SlideShare a Scribd company logo

BCBS239 the behemoth lumbers on

Rodney Dennis
Rodney Dennis

1) The document discusses the challenges that global systemically important banks (G-SIBs) face in complying with the BCBS239 regulation, which requires them to strengthen risk data aggregation and reporting. 2) A recent report found that many G-SIBs will be unable to fully comply with the regulation's principles by the 2016 deadline and still rely heavily on manual workarounds. 3) Complying with BCBS239 poses unique challenges for G-SIBs in areas like governance, data management, IT infrastructure, and legacy systems. Updating these systems at scale while meeting reporting demands has proven difficult.

1 of 8
Download to read offline
The New Normal - living with continuous regulatory change in the financial markets BCBS239: the behemoth lumbers on
2 © GFT 2015 Introduction Across the financial system, Global Systemically Important Banks (G-SIBs) are continuing to wrestle with the regulatory behemoth that is BCBS239 as they near the compliance deadline. More so than many regulations, the sheer size and scale of BCBS239 makes it a particularly daunting challenge for banks to overcome. Annual budgets of tens of millions of dollars, and total programme costs typically in the 50 to 150 million dollar range attest to the scale of the challenge. With the January 2016 deadline rapidly approaching, there still remains a very large question mark over the extent to which G-SIBs will be compliant. In January 2015, the Basel Committee on Banking Supervision published its second report on the progress made by the G-SIB banks in their attempts to comply with the 11 banking Principles of BCBS239. The report, entitled “Progress in adopting the principles for effective risk data aggregation and risk reporting” provides an update and a report on progress towards the 11 Principles set out in the January 2013 BIS Document. Although generally improvements have been made since the first progress report was released in December 2013, some banks have reported a downgrade in their ability to meet compliance requirements. 14 of the 31 G-SIBs said they would be unable to comply with at least one of the 11 Principles by January 2016. The picture that emerges is one where many banks are struggling to establish strong governance, data aggregation, architecture and processes. BCBS239 requires the implementation of large-scale, global strategic IT infrastructure, which is difficult enough, but also needs the cultural, business process and governance changes to support it. The BIS has also highlighted the concern that many banks continue to rely on manual workarounds to achieve compliance. Despite the mixed response from some banks, many still believe that full compliance will be possible by January 2016. With so much still to be achieved, is this a sign of overconfidence? It is likely that banks may have overestimated their predicted levels of compliance, and what is now required is a thorough and honest appraisal by each individual G-SIB on what they still need to do to comply with BCBS239. The challenges facing G-SIBs The origins and drivers of BCBS239 can be traced back to the 2008 financial crisis; as a response to the analysis and interrogation that inevitably followed. At the height of the crisis, it became apparent that banks were unable to aggregate data quickly or effectively enough, preventing them from identifying risk exposures and acting appropriately on them. As the crisis unfolded, their ability to make appropriate business decisions was compromised by data quality issues and their inability to aggregate risk information quickly and accurately. The Principles of BCBS239 require banks to strengthen their risk data aggregation capabilities and internal risk reporting practices. If banks are going to comply with these Principles by the January 2016 deadline, they need urgently to review their current governance structures, data architectures, IT infrastructure and capabilities, as well as think about the overall culture that exists within their individual institution towards data and risk analysis. The self-assessments by the G-SIBs clearly show how difficult complying with the Principles has proven to be. The size, scope, and complexity of this regulation pose a set of unique challenges, on top of other local and regional regulations that banks are already tackling. The self-assessments demonstrate that there is still much to be accomplished, including: addressing the heavy reliance on manual processes and tactical fixes, creating consistent documented processes for the aggregation of risk data at the Group level, improving the handling, aggregation and proper accounting of collateral, and improving the reconciliation and control processes for risk data aggregation. The question now is whether G-SIBs have enough time remaining to comply with the deadline, and if their remediation programmes are currently delivering the required changes to make this happen. BCBS239 is a “non-prescriptive” regulation; the onus is on the banks to decide how they intend to interpret the Principles as well as set and defining their own minimum standards for compliance. By way of a motoring analogy, if banks are driving along the road towards a destination called “BCBS239 Compliance”, each G-SIB is currently at a different stage of the journey, with some having much further to travel than others. For some, they are still struggling to determine exactly where “Compliance” is on the map, or the best route to get there!
