counterparty credit risk

Counterparty Credit Risk Models In-Depth Guide: From PFE and CVA to the Inputs That Make or Break Them

Share
Repost

If you manage counterparty credit risk, you already have frameworks in place. The question is whether they accommodate the type of counterparty book you actually have today, which now comprises largely of private credit managers, hedge funds, and mid-market corporates that carry no public credit rating and no tradeable CDS. So, the inputs your frameworks depend on either do not exist or must be derived from internal ratings that no one outside your institution can verify.

A good example of the impact of the unrated entity gap on financial rigor is the Archegos Capital Management default. Because the family office carried no public credit rating and was not required to disclose its positions, its combined losses across its bank counterparties exceeded $10 billion. Although they had a counterparty credit risk model running, it was based on incomplete information about a counterparty that none of them could fully model.

Below, we cover how counterparty credit risk is measured, where standard frameworks break down, what sound management looks like in practice, and what data practitioners are using to fill the gaps.

 

What is Counterparty Credit Risk?

Counterparty credit risk is the risk that the other party in a financial contract defaults before the deal is fully settled, leaving you holding a loss.  

It applies specifically to privately negotiated contracts such as interest rate swaps, FX forwards, and credit default swaps, where both parties are exposed to each other simultaneously, and that exposure can reverse direction over the life of the contract.

To measure counterparty credit risk, banks and financial institutions are expected to track a suite of metrics, which include the following:

measure counterparty credit risk

Yet tracking these metrics is only part of the picture. The figures they produce depend heavily on how exposures are netted and collateralised. And those arrangements, while effective, never reduce exposure to zero.

Netting allows positive and negative contract values with a single counterparty to offset each other, so only the net amount is at risk on default. Variation margin then settles daily mark-to-market moves in cash, keeping the running exposure close to zero under normal conditions, while initial margin covers the worst expected move over the period it would take to replace the contract after a default.

The gap between what initial margin covers and market movements during the window under consideration is the residual counterparty credit risk exposure that modelling frameworks try to quantify. But before delving into the frameworks, there’s an important distinction to be made.

 

Counterparty credit risk versus credit risk

Both counterparty credit risk and credit risk are based on quantifying the risk that a counterparty will fail to meet its financial obligations, resulting in loss to the institution. However, they differ in key aspects, which is why they require different frameworks, metrics, and data.

 

Directionality

Credit risk is unilateral, as in a loan, where only the lender bears the loss. The borrower owes a fixed amount and either pays or does not. The lender’s exposure is the outstanding balance, which only decreases over time as the borrower repays. 

Conversely, counterparty credit risk is bilateral, as both parties have simultaneous, live exposure to each other. In a derivative such as an interest rate swap, either side can be the one owed money at any given moment, and that position can reverse multiple times over the life of the contract.

 

Nature of the loss amount

In a loan, the loss is straightforward: if the borrower defaults, the lender loses the outstanding balance, less any recovery from collateral or restructuring. 

In a derivative, the loss at default is the replacement cost, i.e., the cost of entering an equivalent contract with a new counterparty at current market prices. That figure is not known in advance; it depends on where markets are at the moment of default, which could fall anywhere across a contract’s life. This is why the exposure is uncertain and must be modelled across a range of future market scenarios rather than simply observed.

 

Risk instrument universe

Traditional credit risk arises from loans, bonds, and trade finance, where the amount at risk is fixed and observable. Traditional credit risk arises from loans, bonds, and trade finance, where the amount at risk is fixed and observable. Counterparty credit risk, on the other hand, arises from OTC derivatives and securities financing transactions, where exposure fluctuates with market movements, and the actual loss in the event of a default depends heavily on the legal structure in place.

Another important distinction is that counterparty credit risk is multidimensional in a way that traditional credit risk is not. This means it’s affected simultaneously by market movements (which determine the derivative’s current value) and by the counterparty’s credit quality. The interaction between those two dimensions creates additional risks that do not arise in lending. For example, wrong-way risk, where the counterparty’s probability of default increases precisely when the exposure to them is highest, applies only to counterparty credit risk and has no analogue in credit risk management.

