CAMELS rating system

In 1979, the Uniform Financial Institutions Rating System (UFIRS)^[3] was implemented in U.S. banking institutions, and later globally, following a recommendation by the U.S. Federal Reserve. The system became internationally known with the abbreviation CAMEL, reflecting five assessment areas: capital, asset quality, management, earnings and liquidity. In 1995 the Federal Reserve and the OCC replaced CAMEL with CAMELS, adding the "S" which stands for (S)ensitivity to Market Risk.

The rating system is designed to take into account and reflect all significant financial and operational factors examiners assess in their evaluation of an institutions performance. Institutions are rated using a combination of specific financial ratios and examiner qualitative judgments.

The following describes some details of the CAMEL system in the context of examining a credit union.^[4]

Indicates strong performance and risk management practices that consistently provide for safe and sound operations. Management clearly identifies all risks and employs compensating factors mitigating concerns. The historical trend and projections for key performance measures are consistently positive. Banks and credit unions in this group resist external economic and financial disturbances and withstand the unexpected actions of business conditions more ably than banks and credit unions with a lower composite rating. Any weaknesses are minor and can be handled in a routine manner by the board of directors and management. These banks and credit unions are in substantial compliance with laws and regulations. Such institutions give no cause for supervisory concern.

Reflects satisfactory performance and risk management practices that consistently provide for safe and sound operations. Management identifies most risks and compensates accordingly. Both historical and projected key performance measures should generally be positive with any exceptions being those that do not directly affect safe and sound operations. Banks and credit unions in this group are stable and able to withstand business fluctuations quite well; however, minor areas of weakness may be present which could develop into conditions of greater concern. These weaknesses are well within the board of directors' and management's capabilities and willingness to correct. These banks and credit unions are in substantial compliance with laws and regulations. The supervisory response is limited to the extent that minor adjustments are resolved in the normal course of business and that operations continue to be satisfactory.

Represents performance that is flawed to some degree and is of supervisory concern. Risk management practices may be less than satisfactory relative to the bank's or credit union's size, complexity, and risk profile. Management may not identify nor provide mitigation of significant risks. Both historical and projected key performance measures may generally be flat or negative to the extent that safe and sound operations may be adversely affected. Banks and credit unions in this group are only nominally resistant to the onset of adverse business conditions and could easily deteriorate if concerted action is not effective in correcting certain identifiable areas of weakness. Overall strength and financial capacity is present, thus making failure a remote probability. These banks and credit unions may be in significant noncompliance with laws and regulations. Management may lack the ability or willingness to effectively address weaknesses within appropriate time frames. Such banks and credit unions require more than normal supervisory attention to address deficiencies.

Refers to poor performance that is of serious supervisory concern. Risk management practices are generally unacceptable relative to the bank's or credit union's size, complexity, and risk profile. Key performance measures are likely to be negative. If left unchecked, such performance would likely lead to conditions that could threaten the viability of the bank or credit union. There may be significant noncompliance with laws and regulations. The board of directors and management are not satisfactorily resolving the weaknesses and problems. A high potential for failure is present but is not yet imminent or pronounced. Banks and credit unions in this group require close supervisory attention.

Considered unsatisfactory performance that is critically deficient and in need of immediate remedial attention. Such performance, by itself or in combination with other weaknesses, directly threatens the viability of the bank or credit union. The volume and severity of problems are beyond management's ability or willingness to control or correct. Banks and credit unions in this group have a high probability of failure and will likely require liquidation and the payoff of shareholders, or some other form of emergency assistance, merger, or acquisition.

Part 702 of the NCUA Rules and Regulations sets forth the statutory net worth categories, and risk-based net worth requirements for federally insured credit unions. References are made in this Letter to the five net worth categories which are: "well capitalized", "adequately capitalized", "undercapitalized", "significantly undercapitalized", and "critically undercapitalized".

Credit unions that are less than "adequately capitalized" must operate under an approved net worth restoration plan. Examiners evaluate capital adequacy by assessing progress toward goals set forth in the plan.

Determining the adequacy of a credit union's capital begins with a qualitative evaluation of critical variables that directly bear on the institution's overall financial condition. Included in the assessment of capital is the examiners opinion of the strength of the credit union's capital position over the next year or several years based on the credit union's plan and underlying assumptions. Capital is a critical element in the credit union's risk management program. The examiner assesses the degree to which credit, interest rate, liquidity, transaction, compliance, strategic, and reputation risks may impact on the credit union's current and future capital position. The examiner also considers the interrelationships with the other areas:

• Capital level and trend analysis;
• Compliance with risk-based net worth requirements;
• Composition of capital;
• Interest and dividend policies and practices;
• Adequacy of the Allowance for Loan and Lease Losses account;
• Quality, type, liquidity and diversification of assets, with particular reference to classified assets;
• Loan and investment concentrations;
• Growth plans;
• Volume and risk characteristics of new business initiatives;
• Ability of management to control and monitor risk, including credit and interest rate risk;
• Earnings. Good historical and current earnings performance enables a credit union to fund its growth, remain competitive, and maintain a strong capital position;
• Liquidity and funds management;
• Extent of contingent liabilities and existence of pending litigation;
• Field of membership; and
• Economic environment.

Credit unions that maintain a level of capital fully commensurate with their current and expected risk profiles and can absorb any present or anticipated losses are accorded a rating of 1 for capital. Such credit unions generally maintain capital levels at least at the statutory net worth requirements to be classified as "well capitalized" and meet their risk-based net worth requirement. Further, there should be no significant asset quality problems, earnings deficiencies, or exposure to credit or interest-rate risk that could negatively affect capital.

A capital adequacy rating of 2 is accorded to a credit union that also maintains a level of capital fully commensurate with its risk profile both now and in the future and can absorb any present or anticipated losses. However, its capital position will not be as strong overall as those of 1 rated credit unions. Also, there should be no significant asset quality problems, earnings deficiencies, or exposure to interest-rate risk that could affect the credit union's ability to maintain capital levels at least at the "adequately capitalized" net worth category. Credit unions in this category should meet their risk-based net worth requirements.

A capital adequacy rating of 3 reflects a level of capital that is at least at the "undercapitalized" net worth category. Such credit unions normally exhibit more than ordinary levels of risk in some significant segments of their operation. There may be asset quality problems, earnings deficiencies, or exposure to credit or interest-rate risk that could affect the credit union's ability to maintain the minimum capital levels. Credit unions in this category may fail to meet their risk-based net worth requirements.

A capital adequacy rating of 4 is appropriate if the credit union is "significantly undercapitalized" but asset quality, earnings, credit or interest-rate problems will not cause the credit union to become critically undercapitalized in the next 12 months. A 4 rating may be appropriate for a credit union that does not have sufficient capital based on its capital level compared with the risks present in its operations.

A 5 rating is given to a credit union if it is critically undercapitalized, or has significant asset quality problems, negative earnings trends, or high credit or interest-rate risk exposure is expected to cause the credit union to become "critically undercapitalized" in the next 12 months. Such credit unions are exposed to levels of risk sufficient to jeopardize their solvency.

Asset quality is high loan concentrations that present undue risk to the credit union;

• The appropriateness of investment policies and practices;
• The investment risk factors when compared to capital and earnings structure; and
• The effect of fair (market) value of investments vs. book value of investments.

The asset quality rating is a function of present conditions and the likelihood of future deterioration or improvement based on economic conditions, current practices and trends. The examiner assesses credit union's management of credit risk to determine an appropriate component rating for Asset Quality. Interrelated to the assessment of credit risk, the examiner evaluates the impact of other risks such as interest rate, liquidity, strategic, and compliance.

The quality and trends of all major assets must be considered in the rating. This includes loans, investments, other real estate owned (ORE0s), and any other assets that could adversely impact a credit union's financial condition.

A rating of 1 reflects high asset quality and minimal portfolio risks. In addition, lending and investment policies and procedures are in writing, conducive to safe and sound operations and are followed.

A 2 rating denotes high-quality assets although the level and severity of classified assets are greater in a 2 rated institution. Credit unions that are 1 and 2 rated will generally exhibit trends that are stable or positive.

A rating of 3 indicates a significant degree of concern, based on either current or anticipated asset quality problems. Credit unions in this category may have only a moderate level of problem assets. However, these credit unions may be experiencing negative trends, inadequate loan underwriting, poor documentation, higher risk investments, inadequate lending and investment controls and monitoring that indicate a reasonable probability of increasingly higher levels of problem assets and high-risk concentration.

Asset quality ratings of 4 and 5 represent increasingly severe asset quality problems. A rating of 4 indicates a high level of problem assets that will threaten the institution's viability if left uncorrected. A 4 rating should also be assigned to credit unions with moderately severe levels of classified assets combined with other significant problems such as inadequate valuation allowances, high-risk concentration, or poor underwriting, documentation, collection practices, and high-risk investments. Rating 5 indicates that the credit union's viability has deteriorated due to the corrosive effect of its asset problems on its earnings and level of capital.

Management is the most forward-looking indicator of condition and a key determinant of whether a credit union possesses the ability to correctly diagnose and respond to financial stress. The management component provides examiners with objective, and not purely subjective, indicators. An assessment of management is not solely dependent on the current financial condition of the credit union and will not be an average of the other component ratings.

Reflected in this component rating is both the board of directors' and management's ability to identify, measure, monitor, and control the risks of the credit union's activities, ensure its safe and sound operations, and ensure compliance with applicable laws and regulations. Management practices should address some or all of the following risks: credit, interest rate, liquidity, transaction, compliance, reputation, strategic, and other risks.

The management rating is based on the following areas, as well as other factors as discussed below.

The credit union's strategic plan is a systematic process that defines management's course in assuring that the organization prospers in the next two to three years. The strategic plan incorporates all areas of a credit union's operations and often sets broad goals, e.g., capital accumulation, growth expectations, enabling credit union management to make sound decisions. The strategic plan should identify risks within the organization and outline methods to mitigate concerns.

As part of the strategic planning process, credit unions should develop business plans for the next one or two years. The board of directors should review and approve the business plan, including a budget, in the context of its consistency with the credit union's strategic plan. The business plan is evaluated against the strategic plan to determine if it is consistent with its strategic plan. Examiners also assess how the plan is put into effect. The plans should be unique to and reflective of the individual credit union. The credit union's performance in achieving its plan strongly influences the management rating.

Information systems and technology should be included as an integral part of the credit union's strategic plan. Strategic goals, policies, and procedures addressing the credit union's information systems and technology ("IS&T") should be in place. Examiners assess the credit union's risk analysis, policies, and oversight of this area based on the size and complexity of the credit union and the type and volume of e-Commerce services' offered. Examiners consider the criticality of e-Commerce systems and services in their assessment of the overall IS&T plan.

Prompt corrective action may require the development of a net worth restoration plan ("NWRP") in the event the credit union becomes less than adequately capitalized. A NWRP addresses the same basic issues associated with a business plan. The plan should be based on the credit union's asset size, complexity of operations, and field of membership. It should specify the steps the credit union will take to become adequately capitalized. If a NWRP is required, the examiner will review the credit union's progress toward achieving the goals set forth in the plan.

An area that plays a crucial role in the control of a credit union's risks is its system of internal controls. Effective internal controls enhance the safeguards against system malfunctions, errors in judgment and fraud. Without proper controls in place, management will not be able to identify and track its exposure to risk. Controls are also essential to enable management to ensure that operating units are acting within the parameters established by the board of directors and senior management.

Seven aspects of internal controls deserve special attention:

1. Information systems. It is crucial that effective controls are in place to ensure the integrity, security, and privacy of information contained on the credit union's computer systems. In addition, the credit union should have a tested contingency plan in place for the possible failure of its computer systems.
2. Segregation of duties. The credit union should have adequate segregation of duties and professional resources in every area of operation. Segregation of duties may be limited by the number of employees in smaller credit unions.
3. Audit program. The effectiveness of the credit union's audit program in determining compliance with policy should be reviewed. An effective audit function and process should be independent, reporting to the Supervisory Committee without conflict or interference with management. An annual audit plan is necessary to ensure that all risk areas are examined, and that those areas of greatest risk receive priority. Reports should be issued to management for comment and action and forwarded to the board of directors with management's response. Follow-up of any unresolved issues is essential, e.g., examination exceptions, and should be covered in subsequent reports. In addition, a verification of members' accounts needs to be performed at least once every two years.
4. Record keeping. The books of every credit union should be kept in accordance with well-established accounting principles. In each instance, a credit union's records and accounts should reflect its actual financial condition and accurate results of operations. Records should be current and provide an audit trail. The audit trail should include sufficient documentation to follow a transaction from its inception through to its completion. Subsidiary records should be kept in balance with general ledger control figures.
5. Protection of physical assets. A principal method of safeguarding assets is to limit access by authorized personnel. Protection of assets can be accomplished by developing operating policies and procedures for cash control, joint custody (dual control), teller operations, and physical security of the computer.
6. Education of staff. Credit union staff should be thoroughly trained in specific daily operations. A training program tailored to meet management needs should be in place and cross-training programs for office staff should be present. Risk is controlled when the credit union is able to maintain continuity of operations and service to members.
7. Succession planning. The ongoing success of any credit union will be greatly impacted by the ability to fill key management positions in the event of resignation or retirement. The existence of a detailed succession plan that provides trained management personnel to step in at a moment's notice is essential to the long-term stability of a credit union. A succession plan should address the Chief Executive Officer (or equivalent) and other senior management positions (manager, assistant manager, etc.).

Other key factors to consider when assessing the management of a credit union include, but are not limited to:

• Adequacy of the policies and procedures covering each area of the credit union's operations (written, board approved, followed);
• Budget performance compared against actual performance;
• Effectiveness of systems that measure and monitor risk;
• Risk-taking practices and methods of control to mitigate concerns;
• Integration of risk management with planning and decision-making;
• Responsiveness to examination and audit suggestions, recommendations, or requirements;
• Compliance with laws and regulations;
• Adequacy of the allowance for loan and lease losses account and other valuation reserves;
• Appropriateness of the products and services offered in relation to the credit union's size and management experience;
• Loan to share ratio trends and history;
• Market penetration;
• Rate structure; and
• Cost-benefit analysis of major service products.

The board of directors and management have a fiduciary responsibility to the members to maintain very high standards of professional conduct:

1. Compliance with all applicable state and federal laws and regulations. Management should also adhere to all laws and regulations that provide equal opportunity for all members regardless of race, color, religion, sex, national origin, age, or handicap.
2. Appropriateness of compensation policies and practices for senior management. Management contracts should not contain provisions that are likely to cause undue hardship on the credit union. The board needs to ensure performance standards are in place for the CEO/Manager and senior management and an effective formal evaluation process is in place and being documented.
3. Avoidance of conflict of interest. Appropriate policies and procedures for avoidance of conflicts of interest and management of potential conflicts of interest should be in place.
4. Professional ethics and behavior. Management should not use the credit union for unauthorized or inappropriate personal gain. Credit union property should not be used for anything other than authorized activities. Management should act ethically and impartially in carrying out appropriate credit union policies and procedures.

A management rating of 1 indicates that management and directors are fully effective. They are responsive to changing economic conditions and other concerns and are able to cope successfully with existing and foreseeable problems that may arise in the conduct of the credit union's operation.

For a management rating of 2, minor deficiencies are noted, but management produces a satisfactory record of performance in light of the institution's particular circumstances.

A 3 rating in management indicates that either operating performance is lacking in some measures, or some other conditions exist such as inadequate strategic planning or inadequate response to NCUA supervision. Management is either characterized by modest talent when above average abilities are needed or is distinctly below average for the type and size of the credit union. Thus, management's responsiveness or ability to correct less than satisfactory conditions is lacking to some degree.