3 © GFT 2015 With the growing awareness that time is running out, there is increasing pressure to simply meet the “letter of the law” (i.e. to tick the boxes for compliance), rather than to embrace the full spirit of the regulation as hoped for by BIS; with banks seeking to implement significant operational and cultural change in the management of their risk data. With limited time remaining, it is very likely that many of the G-SIBs will now only be capable of achieving the minimal standards for compliance, with many manual workarounds and legacy issues to be resolved at a later date. Problematic areas for compliance ¬ Governance structures BSBS239 states that banks should have in place strong governance frameworks. However, achieving this has proven highly problematic. A robust governance framework should be the foundation which banks can use to help build their BCBS239 solution – without this, compliance becomes increasingly difficult to achieve. Due to their size, G-SIBs will naturally face many challenges relating to their data architectures and the roles and responsibilities associated with this architecture. Poor quality data can be linked to the existence of many data sources and formats with perennial questions about formats, data quality, SLAs and ownership. Improved governance is vital, but it also requires G-SIBs to define clear data standards, identifying where high quality data comes from and what it should look like. G-SIBs need to document exactly how their data is managed in terms of the processes, controls, responsibilities and reporting. Mapping the “data lifecycle” and making it accessible and available to relevant stakeholders will be vital. A key aspect, however, is that governance structures are not just robust, but flexible. Banks must be able to aggregate data across different entities, business lines and risk types, not simply for a particular point in time, but to evolve over time and keep up with business, legal and regulatory changes. Significantly more flexible data architectures must be in place to allow for real-time and ad-hoc reporting in both normal and stressed conditions, such as the 2008 global financial crisis. ¬ Risk data activities Risk data management has been raised by BCBS239 to a new level. During the financial crisis, it became clear that weak risk data aggregation, reporting capabilities and an overreliance on manual processes were major issues. Many of the limitations and deficiencies in these areas arose because firms had numerous, disparate data sources using different formats, technologies, nomenclature and data quality assurance processes. These problem areas were highlighted in the most recent progress report, with 8 firms reporting that they would not be fully compliant on Principle 3 (Accuracy and integrity). Key elements of compliance on Principle 3 will include improved and more robust quality assurance processes and the introduction of standardised taxonomies and data protocols. Ultimately, improved risk data will help banks improve their decision-making, identifying where their exposures lie and reporting this data as quickly as possible to those who can do something about it. For example, with better visibility of aggregated risk data, a risk manager could identify issues quickly, before they become problems. The recent Russian debt crisis provides a classic example, whereupon many firms were unable to understand their exposure to the problem, and were therefore unable to do anything about it. ¬ Information technology High quality data aggregation cannot be achieved without the appropriate information technology (IT) and data architecture. The regulators reported that during the financial crisis, the IT systems and data architectures found in many banks were inadequate to support the management of financial risk. The regulators noted that those institutions which had better risk data management processes were the ones that had the appropriate technology, and platforms in place to help them analyse their risk data better. BCBS239 will stimulate the need to reassess existing legacy systems and technology and consider whether firms can deliver data in the required format to answer the questions being asked of them. This will require major IT infrastructure projects for many G-SIBs, which may include updating or replacing core legacy systems, to avoid leaving themselves a looming “technical debt” for the future.
4 © GFT 2015 ¬ Legacy technologies Updating embedded legacy systems is, however, no easy task, and will inevitably lead to an increase in spending by banks on their risk aggregation technology. The level of investment required and the scale of projects deployed will depend on how entrenched the legacy platforms are and the selection of appropriate replacements. These challenges are compounded by the need to continue to meet bank risk and reporting obligations, while at the same time overhauling their legacy technologies. ¬ Manual workarounds The 2015 progress report revealed that G-SIBs are continuing to rely heavily on manual workarounds to deal with the demands of complying with BCBS239. Manual workarounds and tactical mitigants are typically major constraints on the flexibility, adaptability and operational robustness of BCBS239 solutions. Although manual workarounds and tactical mitigants (such as end-user applications) are sometimes difficult to avoid, it must be remembered that they increase “process debt” which carries a heavy penalty to be paid at some point in the future. As with any debt which accumulates over time with a crippling rate of interest, technical and process debt can reach unmanageable proportions as complexity rises unabated. This situation increases the potential risk to the firm and also inflates the cost to eventually