 

Counterparty credit risk Modelling Frameworks: A Practical Map

Counterparty credit risk has four categories of modelling frameworks, which are interrelated, with each using the outputs of the others. Depending on an institution’s exposure, it’s possible to run all four categories at once. The four categories include:

  • Exposure modeling
  • Regulatory capital
  • Valuation and pricing adjustments
  • Risk modulation overlays

 

Exposure modelling

Exposure modelling is the foundation, as they serve as input for every other framework. It considers the possibility of a counterparty defaulting at any point over the life of a contract, and tries to answer three questions if that happens:

  • What would be owed at that moment?
  • How does that amount change as markets move?
  • What is the range of possible outcomes, not just a single estimate?

Simulating for risk exposure involves three steps. 

  • First, model how underlying risk factors (interest rates, FX, equity prices) might evolve over time, using models calibrated to historical data or market volatility. 
  • Second, reprice every instrument in the counterparty’s netting set at each future date under each scenario. 
  • Third, combine the values across the netting set, offsetting positive and negative positions where netting agreements apply. 

The output is a full exposure distribution at each simulation date, from which the core metrics we described earlier (current, expected, effective, expected positive, effective EPE, and potential future exposures) are derived.

 

Regulatory capital

Regulatory capital frameworks take the exposure metrics above and translate them into the minimum capital a bank must hold against counterparty credit risk under Basel rules. Two approaches are recognized, and the choice between them has direct implications for how much capital the institution holds and how sensitive that capital is to the portfolio’s actual risk profile.

SA-counterparty credit risk (Standardized Approach to counterparty credit risk) applies to all banks that do not qualify for or elect to use an internal models approach. While IMM (Internal Models Method) permits banks with supervisory approval to use their own EPE-based simulation instead of SA-counterparty credit risk.

However, the governance burden for IMM is significant. To obtain and retain approval, a bank must demonstrate that its models are genuinely used in day-to-day risk management, not built solely for regulatory reporting, and that they are subject to independent validation, regular backtesting, and documented performance monitoring. Regulators can and do withdraw IMM approval for specific asset classes when model performance deteriorates.

Beyond the default exposure charge, Basel III introduced a separate CVA (Credit Valuation Adjustment) capital charge covering mark-to-market losses from deterioration in counterparty creditworthiness, even without an actual default. That’s because a counterparty’s credit spread can widen significantly while they remain solvent, creating CVA losses that hit the bank’s P&L directly. During the 2007–09 crisis, two-thirds of credit-related losses across the financial system came from CVA volatility of this kind rather than outright defaults, necessitating the introduction of the CVA capital charge.

Two approaches apply. BA-CVA (Basic Approach for Credit Valuation Adjustment risk) is a standardized formula-based charge available to all banks. While SA-CVA (Standardised Approach for Credit Valuation Adjustment) permits sensitivity-based modelling for banks with approval, producing more risk-sensitive requirements. However, the latter requires an active CVA hedging desk and the infrastructure to support it.

 

Valuation and pricing adjustments (XVA)

While regulatory capital determines how much capital a bank must hold, valuation frameworks ask what a derivative is actually worth, once the cost of counterparty risk and funding are built into the price. This is answered by metrics belonging to the XVA family of adjustments.

The first is CVA, which represents the discount applied to a derivative’s value to reflect the possibility that the counterparty defaults before the contract matures. It is booked as an accounting adjustment on the trade date and recalculated daily as the exposure profile or the counterparty’s credit quality changes. The remaining XVA components address funding and capital costs that arise from the same derivative positions:

  • DVA (Debit Valuation Adjustment) is the mirror image of CVA. Instead of reflecting the counterparty’s default risk, it reflects the bank’s own and is a required component of fair value accounting under IFRS 13.
  • FVA (Funding Valuation Adjustment) captures the cost of funding uncollateralized derivative positions. When a trade requires the bank to post a cash margin without a matching funding source, FVA quantifies it and assigns it to the trade. It is widely used by dealers to ensure trades are priced to cover their true funding cost.
  • MVA (Market Value Added) captures the cost of funding initial margin over the life of the trade. It is closely related to FVA but applies specifically to initial margin rather than variation margin.
  • KVA (Capital Valuation Adjustment) captures the cost of holding regulatory capital over the life of the trade.

CVA is the only XVA component with direct regulatory capital treatment, but it is controversial in practice, as it implies that a bank books a profit when its own creditworthiness deteriorates. DVA, FVA, MVA, and KVA are primarily internal pricing, treasury, and capital management concepts.

 

Risk modulation overlays

Standard PFE (Potential Future Exposure) works well for large corporations, sovereigns, and financial institutions with diversified portfolios, under normal market conditions. It assumes markets move continuously, margin is posted daily without dispute, and the counterparty’s probability of default has no relationship to the size of the exposure. 