A management rating of 4 indicates that serious deficiencies are noted in management's ability or willingness to meet its responsibilities. Either management is considered generally unable to manage the credit union in a safe and sound manner or conflict-of-interest situations exist that suggest that management is not properly performing its fiduciary responsibilities. In these cases, problems resulting from management weakness are of such severity that management may need to be strengthened or replaced before sound conditions can be achieved.

A management rating of 5 is applicable to those instances where incompetence or self-dealing has been clearly demonstrated. In these cases, problems resulting from management weakness are of such severity that some type of administrative action may need to be initiated, including the replacement of management, in order to restore safe and sound operations.

The continued viability of a credit union depends on its ability to earn an appropriate return on its assets which enables the institution to fund expansion, remain competitive, and replenish and/or increase capital.

In evaluating and rating earnings, it is not enough to review past and present performance alone. Future performance is of equal or greater value, including performance under various economic conditions. Examiners evaluate "core" earnings: that is the long-run earnings ability of a credit union discounting temporary fluctuations in income and one-time items. A review for the reasonableness of the credit union's budget and underlying assumptions is appropriate for this purpose. Examiners also consider the interrelationships with other risk areas such as credit and interest rate.

Key factors to consider when assessing the credit union's earnings are:

• Level, growth trends, and stability of earnings, particularly return on average assets;
• Adequacy of valuation allowances and their effect on earnings;
• Adequacy of budgeting systems, forecasting processes, and management information systems, in general;
• Future earnings prospects under a variety of economic conditions;
• Net interest margin;
• Net non-operating income and losses and their effect on earnings;
• Quality and composition of assets;
• Net worth level;
• Sufficiency of earnings for necessary capital formation; and
• Material factors affecting the credit union's income producing ability such as fixed assets and other real estate owned ("OREOs").

Earnings rated 1 are currently, and are projected to be, sufficient to fully provide for loss absorption and capital formation with due consideration to asset quality, growth, and trends in earnings.

An institution with earnings that are positive and relatively stable may receive a 2 rating, provided its level of earnings is adequate in view of asset quality and operating risks. The examiner must consider other factors, such as earnings trends and earnings quality to determine if earnings should be assigned a 2 rating.

A 3 rating should be accorded if current and projected earnings are not fully sufficient to provide for the absorption of losses and the formation of capital to meet and maintain compliance with regulatory requirements. The earnings of such institutions may be further hindered by inconsistent earnings trends, chronically insufficient earnings or less than satisfactory performance on assets.

Earnings rated 4 may be characterized by erratic fluctuations in net income, the development of a severe downward trend in income, or a substantial drop in earnings from the previous period, and a drop in projected earnings is anticipated. The examiner should consider all other relevant quantitative and qualitative measures to determine if a 4 is the appropriate rating.

Credit unions experiencing consistent losses should be rated 5 in Earnings. Such losses may represent a distinct threat to the credit union's solvency through the erosion of capital. A 5 rating would normally be assigned to credit unions that are unprofitable to the point that capital will be depleted within twelve months.

Asset and liability management (ALM) is the process of evaluating, monitoring, and controlling balance sheet risk (interest rate risk and liquidity risk). A sound ALM process integrates strategic, profitability, and net worth planning with risk management. Examiners review (a) interest rate risk sensitivity and exposure; (b) reliance on short-term, volatile sources of funds, including any undue reliance on borrowings; (c) availability of assets readily convertible into cash; and (d) technical competence relative to ALM, including the management of interest rate risk, cash flow, and liquidity, with a particular emphasis on assuring that the potential for loss in the activities is not excessive relative to its capital. ALM covers both interest rate and liquidity risks and also encompasses strategic and reputation risks.

Interest-Rate Risk - the risk of adverse changes to earnings and capital due to changing levels of interest rates. Interest-rate risk is evaluated principally in terms of the sensitivity and exposure of the value of the credit union's investment and loan portfolios to changes in interest rates. In appraising ALM, attention should be directed to the credit union's liability funding costs relative to its yield on assets and its market environment.