make a more strategic change in future. G-SIBs have been advised to “simplify their current IT architecture and data flows across departments and legal entities” in order to streamline the aggregation process and to enable quick aggregation of risk data during times of stress. However, with such embedded systems and processes, accumulated over many years, this is easier said than done. Banks need to understand and monitor closely the amount of technical and process debt they are storing up for the future, and ensure that there are plans and a budget in place to address this challenge. One such plan would be to include implementation debt assessment and remediation strategies into regular technical and business audits. ¬ Leadership requirements Delivering the projects required for BCBS239 compliance requires effective leadership within every G-SIB. The 2015 progress report recommended greater engagement from senior management and boards of directors, and more awareness of the risk and data aggregation capabilities within each bank. Senior management and board members have to start thinking differently about risk data management. They need to create a culture where everyone begins to think about data in a more in-depth and holistic way. Senior management has to understand the value of IT and data and demonstrate to all stakeholders how it impacts on the ability to make better business decisions, as well as meeting the requirements of BCBS239 compliance. Board members should take an active interest in, and responsibility for, the data quality and aggregation capabilities which ultimately underpin risk management strategy and decision-making. Accountability for risk is not something that can be delegated; ultimate responsibility for risk management sits with the board and executive committee members. Senior management needs to monitor and engage more actively in the delivery of projects, paying close attention to the progress and to become cognisant of trade-offs in terms of “strategic” versus “tactical” approaches, as well as the long term viability and robustness of solutions. As with many regulatory change initiatives, BCBS239 has too often been viewed simply as an issue for IT to resolve. This thinking has to change. The ability to store, deliver and report the required risk data is intrinsically linked to the IT capabilities within each bank, but senior management should be seeking to develop a framework that allows them to work more collaboratively with IT stakeholders to create effective policies and strategies for risk management. Board members should be directly involved in assessing whether the project implementation is on track, as well as identifying and enabling the timely resolution of any obstacles to implementation. It requires those in IT departments and those managing data to think about IT along business lines rather than in an organisational silo.
5 © GFT 2015 What has been the North American experience? Historically, BCBS239 has not been not high on the agenda for US domestic banks, compared with their European counterparts, yet the more vigorous action- oriented approach of American regulators has already provided strong incentives to make progress on some BCBS239 Principles. OCC Enforcement Actions have been very effective in forcing compliance, with recent examples touching on data aggregation principles. Interestingly, these enforcement actions tend to be quite specific, and also call for Executive Committee and sometimes board involvement in supervision and monitoring. What can D-SIBs learn from the G-SIB experience? Under the BCBS239 guidelines, D-SIBs are not required to implement BCBS239 by January 2016, but the Bank for International Settlements (BIS) recommended that regional regulators apply a three year timeframe for compliance, commencing with the individual organisations’ designation as a D-SIB. Since the regulators’ recognition of D-SIBs is not a globally synchronised process, there is a blurring of timelines, but D-SIBs are now beginning to budget, plan and mobilise their BCBS239 programmes. Starting from scratch, and with three years to implement, D-SIBs should be able to take advantage of the experiences and lessons learned by many of the G-SIBs, such as not launching a programme without clear data taxonomies or governance processes, and ensuring attention is paid to the proper inclusion of collateral in the programme. By avoiding these costly mistakes, using time and budget more efficiently, and ensuring that appropriate tools, processes and accelerators are utilised, D-SIBs can reduce project risk and aim for a better quality and more timely end result. Moreover, D-SIBs who seize the opportunity to get it right the first time will also be able to avoid the near-ubiquitous tactical mitigants and manual processes found in the approach of G-SIBs. They can focus on strategic build, rather than burden themselves with costly technical and process debt for years to come. In sharp contrast to the majority of G-SIBs, it is even possible that some D-SIBs will realise the gains in efficiency, reduced probability of losses, enhanced strategic decision-making, and increased profitability cited by the BIS as the core benefits of improving their risk data aggregation capabilities. The challenges and problem characteristics for D-SIBs are of course different from G-SIBs. However, D-SIBs are smaller and typically less complex than G-SIBs, with fewer distinct entities and source systems, so the scale of the costs and challenges are reduced and, in principle at least, more easily managed. On the other hand, D-SIBs will also generally be more sensitive to budgetary pressures