![]() The reduction in metrics and data elements is the result of banks’ attempts to reduce management costs and efforts and focus only on the most critical metrics and data.įor all banks, the application of the principles illustrated in Exhibit 2 ranges from narrow to broad. We believe the increase in reports reflects the inclusion of different nonfinancial risk types, such as operational or compliance risk. Interestingly, over time, we have seen the number of reports in data programs increase while the number of metrics and data elements decreased (Exhibit 1). Our industry benchmarking indicates that the average bank’s data program includes 50 reports, 90 metrics, and 1,100 data elements. Unfortunately, the industry has no set rules for how broadly or narrowly to define the scope of a data program or what standard metrics or data elements to include.Īs a result, many banks are trying to identify industry best practices for the number of reports and types of data to include in their data programs. Thus a credit-risk report or a report on strategic decision making might be covered, as well as risk-weighted assets as a metric and the principal loan amounts as an input. Most banks have defined the scope of their data programs to include pertinent reports, the metrics used in them, and their corresponding input-data elements. Scope of data programsīanks need to define the scope of their data programs clearly enough to create a basis for easily conversing with regulators and identifying additional actions necessary for regulatory compliance. A few institutions, however, are leading the way in improving their data programs and management and have made great strides toward regulatory compliance. There is considerable variation within the industry on how to address these four challenging areas, in investment, degree of risk mitigation, sustainability, and automation. ![]() 3 McKinsey benchmarking survey on data programs with 60 banks, 2020. ![]() Industry leaders are clear, however, that they struggle in four areas: the scope of data programs, data lineage, data quality, and transaction testing. preparing to collect evidence for regulatory examinations, and deploying a federated data operating model with central capabilities under a chief data officer. The EBA issued the Common Reporting (COREP) framework as the standard for capital-requirements reporting the EBA’s standard for financial reporting is known as FINREP. These include data-aggregation capabilities to support regulatory reporting requirements, such as automating some of the reporting required by the Federal Reserve in the US and the European Banking Authority (EBA) in Europe, 2 For example, Federal Reserve form FR Y-14M reports monthly data on the loan portfolios of bank holding companies, savings and loan holding companies, and intermediate holding companies FR Y-14Q reports quarterly data for the same kinds of institutions on various asset classes, capital components, and categories of preprovision net revenue. In response, the industry has adopted some common, workable solutions in a few key areas. As might be expected, banks have a monumental task in analyzing the layers of data requirements across all these regulations and building common and reusable capabilities that meet regulatory expectations. 1 BSA/AML refers to the US Bank Secrecy Act (anti–money laundering law) of 1970 CECL is the Current Expected Credit Losses standard issued by the US Financial Accounting Standards Board in 2016 GDPR is the EU’s General Data Protection Regulation, which came into force in 2018 CCPA is the California Consumer Privacy Act of 2018 and CCAR is a regulatory framework for comprehensive capital analysis and review introduced by the US Federal Reserve in 2011. At the same time, a host of other regulations with substantial data implications have emerged, particularly those involving stress testing (CCAR in the United States), data privacy (CCPA in the US, GDPR in Europe), BSA/AML, and CECL. This ambiguity has led to a wide range of interpretations, which vary from institution to institution, country to country, and even regulator to regulator. One major reason for this limited progress is that the Basel Committee called for effective implementation of BCBS 239 principles without clearly explaining what that means or how to implement them. In fact, many banks are still struggling with major deficiencies, particularly when it comes to data architecture and technology. Progress, however, has not been uniform, and most institutions are not fully compliant. The starting point was the Basel Committee’s BCBS 239 principles, issued in 2013 to strengthen banks’ risk-related data-aggregation and reporting capabilities. Over the past decade, banks across the globe have made considerable progress in building risk-related data-control capabilities, prompted in large part by regulatory demands.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |