The Three Regulatory Pillars of Modern Banking
In Chapter 20, you built jurisdiction-aware agents for Islamic finance — a domain where the same transaction produces different accounting outputs depending on which country you are working in. This chapter confronts a different kind of complexity: a domain where the same asset is simultaneously governed by three separate regulatory frameworks, each asking different questions, requiring different calculations, and producing different outputs. Banking is that domain.
Consider a single corporate loan of $50 million sitting on a bank's balance sheet. At this moment, three separate regulatory frameworks are governing that loan simultaneously. The accounting framework (IFRS 9) asks: "How much should the bank provision for expected losses on this loan?" The solvency framework (Basel III) asks: "How much capital must the bank hold against this loan to survive unexpected losses?" The financial crime framework (AML/KYC) asks: "Is this loan being used to launder money, finance terrorism, or evade sanctions?" Each framework produces a different number, a different report, and a different regulatory filing. An AI agent that addresses only one pillar gives you one-third of the answer.
Why Banking Is Different
Banking is the most regulation-dense industry in the global economy. A typical commercial bank operates under dozens of regulatory frameworks simultaneously, files hundreds of regulatory returns per year, and employs thousands of people in compliance functions. Three characteristics make banking uniquely demanding for AI agents.
Regulatory density. A single loan portfolio is simultaneously subject to IFRS 9 provisioning, Basel III capital charges, AML transaction monitoring, liquidity regulations, leverage ratio requirements, and stress testing. No other industry requires this many frameworks to govern the same underlying asset.
Model risk discipline. Banking regulators require that every quantitative model — every credit risk model, every stress test, every ECL calculation — be independently validated, documented, and periodically reviewed. An AI agent producing banking calculations inherits these model governance requirements. Output without audit trail is output that cannot be used.
Data volume. A mid-size bank processes millions of transactions per day. AML monitoring alone may generate thousands of alerts requiring human review. The volume demands automation, but the regulatory complexity demands precision. This is the space where banking AI agents operate.
The Three Pillars
Every banking institution worldwide is governed by three regulatory pillars. They exist because three separate questions must be answered to ensure a bank is safe, solvent, and honest.
| Pillar | Framework | Question It Answers | Governing Body |
|---|---|---|---|
| Accounting | IFRS 9 | How much should the bank provision for expected credit losses? | IASB (140+ countries) |
| Solvency | Basel III/IV | Does the bank hold enough capital to absorb unexpected losses? | BCBS at BIS (28 member jurisdictions) |
| Financial Crime | AML/KYC | Is the bank being used for money laundering, terrorist financing, or sanctions evasion? | FATF (40 Recommendations, 200+ jurisdictions) |
Pillar 1: Accounting — IFRS 9 Expected Credit Loss
IFRS 9, effective 1 January 2018, replaced IAS 39 and its "incurred loss" model. Under IAS 39, a bank could only recognise a loss after it had already happened — the loan had to default before the bank booked a provision. The 2008 financial crisis exposed this flaw: banks were reporting healthy balance sheets until the moment they collapsed, because losses had occurred but not yet been formally recognised.
The amount a bank expects to lose on a loan or portfolio, calculated before losses actually happen.
For a $10 million loan with a 2% chance of default and 40% loss severity: ECL = 0.02 x 0.40 x $10,000,000 = $80,000.
ECL drives provisioning on every bank balance sheet worldwide -- it is the number auditors, regulators, and investors scrutinise each quarter.
IFRS 9 introduced the Expected Credit Loss (ECL) model. Banks must now provision for losses they expect to happen in the future, not just losses that have already occurred. The ECL is calculated as the product of three components: the Probability of Default (PD), the Loss Given Default (LGD), and the Exposure at Default (EAD). Lessons 3-5 of this chapter build each component in depth.