and cost of ownership. In addition, D-SIBs will not necessarily have the large regulatory change and execution teams required to undertake this ambitious and far-reaching regulatory project. D-SIBs who undertake BCBS239 programmes with a more strategic approach, and pay close attention to the painful lessons learned by G-SIBs, should be able to reduce risks and project costs, and achieve compliance, but an integrated risk aggregation platform which adds value. Conclusion On 1st of January 2016 what can we expect to find? Will the G-SIBs be in a position to confidently say they have met all the Principles asked of them, or will they be desperately seeking an extension from the regulators? It is clear from the progress report that many banks do not expect to achieve full compliance and they will likely have significant additional remediation and implementation activities beyond this date. G-SIBs with outstanding items will then need to demonstrate adherence to agreed plans that specifically focus on those areas that need urgent attention, and they will risk regulatory censure or penalties if they fail to meet their commitments.
6 © GFT 2015 Succeeding with BCBS239 The key to success for any firm should begin with senior management taking the lead in embracing the importance and value of risk data management within each institution. Those firms who succeed not only in complying by the deadline, but also improving their strategic aggregation and management of their risk, will be those that: 1. Embrace the strategic opportunity for change and ensure appropriate strategy, commitment and investment 2. Implement a complete system of robust governance, project supervision and reporting 3. Minimise manual workarounds for compliance, thereby reducing their future technical debt, process debt and end-user application policies 4. Establish risk data taxonomies, with consistent documentation of the aggregation process 5. Include all collateral positions and sources in addition to firm exposures 6. Implement robust reconciliation and data quality control processes We have seen that many firms faced by the huge demands of BCBS239 and other competing regulations rely heavily on manual workarounds and tactical mitigants in order to comply with requirements. Such solutions compromise long-term value and indeed can work counter to the spirit and objectives of BCBS239. Such firms should be identifying how they can make the transition towards implementing more strategic solutions. Taking and managing risk is at the very core of banking, so it is profoundly appropriate that firms should be able to flexibly and accurately aggregate risk information. Whether they are a G-SIB or a D-SIB, firms should appreciate that BCBS239 is not simply another form of regulation that requires compliance; it is an opportunity to entirely re-evaluate their risk data aggregation, management and reporting, ultimately leading to better governance, better decision-making and improved operational efficiency.
7 © GFT 2015 AML & Risk Practice Lead (USA) As AML and Risk Practice Lead, Alan focuses on how best to change compliance, AML and risk operations through new processes and targeted IT investment. He and his teams are currently guiding new and automated AML risk assessment services and are helping in the early identification of rogue traders for major international banks. With GFT, Alan has been involved in addressing immediate regulatory and compliance challenges focusing on risk assessment, business process, policy and workflow. He has co-designed and developed new global compliance risk assessment frameworks, methodologies and executive reporting systems, supporting more accurate targeting of transaction monitoring systems and the identification of rogue trading and potential market abuse. Managing Principal, Risk Consulting John is a Managing Principal in risk consulting, with over 20 years’ experience in the financial sector, delivering solutions in risk management and front office derivatives trading. John has experience with strategic systems, performing risk and P&L for equity swaps, portfolio swaps, and FX hedges for over 800 trading books across four principal legal entities. John previously worked at Goldman Sachs on the specification, development and validation of a jump to default methodology, as well as undertaking similar roles with JP Morgan and Credit Suisse. Managing Principal, GFT Tony has 17 years of investment banking experience gained in line, change and programme management roles, running operational and IT teams. He is responsible for a number of ‘in-flight’ regulatory change programmes for a number of banking clients, including BCBS239 compliance initiatives. Featured Specialists Alan Morley Tony Sodhi John Barclay
8 © GFT 2015 About GFT GFT is one of the world’s leading solutions providers in the finance sector offering consulting, implementation and maintenance for a broad range of IT applications. Combining technological expertise and seamless project management with a deep understanding of the financial industry, GFT is a reliable partner for well-known companies all around the globe. Headquartered in Germany, GFT has stood for technological expertise, innovative strength and outstanding quality for over 25 years. › gft.com This report is supplied in good faith, based on information made available to GFT at the date of submission. It contains confidential information that must not be disclosed to third parties. Please note that GFT does not warrant the correctness or completion of the information contained. The client is solely responsible for the usage of the information and any decisions based upon it.

