Reserve Bank of New Zealand BS8 Connected Exposures Regulatory Impact Assessment

Ref #20553288 v1.0

BS8 Connected Exposures Policy Regulatory Impact Assessment 24 August 2023

1 Connected Exposures – Regulatory Impact Assessment Contents Adequacy Assessment 2 Consultation 2 Quality Assurance 2 Executive Summary____________________________________________________________________________ 3 Background____________________________________________________________________________________ 6 Consultation Process 6 Problem Definition ____________________________________________________________________________ 8 Rationale for a Connected Exposures Policy 8 Inconsistency within BS8 and among BS8, the LEX Survey and the Capital Adequacy Framework 9 Outcome of Inconsistencies 9 International Monetary Fund Financial Sector Assessment Program (FSAP) 9 Overall Approach to Connected Exposures __________________________________________________ 10 Final Decisions ________________________________________________________________________________ 10 Overview of Proposals and Final Decisions 10 Changes to Definition of Connected Persons 12 Impacts, Costs and Benefits __________________________________________________________________ 14 Assessment of Costs and Benefits 14 A Focus on Quantitative Limits 16 Conclusion 18 Financial Policy Remit ________________________________________________________________________ 19 Implementation ____________________20 Monitoring, Evaluation and Review 21

2 Connected Exposures – Regulatory Impact Assessment Adequacy Assessment This Regulatory Impact Assessment (RIA) provides the Reserve Bank’s analysis of the costs and benefits of options regarding the Connected Exposures Policy. This RIA has been prepared by the Reserve Bank in accordance with the requirements of section 255 of the Reserve Bank of New Zealand Act 2021 (the Act). This Assessment provides a qualitative assessment of all decisions. Consultation Consultation on options for the Connected Exposures Policy was completed by the Reserve Bank from 29 November 2021 to 31 March 2022. The Reserve Bank received 9 submissions to the Consultation paper. A Response to Submissions was published on 24 January 2023 that summarised the feedback received. The Reserve Bank published an Exposure Draft of BPR210: Connected Exposures on 24 January 2023, inviting submissions on technical and workability aspects of this draft by 8 March 2023. This RIA summarises all of our final decisions and amendments from stakeholder feedback to the Exposure Draft, and the impact assessment. The impact assessment covers all the policy changes, including those relating to decisions published in January 2023 and the final decisions following the most recent round of feedback regarding the Exposure Draft. Two formal submissions were received to the Exposure Draft consultation, from New Zealand Bankers Association and the branch of one overseas bank. Quality Assurance The RIA has been peer reviewed by Reserve Bank staff.

3 Connected Exposures – Regulatory Impact Assessment Executive Summary The Reserve Bank of New Zealand – Te Pūtea Matua has published the final set of requirements under the revised Connected Exposures Policy (BS8). This Regulatory Impact Assessment (RIA) provides an assessment of the costs and benefits of the final set of requirements. These requirements will take effect as BS8: Connected Exposures Policy from 1 September 2023.1 In November 2021, we published a Consultation Paper covering proposed changes to the requirements for Connected Exposures, set out in BS8: Connected Exposures. We reviewed feedback received for the consultation paper. We then published an Exposure Draft of the changes in January 2023 to seek comments on technical or workability issues. That process is now complete, and a revised Connected Exposures Policy has been published. Connected exposures are a bank’s exposures to its connected persons – connected persons are natural or legal persons who are closely related to the bank. Exposures to connected persons can take a variety of forms – for example, loans, leases, deposits, investments, undrawn lines of credit, bank guarantees of a connected person’s obligations to third parties, and financial contracts (such as derivatives) with connected persons. In principle, any form of transactions and arrangements that banks have entered into with connected persons are considered exposures to connected persons. The connected exposures policy requires banks to (i) manage its conflicts of interest with connected persons, (ii) measure their exposures to connected persons, and (iii) limit the size of the total connected exposures in relation to their capital. For managing a bank’s conflicts of interest, the connected exposures policy also requires New Zealand banks to ensure that the terms of transactions with connected persons are not more favourable than the terms available for similar transactions with non-connected persons. A New Zealand bank could be severely affected by a failure of a connected person. The connected exposure policy exists to put a limit on the maximum loss that a New Zealand bank could face in the event of a sudden failure of one or more connected persons. This ultimately helps support financial stability. A New Zealand bank must not exceed the exposure limits set out in the connected exposures policy. The current aggregate gross exposure limit is 125% of a bank’s Tier 1 capital. The aggregate net exposure limit is contingent on a bank’s credit rating, ranging from 15% to 75% of Tier 1 capital. The current version of the connected exposure policy has been in place without major policy updates for over ten years. Banks have encountered a number of issues when measuring an exposure amount under the Connected Exposures Policy. These issues are mainly due to some ambiguity and inconsistency in the current wording of the policy.

---

1 The Reserve Bank has decided to retain the BS8 title for the Connected Exposures Policy, instead of changing it to Banking Prudential Requirements 210 (BPR210) Connected Exposures Policy. We had intended to shift the naming convention to align with the BPRs used throughout Capital Adequacy requirements. However, we have decided to pause this, given the risk that other consequential changes may be needed in other policy documents to reflect this change of naming convention.

4 Connected Exposures – Regulatory Impact Assessment We addressed these issues in the Exposure Draft, which received broad support.2 Therefore, the final set of requirements in the revised BS8: Connected Exposures policy document, published alongside this RIA, are broadly the same as those in the Exposure Draft. This means that the revised Connected Exposure Policy clearly sets out the extent to which banks can recognise eligible credit risk mitigations. The eligibility conditions are now aligned with those in the existing standardised approach for calculating capital requirements. With the clear eligibility conditions, we have removed the current aggregate gross exposure limit, and will limit connected exposures only by the net limit. The changes we have made after receiving the feedback on the Exposure Draft covers fine-tuning the wording of the requirements to respond to feedback. We have changed the definitions of a connected person to make it easier to implement the new definitions. The revised definition still achieves our policy objectives, as well as aligning with Principle 20 of the Basel Core Principles for Effective Banking Supervision.3 Alignment with the principle was one of the recommendations made in the International Monetary Fund (IMF)’s 2017 Financial Sector Assessment Programme (FSAP) review. Our assessment is that the changes will provide greater consistency across requirements in different polices and remove a number of ambiguities. This will help better balance costs and benefits of regulation considering the purpose of this policy. We also assessed the appropriateness of the net exposure limits. Based on banks’ estimates provided during the consultation process, we concluded that our proposed changes are unlikely to make significant changes to the banks’ net exposure amounts and are unlikely to alter the risk to financial stability at this stage. We will assess the appropriateness on an ongoing basis using the survey data. If we find sound reasons, we will carry out a review of the net exposure limits. Table 1: Summary of Decisions: Connected Exposures Policy Exposure Draft Proposal from January 2023 Response Allow banks to recognise Eligible Credit Risk mitigations. This change allows banks to recognise eligible collateral received for their derivative contracts and securities financing transactions. Proceed as per Exposure Draft Removal of the Gross Exposure limit. Maintain the Net Exposures limit. Proceed as per Exposure Draft Applying a flat 100% Credit Conversion Factor (CCF) to banks’ off-balance sheet contingent credit exposures to Connected Persons. Proceed as per Exposure Draft Exempting specified Interbank Exposures Proceed as per Exposure Draft Expansion of the definition of ‘Connected Persons’ Amend the Exposure Draft to reduce the breadth of individuals and entities captured by the

---

2 rbnz.govt.nz/hub/news/2023/01/connected-exposures-policy-review-receives-broad￾support#:~:text=Connected%20exposures%20are%20a%20bank's,the%20bank%20has%20influence%20over 3 bis.org/basel_framework/chapter/BCP/01.htm?inforce=20191215&published=20191215

5 Connected Exposures – Regulatory Impact Assessment Exposure Draft Proposal from January 2023 Response definition, while still expanding from the current settings under BS8.

6 Connected Exposures – Regulatory Impact Assessment Background Banks registered in New Zealand must comply with a range of prudential requirements developed by the Reserve Bank of New Zealand – Te Pūtea Matua to protect and promote financial stability. These prudential requirements reduce the risk of a bank failing and protect New Zealanders from the economic and social costs associated with a bank failure. In December 2019, we published the final decisions from our Capital Review, which focused on improving the quality and quantity of bank capital and liquidity requirements, such as the minimum levels of key capital measures that banks must meet. These requirements however must be supplemented by a range of other requirements including connected exposure policy. Connected exposures are a bank’s exposures to its connected persons (e.g., a bank’s owners). Exposures to connected persons can take a variety of forms – for example, loans, leases, deposits, and financial contracts (such as derivatives). The Connected exposures policy mitigates the risk from exposures that are large compared to a bank's capital. The calculation of minimum capital requirements implicitly assumes that a bank’s portfolios are granular and not concentrated. To manage concentration in banks' portfolios to connected persons, we limit the size of the total exposures in relation to their capital. This limits the maximum loss that a New Zealand bank could face in the event of a sudden failure of one or more connected persons. The Connected Exposures Policy also aims to manage individual banks’ conflicts of interest with connected persons. Banks are required to ensure that exposures to connected persons are not more favourable terms than corresponding exposures to non-connected persons. Exposures to connected persons are calculated using three components: credit exposures, credit risk mitigations and capital, as outlined in the following equation: The credit exposure component works to increase a bank’s connected exposures calculation, while the components of credit risk mitigations and capital work to reduce it. We limit the size of the total exposures in relation to their capital specified as a percentage of the bank’s capital. Currently, the aggregate gross exposure limit is 125% of a bank’s Tier 1 capital. The aggregate net exposure limit is contingent on a bank’s credit rating, ranging from 15% to 75% of Tier 1 capital. Consultation Process The current version of the connected exposure policy has been in place without major policy updates for over ten years and needs to be updated. We have become aware of some issues that banks have encountered when measuring an exposure amount under the connected exposures policy. These issues are mainly due to some ambiguities and inconsistencies in the current connected exposures policy.