However, in practice, none of those assumptions holds reliably for leveraged funds, concentrated single-sector positions, or counterparties with directional derivatives books. And these are precisely the counterparties whose failure tends to produce the largest losses. Stress testing and wrong-way risk frameworks exist to address these gaps.

Counterparty credit risk stress testing runs the same exposure simulation under severe but plausible scenarios (historical crises, macro shocks, or counterparty-specific events) to produce exposure profiles that standard PFE would not capture. Typically, it is run at both portfolio and individual counterparty levels, with scenarios reviewed regularly and updated as new risks emerge.

Wrong-way risk (WWR) addresses the situation e where a counterparty’s probability of default is positively correlated with the bank’s exposure to that counterparty. Basel and supervisory guidance distinguish two forms:

  • General WWR (GWWR) arises from macroeconomic correlations. A bank heavily exposed to counterparties in a single sector or geography will find that those counterparties are more likely to default precisely when the market movements driving that sector’s stress are also driving its exposure to them upward. Identifying and monitoring GWWR requires analysis at the sector, industry, and regional levels.
  • Specific WWR (SWWR) arises from legal or economic dependence between the counterparty and the underlying exposure. The clearest example is a counterparty selling credit protection on its own name; if the counterparty defaults, the protection is worthless. More subtle examples include a commodity producer entering a swap on the commodity that drives its revenue: oil price falls make the swap in-the-money for the bank at exactly the moment the oil producer’s ability to pay is most impaired.

 

How the frameworks connect

The frameworks are not competing alternatives. For example, a bank running a large derivatives book would be using all of them concurrently, often on the same underlying portfolio. Take a five-year interest rate swap with a corporate counterparty. From the trade date, all four framework layers activate simultaneously:

  • Exposure models calculate CE (Current Exposure), EE (Expected Exposure), and PFE Potential Future Exposure) daily, feeding the credit limit framework.
  • Regulatory capital is computed immediately for each new trade, either as EAD (Exposure at Default) via SA-counterparty credit risk or as Effective EPE (Expected Positive Exposure) under IMM (Internal Models Method), and flows into the real-world assets (RWA) calculation, affecting the bank’s capital ratios from the moment the trade is booked.
  • CVA is booked as an accounting adjustment on the trade date and moves daily as the counterparty’s creditworthiness and exposure profile change. 
  • FVA and MVA are priced into the trade at inception, reflecting the cost of funding uncollateralized exposure or initial margin over the swap’s life. 
  • Stress tests run periodically, simulating what exposure looks like if rates move sharply or the counterparty’s sector comes under pressure.
CGR framework overview

What Sound counterparty credit risk Management Looks Like in Practice

The ECB’s targeted review of counterparty credit risk governance and management across major European institutions found that most banks have the models in place, but some fail to implement counterparty credit risk management practices. What separates institutions that genuinely manage counterparty credit risk from those that merely report it is how those tools are governed, how consistently they apply across counterparty types, and whether the outputs actually change decisions.

To manage counterparty credit risk, here are the best practices to implement:

 

Build a governance structure that owns the risk

Have three clear lines of ownership for the three areas of counterparty credit risk. The first line should own the exposure, and the second line sets the framework, monitors compliance, and challenges the first. Meanwhile, the third line should independently audit the whole structure.

For institutions with material or complex counterparty credit risk portfolios, this means personnel with counterparty credit risk expertise should own the first and second lines. And risk committees should treat counterparty credit risk as a standing agenda item (not something raised only when a problem emerges) with pre-agreed rules for when issues are escalated to senior management. Reporting should go beyond current exposure to include PFE profiles, stress results, WWR analysis, and any counterparties under close monitoring.

 

Deploy multiple metrics and set limits that reflect future variability

A single exposure number, fixed at a single point in time, cannot capture how counterparty risk actually behaves. A robust limit framework uses several metrics in combination and adjusts as conditions change.

Set limits on PFE (not just current exposure) and review them as market conditions change, rather than fixing them at onboarding and leaving them static. Use multiple metrics to track different aspects of your exposure, as each serves a distinct purpose; relying on any one alone creates blind spots.