Recommended

BCBS 239 The hidden game changer
BCBS 239 The hidden game changerBCBS 239 The hidden game changer
BCBS 239 The hidden game changer
Catalyst Development Ltd
 
Automation and Analytics: Two Levers to Revitalize Retail Debt Recovery
Automation and Analytics: Two Levers to Revitalize Retail Debt RecoveryAutomation and Analytics: Two Levers to Revitalize Retail Debt Recovery
Automation and Analytics: Two Levers to Revitalize Retail Debt Recovery
Cognizant
 
Mortgage Banking: A Holistic Approach to Managing Compliance Risk
Mortgage Banking: A Holistic Approach to Managing Compliance RiskMortgage Banking: A Holistic Approach to Managing Compliance Risk
Mortgage Banking: A Holistic Approach to Managing Compliance Risk
Cognizant
 
Asset Information: Addressing 21st Century Challenges
Asset Information: Addressing 21st Century ChallengesAsset Information: Addressing 21st Century Challenges
Asset Information: Addressing 21st Century Challenges
Cognizant
 
MAS 610 Reporting Challenges & a Future Roadmap for Singapore’s Banks
MAS 610 Reporting Challenges & a Future Roadmap for Singapore’s BanksMAS 610 Reporting Challenges & a Future Roadmap for Singapore’s Banks
MAS 610 Reporting Challenges & a Future Roadmap for Singapore’s Banks
Cognizant
 
Accenture Capital Markets- serving many masters - Top 10 Challenges 2013
Accenture Capital Markets- serving many masters - Top 10 Challenges 2013Accenture Capital Markets- serving many masters - Top 10 Challenges 2013
Accenture Capital Markets- serving many masters - Top 10 Challenges 2013
Karl Meekings
 
Why is Regulatory Reporting tough?
Why is Regulatory Reporting tough?Why is Regulatory Reporting tough?
Why is Regulatory Reporting tough?
HEXANIKA
 
201402 Transforming Banks, Redefining Banking
201402 Transforming Banks, Redefining Banking201402 Transforming Banks, Redefining Banking
201402 Transforming Banks, Redefining Banking
Francisco Calzado
 

Recommended

BCBS 239 The hidden game changer
BCBS 239 The hidden game changerBCBS 239 The hidden game changer
BCBS 239 The hidden game changer
Catalyst Development Ltd
 
Automation and Analytics: Two Levers to Revitalize Retail Debt Recovery
Automation and Analytics: Two Levers to Revitalize Retail Debt RecoveryAutomation and Analytics: Two Levers to Revitalize Retail Debt Recovery
Automation and Analytics: Two Levers to Revitalize Retail Debt Recovery
Cognizant
 
