Risk Data Aggregation and Reporting – Why now more than ever? – Part 1 of 2


This is the first out of a series of two blog articles in which I will attempt to discuss the importance of the execution of the principles of the BCBS 239 in the Banks.

I feel that a Bank’s risk management department is like a radar on a ship. It pro-actively identifies threats and “risks” in the course of the vessel, in order for the crew to manage effectively and avoid adverse effects. Now, in the case we are missing complete and reliable information for the risk management unit to analyze and in turn present, is similar with having a broken radar that presents the crew with wrong information resulting in wrong decisions.

In 2013 the paper of BCBS 239 was issued to provide banks with a set of guidelines, developed to help the industry help itself. This was a reaction to the postmortem of the financial crisis in 2008 from a risk data perspective, with the regulators realizing that most institutions did not have in place the platforms and technology to support an effective and robust decision making framework. Even though the “requirement” for compliance has been out there for a very long time, and the deadline for compliance was the beginning of this year, I feel that the Banks, the D-SIBs more than the G-SIBs, have still a long way to go for execution of these principles. This is in part due to the fact that the local regulators have not strongly enforced the principles, by transposing the BCBS 239 in local regulations, for most European countries at least. This of course will be changing as the single supervisory mechanism has included in its five supervisory priorities for 2016 “Risk governance and data quality” which relates, very closely, to the principles and objectives of the under discussion paper of the BCBS.

BCBS principles

Personally, I believe that the biggest benefit of the issuance of this paper, since the discussed principles are not more than just best practices and things that Banks should already be considering or even doing, is that it pushes the subject up the agenda at Board level and makes it visible by explicitly assigning the responsibility for compliance to the Board and Senior Management. Furthermore, my opinion is that this paper and the principles discussed therein should be seen as a strategic opportunity for Banks to build unified frameworks, eliminating data silos and increasing the overall quality and consistency of data that will lead to a single source of information to support better and improved management decisions.

Now what makes risk aggregation and reporting capabilities a vital matter to be addressed by the Banks specifically at this point in time? First of all, and before answering this question it, is important to note that it all starts with data, since the basis of the principles is having the right data in place to support a holistic reporting and in extend decision making framework. Secondly compliance with the principles of the BCBS 239, or execution of the principles included therein, should not be addressed in isolation. What I mean is that Banks should not work towards compliance/execution with/of the principles just for compliance purposes with the paper. They should look at BCBS 239 in juxtaposition with other important regulatory driven initiatives which have as their basis a solid and robust data management framework. I am talking about pressing regulatory requirements that pose a significant challenge in terms of new data and information that need to be collected, tested and analyzed and new or revamped technological infrastructures to support the population of complicated reports to be submitted to the authorities and on the same time an ad-hoc, end-user flexible reporting structure.
Going back to answering the questions above, I see, at least, three main reasons why this is most important now. Compliance with IFRS 9, Stress Testing and the Internal Capital Adequacy Assessment Process. The first and foremost, for the time being, will be discussed in this blog article and the following two in a subsequent blog.

Compliance with IFRS 9

IFRS 9 requirements will be effective Jan. 1, 2018, thus banks are beginning to pay great attention to this new accounting standard which is a forward-looking “expected loss” impairment standard that requires banks to provide more timely recognition of expected credit losses (ECL) based on future expectations – as opposed to the current “incurred loss” model.

The new standard sets stringent requirements as to the recognition of the ECL to reflect changes in the credit risk of financial instruments which significantly increases the number and frequency of impairment calculations that must be performed and as a result the amount of data that must be collected from across finance and risk functions.

IRFS 9Furthermore, IFRS 9 expands the information that a bank must consider when determining ECL. Banks have to base their ECL measurements on historical and forecast information. All of this information must be obtained on an individual account level and then stored, managed and reconciled with the bank’s general ledger on an aggregated level. The expected amount of IFRS 9 data, and the complexity of the calculations requires that the Bank has applied a holistic data aggregation and reporting framework as this is described in BCBS 239.

It is important to note, that in extend, a governance structure must be established for tracing and documenting data transformations needed for auditability purposes. Needless to say reconciliation between finance and risk systems, at any step of the ECL measurement process, will be the focal point for any audit, internal or regulatory. Implementing, as the basis of an IFRS 9 compliance effort, a data environment which is on the one hand auditable but on the other flexible enough in order to quickly adapt to any changes in the framework, it is a challenge that can be well managed through the sound execution of the principles discussed in the BCBS’ paper.

SAS has always been supporting Risk Management and Finance departments built confidence over the data being used for any of their processes by providing a robust data management layer to all its software solutions. SAS, more specifically has designed and developed a comprehensive end-to-end technological framework to support compliance with BCBS 239.

If you want to know mo re about it, here you can request the perfect on demand webinar for your business needs.


About Author

Chrysostomos Kridiotis

Chrysostomos is a SAS Sales Manager, managing the office of SAS in Cyprus and the Banking Industry clients of SAS in Bulgaria. He is working closely with organizations, mostly in the financial sector, to identify business problems and needs and propose solutions that have to do with data management, analytics and business intelligence. He has a strong background on Financial Risk Management, and his previous experience includes working as a business consultant for financial institutions in the area of Risk Management, Governance, Compliance and Strategy.  In the past he has been teaching professionals a course on Governance, Risk and Ethics and enjoys sharing ideas and views on new and innovative technologies in the area of Risk Management. He strongly believes that creating and fostering relationships - and sharing experiences - is a cornerstone of conducting business today and applies this mentality in his everyday business life. You can find him on Twitter or Linkedin.

1 Comment

  1. Pingback: Risk Data Aggregation and Reporting - Why now more than ever? Part 2

Leave A Reply

Back to Top