BCBS 239 can enhance buy-side data governance: Proper risk aggregation

Once buy-side firms have reviewed data governance trends and developed the proper foundation, they can next focus on data aggregation. Doing so will bolster the integrity and relevance of their important information, and make them better-prepared to respond to regulator demands.

Institutions can look to BCBS 239 – and the principles in its second section – to ensure proper collection of important information.

II Risk data aggregation abilities

3) Completeness – To adequately manage risk, industry participants must be prepared to gather all information that could have a material impact. This includes data not contained on balance sheets. Institutions should be able to segregate this information by business line, industry, legal entity, asset type or other important characterizations.

Organizations must be able to provide complete aggregated risk data, and also measure the fullness of this information, to meet supervisor expectations. Any risk information that is not complete should not be crucial to the bank’s ability to manage its risk exposures.

4) Accuracy and Integrity -To ensure that reporting meets minimum accuracy requirements during both normal and crisis situations, financial institutions must produce high-quality risk data. To minimize the odds of mistakes, automated processes should conduct the majority of information gathering.

Verifying risk data against other sources such as accounting data can also be a good practice. Having strong internal controls for risk data is important.

5) Adaptability – Being adaptable will permit organizations to conduct more effective risk management, and these organizations should be able to evaluate emerging risks and also meet ad hoc requests. Industry participants should also be ready to meet reporting requests, including ones from regulators and those made during crises.

6) Timeliness – In addition to producing risk data that is accurate and complete, financial institutions should be able to provide this information in a timely fashion. Variables including risk management reporting requirements and the potential threat of the risk being evaluated will factor into the exact timing.

Information is needed more quickly in certain situations than others, with data being needed more rapidly in crisis scenarios, and the Basel Committee recognizes this. To be ready to supply their key information in due time during crises, organizations must enhance their information technology infrastructure.

If you want to strengthen your buy side firm’s risk data collection, implement these best practices. Having more reliable information will ease your passage through the current regulatory environment. For example, it will support effective risk reporting, an important aspect of existing regulations and the topic of the next part of our series.

Posts by Topics