line graph

Perspectives

BIS assessment of banks' compliance to BCBS 239 principles

Reviewing framework for adhering to BCBS regulation

The Bank of International Settlements (BIS) publishes their BCBS 239 reports to show progress towards adopting the Principles for effective risk data aggregation and risk reporting. Effective data management and compliance with BCBS 239 principles is a firm-wide responsibility. This page provides our key takeaways for banks.

Site-within-site Navigation. Do not delete! This box/component contains JavaScript that is needed on this page. This message will not be visible when page is activated.

BCBS 239 Progress Report: How much has the needle moved and why is it still not enough? | June 9, 2020

The Bank for International Settlements (BIS) recently published the 2019 BCBS 239 Report–Progress in adopting the Principles for effective risk data aggregation and risk reporting (2019 Report). The 2019 Report provides an assessment of banks' progress in complying with BCBS 239. Similar to prior years, the 2019 Report finds that no bank is fully compliant, even though in 2017 at least three banks were identified to be such. This is an indication of heightened regulatory expectations for effective data management. According to the 2019 Report, the largest contributing factor to non-compliance is the inability to achieve the target state data architecture and IT infrastructure necessary to meet the Principles.

The 2019 Report notes that significant efforts have been made by institutions to improve on the principles within the three focus areas:

  1. Overarching Governance and Infrastructure;
  2. Risk Data Aggregation Capabilities; and
  3. Risk Reporting Practices

While there have been strides made in improving quality for the most critical and impactful data, continuous improvement is necessary so that the quality of data is fit for purpose across financial, risk, and management reporting. The 2019 Report also noted that firms have begun to apply these practices beyond risk data to regulatory reporting, financial reporting, and recovery and resolution plans.

Learn more about the progress banks have made and investment opportunities for continued improvement.

Progress report BCBS 239 compliance

BIS assessment of BCBS 239 compliance | January 24, 2019

Data management capabilities are a growing focus area for regulators. During the financial crisis, gaps were identified in data provided to regulators and subsequent investigation revealed numerous weaknesses in data capabilities. These gaps existed in both financial and risk data that are used to manage risk, provide business insights, and comply with regulatory requirements. The increased focus on data capabilities makes data management across the enterprise a necessity.

In 2013, the Basel Committee on Banking Supervision (BCBS) issued Principles for effective risk data aggregation and risk reporting (BCBS 239). The set of principles in the paper provide a foundation for a framework to address and help resolve critical weaknesses that banks have in understanding and accurately describing their overall exposures and key risk factor. BCBS 239 lists out four major categories and fourteen principles (11 of which are applicable to banks, the remaining three are applicable to regulatory supervisors).

The core focus areas for banks include:

  1. Overarching Governance and Infrastructure;
  2. Risk Data Aggregation Capabilities; and
  3. Risk Reporting Practices

Learn more about the progress banks have made.

BIS Assessment of BCBS 239 Compliance

This publication contains general information only and Deloitte is not, by means of this publication, rendering accounting, business, financial, investment, legal, tax, or other professional advice or services. This publication is not a substitute for such professional advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified professional advisor. Deloitte shall not be responsible for any loss sustained by any person who relies on this publication.

Deloitte shall not be responsible for any loss sustained by any person who relies on this publication.

Contacts

Dmitriy Gutman
Managing director

Deloitte Risk & Financial Advisory
Deloitte & Touche LLP

Marjorie Forestal
Principal

Deloitte Risk & Financial Advisory
Deloitte & Touche LLP
 

Stanley Philip
Manager
Deloitte Risk & Financial Advisory

Deloitte & Touche LLP

Irena Gecas-McCarthy
Principal 
Deloitte Risk & Financial Advisory

Deloitte & Touche LLP

Kenneth Lamar
Independent senior advisor
Deloitte & Touche LLP

 

Did you find this useful?