Pillar 2: Solvency — Basel III/IV Capital Adequacy
The Basel III framework, published by the Basel Committee on Banking Supervision (BCBS) at the Bank for International Settlements (BIS), requires banks to hold minimum levels of capital against their risk-weighted assets. The core metric is the CET1 ratio — Common Equity Tier 1 capital divided by Risk-Weighted Assets — which must be at least 4.5%, with additional buffers typically bringing the effective minimum to 10-13%.
Where IFRS 9 asks "how much will you lose?", Basel asks "can you survive the loss?" The two pillars use different numbers for different purposes. IFRS 9 provisions are accounting estimates that reduce reported profit. Basel capital charges are regulatory requirements that constrain how much a bank can lend. Lessons 6-8 cover the Basel pillar.
Pillar 3: Financial Crime — AML/KYC
The Anti-Money Laundering (AML) framework, built on the Financial Action Task Force (FATF) 40 Recommendations, requires banks to know their customers (KYC), monitor transactions for suspicious activity, and file Suspicious Activity Reports (SARs) when indicators of financial crime are detected.
The scale of AML enforcement is substantial. In recent years, major banks have paid billions in fines for AML failures:
| Bank | Year | Fine | Violation |
|---|---|---|---|
| Goldman Sachs | 2020 | $2.9B | 1MDB bribery and money laundering |
| HSBC | 2012 | $1.9B | Mexican drug cartel money laundering |
| Westpac | 2020 | AUD 1.3B | 23 million AML reporting failures |
| Deutsche Bank | 2017 | $630M | Russian mirror-trading scheme |
Lessons 9-10 cover the AML/KYC pillar. The aml-typologies and aml-sar-drafting skills in the banking plugin automate pattern detection and SAR narrative generation.
How the Pillars Interact: A Single Loan Portfolio
The three pillars do not operate in isolation. They interact, and changes in one pillar cascade into the others. This is the cross-pillar problem that single-pillar agents cannot solve.
Take the $50 million corporate loan from the opening. Here is what each pillar sees when it looks at that loan:
| Dimension | IFRS 9 (Accounting) | Basel III (Solvency) | AML (Financial Crime) |
|---|---|---|---|
| Primary question | What is the expected loss? | What capital must be held? | Is the borrower legitimate? |
| Key metric | ECL provision ($) | Risk-weighted asset ($) and CET1 charge | Risk rating (low/medium/high) |
| Trigger for action | Credit deterioration | Change in risk weight | Suspicious transaction pattern |
| Output | Provision on balance sheet | Capital ratio to regulator | SAR filing to FIU |
| Plugin skill | ifrs9-ecl | basel-rwa-credit | aml-cdd-edd |
Now imagine a fraud is discovered in that loan. Watch the cascade:
- AML pillar activates first. The
aml-sar-draftingskill generates a SAR filing. The borrower's risk rating escalates to high. - IFRS 9 pillar reacts. The fraud evidence constitutes a Significant Increase in Credit Risk (SICR). The loan migrates from Stage 1 to Stage 3. The ECL provision jumps from 12-month expected loss to lifetime expected loss — potentially a 5-10x increase.
- Basel pillar absorbs the impact. The increased provision reduces retained earnings, which reduces CET1 capital. Simultaneously, the loan's risk weight may increase. The CET1 ratio falls.
A single-pillar agent addressing only the IFRS 9 question would calculate the new provision correctly but miss the capital ratio impact. A single-pillar agent addressing only the AML question would generate the SAR but miss the provisioning cascade. Only a cross-pillar architecture traces the full chain.
The Banking AI Hierarchy
Not all banking AI tasks require the same level of intelligence. The banking plugin organises its 17 skills across three levels:
| Level | Name | What It Does | Example |
|---|---|---|---|
| Level 1 | Calculation | Deterministic formulas with defined inputs | ECL = PD x LGD x EAD |
| Level 2 | Analytical | Judgment-assisted analysis with professional context | SICR assessment, PMA design |
| Level 3 | Autonomous | Cross-pillar orchestration across multiple skills | Fraud cascade tracing across all three pillars |
Lessons 3-10 build your Level 1 and Level 2 capabilities across all three pillars. Lesson 11 introduces Level 3 cross-pillar integration.
The Global Regulatory Map
The three pillars are governed by different international bodies and adopted differently across jurisdictions:
| Pillar | International Body | Standard | Adoption |
|---|---|---|---|
| Accounting | IASB | IFRS 9 | 140+ countries (notably NOT the USA, which uses CECL under ASC 326) |
| Solvency | BCBS at BIS | Basel III/IV | 28 member jurisdictions (implemented nationally by local regulators) |
| Financial Crime | FATF | 40 Recommendations | 200+ jurisdictions (assessed via mutual evaluations) |
This chapter teaches IFRS 9, which governs expected credit loss provisioning in 140+ countries. The United States uses a different standard — CECL (Current Expected Credit Losses) under ASC 326, effective 2020. While both are forward-looking ECL models, their mechanics differ. The banking plugin's IFRS 9 skills apply outside the US. A US-specific CECL module would require separate skills.
The US equivalent of IFRS 9 provisioning -- a lifetime expected loss model required for all US banks under ASC 326, effective 2020.
A US bank holding a $50 million 10-year loan portfolio must provision for expected losses over the entire 10-year life from Day 1, not just the next 12 months as IFRS 9 Stage 1 would require.
CECL matters because US banks report under a different standard -- if you encounter a US counterparty's financial statements, their provision methodology is CECL, not IFRS 9.
Try With AI
Use these prompts in Claude or your preferred AI assistant to explore this lesson's concepts.
Prompt 1: The Three Pillars on One Loan
I am learning about banking regulation. A bank holds a
$500 million corporate loan portfolio.
Explain what each of these three regulatory pillars requires
the bank to do with that portfolio:
1. IFRS 9 (Accounting)
2. Basel III (Solvency)
3. AML/KYC (Financial Crime)
For each pillar, tell me:
- What question does it ask about the portfolio?
- What calculation or process does it require?
- What output does it produce?
Then explain: why would a bank need all three answers
simultaneously, not just one?
What you are learning: The three-pillar framework is the organising principle for this entire chapter. By seeing all three applied to the same portfolio, you understand why a single-pillar agent gives you only one-third of the picture — and why the banking plugin routes queries across pillars.
Prompt 2: The Cross-Pillar Cascade
A bank discovers that a $50 million corporate borrower has
been involved in fraud. Trace the impact across all three
regulatory pillars:
1. What does the AML team do first?
2. How does IFRS 9 staging change? What happens to the
ECL provision?
3. How does the increased provision affect the bank's
Basel III CET1 capital ratio?
Walk me through the cascade step by step. At each step,
name the specific regulatory framework and requirement
that applies.
What you are learning: Cross-pillar cascades are the reason this chapter builds a multi-skill architecture rather than isolated calculators. By tracing a real cascade, you internalise the connections between pillars — which prepares you for the cross-pillar integration lesson later in this chapter.
Prompt 3: Pillar Identification
For each of the following banking scenarios, identify which
of the three regulatory pillars (IFRS 9, Basel III, AML/KYC)
is primarily involved. Some scenarios may involve multiple
pillars — identify all that apply and explain why.
1. A bank calculates that a borrower's probability of default
has increased from 0.5% to 3.2% since origination.
2. A bank must determine how much CET1 capital to hold
against its residential mortgage portfolio.
3. A customer makes 47 cash deposits of $9,900 each over
three months (just below the $10,000 reporting threshold).
4. A bank's total ECL provision increases by $200 million,
reducing retained earnings on the balance sheet.
5. A regulator asks the bank to demonstrate it can survive
a 30% decline in property values.
What you are learning: Pillar identification is the routing decision that the banking plugin's router makes on every query. By practising this classification yourself, you develop the same judgment the router encodes — and you can verify whether the router is routing correctly when you use it.
Flashcards Study Aid
Continue to Lesson 2: The Banking Plugin Architecture →