Piecing the Puzzle Together - Regulatory Initiatives on Data


As Stressing Data Infrastructures states, the Basel committee data aggregation principles1 are not another regulatory 'tick box' exercise and certainly not superficial. The principles summarise and materialise concerns regulators have expressed for a number of years over most banks' inability to adequately aggregate data for reporting in a timely manner. The principles also come during a tidal wave of regulatory demands for increased reporting, which continues to grow.

In the UK, large financial institutions not only face the implementation of COREP and FINREP2 during 2014 but also:
  • The ramping up of FDSF's3 quarterly submissions of stress testing data
  • A move towards simultaneous, annualised stress testing projection requirements
  • Increase scrutiny on data provenance
  • Increased market risk data requirements
Not to mention international requirements for UK 'Globaly Systemic Important Banks' like EBA stress testing, Fed forms such as 14Q4 for CCAR as part of Dodd-Frank reforms and many others.

With the introduction of FDSF, the PRA has encouraged the use of regulatory initiatives as a force for internal change. As the Basel aggregation principles state (summarised in Figure 1) key risk reporting requirements should involve banks' boards and senior management. Projects driven from the very senior levels should provide those initiatives with the momentum to institutionalise much needed bank wide changes for data. The hope is to avoid typical reactive band-aid solutions pasted on to exisiting systems to meet yet another regulatory data request. These band-aids result in ad hoc policies and data collections stored in silos throughout an organisation.

This tangled mess will only exponentially worsen as regulators continue to derive and reenginer their data needs unless institutions fundamentally rethink their infrastructure to manage dynamic data requirements. An institutionalised framework is needed that enables:
  • a metadata driven data lifecycle;
  • a firm's existing knowledge base to be described;
  • its management coordinated;
  • a shared corporate culture regarding data established; and
  • future implementation phased over time in a modular and controlled fashion

Figure 1 summarises the key areas covered by the Basel aggregation principles along with highlights that one should pay particular attention to for each area. Such items of emphasis like board and senior management involvement, an ability to provide data in both normal and stressed times, and areas of strong data management: e.g., documentation, validation, use of metadata, taxonomies and data dictionaries.


Figure 1: A summary of Basel principles and key text to note


However, the Basel aggregation principles have an intentionally restricted scope, focused on key principles for risk data and not a comprehensive data management framework. As figure 2 shows, in comparison to the Carnegie-EDM Data Maturity Model5, the Basel aggregation principles miss the broad topics of data management goals, corporate culture and data management funding.


Figure 2: Basel articulates key principles for risk data, not a comprehensive data management framework


1 'Principles for Effective Risk Data Aggregation and Risk Reporting', Bank for International Settlements, http://www.bis.org/publ/bcbs239.pdf, January 2013.
2 Common Reporting (COREP) and Financial Reporting (FINREP) requirements by the European Banking Authority and collected by national supervisors as part of Capital Requirements Directive IV. See the Bank of England's note on CRD IV.
3 Firm Data Submission Framework (FDSF). The framework for UK VHIFs (Very High Impact Firms) to submit data for capital stress testing.
4 Form 14Q is used by the USA's Federal Reserve to collect granular data on bank holding companies for forecasting and assessing their capital adequacy under varying senarios. This forms part of their Comprehensive Capital Analysis and Review (CCAR) and its process to implement the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010.
5 The Data Management Maturity model is the result of a partnership between the EDM Council and the CMMI Institute (a spin off from Carnegie Mellon University)

Popular Posts