilities, and to implement longer-term reforms.7

7. ROSCs are included in the Fund’s Financial System Stability Assessment (FSSA). FSSAs are often published and provide member countries, as well as investment analysts, rating agencies, financial institutions, and other parties with a summary of staff’s assessments of the strengths and weaknesses of a country’s supervisory and regulatory infrastructure.

8. With about 125p initial FSAPs completed or underway, the program has clearly shifted toward FSAP updates in recent years. For example, FSAP updates accounted for about two-thirds of the assessments initiated in FY08 compared to one-third in FY06. Not surprisingly, the trend toward updates continues in FY09, and is also evident in the work program pipeline for the remainder of this fiscal year and beyond (Figure 1). In the context of this new phase, three issues are emerging:

Full assessments are becoming more resource-intensive

9. In response to the growing complexity in the financial services environment, the international SSBs have been revising their standards and assessment methodologies. For example, the revised 2006 BCP Methodology contains significantly more essential criteria than the 1999 Methodology, and the number of sub-criteria or points for assessment in the essential criteria has increased considerably, adding to the complexity and depth of the review.8 In addition, the revised methodology requires even stronger emphasis on assessing actual implementation rather than on the legal or administrative framework.

Figure 1.
Figure 1.

Number of Assessments Initiated Since the Beginning of the Program (cumulative), FY00–FY10/111

Citation: Policy Papers 2009, 060; 10.5089/9781498335614.007.A001

Source: Monetary and Capital Markets Department.1 Numbers for FY10/11 reflect requests to date. The pipeline of requests for FY10/11 is expected to fill up further over time.

10. As a result, full assessments of compliance are more time-consuming and labor-intensive than in the past. This is already the experience with the IOSCO assessments and is now the case for the BCPs. Further, the transition to more risk-based capital regimes (e.g., Basel II for banks, a capital solvency test for the insurance sector) will make the financial sector regulatory assessments more complex still. In addition, the FSAP coverage could also to be expanded to cover implementation of the G20 recommendations, e.g., macroprudential and systemic risk supervision and supervisory review of compensation systems. It will, therefore, be more difficult to conduct comprehensive assessments of the standards in the amount of time that, historically, has been provided to assessors under the current resource envelope.9

11. In an increasingly restricted resource envelope, this additional complexity could reinforce the trend of a reduced number of full assessments in FSAP updates. Staff have been charged with streamlining assessments by being more selective and focused, and the average number of standards assessed in each assessment has fallen.

Quality control and consistency issues also need to be addressed

12. An internal Bank-Fund staff review of the quality and consistency of standards assessments (covering the BCP, IAIS, and IOSCO standards), conducted in 2006, identified several weaknesses, including insufficient attention to the actual implementation of the regulatory regimes. Given the limited time allotted to completing the assessments, the assessors necessarily devote most of their time to ensuring formal compliance with the various standards (with a focus on whether the required laws, regulations, supervisory policies, and systems are in place), leaving less time to review actual implementation in the field. When conducting a comprehensive assessment of the various standards, existing resource constraints are a practical impediment to addressing this weakness in the near term.10

Table 2.

ROSCs in FSAP during FY00–FY091/

article image
Source: Monetary and Capital Markets Department.

Based on the fiscal year in which the FSAP/Update was initiated. The numbers cover BCP, IAIS, and IOSCO, and include only full assessments or reassessments (excluding factual updates).

ROSCs were not produced in some of the FSAPs with a developmental focus, or where these issues have been recently addressed in a regional FSAP (i.e., WAEMU).

The figures for FY09 cover FSAPs and Updates initiated through the end of the fiscal year (April 2009).

Sub-optimal solutions are being found

13. Instead of formal ROSCs, less-formal modes of targeted analyses are being utilized. Increasingly, staff is conducting broader reviews of regulatory and supervisory issues, sometimes coupled with more targeted but less formal analysis of agreed standards. This partly reflects the needs of country authorities, which are increasingly focused on second-generation issues, and on addressing previously identified concerns.

14. Because these “targeted analyses” typically do not cover the full set of principles, however, no ROSC is produced. Instead, the conclusions are typically reported in FSAP Technical Notes. These technical notes are provided to the authorities but are less commonly published than the Fund’s FSSAs or the Bank’s FSAs. They are not sent to management nor to the Board, unless the authorities request their publication, although key issues that are important for financial stability do get reflected in the FSSA/FSA. Because outstanding ROSCs from earlier assessments are not formally updated, and, especially, but not only, if the technical notes are not published, confusion may arise as to the countries’ current degree of compliance with the standards.

III. Targeted Standard Reassessments in FSAP Updates

15 In order to enable the ROSC instrument to adapt to the resource-constrained environment, Fund and Bank staff proposes a more flexible approach Under the proposed approach, the initial assessment of any financial sector (regulation and supervision) standard would always be a full assessment of all principles,11 so as to provide a benchmark. For subsequent assessments, staff proposes the introduction of a partial ROSC Update with the following characteristics:

  • A targeted or risk-focused approach: assessors will have the option to conduct in-depth reassessments of selected principles, omitting the review of other principles, based on the FSAP team’s assessment of a country’s risks and vulnerabilities.

  • A ROSC Update would go to the Board as part of the FSSA and could be published, explicitly indicating the specific principles that had been reassessed and those that had been carried over from the previous assessment.

  • The same formal procedures and review processes that apply to initial ROSCs would apply to ROSC Updates to ensure consistent application of the targeted approach.

16 This approach would be analogous to the risk-based approaches being taken by supervisors around the globe. Facing their own resource constraints, an expanding regulatory scope, and the increasing complexity of financial systems and financial intermediaries, supervisory authorities are implementing more efficient and effective ways to deploy their limited resources. Supervisors are linking supervisory activity to assessments of an individual institution’s vulnerabilities and the implications of those vulnerabilities for the health and soundness of the institution. On the basis of such targeted examinations, which focus on a limited number of areas in an institution (such as internal controls, risk management, credit review, investment policy, and consumer disclosure), supervisory staff forms an overall opinion of the health of the institution, which is conveyed to the institution’s management and Board.

17 Partial ROSC Updates would provide a flexible alternative to full standards assessments. The approach provides an opportunity for assessors to conduct a more in-depth analysis of particular areas in the supervisory and regulatory framework, which have been previously identified as areas of heightened vulnerability. Focusing on a select number of principles will also enable assessors to devote more attention to how well these principles have been implemented in practice, an area that is not always covered adequately during a full standards assessment, due to time constraints. Areas that have been previously assessed and found adequate would receive relatively little attention, other than to assess whether there has been any change.

Required inputs and safeguards

18 To promote consistent application of a more focused approach, criteria would be established for ROSC Updates. These criteria would require prior agreement among the FSAP team, the relevant area departments (or regions), and SPR. Any revision of standards would also inform the decision of staff on whether to undertake a full or targeted re-assessment. Principles that have new, expanded, or revised methodologies would be comprehensively reassessed whenever an assessment of the standards is included in the FSAP.

19 Country authorities would continue to be consulted on the form of the mission, but no negotiation on the coverage is envisaged. The preferences of the authorities would be taken into account regarding the form in which that work is done (full reassessment/ROSC versus a targeted reassessment/ROSC Update), but care would be taken to safeguard against inappropriate exclusion by the authorities of certain issues and principles to be covered. No ex ante primacy would be given to any particular principle and the staffs priorities would be based on an evaluation of relevant risks and vulnerabilities in each country, in turn informed by ongoing surveillance and technical assistance, as well as the results of previous assessments.


20 There are four potential drawbacks to targeted assessments:

  • First, because they cover a narrower scope of activity (albeit, in more depth), they will omit some areas that ex post, may turn out to have been weak and of material consequence.

  • Second, some countries may prefer to receive comprehensive assessments, because a targeted assessment that focuses only on areas of risk may produce more negative results than a comprehensive assessment, which includes principles that, ex ante, are not viewed as raising concerns in the country.

  • Third, because the coverage of principles assessed will vary by country circumstances, cross-country comparisons will become more difficult.

  • Finally, modification to the existing requirement that a ROSC must be based on a comprehensive detailed assessment could dilute the ROSC label.

21 These costs are mitigated but not eliminated by several factors:

  • Current procedures that include extensive pre-mission interaction with respective area departments, and scoping notes and terms of reference that also benefit from market intelligence, underpin staffs’ best judgment on country vulnerabilities and needs. That said, the risk of missing something inevitably remains, but is not unique to this approach.12

  • Cross-country comparison would be preserved to the extent feasible through partial ROSC updates transparently, indicating the principles assessed, and would be supported by due-diligence procedures to guard against slippage in principles previously assessed.

