Progress in adopting the Principles for effective risk data aggregation and risk reporting 2015

Original by BIS, 2015, 15 pagesHamster_gagarin_linkedin
hamster writter This summary note was posted on 20 September 2017, by in Credit risk Finance #, #, #

The Principles aim to strengthen banks’ risk data aggregation capabilities and internal risk reporting practices, and become effective 1 January 2016

  • Report from December 2015
  • Draw out key lessons learned and elaborate key recommendations to further facilitate implementation
  • The 11 Principles can be divided into three main pillars: (i) governance and infrastructure; (ii) data aggregation; and (iii) risk reporting
  • In 2013 and 2014, banks completed two self-assessment questionnaires on their level of compliance with the requirements under Principles 1–11
  • Effective implementation of the Principles goes beyond a checklist approach. It requires an understanding of the objectives behind the requirements
  • There is an expectation that banks should meet all risk data aggregation and risk reporting principles simultaneously. However, there are likely to be trade-offs.
  • It is important to emphasise quality over timeliness; that is, it is more important to ensure that banks develop high-quality infrastructure rather than resorting to “band-aid” solutions to meet the implementation deadline
  • Supervisors should conduct more in-depth/specialised examinations on data aggregation requirements to evaluate weaknesses
  • Achieving full automation is not possible. It is important that banks have the appropriate controls around any manual processes
  • Some G-SIBs’ (Global Systemically Important  Banks) IT architecture may have reached an unmanageable level. Banks should consider reducing the complexity of their systems

Findings

  • Under-investment prior to the development of the Principles, or the significant costs associated with it, completing large-scale infrastructure projects on time continues to be seen as the most significant obstacle to full compliance
  • Significant gaps in terms of data accuracy and adaptability were also identified. Principle 3 (accuracy/integrity) and Principle 6 (risk data aggregation adaptability) had some of the lowest reported compliance ratings
  • Challenges associated with documentation of processes, particularly in large banking groups which operate in a number of jurisdictions or across a number of business lines.
  • The ability to adapt data processes, particularly for ad hoc requests, is persistently weak

Noticeable principles

  • Data should be aggregated on a largely automated basis so as to minimise the probability of errors (principle 3)
  • A bank should be able to capture and aggregate all material risk data across the banking group (principle 4) (in a timely manner  – principle 5)
  •  Reports should be easy to understand yet comprehensive enough to facilitate informed decision-making.  An appropriate balance between risk data, analysis and interpretation, and qualitative explanations. (principle 9)