When evaluating this component, the examiner considers: management's ability to identify, measure, monitor, and control interest rate risk; the credit union's size; the nature and complexity of its activities; and the adequacy of its capital and earnings in relation to its level of interest rate risk exposure. The examiner also considers the overall adequacy of established policies, the effectiveness of risk optimization strategies, and the interest rate risk methodologies. These policies should outline individual responsibilities, the credit union's risk tolerance, and ensure timely monitoring and reporting to the decision-makers. Examiners determine that the ALM system is commensurate with the complexity of the balance sheet and level of capital.

Key factors to consider in evaluating sensitivity to interest rate risk include:

• Interest-rate risk exposure at the instrument, portfolio, and balance sheet levels;
• Balance sheet structure;
• Liquidity management;
• Qualifications of risk management personnel;
• Quality of oversight by the board and senior management;
• Earnings and capital trend analysis over changing economic climates;
• Prudence of policies and risk limits;
• Business plan, budgets, and projections; and,
• Integration of risk management with planning and decision-making.

Liquidity risk is the risk of not being able to efficiently meet present and future cash flow needs without adversely affecting daily operations. Liquidity is evaluated on the basis of the credit union's ability to meet its present and anticipated cash flow needs, such as, funding loan demand, share withdrawals, and the payment of liabilities and expenses. Liquidity risk also encompasses poor management of excess funds.

The examiner considers the current level of liquidity and prospective sources of liquidity compared to current and projected funding needs. Funding needs include loan demand, share withdrawals, and the payment of liabilities and expenses. Examiners review reliance on short-term, volatile sources of funds, including any undue reliance on borrowings; availability of assets readily convertible into cash; and technical competence relative to liquidity and cash flow management. Examiners also review the impact of excess liquidity on the credit union's net interest margin, which is an indicator of interest rate risk.

The cornerstone of a strong liquidity management system is the identification of the credit union's key risks and a measurement system to assess those risks.

Key factors to consider in evaluating the liquidity management include:

• Balance sheet structure;
• Contingency planning to meet unanticipated events (sources of funds —adequacy of provisions for borrowing, e.g., lines of credit, corporate credit union membership, FHLB agreements);
• Contingency planning to handle periods of excess liquidity;
• Cash flow budgets and projections; and
• Integration of liquidity management with planning and decision-making.

Examiners will consider the overall adequacy of established policies, limits, and the effectiveness of risk optimization strategies when assigning a rating. These policies should outline individual responsibilities, the credit union's risk tolerance, and ensure timely monitoring and reporting to the decision makers.

Examiners determine that the liquidity management system is commensurate with the complexity of the balance sheet and amount of capital. This includes evaluating the mechanisms to monitor and control risk, management's response when risk exposure approaches or exceeds the credit union's risk limits, and corrective action taken, when necessary.

Examiners will have regulatory concern if one or more of the following circumstances exist:

1. An overall asset/liability management policy addressing interest rate risk, liquidity, and contingency funding is either nonexistent or inadequate.
2. The board has established unacceptable limits on its risk exposure.
3. There is noncompliance with the board's policies or limits.
4. There are weaknesses in the management measurement, monitoring, and reporting systems.

A rating of 1 indicates that the credit union exhibits only modest exposure to balance sheet risk. Management has demonstrated it has the necessary controls, procedures, and resources to effectively manage risks. Interest rate risk and liquidity risk management are integrated into the credit union's organization and planning to promote sound decisions. Liquidity needs are met through planned funding and controlled uses of funds. Liquidity contingency plans have been established and are expected to be effective in meeting unanticipated funding needs. The level of earnings and capital provide substantial support for the degree of balance risk taken by the credit union.

A rating of 2 indicates that the credit union's risk exposure is reasonable, management's ability to identify, measure, monitor, control, and report risk is sufficient, and it appears to be able to meet its reasonably anticipated needs. There is only moderate potential that earnings performance or capital position will be adversely affected. Policies, personnel, and planning reflect that risk management is conducted as part of the decision-making process. The level of earnings and capital provide adequate support for the degree of balance sheet risk taken by the credit union.

