BCBS 239’s overarching governance and infrastructure principle requires banks to establish robust risk data aggregation capabilities across their various business divisions that trade a wide range of products and asset classes. The key objective of this governance and infrastructure principle is to ensure that the underlying data on positions, valuations, sensitivities and any inputs to P&L calculations are gathered and distributed in a consistent manner.
In reaction to BCBS 239, banks initiated large-scale IT and business change programmes to address the issues inherent in their risk reporting processes. The banks began building consolidated IT platforms that integrated risk information that was previously held in risk discipline silos and within internal finance divisions.
In 2015, many banks are struggling to establish strong data aggregation, architecture and processes to comply with BCBS 239. For example, GreySpark has observed that many banks have not adequately planned to comply with the regulations at an organisational level and that the banks have not yet devoted significant-enough levels of resources to implement change management programmes related to compliance with the regulations. Despite these problems, there are ultimately many benefits for a bank associated with achieving a level of full compliance with the BCBS 239 frameworks, of which the most significant is enhanced credibility with regulators, shareholders and general public.
This report presents a range of observed best practices developed by GreySpark for banks to follow in readying their organisations for compliance with BCBS 239. Specifically, this report can be used by banks to develop new ways to collect and organise internal and external risk management data, and the report assess the ways in which existing technology systems vital to these processes can be utilised in adapting to BCBS 239 frameworks.