This document discusses the BCBS 239 regulatory requirements for risk data aggregation and risk reporting. It outlines the key components of BCBS 239 including risk governance, infrastructure, data aggregation, and reporting. It also describes a risk data self-assessment diagnostic study that banks should conduct to evaluate their risk operating model, processes, data usage, and infrastructure in order to identify gaps and develop projects to address deficiencies to comply with BCBS 239. Finally, it presents a proposed unified risk data model and architecture to integrate risk data across different risk types and business units.