7 Connected Exposures – Regulatory Impact Assessment These issues led to a conservative calculation of connected exposures and can prevent banks from using what is common practice in risk management in financial markets. This is discussed in more depth in the Problem Definition below. In response to industry’s request, from 29 November 2021 to 29 March 2022, we held a consultation to seek stakeholder feedback on our proposed policy changes. We also sought feedback on our proposed expansion of the definition of a Connected Person. This expansion was to respond to the International Monetary Fund (IMF)’s recommendation in the 2017 Financial Sector Assessment Programme (FSAP) report. We received nine submissions during the consultation from 29 November 2021 to 29 March 2022. Most stakeholder feedback was supportive of the proposed changes. Therefore, the Exposure Draft published in January 2023 was broadly in line with the original proposals, except for some changes following stakeholder feedback. The most significant changes in the January 2023 Exposure Draft were the expansion of the definition of a Connected Person. From 24 January to 8 March 2023, we held a public consultation to seek feedback on technical and workability issues in an Exposure Draft of the changes that we proposed to the policy. Alongside the exposure draft, we also published all the submissions that we received and a Response to Submissions. We also announced that connected exposures policy would be integrated into the Banking Prudential Requirements (BPR) after this review, and its title would be ‘BPR210: Connected Exposures Policy’.4 We received two submissions in response to the Exposure Draft consultation. One of them asked us to fine-tune the definition of a Connected Person, largely with the aim of making it more practical to implement. As this is the final stage of the consultations, we have published the following documents alongside this Regulatory Impact Assessment:  The two submissions we received on the January 2023 Exposure Draft.  A revised BS8: Connected Exposures policy document. (See the footnote on this page)  A short Response to Submissions document covering our responses to the feedback on the Exposure Draft published in January 2023. This Regulatory Impact Assessment (RIA) covers our decisions and supporting analysis regarding our final changes to the requirements set out in the revised BS8: Connected Exposures policy. This covers all of the changes in the policy, consisting of:  Changes proposed in the November 2021 Consultation Paper, which we responded to in January 2023.  Changes proposed in response to feedback on the Exposure Draft published in January 2023.

---

4 The Reserve Bank has decided to retain the BS8 title for the Connected Exposures Policy, instead of changing it to Banking Prudential Requirements 210 (BPR210) Connected Exposures Policy. We had intended to shift the naming convention to align with the BPRs used throughout Capital Adequacy requirements. However, we have decided to pause this, given the risk that other consequential changes may be needed in policy documents to reflect this change.

8 Connected Exposures – Regulatory Impact Assessment The publication of the final set of policy changes to BS8: Connected Exposures concludes the consultation associated with this set of policy changes. The new policy will take effect on 1 October 2023. Over the next few weeks, we will consult banks bilaterally with draft changes to their Conditions of Registration to implement the new policy. Further, this RIA is concerned with addressing the policy changes that we have been consulting on since the original Consultation document was published in November 2021. As Parliament has now passed the Deposit Takers’ Act, in future we will consider the conversion of existing polices, including BS8: Connected Exposures into Standards under that Act. Problem Definition Rationale for a Connected Exposures Policy In the context of connected exposures, two sources of weakness have been recognised in the Basel Core Principles (BCP) for Effective Banking Supervision:  Risk 1: The risk of unduly large exposures, and  Risk 2: Abuses arising in transactions with connected persons. For risk 1, there is a risk of a bank being exposed to a potential failure of its connected persons, which could lead to the bank itself becoming insolvent. The Basel Core Principles (BCP19) – the set of standards of the Basel Committee on Banking Supervision – expects regulators to set prudential limits to restrict bank exposures to single counterparties or groups of linked counterparties. We do not currently have prudential limits in place for large exposures to non-connected general counterparties, but the connected exposure policy limits exposures to connected persons, which helps partially mitigate this first downside risk. This risk is also currently monitored by the Reserve Bank through its Large Exposure Survey (LEX Survey) to supplement the Capital Adequacy framework outlined in the Reserve Bank document “BPR100: Capital Adequacy”. Risk 2 covers the risk that a bank’s connected persons might take advantage of their position and endanger the bank’s capital (in an “abusive transaction”). This could be unwittingly or intentionally if, for example, a connected person faces financial difficulty themselves. Related to Risk 2 is the risk that a bank might be unduly influenced by a connected person (for example a parent). This could impede its ability to objectively and independently assess the costs and benefits of a transaction with a connected person. The Basel Core Principles (BCP20) recommend regulatory measures to address the risk of conflicts of interest to prevent abuses arising in transactions with connected persons. Aside from the current BS8, this risk is also managed by the attestation framework set out in the Disclosure Order in Council (OiC). These regulatory tools work together in a complementary way. The attestations under the Disclosure OiC require a bank’s directors to attest as to “whether or not […] credit exposures to connected persons (if any) were not contrary to the interests of the registered bank’s banking group”.