Mortgage Banking: A Holistic Approach to Managing Compliance Risk
Mortgage Banking: A Holistic Approach to Managing Compliance RiskMortgage Banking: A Holistic Approach to Managing Compliance Risk
Mortgage Banking: A Holistic Approach to Managing Compliance Risk
Cognizant
 
Asset Information: Addressing 21st Century Challenges
Asset Information: Addressing 21st Century ChallengesAsset Information: Addressing 21st Century Challenges
Asset Information: Addressing 21st Century Challenges
Cognizant
 
MAS 610 Reporting Challenges & a Future Roadmap for Singapore’s Banks
MAS 610 Reporting Challenges & a Future Roadmap for Singapore’s BanksMAS 610 Reporting Challenges & a Future Roadmap for Singapore’s Banks
MAS 610 Reporting Challenges & a Future Roadmap for Singapore’s Banks
Cognizant
 
Accenture Capital Markets- serving many masters - Top 10 Challenges 2013
Accenture Capital Markets- serving many masters - Top 10 Challenges 2013Accenture Capital Markets- serving many masters - Top 10 Challenges 2013
Accenture Capital Markets- serving many masters - Top 10 Challenges 2013
Karl Meekings
 
Why is Regulatory Reporting tough?
Why is Regulatory Reporting tough?Why is Regulatory Reporting tough?
Why is Regulatory Reporting tough?
HEXANIKA
 
201402 Transforming Banks, Redefining Banking
201402 Transforming Banks, Redefining Banking201402 Transforming Banks, Redefining Banking
201402 Transforming Banks, Redefining Banking
Francisco Calzado
 
Winning Tactics for Data Governance
Winning Tactics for Data GovernanceWinning Tactics for Data Governance
Winning Tactics for Data Governance
Colleen Beck-Domanico
 
Cognizant_Introduction to management consulting in Switzerland
Cognizant_Introduction to management consulting in SwitzerlandCognizant_Introduction to management consulting in Switzerland
Cognizant_Introduction to management consulting in Switzerland
audrey miguel
 
James Okarimia - Aligning Finance, Risk and Data Analytics in Meeting the Req...
James Okarimia - Aligning Finance, Risk and Data Analytics in Meeting the Req...James Okarimia - Aligning Finance, Risk and Data Analytics in Meeting the Req...
James Okarimia - Aligning Finance, Risk and Data Analytics in Meeting the Req...
JAMES OKARIMIA
 
James Okarimia Aligning Finance , Risk and Compliance to Meet Regulation
James Okarimia Aligning Finance , Risk and Compliance to Meet RegulationJames Okarimia Aligning Finance , Risk and Compliance to Meet Regulation
James Okarimia Aligning Finance , Risk and Compliance to Meet Regulation
JAMES OKARIMIA
 
Remaking IT for New U.S. Mortgage Rule Compliance
Remaking IT for New U.S. Mortgage Rule ComplianceRemaking IT for New U.S. Mortgage Rule Compliance
Remaking IT for New U.S. Mortgage Rule Compliance
Cognizant
 
Aligning finance , risk and compliance
Aligning finance , risk and complianceAligning finance , risk and compliance
Aligning finance , risk and compliance
JAMES OKARIMIA
 
Implementing a Kenyan Credit Information Sharing System: Progress and Challe...
Implementing a Kenyan Credit Information Sharing System: Progress and Challe...Implementing a Kenyan Credit Information Sharing System: Progress and Challe...
Implementing a Kenyan Credit Information Sharing System: Progress and Challe...
PERC
 
James Okarimia - Aligning Finance , Risk and Data Analytics in Meeting the R...
James Okarimia - Aligning Finance , Risk and Data Analytics in Meeting the R...James Okarimia - Aligning Finance , Risk and Data Analytics in Meeting the R...
James Okarimia - Aligning Finance , Risk and Data Analytics in Meeting the R...
JAMES OKARIMIA
 
