As discussed in our first blog about the Basel Committee on Banking Supervision’s rules aimed at strengthening risk data aggregation and risk reporting practices at banks (BCBS 239), we noted that regulators now want banks to be able to provide better, cleaner data more quickly than ever before — something many banks continue to struggle with. And further, senior management now must take direct responsibility in the capture and aggregation of risk data. To do this effectively, banks need not only examine their IT infrastructure, but take a holistic approach in mapping out entire risk data universe and have clearly defined policies in place to meet all business needs.
Our previous blog asked some questions about your BCBS239 strategy; and now we’ll paint a picture of how your organization should look after these have been satisfactorily answered.
1) Your data is defined, harmonized and appropriately aligned to critical business and risk operations
It is imperative that banks have a data architecture and IT infrastructure in place which supports its risk reporting capabilities in both normal times and times of stress.
The ultimate goal should be to help to operationalize data governance to define ownership of data across the enterprise. Bridging the divide between business and IT and fostering a common and consistent language is critical. Given the speed and accuracy with which regulators demand to see data now, banks need to aggregate, sanitize and consolidate and report data faster than ever before. But this is not just to appease regulators; today’s bank needs this clear, accurate picture of data to operate at peak efficiency.
2) You have a systemic way of working towards an end state
A 360-degree, holistic approach that leads to consistency in the capture, storage and use of data from the moment it enters the organization is critical not just for compliance but makes for good business as well.
As such, KPMG advises that firms should pursue a path that not only moves them toward compliance, but also recognize opportunities that will come from a risk reporting program that can improve the quality of decision making within the organization; and ultimately improve business outcomes by unlocking value from data. Having an action plan for monitoring, tracking and identifying exceptions and correcting data at the origin will also help a bank systemically manage its self-assessment process around risk exposure.
3) You have a data infrastructure that can handle any request
As noted in the Basel Committee’s report, banks should be fully aware of and understand the limitations that prevent full risk data aggregation, in terms of coverage (such as risks not captured or subsidiaries not included), in technical terms (like model performance indicators or degree of reliance on manual processes) or in legal terms
A robust data infrastructure that can overcome these limitations is imperative. Banks need clearly defined data quality rules to monitor them. This means they need a system which provides a methodology to determine quality confidence levels for measurable and actionable data quality processes for effective data governance and systemically manages issues and actions arising from data quality monitoring. This is critical to achieve a common data infrastructure that builds a single source of truth and supports a common data taxonomy and metadata.
4) Data governance is an ongoing process
A bank should strive towards an environment where they have a single authoritative source for risk data per each type. This is not a one-time event, but requires ongoing action. An effective data governance infrastructure can highlight weaknesses in data source systems allowing banks to refine their processes.
According to Dataversity, implementing a federated governance model, assigning roles and responsibilities, rolling out corporate-wide standards and policies related to data, creating an organizational structure and appropriate escalation mechanisms, proactively monitoring compliance to standards and policies, communicating the value of the program to all stakeholders and continuously improving the process, technology and people aspects of Data Governance will ensure its sustenance over the long haul.
5) Your senior executives are actively involved
Senior management is now expected to vouch for the data presented to regulators, and thus management must now take direct responsibility in the capture and aggregation of risk data
For this reason, many institutions are adding the role of Chief Data Officer, who oversees a centralized Data Management Office (DMO) to address governance and infrastructure. One of the CDO’s most important responsibilities is operationalizing data governance with the goal of defining ownership of data across the enterprise. Under the executive’s leadership, the DMO will also take the lead in defining principles for maximizing data usage, assessing and managing data quality, defining data access and controls, and continuously monitoring data servicing risks.
Ultimately, banks need a strong analytical platform to achieve compliance and the greater goal of turning enterprise information into a strategic asset. However you go about it – the platform should support your efforts to establish effective data governance and enhance your data infrastructure to easily monitor, manage and report risks back to the regulators, stress-free.
Having a partner in place that knows the nuts and bolts of proper data governance, risk management and modeling and the ever-changing regulatory environment can help you greatly on the path to achieving optimal data governance.