9 Connected Exposures – Regulatory Impact Assessment Inconsistency within BS8 and among BS8, the LEX Survey and the Capital Adequacy Framework We consider the rationale for a Connected Exposures policy remains strong. However, the current drafting of BS8 has led to some ambiguity, including the following:  Whether banks can recognise collateral exchanged for derivatives and securities financing transactions (SFTs); and  The extent to which long positions (or assets) can be offset with corresponding short positions (or liabilities) – this approach is generally described as “netting”. For example, Section 4(i)(i) of the current BS8 text suggests that, for a market-related contract, credit exposure is calculated in accordance with Part E of the Reserve Bank document “BPR131: Standardised Credit Risk RWAs”. However, the text immediately above (which reads: “credit exposure means the amount of the maximum loss […] without taking into account the value of collateral […]”) leaves an ambiguity as to whether margins exchanged as collaterals for derivative transactions can be recognised under the current BS8. BS8 also has some inconsistency with other policies and obligations on banks. For example, under both the Capital Adequacy framework and the LEX Survey, both the recognition of credit risk mitigations and netting are allowed subject to meeting certain conditions. However, under BS8, collateral exchanged for derivative transactions cannot be recognised. Additionally, the measurement methodologies of BS8 and the LEX survey are not aligned, although both use the same concept of maximum possible loss. Outcome of Inconsistencies Uncertainty about the rules in BS8 has been causing recurring queries by industry, including during the recent capital review process. Stakeholders have argued for a different interpretation of BS8, which would allow banks to recognise credit risk mitigation and enable netting in the same manner as in the Capital Adequacy framework. Stakeholders have told us that the BS8 wording leads to an overstatement of the actual level of banks’ credit exposures to their connected persons. This, they argue, affects banks’ ability to manage risk efficiently and effectively. International Monetary Fund Financial Sector Assessment Program (FSAP) The International Monetary Fund (IMF)’s 2017 assessment of the stability of the financial system in New Zealand recommended that the Reserve Bank:  Require prior board approval for a bank to provide its connected persons with loans and to write them off;  Expand the information collected to include terms, names, and repayment status; and  Expand the definition of a connected person to include related parties of a bank’s directors and other parties and transactions, as defined in the footnotes of BCP20.

10 Connected Exposures – Regulatory Impact Assessment The review also provided us with an opportunity to assess the extent to which these recommendations ought to be incorporated into our policy settings. Note in our initial consultation we intended to address the specific FSAP comment by adding “an entity in which a director of the registered bank has a substantial interest (other than the registered bank and entities in which the registered bank itself has a substantial interest)” Overall Approach to Connected Exposures The Reserve Bank’s approach to amending the Connected Exposures policy and how we have considered our final policy decisions is based on three overarching principles: i. Consistency: Making the amended Connected Exposures policy, as far as possible, consistent with the Capital Adequacy Framework and international best practice ii. Simplicity: Reducing ambiguity in the Connected Exposures policy. iii. Stability: Exceptions to the principles above need to be justified in terms of the objectives of the Connected Exposures Policy, i.e.: providing consistency and simplicity while ensuring the policy provides an effective back-stop to manage the risks to a bank associated with its exposures to Connected Persons. Final Decisions Overview of Proposals and Final Decisions A full description of the proposed changes is available in the November 2021 Consultation Paper. 5 Some of the proposals were amended in January 2023 following consideration of the feedback received on the November 2021 proposals. The full rationale for these changes was set out in the Response to Submissions that we published in January 2023.6 Following the conclusion of our Exposure Draft consultation process on 8 March 2023, stakeholder feedback confirmed the desirability of the proposed changes except for those relating to the definition of a connected person. Given the consensus of agreement regarding proposals in relation to credit risk mitigation and credit exposures, we have not diverged from the policy decisions as set out in the Exposure Draft regarding these topics. However, stakeholders argued that the expanded definition of the ‘Connected Persons’ in the Exposure Draft was not well aligned with the Accounting Standards. Stakeholder feedback clarified the potential costs and implementation challenges. Stakeholders suggested refinement of the definition to make the definition appropriately balance costs and benefits of this policy considering the regulatory objectives. This is discussed further in the next section of this document. Table 2 below summarises the final decisions. 7

---

5 November 2021 Consultation Paper 6 January 2023 Response to Submissions 7 Readers wishing to track the development of the proposals over time, in response to feedback, should refer to the November 2021 Consultation paper for the original proposals and the January 2023 Response to Submission to track changes in the original proposals over that period. This RIA focuses on an assessment of the final policy decisions.

