Progress in adopting the Principles for effective risk data aggregation and risk reporting 2017

Original by BIS, 2017, 23 pagesHamster_gagarin_linkedin
hamster writter This summary note was posted on 20 September 2017, by in Credit risk Finance #, #

The 2016 supervisors’ assessment questionnaire was completed by all seven supervisors / supervisory regimes that had G-SIBs under their supervision.

  • The report found that G-SIBs’ level of compliance with the Principles is unsatisfactory, notwithstanding that G-SIBs have made some progress in implementing the Principles in 2016.
  • Only one G-SIB fully complied with the Principles within the January 2016 deadline
  • All Principles except Principle 2 (data architecture and IT infrastructure) were largely or fully complied with by over half of the assessed banks
  • Principle 2 is one of the two preconditions (together with Principle 1 on governance) to ensure compliance with the other Principles
  • The average delay in implementation of individual Principles ranges from 2.22 to 2.75 years
  • Banks would take about 5 to 6 years to fully comply
  • Some banks view implementing the Principles as a one-time compliance exercise rather than a dynamic and ongoing process
  • In this regard, banks need to periodically assess and make needed improvements to IT systems, policies and processes to effectively implement the Principles
  • There should be a regular independent validation of risk data aggregation and reporting processes
  • Some supervisors used fire drills to perform ad-hoc assessments of banks abilities to respond in a timely manner
  • Appendix 2 provide a set of examples regarding compliance to principles

Challenges faced by banks

  • Difficulties in execution and management of complex and large-scale IT and data infrastructure projects
  • Overreliance on manual processes and interventions to produce risk reports
  • Incomplete integration and implementation of bank-wide data architecture
  • Weaknesses in data quality control

New recommendations

  • Development of clear road map to achieve full compliance
  • Compliance should be on an ongoing basis

Recommendations from previous review still holding

  • Banks and supervisors should continue to promote understanding of the principle
  • Banks should clearly articulate risk data aggregation and risk reporting expectations
  • Banks should have efficient governance arrangements
  • Banks should critically examine their data architecture and adaptability capacity
  • In case of non compliance at the deadline provide remedy plan