A rating of 3 indicates that the risk exposure of the credit union is substantial, and management's ability to manage and control risk requires improvement. Liquidity may be insufficient to meet anticipated operational needs, necessitating unplanned borrowing. Improvements are needed to strengthen policies, procedures, or the organization's understanding of balance sheet risks. A rating of 3 may also indicate the credit union is not meeting its self-imposed risk limits or is not taking timely action to bring performance back into compliance. The level of earnings and capital may not adequately support the degree of balance sheet risk taken by the credit union.

Ratings of 4 and 5 indicate that the credit union exhibits an unacceptably high exposure to risk. Management does not demonstrate an acceptable capacity to measure and manage interest-rate risk, or the credit union has an unacceptable liquidity position. Analyses under modeling scenarios indicate that a significant deterioration in performance is very likely for credit unions rated 4 and inevitable for credit unions rated 5. Ratings of 4 or 5 may also indicate levels of liquidity such that the credit union cannot adequately meet demands for funds. Such a credit union should take immediate action to lower its interest-rate exposure, improve its liquidity, or otherwise improve its condition. The level of earnings and capital provide inadequate support for the degree of balance sheet risk taken by the credit union.

A rating of 5 would be appropriate for a credit union with an extreme risk exposure or liquidity position so critical as to constitute an imminent threat to the credit union's continued viability. Risk management practices are wholly inadequate for the size, sophistication, and level of balance sheet risk taken by the credit union.

Sensitivity to 'market risk', the "S" in CAMELS is a complex and evolving measurement area. It was added in 1995 by Federal Reserve and the OCC primarily to address interest rate risk, the sensitivity of all loans and deposits to relatively abrupt and unexpected shifts in interest rates. In 1995 they were also interested in banks lending to farmers, and the sensitivity of farmers ability to make loan repayments as specific crop prices fluctuate. Unlike classic ratio analysis, which most of CAMELS system was based on, which relies on relatively certain, historical, audited financial statements, this forward look approach involved examining various hypothetical future price and rate scenarios and then modelling their effects. The variability in the approach is significant.

In June 1996 a Joint Agency Policy Statement was issued by the OCC, Treasury, Fed and FDIC defining interest rate risk as the exposure of a bank's financial condition to adverse movements in interest rates resulting from the following:^[5]

• repricing or maturity mismatch risk - differences in the maturity or timing of coupon adjustments of bank assets, liabilities and off-balance-sheet instruments
• yield curve risk - changes in the slope of the yield curve
• basis risk - imperfect correlations in the adjustment of rates earned and paid on different instruments with otherwise similar repricing characteristics (e.g. 3 month Treasury bill versus 3 month LIBOR)
• option risk - interest rate related options embedded in bank products

The CAMELS system failed to provide early detection and prevention of the 2008 financial crisis. Informed and motivated by the large bank failures, and the ensuing crisis, in June 2009 the FDIC announced a significantly expanded Forward-Looking Supervision approach, and provided extensive training to its front line bank examiners. These are the employees of the Division of Supervision and Consumer Protection (DSC) who visit the banks, apply the official guidelines to practical situations, make assessments, and assign the CAMELS ratings on behalf of the FDIC. Since FDIC is a limited insurance pool they are highly concerned with any rise in bank failure rates. In the same period various other regulators began official stress testing of large banks, with the results often publicly disclosed. See Stress test (financial), List of bank stress tests, List of systemically important banks.

