Basel Committee Principles Raise More Questions

Parameters for effective risk data aggregation and reporting issued by the Basel Committee on Banking Supervision appear to encourage data management improvement, but how that will be done is left unanswered

On one hand, Golden Copy and Inside Reference Data's reporting has recently pointed out criticism of the Basel Committee on Banking Supervision's (BCBS) relaxing of the liquidity rules for its Basel III regulation. On the other hand, there is more to the story.

Principles for effective risk data aggregation and risk reporting issued January 10 by BCBS could, if taken seriously and given teeth, add incentive to industry efforts to link risk management to data quality and data management operations improvements. The 14 principles are basic and general, but they do follow up on and flesh out a timeline for action laid out in October.

That process is supposed to start this year with global systemically important banks (G-SIBs) self-assessing their data operations and completing risk data aggregation and risk reporting improvements by 2016. In short, BCBS's newly issued principles say:

• Risk data aggregation and risk reporting should be subject to governance arrangements consistent with guidance by BCBS
• Banks should design, build and maintain data infrastructure to support risk data aggregation and reporting
• Banks should then be able to generate accurate and reliable risk data, automate aggregation of that data and capture all material data throughout their businesses
• Risk management reporting should be accurate, reconciled and validated
• Risk management reporting should cover all relevant areas of risk within a firm, and data ought to be available broken down by business line, legal entity, asset type and other categories
• Reporting should be clear and concise, and bank management and boards should set the frequency of reporting to meet the needs of those concerned with risks
• Supervisors within banks and firms should review and evaluate compliance with risk reporting rules and principles, and have the ability to correct problems with such reporting or lack thereof
• Lastly, risk supervisors should cooperate with their counterparts in other jurisdictions

"It is clear the overall intent is to set a benchmark for what is acceptable in the way a bank manages and reports risk," says Paul Garel-Jones, director, information management and analytics, at Deloitte in London, who is author of a report on the BCBS principles. "The implications are wider than VARs [value-at-risk] or P&L strips, and have major implications for a bank's risk operating model, and, more broadly, how data is managed across the bank.

The BCBS principles will require banks to do more about data aggregation and reporting than is evident at first, according to Garel-Jones. "An organization-wide solution is required that will own and resolve reference or transaction data issues that affect the risk function," he says. "Deloitte's experience is that banks have focussed on tactical work-arounds (such as manual adjustments and off-system data analysis) and not taken a more strategic approach to data management. For those in banks today who are trying to get the data problem recognized at the CxO level, the BCBS paper significantly strengthens the case for change."

So, while these BCBS principles do open up another possibility for greater use of risk management to drive data management improvements, they also open up questions about how that may or may not end up being accomplished.