Banks too slow to modernize core systems ab150911
Banks too slow to modernize core systems ab150911Banks too slow to modernize core systems ab150911
Banks too slow to modernize core systems ab150911
Craig Focardi
 
Covid-19 Is a Call for Retail Banks to Accelerate Digital Transformation
Covid-19 Is a Call for Retail Banks to Accelerate Digital TransformationCovid-19 Is a Call for Retail Banks to Accelerate Digital Transformation
Covid-19 Is a Call for Retail Banks to Accelerate Digital Transformation
Boston Consulting Group
 
APPLICATION OF TWO-STAGE MCDM TECHNIQUES IN EVALUATING THE PERFORMANCE OF ELE...
APPLICATION OF TWO-STAGE MCDM TECHNIQUES IN EVALUATING THE PERFORMANCE OF ELE...APPLICATION OF TWO-STAGE MCDM TECHNIQUES IN EVALUATING THE PERFORMANCE OF ELE...
APPLICATION OF TWO-STAGE MCDM TECHNIQUES IN EVALUATING THE PERFORMANCE OF ELE...
IJDKP
 
Swiss Private Banking and the Rationale for Global Services Deliver
Swiss Private Banking and the Rationale for Global Services DeliverSwiss Private Banking and the Rationale for Global Services Deliver
Swiss Private Banking and the Rationale for Global Services Deliver
Cognizant
 
Managing Costs Related to Increasing Banking Regulation
Managing Costs Related to Increasing Banking RegulationManaging Costs Related to Increasing Banking Regulation
Managing Costs Related to Increasing Banking Regulation
Cognizant
 
การจัดการฐานข้อมูลเชิงสัมพันธ์2
การจัดการฐานข้อมูลเชิงสัมพันธ์2การจัดการฐานข้อมูลเชิงสัมพันธ์2
การจัดการฐานข้อมูลเชิงสัมพันธ์2sunisa3112
 
The role of financial ratio on disbrusment of loan to companies idbi.docx rep...
The role of financial ratio on disbrusment of loan to companies idbi.docx rep...The role of financial ratio on disbrusment of loan to companies idbi.docx rep...
The role of financial ratio on disbrusment of loan to companies idbi.docx rep...
Bhoopendra Verma
 
портфоліо пляшко т.п
портфоліо пляшко т.ппортфоліо пляшко т.п
портфоліо пляшко т.пOksana Vyshnevetska
 
Modulo 5
Modulo 5Modulo 5
Modulo 5
Mariius Neek
 
το προσφυγικό ζήτημα στην ελλάδα 19ος αι
το προσφυγικό ζήτημα στην ελλάδα 19ος αιτο προσφυγικό ζήτημα στην ελλάδα 19ος αι
το προσφυγικό ζήτημα στην ελλάδα 19ος αιglikeria82
 
Site documentation
Site documentationSite documentation
Site documentation
stuartbgriffith
 
Credit de sintesis les salines
Credit de sintesis les salinesCredit de sintesis les salines
Credit de sintesis les salinesEmi Mateo
 
Chart patterns
Chart patternsChart patterns
Chart patterns
ypendharkar
 
Lucerne Minds 14/3 - Home Gardening
Lucerne Minds 14/3 - Home GardeningLucerne Minds 14/3 - Home Gardening
Lucerne Minds 14/3 - Home Gardening
Dominik Schürmann
 

More Related Content

What's hot

Winning Tactics for Data Governance
Winning Tactics for Data GovernanceWinning Tactics for Data Governance
Winning Tactics for Data Governance
Colleen Beck-Domanico
 
Cognizant_Introduction to management consulting in Switzerland
Cognizant_Introduction to management consulting in SwitzerlandCognizant_Introduction to management consulting in Switzerland
Cognizant_Introduction to management consulting in Switzerland
audrey miguel
 