Sensitivity to market risk can cover ever increasing territory. What began as an assessment of interest rate and farm commodity price risk exposures has grown exponentially over time. Forward-looking Supervision and sensitivity to market risk can include:

• Assessing, monitoring, and management of any credit concentrations, for example lending to specific groups such as:
  • established commercial real estate lending, or lending for acquisition, development, and construction
  • agricultural lending
  • energy sector lending
  • medical lending
  • credit card lending
• Exposure to market based price changes, including:
  • foreign exchange
  • commodities
  • equities
  • derivatives, including interest rate, credit default and other types of swaps

• 1996 Interagency Policy Statement on Interest Rate Risk^[6]
• 1996 FED Commercial Bank Examination Manual^[7] (Section 4090, Interest-Rate Risk, has been completely revised.)
• 1996 FED Bank Holding Company Supervision Manual^[8] (section 2127) This had a minor update in 2010 discussing the 2010 interagency advisory on interest-rate risk management. The advisory does not constitute new guidance...The advisory targets IRR management at insured depository institutions. However, the principles and supervisory expectations articulated also apply to BHCs, which are reminded of long-standing supervisory guidance that they should manage and control aggregate risk exposures on a consolidated basis while recognizing legal distinctions and possible obstacles to cash movements among subsidiaries.
• 1997 OCC Comptroller's Handbook for Interest Rate Risk
• 1997 OCC Comptroller's Handbook for Risk Management of Financial Derivatives
• 1998 FED Trading and Capital Markets Activities Manual (section 3010 Interest-Rate Risk Management, pages 327 to 353) Has excellent coverage of Interest-Rate Risk Management, Camels Ratings and audit examination procedures.
• 1998 OCC Comptroller's Handbook on Interest Rate Risk
• 1998 OCC OCC Risk Management of Financial Derivatives
• 1999 OCC Risk Management of Financial Derivatives and Bank Trading Activities, Supplemental Guidance (OCC 1999-02)
• 1999 NCUA Real Estate Lending and Balance sheet Management (99-CU-12)
• 2000 OCC Model Validation (Bulletin 2000-16) note this was replaced in 2011.
• 2000 NCUA Asset Liability Management Procedures (00-CU-10)
• 2001 NCUA Liability Management - Rate-Sensitive and Volatile Funding Sources (01-CU-08)
• 2000 OCC OCC Bulletin 2000-16, "Model Validation."
• 2001 NCUA Managing Share Inflows in Uncertain Times (01-CU-19)
• 2003 NCUA Non-maturity Shares and Balance Sheet Risk (03-CU-11)
• 2003 NCUA Real Estate Concentrations and Interest Rate Risk Management for Credit Unions with Large Positions in Fixed Rate Mortgages (03-CU-15)
• 2004 Basel Principles for the Management of Interest Rate Risk
• 2004 OCC Embedded Options and Long-Term Interest Rate Risk (OCC 2004-29)
• 2005 FDIC Risk Management Manual of Examination Policies (section 7.1 Sensitivity to Market Risk)
• 2008 Inter Financial crisis exacerbated by concentration in sub-prime mortgage lending, and real estate market price bubble. Above efforts designed to address Sensitivity to markets (IRR) failed to provide early warning or limit exposures.
• 2010 OCC Interagency Advisory on Interest Rate Risk Management^[9] (OCC 2010-1) In the current environment of historically low short-term interest rates, it is important for institutions to have robust processes for measuring and, where necessary, mitigating their exposure to potential increases in interest rates.
• 2011 Federal Reserve Guidance on Model Risk Management - Supervisory Rule (SR 11-7)
• 2011 OTS (In 2011 OTS was merged into the OCC.) Prior OTS documents covering IRR included:
  • Management of Interest Rate Risk; Investment Securities and Derivatives Activities (TB-13a)
  • Risk Management Practices in the Current Interest Rate Environment
• 2011 OCC Supervisory Guidance on Model Risk Management^[10] (OCC 2011-12) Supervisory Guidance on Model Risk Management amended
• 2012 Inter FAQs on 2010 Interagency Advisory on Interest Rate Risk Management^[11]
• 2012 FDIC Supervisory Guidance, Interest Rate Risk Management: Frequently Asked Questions^[12] (specifically on the 2010 Interagency advisory on interest-rate risk management)

• FDIC problem bank list - based on CAMELS ratings
• Basel II
• Market discipline
• Financial risk management § Commercial and retail banking