11 Connected Exposures – Regulatory Impact Assessment Table 2: Summary of November 2021 proposed changes, incorporating January 2023 changes Topic Final Decisions Exposure measure General principles For simplicity we have aligned the revised BS8 with the standardised approach to credit risk Market-related contracts The current phrase “market related contracts” in BS8 has been replaced with “derivatives and securities financing transactions”. IRB banks’ exposure values Banks accredited to use the IRB approach to credit risk may use gross exposure values if netting of impairment allowances is operationally burdensome. Off-balance sheet contingent credit exposures A 100% flat Credit Conversion Factor (CCF) must be applied for off-balance sheet commitments only for the purpose of the Connected Exposure policy. Recognition of Eligible Credit Risk Mitigations Requirements, conditions and eligibility criteria Allow banks to recognise eligible credit risk mitigations. (e.g., collateral received for derivative and securities financing transactions) for the purpose of the connected exposure policy in the same manner and eligible conditions as that are set out in the existing standardised approach for calculating credit risk capital requirements. We will request information the use of bilateral netting arrangements from banks from time to time. On-balance sheet netting Permitted, so long as carried out in a way consistent manner and eligible conditions as that are set out in the existing standardised approach for calculating credit risk capital requirements (BPR131) and with the approach to credit risk mitigation in BPR132. We will request information the use of bilateral netting arrangements from banks from time to time. Treatment of maturity mismatches The treatment of mismatch maturities has been aligned with the treatment in the standardised approach to credit risk in the Capital Adequacy framework Capital measure All banks should use the ‘Tier 1 capital’ measure that applies to that bank. There is no requirement for IRB banks to use ‘standardised equivalent Tier 1 capital’. Quantitative limits Remove existing limit on gross exposures. Retain existing limit on net exposures, based on credit ratings. Interbank exposures Bank must not exceed exposure limits at the end of each working day. Intra-day exposures are not subject to the limit, regardless of whether it is an interbank exposure or not. Definition of Connected Person Definition expanded to bring the definition in line with principle 20 of the Basel Core Principles for Effective Banking Supervision, with further adjustments to better match the exposure draft of the Deposit

12 Connected Exposures – Regulatory Impact Assessment Topic Final Decisions Takers Bill8 . Detailed changes in response to Exposure Draft feedback are described further in the section below this table. Conduct requirements We have imposed an overall requirement that clarify a bank’s responsibility to have effective systems and controls in place to manage conflicts of interest, and to ensure that credit exposures to connected persons are not contrary to the interests of the banking group. Changes to Definition of Connected Persons The only changes in any policy decisions compared with the Exposure Draft that we published in January cover the definition of a connected person. We have adjusted the definition in response to feedback from stakeholders. The changes have streamlined the definition to make implementation more practical. The changes relative to the Exposure Draft do not affect the overall policy intention of the new definition – we have still met our objective to meet the Basel principles. This section briefly explains the revised definition. In our November 2021 Consultation Paper, we originally proposed to expand the definition of a connected person by adding: “an entity in which a director of the registered bank has a substantial interest (other than the registered bank and entities in which the registered bank itself has a substantial interest)” The intent of this was to respond to one of the recommendations made in the International Monetary Fund (IMF)’s 2017 Financial Sector Assessment Programme (FSAP) review and to be consistent with Principle 20 of the Basel Core Principles for Effective Banking Supervision. Principle 20 states as follows: “Principle 20 – Transactions with related parties: In order to prevent abuses arising in transactions with related parties (29) and to address the risk of conflict of interest, the supervisor requires banks to enter into any transactions with related parties (30) on an arm’s length basis; to monitor these transactions; to take appropriate steps to control or mitigate the risks; and to write off exposures to related parties in accordance with standard policies and processes.” Note 29 states: “Related parties can include, among other things, the bank’s subsidiaries, affiliates, and any party (including their subsidiaries, affiliates and special purpose entities) that the bank exerts control over or that exerts control over the bank, the bank’s major shareholders, Board members, senior management and key staff, their direct and related interests, and their close family members as well as corresponding persons in affiliated companies.” Note 30 states: “Related party transactions include on-balance sheet and off-balance sheet credit exposures and claims, as well as dealings such as service contracts, asset purchases and sales, construction contracts, lease agreements, derivative transactions, borrowings, and write-offs. The term transaction should be interpreted broadly to incorporate not only transactions that are entered into with related parties but also situations in which an unrelated party (with whom a bank has an existing exposure) subsequently becomes a related party.”

---

8 rbnz.govt.nz/-/media/project/sites/rbnz/files/consultations/banks/deposit-takers-act/exposure-draft-of-the-deposit-takers-bill.pdf

13 Connected Exposures – Regulatory Impact Assessment Definitions can be considered against the two main objectives of the connected exposure policy:  Prevent concentrated exposure to a set of connected persons that could present an elevated risk to the bank  Prevent risks to transactions resulting from conflicts of interest. In our January 2023 Exposure Draft, where possible we had aligned the definition with the related party definition in the NZ International Accounting Standard 24 (NZ IAS 24) Related Party Disclosures, with adjustments to match the exposure draft of the Deposit Takers Bill. However, stakeholder feedback to the Exposure Draft suggested that our January definition was too broad in relation to the intent of the Connected Exposures Policy. After reviewing the feedback received we now agree that the January 2023 Exposure Draft definition would have captured a much larger number of connected persons than what we originally proposed in our November 2021 Consultation Paper. We agree that the definition needs further adjustments, and we have decided to make further changes to provide for easier implementation. We have largely incorporated the changes suggested by stakeholders. This included reducing the range of corporate entities classified as connected persons, and in connection with those entities to reduce the scope of family members of directors and senior managers considered connected persons (while not being employees of a relevant entity themselves). Table 3 below compares the current definition in BS8 with the January 2023 definition and the final definition in the revised BS8: Connected Exposures policy. More explanation of the specific definition changes is available in the Response to Submissions that we have published alongside this document. Table 3: Definition of Connected Person Person BS8 (current policy before changes) Exposure Draft Final Decision An owner (defined via “substantial interest” or “significant interest”), ✓ substantial ✓ significant ✓ significant An owner (defined via control) ✓ implicit ✓ implicit ✓ Indirect owners, ✓ ✓ ✓ Entities in which an owner has a substantial interest, or significant interest ✓ substantial ✓ significant ✓ Directors of the registered bank. ✓ ✓ ✓ Senior managers of the registered bank X ✓ ✓

