CCAR and DFAST Stress Testing

The Comprehensive Capital Analysis and Review (CCAR) and Dodd-Frank Act Stress Tests (DFAST) are the two interrelated US bank stress testing frameworks. DFAST (required by Section 165(i) of Dodd-Frank, implemented by the Fed at 12 CFR Part 252) requires banks with $100B+ in total consolidated assets to conduct annual stress tests projecting capital ratios under baseline, adverse, and severely adverse scenarios over a nine-quarter planning horizon. CCAR (Federal Reserve supervisory assessment for the largest banks, now primarily for Category I-II firms) evaluates capital adequacy and capital distribution plans (dividends, buybacks) under the Fed's stress scenarios plus bank-defined scenarios. Following the 2023 Basel III endgame proposals and 2024 stress test revisions, the Fed reformed CCAR to use a single stress scenario and incorporated the stress capital buffer (SCB) as the primary mechanism linking stress test results to capital requirements. Banks with SCB outcomes below the 2.5% floor face binding capital constraints from stress testing results.

The data and modeling demands of CCAR/DFAST are among the most complex in financial services technology. Stress testing requires projecting net interest income, non-interest income, provision for credit losses, operating expenses, and balance sheet evolution under macroeconomic scenarios across all material business lines and geographies. Credit loss modeling requires vintage-level loan data, obligor characteristics, macroeconomic variable sensitivities, and model validation frameworks meeting SR 11-7 (Supervisory Guidance on Model Risk Management) standards. The Fed's Capital Assessments and Stress Testing (FR Y-14) reporting schedules — Y-14A (annual), Y-14Q (quarterly), Y-14M (monthly) — collect granular loan-level data across commercial real estate, domestic retail, and securities portfolios. Y-14M requires loan-level data submissions covering millions of records with dozens of attributes per record, demanding enterprise-scale data warehousing, data quality management, and submission infrastructure.

DFAST and CCAR create significant model governance obligations under SR 11-7. Every model used in the stress testing process must have documented model development, implementation, and validation records. Third-party vendor models require specific validation evidence — vendor documentation is not sufficient. The model inventory for a large bank's stress testing program typically numbers in the hundreds of models, each with its own development and validation cycle. The Fed's increasingly quantitative supervisory stress test models (using internal Fed models whose full specifications are not public) create a challenge: banks must explain differences between their own results and supervisory results, which requires reverse-engineering Fed model behavior from public scenario results. For banks in Category III-IV subject to modified DFAST requirements, the 2019 tailoring rules reduced some submission obligations but maintained the core capital planning framework.

We build DFAST/CCAR data infrastructure using enterprise data warehouses designed around FR Y-14 reporting schemas, with automated data quality validation rules mapped to the Fed's Y-14 edit checks. Our stress testing platforms support multi-model orchestration — routing portfolios to appropriate credit loss models by product type, aggregating results, and generating nine-quarter projection outputs in FR Y-14A submission format. We implement SR 11-7-compliant model risk management frameworks with model inventory databases, validation workflow management, and evidence repositories that support both internal and Fed examination review.

Compliance-Native Architecture Guide

Design principles and a structured checklist for building software that is compliant by default — not compliant by retrofit. Covers data architecture, access controls, audit trails, and vendor due diligence.