1. The institutions shall document the design and operational details of its rating systems. The documentation shall provide evidence of compliance with the requirements in this Section, and address topics including portfolio differentiation, rating criteria, responsibilities of parties that rate obligors and exposures, frequency of assignment reviews, and management oversight of the rating process.
2. The institution shall document the rationale for and analysis supporting its choice of rating criteria. An institution shall document all major changes in the risk rating process, and such documentation shall support identification of changes made to the risk rating process subsequent to the last review by the competent authorities. The organisation of rating assignment including the rating assignment process and the internal control structure shall also be documented.