Monitor counterparty concentrations proactively. Identify which counterparties would be unable to meet simultaneous margin calls across their portfolios, and act before that situation arises, not after. This means looking beyond the mark-to-market value of exposure to the quality and liquidity of the collateral held against it. For complex or illiquid positions that would take time to close out or replace after a default, assume the process will take longer and cost more than the regulatory minimum assumes.

 

Treat collateral management as a discipline instead of an afterthought

Regulators look for a dedicated collateral management unit responsible for issuing margin calls, resolving disputes, reconciling positions, checking that posted collateral remains eligible, and reporting on concentration. 

The reason is that margin disputes are supposed to be escalated promptly. And persistent or material disputes need to reach senior management through regular reporting, not surface only once a counterparty is already in difficulty.

Another aspect of collateral management is to use risk-sensitive margin rather than static terms, as arrangements that stay fixed as a counterparty’s risk profile worsens leave you exposed. Terms should tighten automatically as PFE rises or credit quality declines. And guard against the temptation to win business by loosening margin terms, because the BIS guidelines flag this as a recurring failure mode, and preventing erosion of credit standards is itself part of a sound collateral framework.

 

Build a stress testing framework that changes behaviour

Stress testing for counterparty credit risk should be a live management tool, not a periodic compliance exercise. Develop scenario modelling that covers a range of scenarios, with particular focus on leveraged, concentrated, or directionally positioned counterparties, where standard PFE is least reliable.

Stress results should feed back into limit frameworks and risk appetite decisions. It should also cover collateral explicitly, as testing whether collateral retains its value and liquidity under the same conditions that cause exposure to spike is as important as testing the exposure itself.

For ICAAP (Internal Capital Adequacy Assessment Process) purposes, stressed counterparty credit risk exposures (alongside stressed PDs and LGDs) should feed into the credit portfolio model used to calculate economic capital. Treating counterparty credit risk and credit risk as unrelated understates the real worst-case loss, because the same market movements drive both at once.

 

Maintain a watchlist and default management process that’s quick to react

When a counterparty fails, the time to determine how to respond is not after the default has occurred. The institutions that suffer minimal losses from a default are the ones that spotted the deterioration early and had a tested process in place. A watchlist and a documented default plan make that possible.

The watchlist should identify counterparties whose risk profile is deteriorating before deterioration reaches a level at which close-out is the only option. For counterparty credit risk, this requires criteria that are specific to derivative and SFT exposures, such as:

  • Discipline in margin payments
  • Frequency of margin call disputes
  • Growth in PFE relative to collateral quality
  • Counterparty leverage

The default management process needs to be documented, tested, and governed before a default occurs. This means everyone across trading, risk, legal, and collateral should know their role; there should be a clear method for closing out positions; and you should run regular fire drills to measure responses to counterparty defaults. Otherwise, you’ll find the gaps in your process at the worst possible moment.

 

Validate counterparty credit risk models initially and on an ongoing basis

Model validation for counterparty credit risk is not a one-time sign-off at model build. Under SR 26-2, a banking organization should validate its counterparty credit risk models both initially and on an ongoing basis across three dimensions.

  • The first is conceptual soundness and developmental evidence. This involves confirming that the model is theoretically grounded, its design choices are appropriate for the portfolio it covers, and the data underpinning the simulation engine are documented and defensible.
  • The second is ongoing monitoring through process verification and benchmarking. This means regularly checking that the model is operating as intended and that its outputs are benchmarked against external reference points.
  • The third is outcomes analysis through backtesting. Regulators expect financial institutions to compare model predictions against actual outcomes over time to assess whether the model is performing within an acceptable tolerance.

For unrated counterparties, all three dimensions are harder to execute. A bank cannot assess the accuracy of its internal rating for a private credit manager or a mid-market corporate if there is no external benchmark to compare against. That  gap is exactly why the biggest weakness in most counterparty credit risk frameworks today is created by the data inputs they require.

 

Ensure the frameworks are calibrated consistently

Sound counterparty credit risk management means the four framework layers (exposure modeling, regulatory capital, valuation, and risk modulation) are calibrated consistently, consuming the same underlying data, and producing outputs that the institution uses to make decisions. 

For the rated, transparent part of the counterparty book, that condition is achievable. For the unrated, opaque part, where internal models are making assumptions nobody is benchmarking against anything, it is not. That is where the next section begins.