14 Connected Exposures – Regulatory Impact Assessment Person BS8 (current policy before changes) Exposure Draft Final Decision Entities (not otherwise connected) controlled or significantly influenced by a director of the registered bank X ✓ controlled or significantly influenced ✓ controlled Spouse or child under age of 20 of director or senior manager of the registered bank or its owners X ✓ ✓ Director or senior manager of an entity that controls the registered bank X ✓ ✓ Director or senior manager of an entity that is an associated person X ✓ X but controlling entity directors, senior managers captured Sibling, parent, step parent of a relevant director or senior manager or of their spouse X ✓ X Impacts, Costs and Benefits Assessment of Costs and Benefits We have considered the costs and benefits of our final Connected Exposures policy. Our assessment is that the regulatory and supervisory costs of our final amendments are likely to be small and are proportionate to the risks and benefits to the financial system. We expect our intended changes to the treatment of Credit Risk Mitigations, CCF and interbank exposures clears the ambiguity in policy wording and will lead to more consistency across our individual polices and align us with relevant frameworks and international practice. This will help banks accurately reflect the risk that they face with exposures to Connected Persons and also reduce compliance costs.

15 Connected Exposures – Regulatory Impact Assessment On page 10 of this document we stated the following overarching principles that we have used to assess changes to the Connected Exposures policy throughout the review, which underpin the costs and benefits of the changes: i. Consistency: Making the amended Connected Exposures policy, as far as possible, consistent with the Capital Adequacy Framework and international best practice ii. Simplicity: Reducing ambiguity in the Connected Exposures policy. iii. Stability: Exceptions to the principles above need to be justified in terms of the objectives of the Connected Exposures Policy, i.e.: providing consistency and simplicity while ensuring the policy provides an effective back-stop to manage the risks to a bank associated with its exposures to Connected Persons. Table 4 below summarises our cost/benefit analysis for each of the changes in Table 2, compared with the principles above, with a “-“ representing no change compared with the status quo and a ✓ representing a benefit form the change compared with the status quo. An “X” represents a cost relative to the status quo: Table 4: Assessment of Policy Changes against Principles Topic Final decisions Exposure measure Consistency Simplicity Stability General principles - ✓ - Market-related contracts - ✓ - IRB banks’ exposure values

• ✓ - Off-balance sheet contingent credit exposures
• • ✓ Recognition of Eligible Credit Risk Mitigations Consistency Simplicity Stability Requirements, conditions and eligibility criteria ✓ ✓ - On-balance sheet netting ✓ ✓ - Treatment of maturity mismatches
• ✓ - Capital measure Capital measure - ✓ -

16 Connected Exposures – Regulatory Impact Assessment Topic Final decisions Quantitative limits Remove gross limit - ✓ - Retain net limit - - - Interbank exposures Interbank exposures - ✓ - Definition of Connected Person Definition of Connected Person ✓ X ✓ Conduct requirements Conduct requirements - X ✓ A Focus on Quantitative Limits Many of the changes described above are technical and unlikely to have significant impacts on financial stability. However, some of the most significant changes are those that relate to changes to the approach to the recognition of eligible credit risk mitigations and the quantitative limits. These two inter-related concepts and decisions are the focus of this section. As noted in Table 4, the changes to the recognition of eligible credit risk mitigations are expected to enhance consistency and simplicity. This primarily arises because the changes to BS8 will now align with other prudential capital requirements. However, in the course of reaching these final decisions we have carefully considered the impacts on financial stability. In particular we have assessed the likely impacts of these changes on banks’ connected exposures, including the extent to which connected exposures will significantly change and the interaction with the gross and net limits that are currently in place. In this context we have been concerned about two possible risks:  Safeguards around the use of netting contracts.  Risks to financial stability associated with changes in set limits. Safeguards for the Use of Netting Under the Capital Adequacy framework, both the recognition of credit risk mitigations and netting are allowed, subject to meeting certain circumstances. However, under current BS8 requirements, the policy directly specifies that netting is only acceptable if derivative transactions are carried out under an agreement that has been recognised in BS8 by the Reserve Bank as a robust netting agreement (i.e. an International Securities and Derivatives Association (ISDA) Master Agreement). Moreover, collateral exchanged for derivative transactions cannot be recognised under BS8, even if the derivative transactions are carried out under a robust netting agreement.

