It was a little more than year ago when the Basel Committee of Banking Supervision (BCBS) released the results of a mandatory self-assessment by all 30 Global Systemically Important Banks (G-SIBs) on their progress with BCBS 239. The intent of the self-assessment was simple. The Basel Committee wanted the G-SIBs to establish a baseline and define a roadmap towards compliance. Furthermore, to ensure a consistent and effective implementation of the principles, the Committee instituted a coordinated approach with national supervisors to monitor and assess the G-SIBs progress right up to forthcoming January 1, 2016 deadline.
One of the more compelling results from the initial self-assessment published in the BCBS 268 Report “Progress in Adopting the Principles for Effective Risk-Data Aggregation and Risk Reporting” was that 33% of the G-SIBs stated they would not be fully compliant with all 11 Principles by the 2016 deadline. Moreover, 20% of the G-SIBs reported “material non-compliance” with nearly half of the 11 principles. “Material non-compliance” meant significant actions needed to be taken in order achieve full compliance with these principles.
In January 2015, the Basel Committee released and published the results of a follow-up self-assessment, whereby 46% of the G-SIBs stated they would not be fully compliant with all 11 Principles by the 2016 deadline. Furthermore, almost 50% of the G-SIBs reported “material non-compliance” with nearly half of the critical governance and infrastructure and risk data aggregation principles. While many will perceive the results that the G-SIBs are losing momentum and actually going backwards. It is not the case. This downward trending is primarily due to an improved understanding of the Principles and the scope to be covered.
Summarizing these reports, the Basel Committee stated the G-SIBs still needed to significantly upgrade their risk IT systems, infrastructure and governance arrangements – most notably citing a lack of formal and documented risk data aggregation frameworks, group-wide and comprehensive data dictionaries, consistent and integrated data taxonomies, data lifecycle controls and lineage, policies governing data quality controls, as well as data ownership and accountability.
With respect to risk data aggregation, the Basel Committee felt the G-SIBs were still relying too much on manual processes, which impair the ability to ensure accuracy and timeliness of data, particularly in stress situations. The G-SIBs also lacked inadequate data quality checks to ensure the consistency, integrity and reliability of their risk data. Lastly, the G-SIBs were still lacking the capability to generate relevant data on a timely basis to meet dynamic internal and external risk reporting requirements.
BCBS 239 is an overarching regulation. Its impact has been and continues to be significant. The G-SIBs are demonstrating just how hard it is to comply. However, the objective of the mandatory self-assessment has been met, as all G-SIBs are on an execution roadmap for compliance and national regulators are working and monitoring their progress right up to the deadline.
In subsequent posts, we’ll provide guidelines and impart best practices from execution roadmaps for meeting the January 2016 deadline.