For the purposes of assessing that an institution applies the appropriate level of granularity in its model, as referred to in point (c) of Article 28, competent authorities shall confirm at least the following:
that the institution takes into account the nature, complexity and idiosyncrasies of its business activities and the operational risks which it is exposed to, where grouping together risks sharing common factors and defining the operational risk categories of an AMA;
that the institution justifies its choice of level of granularity of its operational risk categories on the basis of qualitative and quantitative means, and that it classifies operational risk categories based on homogeneous, independent and stationary data;
that the institution's choice of level of granularity of its operational risk categories is realistic and does not adversely impact the conservatism of the model outcome or of its parts;
that the institution reviews the choice of level of granularity of its operational risk categories on a regular basis with the view to ensuring that it remains appropriate.