 

How Credit Benchmark Supports Counterparty Credit Risk Management

In March 2021, Archegos Capital Management collapsed, leaving several of the world’s largest banks with combined losses of over $10 billion

The root cause was that the banks’ frameworks were not built for a highly leveraged counterparty with privately held funds, no public credit rating, no tradable CDS, and no external benchmark. As such, the banks lacked an external benchmark to validate what they thought they knew about its creditworthiness.

However, Archegos is not an outlier in lacking rating data. The hedge funds, private credit managers, and mid-market corporates that make up a growing share of derivatives books mostly carry no public rating at all. In 2024, 82% of asset managers tracked in Credit Benchmark’s financial counterparty data are unrated, while AFME estimates that around 75% of EU corporates have no external rating.

Credit Benchmark addresses these structural gaps by providing banks with consensus-based credit intelligence derived from the internal risk views of over 40 global financial institutions.  This approach offers several critical advantages for counterparty credit risk management.

First is extensive coverage of unrated and private entities. Credit Benchmark covers 120,000+ obligors, with 90% of that coverage consisting of entities unrated by traditional agencies. This is particularly relevant for banks managing exposure to private equity funds, family offices, hedge funds, and other opaque counterparties where no external credit signal currently exists.

Secondly, it provides an independent, real-world credit perspective. Consensus ratings are built from the anonymized, aggregated internal credit views of 40+ banks with actual lending or counterparty exposure to the entities covered (not model outputs or analytical assessments made without financial commitment). That distinction matters for governance: the methodology involves multiple contributing institutions with skin in the game, which aligns with the external validation standard regulators expect under SR 26-2 and equivalent frameworks.

Those independent perspectives are also always forward-looking, as the data updates weekly. This enables identification of credit deterioration before it reaches the point at which agency downgrades or CDS market moves reflect it. Banks can continuously compare their internal ratings against the broader market consensus, providing the external benchmarking that model validation processes require and that quarterly agency reviews cannot deliver at the cadence counterparty credit risk management demands.

Lastly, it integrates across the counterparty lifecycle. Credit Benchmark data integrates with existing risk management workflows across onboarding, annual review, limit monitoring, and portfolio management (including coverage of unrated buy-side names), enabling institutions to monitor the credit quality of members and their clients throughout the full relationship lifecycle, not just at origination.

The discriminatory power of the consensus ratings (measured by Gini ratio) averaged 0.88 at the one-year horizon between July 2015 and June 2025, compared to 0.91 for S&P Global Ratings over the same period, on a universe five times broader. This means it has comparable quality at materially greater coverage.

 

Credit Benchmark in Practice: Closing the Unrated Counterparty Gap

Canadian Derivatives Clearing Corporation (CDCC), the central clearing counterparty for exchange-traded derivatives in Canada, leverages Credit Benchmark’s consensus data to enhance its counterparty risk management capabilities.

As Acting Director of Financial Resilience Risk, Vladimir Levtsun notes: 

“Credit Benchmark’s data has contributed to directly strengthening our ability to manage counterparty risk and enhance internal reporting, leading to more confident, proactive risk decisions.”

CDCC uses Credit Benchmark’s data to harmonize credit assessment across different participant types, with particular value derived from insights into private and unrated entities that traditional rating agencies don’t cover. The data helps CDCC refine decision-making processes, manage counterparty exposures more effectively, and strengthen risk oversight capabilities across its network of more than 30 clearing members.

State Street uses consensus data for the same purpose, but the challenge it solves differs. Their Front-Office Risk team needed external validation to challenge internal counterparty ratings and justify credit changes to Enterprise Risk Management, particularly for emerging exposures where no market reference existed. Credit Benchmark’s consensus data provided that foundation. In Eliott Bryson’s words: “No one else does what you do. Credit Benchmark data makes my job easier.”

Consensus data does not replace the model or the analyst. It gives both something external to work from (an independent, institutionally grounded view) for the part of the counterparty book where that view has historically been absent.

The first step for institutions evaluating whether this gap applies to their own portfolio is a coverage assessment to identify which counterparties in their derivatives, securities finance, and repo books currently lack any external credit signal, and therefore which PFE scenarios, CVA proxy curves, and model validation processes are running without an external benchmark.

Book a demo to request a coverage assessment for your counterparty portfolio.



Schedule a demo

Please complete the form below to arrange a demo.

    By submitting this form you agree to Credit Benchmark’s
    Privacy Policy and Terms and Conditions.

    Subscribe to our newsletter

      By submitting this form you agree to Credit Benchmark’s
      Privacy Policy and Terms and Conditions.