Risk aggregation and reporting challenges intensify for banks
The past month has been a busy one for G-SIBs – global systemically important banks – as they confront the challenges of “what full compliance looks like” in the context of the Basel Committee on Banking Supervision and its Principles for Effective Risk Data Aggregation and Risk Reporting, writes Steve Culp.
In late December 2013, BCBS published its progress report summarising G-SIBs’ preparedness to comply with those principles and the challenges they face as pursuit of full compliance continues in light of the January 2016 deadline.
The results of that progress report, industry-level discussions (e.g. via the Institute of International Finance), and conversations occurring at G-SIBs within risk management and finance divisions confirm that the journey to 2016 is fraught with enormous challenges. BCBS suggested that some bank self-assessment submissions were a bit too rosy and not consistent with Basel III principles. Furthermore, BCBS cautioned that some banks may have overstated their progress.
Furthermore, one-third of surveyed banks said they would not meet the deadline, although many are in the midst of large multi-year risk and finance IT transformation projects designed to bring them in compliance with Basel III.
So how can banks manage regulator expectations without merely employing tactical fixes to plug the gaps? Actually, addressing this question represents an opportunity for banks to re-evaluate their IT plans and the transitional delivery of aggregation and reporting capabilities. The goal: creative acceleration of some deliveries, while taking care to avoid compromising on the business imperative to increase process automation.
Discussions via the IIF confirm that banks are trying to use individual regulator feedback to identify which principles are essential and pre-requisites to others. Irrespective of prioritisation, the regulations require banks to achieve compliance across all Basel III principles. These include operational and liquidity/funding risks as well as credit and market risks.
The good news is that banks generally have established work streams to address the gaps and funding has or is being approved. As resources are deployed, internal subject matter experts in those organisations may find themselves stretched as they work with teams to address the regulatory requirements. Thorny data and reporting issues, highlighted by BCBS, which lie ahead include:
- Data quality checks around completeness of data. How should the more difficult process of ensuring data accuracy be addressed? How can they employ reasonable checks to verify data? What is the role of the front office businesses, as they are likely to be the ultimate owners of risk data and related inputs?
- How should data controls be aligned across Risk and Finance silos? Some reconciliation between risk data and accounting data now occurs. How can banks implement a truly aligned data model across these historically separate silos without establishing an internal cottage industry of costly, ineffective reconciliation-based activities?
- Scenario and stress test enrichment is being impacted by Comprehensive Capital Analysis and Review initiatives in the US and similar requirements are anticipated in the UK. How can this work be leveraged? As banks address these requirements, they also have the opportunity to shore up scenario frameworks to give senior management stress test results that are relevant and reliable.
Although G-SIBs are aware of the importance of making progress in these areas and they are taking steps to fully implement the principles, many of them foresee challenges ahead in their two year journey. Given the report, the good news appears to be that the majority of the banks do expect to meet the compliance schedule, while the others have significant work ahead of them to reprioritise their efforts and seek out an approach to meet the challenges ahead.