  • The proposal addresses the fact that there has been a material reduction in the frequency of full assessments (and, hence, ROSCs) and provides an additional element of flexibility to help manage the challenges posed by conducting assessments of more complex financial standards with limited resources.

22 Staff thus believes that, with the proposed safeguards, the benefits outweigh the costs. Introducing a partial ROSC Update would help promote standards assessments in a budget-neutral manner, while improving the effectiveness of the instrument by permitting more focused and risk-based analysis in areas of vulnerability.

23 The next steps for staff would be to agree on the criteria for targeted re-assessments with the standard setters before formally undertaking them.

IV. Issues for Discussion

Executive Directors may wish to consider the following questions:

  • Do Directors agree with the proposal to allow for the option of producing partial ROSC updates based on an assessment of selected principles of financial sector (regulation and supervision) standards?

  • Do Directors agree with the proposed approach to selecting principles to assess, including developing guidelines and a methodology for selection of principles and the safeguards against cherry picking by the authorities?


Basel Core Principle assessors attending the Outreach Meeting of January 15–16, 2008 noted “the need for more resources in order to ensure a viable and meaningful assessment” and suggested allowing more time than the current two weeks permitted on-site and/or more than the three days permitted for off-site preparatory work.


Of the 12 areas designated by the Financial Stability Forum (now Board) as key for sound financial systems, this paper covers only the three financial regulation and supervision ROSCs (banking supervision, securities regulation and insurance supervision – see Table 1).


While there would also be some flexibility to amend the choice of principles to be assessed in the field, in response to emerging priorities, this would be done only in consultation with headquarters.


Strategic Directions in the Medium Term Budget (


In particular, integration of AML/CFT into the FSAP continues to be guided by the March, 2004 and May 2006 Executive Board decisions that every FSAP and OFC assessment or update should incorporate a full AML/CFT assessment on the basis of the 2004 assessment methodology.


For example, International Organization of Securities Commissions (IOSCO), the Basel Committee on Banking Supervision (BCBS), and International Association of Insurance Supervisors (IAIS).


Financial standards and codes that may be assessed under an FSAP include banking, securities, and insurance supervision, payments and securities settlement systems, transparency in monetary and financial policies, and the framework for anti-money laundering/combating the financing of terrorism. Bank-led ROSCs, covering corporate governance, insolvency and creditor rights, and accounting and audit, are usually done outside the FSAP.


For example, Core Principle 25 of the 1997 text on home-host cooperation had six essential criteria, whereas in the current version Core Principle 25 has nine essential criteria, two of which contain four additional sub-criteria. In addition, if a country has declared that it has implemented Basel II and is using it in its supervisory system, then an assessment of the BCP in such a country will need to be complemented by experts with specific knowledge of Basel II and its implementation.


The Basel Committee on Banking Supervision (BCBS) issued a revision of the 1997 Basel Core Principles for Effective Supervision (BCP) in October 2006, which added a number of new criteria and issued a significantly revised approach to capital regulation and supervision (Basel II). The International Association of Insurance Supervisors (IAIS) has commenced work on revising its 2003 Insurance Core Principles in 2008, after having issued over 20 new standards, principles, guidances, and issues papers to keep abreast of emerging issues since the issuance of its Core Principles. The International Organization of Securities Commissioners (IOSCO) has tasked its Implementation Task Force to take stock of 71 documents (including technical notes) that have been issued since the 1998 Core Principles, and to propose revisions to the Core Principles by mid-CY 2010.


Only in the case of the AML/CFT standard has there been flexibility to expand the resources devoted to assessments. While the AML/CFT assessment may have four or five assessors, there are typically two assessors for the BCP and one assessor each for the IAIS, IOSCO, MFPT, CPSS, and RSSS assessments, respectively.


This will continue to be the case, irrespective of whether they are conducted in an initial FSAP or in an FSAP update.


Furthermore, the proposed approach provides for flexibility in the principles of a standard to be assessed in light of initial findings during the work of the mission in consultation with headquarters (see footnote 3).

Revised Approach to Financial Regulation and Supervision Standards Assessments in FSAP Updates
Author: International Monetary Fund