Series: BCBS 239 – Principle 11


Principle 11Principle 11:
Risk management reports should be
distributed to the relevant parties while ensuring confidentiality is

Early in 2013, the Basel Committee on Banking Supervision (BCBS) issued guidelines for banks regarding risk data aggregation and reporting. Known collectively as BCBC 239, these principles were designed to ensure that banks have adequate data management and reporting processes in place to monitor risk in their portfolios.

In our series on the principles of BCBS 239, my colleagues and I provide a quick view into the guidelines and how SAS can help.

Principle 11 deals with information distribution to the pertinent counterparts while assuring privacy. The distribution of banks’ information in different forms have been promoted and enforced in the last 15 years. A clear example of this is the Basel II Accord that introduces Pillar III Market discipline where “The Committee aims to encourage market discipline by developing a set of disclosure requirements which will allow market participants to assess key pieces of information on the scope of application, capital, risk exposures, risk assessment processes, and hence the capital adequacy of the institution”.

In a bank self-assessment on compliance with the BCBS 239 standard, with regard to Principle 11, 23 percent of banks rated themselves as fully compliant and 77 percent rated themselves as largely compliant. Moreover, banks did not mention any significant challenges and issues but the Basel Committee’s Working Group on SIB (systemically important banks) Supervision (the WGSS) identified the following technical concerns:

  • Integrating the distribution processes of all relevant units, i.e. enhancing automation to support rapid data collection and analysis.
  • Lack of formal procedures to confirm that relevant recipients receive timely reports.
  • Lack of a formalized inventory and documentation of reporting data marts.

To address these issues, banks must consider enhancing their information distribution processes to satisfy both their internal and external (regulatory) needs. The enhanced data production and distribution infrastructure should include detailed reports as well as high level dashboards with KPIs, KRIs and risk measures that decision makers can use in their daily business tasks. In addition, banks need to enhance transparency of the process behind that data production and balance the distribution with adequate privacy levels.

Moreover, only in recent years financial institutions have created the figure of the Chief Information Officer who is responsible for the data consistency within the bank with focus on that produced for regulatory reporting and decision making. This C-level executive should have a solid platform that facilitates the accurate and adequate distribution of information. Risk management information is a core area where the process of gathering, processing and distributing data has to be transparent and robust.

SAS solutions provide an end-to-end framework for addressing the principles of BCBS 239 through data aggregation, visual risk reporting, and useable risk measures. Read how we can help.

Tags BCBS 239

About Author

Jose Etchegoyen

Americas Risk Practice, SAS

Jose Etchegoyen has more than 15 years of experience dealing with finance and risk management in the financial services industry. During his career, he has served as both a risk manager and a banking regulator at financial and governmental institutions in Latin America and the United States.

Comments are closed.

Back to Top