- Basel Committee issues progress report on banks’ implementation of the BCBS 239 Principles for effective risk data aggregation and reporting
- Nearly 10 years after the initial publication of BCBS 239, banks are at different stages in terms of aligning with the Principles. Additional work is required at all banks to attain or sustain full compliance.
The Basel Committee on Banking Supervision published a progress report on banks’ implementation of the BCBS 239 Principles for effective risk data aggregation and reporting. The report provides an update on the progress made by 31 G-SIBs (designated during 2011-21) in adopting the Principles.
Nearly a decade after the initial publication of the Principles and seven years after the expected date of compliance, banks are at different stages in terms of alignment. Additional work is required at all banks to attain or sustain full compliance. The global pandemic and recent stress events provided a stark reminder that banks’ ability to manage risk-related data is essential for sound decision-making.
Consequently, the recommendations to banks that were identified in the previous reports still apply. In addition, boards should take full responsibility for overseeing the development, implementation, and maintenance of robust data governance frameworks. Furthermore, banks should foster a culture of ownership and accountability for data quality across the organization, adopt the Principles comprehensively in a broader context and ensure sound data quality as the basis for digitalization projects.
Similarly, the recommendations to supervisors that were highlighted in previous reports are still valid. In addition, supervisors should consider making greater use of the more intensive targeted activities, applying more forceful measures to address long-standing risk data aggregation and reporting deficiencies, and encouraging the application of the Principles in a broader context.
According to the report: “The overall pace of banks’ progress in implementing sustainable risk data aggregation and risk reporting capabilities is occurring at a slower pace than envisaged. This is largely because several banks have persistent challenges with fragmented IT landscapes, legacy systems and manual processes that are not fit for purpose.”
“The delayed compliance with the Principles is largely attributed to lack of prioritization, insufficient ownership by the board and senior management, as well as challenges with implementing data architecture and IT Infrastructure improvements. This may be due to the diversity of G-SIBs’ operations globally, their evolving business models and activities, and the need for more granular, high frequency data. Many banks have expanded the scope of their adoption programs to include more entities and emerging risks, as well as regulatory and financial reporting.”
The report includes case studies that outline how banks are approaching governance, IT infrastructure and data architecture, risk reporting as well as risk data aggregation capabilities for counterparty credit risk measurement.