Many banks feel overwhelmed by the sheer volume of regulation that is coming their way. It is not surprising, therefore, that when the Basel Committee on Banking Supervision (BCBS) consultative paper, “Principles for effective risk data aggregation and risk reporting” was published in June 2012; it raised a number of concerns.
In January 2013, the Basel Committee released a final set of “Principles for effective risk data aggregation and risk reporting” to enhance banks’ ability to identify and manage bank-wide risks. This document helps address some of the possible concerns raised by the June 2012 paper; it also brings up new elements for consideration.
The regulation outlines four key topics:
Overarching governance and infrastructure
Risk data aggregation capabilities
Risk reporting practices
Supervisory review, tools and cooperation
These are supported by 14 high-level principles, intended to strengthen banks’ risk data aggregation capabilities and risk reporting practices. Globally Systemically Important Banks (G-SIBs) must implement these principles by January 2016 and are expected to start making progress towards effectively implementing them from early 2013.
National supervisors have the discretion to apply these principles to Domestically Systemically Important Banks (D-SIBs) as well. Overall, the industry responded in a positive way, acknowledging the benefits of improving banks’ risk data aggregation capabilities and aligning their goals to that effect.
The current regulation concerning enhancement of data process and IT systems for measuring and reporting risk follows a number of papers and regulations which emphasize the need for banks to enhance their data and IT infrastructures. Despite the slight unease expressed by the industry, the proposed timeline for the implementation of the principles has not changed and 2016 remains the target completion date, demonstrating the importance assigned by the regulators to this initiative.
The Regulators’ overriding objective is to establish financial stability. The principle-based approach defined in the Basel Committee report was developed in response to the failures of the industry during the financial crisis. In particular, the industry demonstrated insufficient capabilities to aggregate risk exposures and to identify risk concentrations quickly and accurately, at the group level and across all portfolios and legal entities. The implementation of these principles can help provide strong foundations for banks’ resolvability, improved governance, improved business control, enhanced strategic decision making and, ultimately, increased profitability.
Banks may want to consider the Basel Committee report in the context of other international initiatives which are underway and that make concrete progress in strengthening their data aggregation capabilities. These include the Financial Stability Board (FSB) initiatives related to development of common data template for G-SIFIs (systemically important financial institutions) to address key information gaps identified during the crisis such as bilateral exposures and exposures to countries/sectors/instruments; a public/private sector initiative to develop a Legal Entity Identifier (LEI) system; and other initiatives related to data standards, such as reporting for RRP, FINREP, COREP and finally IFRS (international financial reporting standards) and FATCA.
The BCBS “Principles on Data Aggregation and Risk Reporting” have been finalized with the current compliance date of 2016, which sets a demanding goal for globally systemically important financial institutions. As banks mobilize to implement the principles, they may find themselves also balancing demands for other regulatory implementations, addressing changes in the current business landscape and improvements in the effectiveness of their expenditures.
As banks explore how to properly implement these principles, consideration should be given to the application of a sound and robust risk appetite framework aligned to the business strategy. The BCBS principles are intended to help strengthen the bank’s risk data aggregation capabilities and internal risk reporting practices.
However, a closer examination of how these principles might be implemented points to a number of areas for possible improvement.
More responsibility and accountability for the board as it is expected to be “fully aware” of any limitation on data aggregation. Banks may want to consider a new operating model for the group and its legal entities, and between the board and its risk function(s).
As the board improves the enterprise’s oversight and accountability over risk strategy for all entities and all material business activities, banks may want to consider how to educate on risk and the management approach taken by the firm. Another area of consideration is the composition of new risk committees to oversee the implementation of the risk strategy.
T. Sironis—senior principal Accenture Risk Management. Based in London, Takis brings 20 years of deep experience in business and IT transformation in the risk management space for investment and retail banking.