17 Connected Exposures – Regulatory Impact Assessment Once the policy changes are implemented this stricter requirement for netting for the purposes of connected exposures will be removed, and aligned with the Capital Adequacy framework. For example, Part C of BPR132: Credit Risk Mitigations has a range of requirements that banks must meet for the purposes of on-balance sheet netting. These include a requirement that there must be a well-founded legal basis for concluding that the bilateral netting agreement is enforceable in each relevant jurisdiction, regardless of whether the counterparty is insolvent or bankrupt. We have concluded that the requirements in the prudential capital framework are also sufficient for the purposes of connected exposures. However, there is a risk that banks may start to use this unsatisfactorily, particularly if there is a risk that contracts will not be enforceable. To provide some assurance about this risk, we will periodically ask banks for information about the types of agreements that banks are using to cover netting. During the consultation process banks generally indicated that they were comfortable with the concept of aligning the use of eligible credit risk mitigations with the prudential capital framework. One submitter in response to our November 2021 consultation, argued that this would disadvantage banks that use netting agreements that do not meet the requirements in BPR131 or BPR132. As we noted in our Response to Submissions, our concern is not whether or not exposures are to a specific jurisdiction. Our concern is that only netting agreements that meet the requirements of BPR131 and BPR132 should be recognised for the purpose of the prudential requirements, including the Connected Exposures Policy. Banks that use agreements that do not comply with the conditions of the Reserve Bank’s regulatory requirements should not recognise the non-compliant agreements as part of the regulatory calculations. We will continue to monitor this to limit the risks. Any bank-specific compliance issue will be dealt through supervisory engagements and by enforcement response. Financial Stability Risks Associated with Gross and Net Limit Changes The removal of the gross limit in the previous BS8 policy means that only the net limit will remain in place. We considered whether a gross limit was still required. Maintaining the limit would mean that the gross limit could be binding in some circumstances, even if the netted exposures, after allowing for all eligible forms of credit risk mitigation, were substantially lower and within the limit. This would limit the effective role of the CRMs, which is contrary to the objectives associated with the review. In this context, the gross limit is no longer required. We also wanted to consider whether the current net exposure limits are appropriate. As part of this review process we requested that banks estimate aggregate net credit exposures reflecting all the changes proposed in the November 2021 consultation paper. We used this to assess if the current net exposure limits are appropriate once the policy changes. As set out in the January 2023 response to Submissions, five submitters provided us with comparable estimates. Their estimated impact of our proposed changes to the aggregated net exposure amount (NZD value) ranged from -14 to +0.25 percent (average -4 percent). Responding

18 Connected Exposures – Regulatory Impact Assessment to our request, some banks endeavoured to estimate aggregate net credit exposures reflecting all the changes proposed in the consultation paper (including the recognition of credit risk mitigations, the 100 percent CCF and the definition of connected person), while other banks focused on an estimate of the impact of our proposed changes in the credit risk mitigations. The 100 percent CCF and the expansion of the definition of connected persons increased the aggregated net exposure amount, while the recognition of credit risk mitigations decreased the net exposure amount. Overall, the banks’ estimates suggested that the net exposure amounts as a percentage of capital would decrease by 2.7 percentage points on average. We assessed the appropriateness of the current net exposure limits (ranging from 15 to 75 percent) based on banks’ estimates provided during the consultation process and compared the estimates against banks’ survey returns data. Banks’ estimates indicate that our proposed changes are unlikely to make significant changes to the banks’ net exposure amounts. Hence, we have decided to maintain the current level of net limits. Conclusion The problem definition of this RIA described two sources of weakness that have been recognised in the Basel Core Principles for Effective Banking Supervision:  Risk 1: The risk of unduly large exposures, and  Risk 2: Abuses arising in transactions with connected persons. The assessment in this RIA demonstrates that these two risks have been addressed through limits on connected exposures (Risk 1) and an enhanced definition of connected persons, supplemented by conduct requirements (Risk 2). In addition, we have concluded that the benefits arising from more consistency across different parts of the prudential framework and therefore more simplicity in the requirements also offsets the increase in complexity regarding the definitions. While we expanded the definition of connected person to meet policy objectives and align with other regulatory requirements where possible, we now agree that the definitions in the January 2023 Exposure Draft added to complexity. The adjustments we have made following the feedback on the Exposure Draft have gone some way to limiting this complexity. While some complexity is likely, we are confident that the stability benefits of addressing the gaps in existing definitions, previously identified by the IMF, are sufficient to offset this. As noted above, we have considered whether any of the changes could lead to greater risks to financial stability, for example, through the changes to netting documentation requirements, or through the removal of the gross limit. We have concluded that the remaining risks are sufficiently addressed by the netting requirements in the Capital Adequacy framework. This in turn gives us confidence that the gross limit does not serve any useful purpose. The net limit on connected exposures will instead act as a safeguard to reduce the risks associated with connected exposures increasing to unacceptable levels. In addition, the policy clarifies a bank’s responsibility to have effective systems and controls in place to manage conflicts of interest, and to ensure that credit exposures to connected persons

19 Connected Exposures – Regulatory Impact Assessment are neither contrary to the interests of the banking group nor on more favourable terms than corresponding exposures to non-connected persons. Financial Policy Remit The Financial Policy Remit emphasises the desirability of a strong, efficient and inclusive financial system, with a low incidence of failure of regulated entities. It also signals that we should encourage a competitive financial system and have regard to Government priorities on sustainable house prices, building resilience and facilitating adaption to climate change, improving financial inclusion, and improving cyber resilience. This section outlines a summary of how we have had regard to the Financial Policy Remit in our final proposals in this Regulatory Impact Assessment. The full text of the Remit is available on the Reserve Bank’s website.9 We have considered the proposals within the context of the Financial Policy Remit. Overall, the Reserve Bank’s final decisions regarding Connected Exposures are technical in nature and are likely to have little impact on most of the matters specified in the Financial Policy Remit. Notwithstanding, the amended Connected Exposure policy will support a strong financial system by providing a backstop to manage the risks to a bank associated with its exposures to connected persons. This is achieved through emphasising the responsibility on banks to manage conflicts of interest and through the use of a limit on net exposures. These policy amendments will lead to increased consistency across our policies and reduce compliance costs for industry. Table 5 below outlines the components of the Financial Policy Remit that are relevant to this topic and summarises the expected impacts. It outlines how these components have been given regard and their relative weight for consideration. Table 5: Financial Policy Remit Assessment Financial Policy Remit Component Relevance to Connected Exposures “It is desirable to have a financial system that is strong, efficient and inclusive, with a low incidence of failure of entities regulated by the Reserve Bank.” The amended Connected Exposures policy will support a strong financial system by providing a backstop to manage the risks to a bank associated with its exposures to Connected Persons. This is achieved through emphasising the responsibility on banks to manage conflicts of interest and through the use of a limit on net exposures. “Within the appetite of a low incidence of failure, a competitive financial system should be encouraged so as to best ensure ongoing financial efficiency and inclusion.” A low weighting is given on this component, as the proposed Connected Exposures changes are not expected to have a significant impact on financial efficiency and inclusion. “imposing regulatory and supervisory costs that are proportionate to the expected risks and benefits to the financial system and society” The amended Connected Exposures policy, particularly clarification and alignment of the eligibility condition for recognising credit risk mitigation and netting, will help ensuring regulatory and supervisory costs are

---

9 The text of the Financial Policy Remit is available on the Reserve Bank’s website: https://www.rbnz.govt.nz/about-us/responsibility-and-accountability/our-financial-policy-remit

20 Connected Exposures – Regulatory Impact Assessment Financial Policy Remit Component Relevance to Connected Exposures maintained to be proportionate to the expected risks and benefits to the financial system and society by reviewing and reducing unnecessary regulatory costs with regulatory consistency. The definition of a connected person is calibrated having regard to both policy intent and compliance burden. “encouraging new investment and financial innovation that raise the productive potential of the economy” A low weighting is given on this component, as the proposed Connected Exposures changes are not expected to have a significant impact on encouraging new investment and financial innovation. “encouraging the allocation of financial resources in a way that maximises the sustainable long-term growth of the New Zealand economy” A low weighting is given on this component, as the proposed Connected Exposures changes are not expected to have a significant impact on the allocation of financial resources. Sustainable house prices A low weighting is given on this component, as the proposed Connected Exposures changes are not expected to have a significant impact on sustainable house prices. Building resilience and facilitating adaptation to climate change “It is important that the financial system continues to play an appropriate role in supporting community wellbeing and resilience as it responds to that transition and increases in underlying risks as a result of climate change.” A low weighting is given on this component, as the proposed Connected Exposures changes are not expected to have a significant impact on operational resilience, including climate change. Improving financial inclusion “The Government has a priority of improving financial inclusion and maintaining financial sector diversity, including supporting access to finance and financial services for those who are less well-served by traditional institutions, including rural communities, disabled persons, low-income individuals, and small businesses.” A low weighting is given on this component, as the proposed Connected Exposures changes are not expected to have a significant impact on financial inclusion. Improving cyber resilience A low weighting is given on this component, as the proposed Connected Exposures changes are not expected to have a significant impact on cyber resilience. Implementation The Reserve Bank has decided to retain the BS8 title for the Connected Exposures Policy. We had intended to shift the naming convention to align with the BPRs used throughout Capital Adequacy

21 Connected Exposures – Regulatory Impact Assessment requirements. However, we have decided to pause this, given the risk that other consequential changes may be needed in policy documents to reflect this change. For simplicity, we will retain the BS8 title at this time. The changes stated in this RIA will be implemented via a revised version BS8. The new requirements will be implemented through changes to banks’ Conditions of Registration. We will consult banks bilaterally during September 2023 to make the required changes to their Conditions. We expect that the new policy will take effect on 1 October 2023. Monitoring, Evaluation and Review The Reserve Bank will consider reviewing the BS8: Connected Exposures policy, at some time in the future, after allowing for a reasonable period of time to assess implementation and outcomes. Now that the Deposit Takers Act (DTA) has been passed by Parliament we will consider how to incorporate the BS8 requirements into a future Standards regime under the DTA.