James Okarimia - Aligning Finance, Risk and Data Analytics in Meeting the Req...
James Okarimia - Aligning Finance, Risk and Data Analytics in Meeting the Req...James Okarimia - Aligning Finance, Risk and Data Analytics in Meeting the Req...
James Okarimia - Aligning Finance, Risk and Data Analytics in Meeting the Req...
JAMES OKARIMIA
 
James Okarimia Aligning Finance , Risk and Compliance to Meet Regulation
James Okarimia Aligning Finance , Risk and Compliance to Meet RegulationJames Okarimia Aligning Finance , Risk and Compliance to Meet Regulation
James Okarimia Aligning Finance , Risk and Compliance to Meet Regulation
JAMES OKARIMIA
 
Remaking IT for New U.S. Mortgage Rule Compliance
Remaking IT for New U.S. Mortgage Rule ComplianceRemaking IT for New U.S. Mortgage Rule Compliance
Remaking IT for New U.S. Mortgage Rule Compliance
Cognizant
 
Aligning finance , risk and compliance
Aligning finance , risk and complianceAligning finance , risk and compliance
Aligning finance , risk and compliance
JAMES OKARIMIA
 
Implementing a Kenyan Credit Information Sharing System: Progress and Challe...
Implementing a Kenyan Credit Information Sharing System: Progress and Challe...Implementing a Kenyan Credit Information Sharing System: Progress and Challe...
Implementing a Kenyan Credit Information Sharing System: Progress and Challe...
PERC
 
James Okarimia - Aligning Finance , Risk and Data Analytics in Meeting the R...
James Okarimia - Aligning Finance , Risk and Data Analytics in Meeting the R...James Okarimia - Aligning Finance , Risk and Data Analytics in Meeting the R...
James Okarimia - Aligning Finance , Risk and Data Analytics in Meeting the R...
JAMES OKARIMIA
 
Banks too slow to modernize core systems ab150911
Banks too slow to modernize core systems ab150911Banks too slow to modernize core systems ab150911
Banks too slow to modernize core systems ab150911
Craig Focardi
 
Covid-19 Is a Call for Retail Banks to Accelerate Digital Transformation
Covid-19 Is a Call for Retail Banks to Accelerate Digital TransformationCovid-19 Is a Call for Retail Banks to Accelerate Digital Transformation
Covid-19 Is a Call for Retail Banks to Accelerate Digital Transformation
Boston Consulting Group
 
APPLICATION OF TWO-STAGE MCDM TECHNIQUES IN EVALUATING THE PERFORMANCE OF ELE...
APPLICATION OF TWO-STAGE MCDM TECHNIQUES IN EVALUATING THE PERFORMANCE OF ELE...APPLICATION OF TWO-STAGE MCDM TECHNIQUES IN EVALUATING THE PERFORMANCE OF ELE...
APPLICATION OF TWO-STAGE MCDM TECHNIQUES IN EVALUATING THE PERFORMANCE OF ELE...
IJDKP
 
Swiss Private Banking and the Rationale for Global Services Deliver
Swiss Private Banking and the Rationale for Global Services DeliverSwiss Private Banking and the Rationale for Global Services Deliver
Swiss Private Banking and the Rationale for Global Services Deliver
Cognizant
 
Managing Costs Related to Increasing Banking Regulation
Managing Costs Related to Increasing Banking RegulationManaging Costs Related to Increasing Banking Regulation
Managing Costs Related to Increasing Banking Regulation
Cognizant
 

What's hot (13)

Winning Tactics for Data Governance
Winning Tactics for Data GovernanceWinning Tactics for Data Governance
Winning Tactics for Data Governance
 
Cognizant_Introduction to management consulting in Switzerland
Cognizant_Introduction to management consulting in SwitzerlandCognizant_Introduction to management consulting in Switzerland
Cognizant_Introduction to management consulting in Switzerland
 
James Okarimia - Aligning Finance, Risk and Data Analytics in Meeting the Req...
James Okarimia - Aligning Finance, Risk and Data Analytics in Meeting the Req...James Okarimia - Aligning Finance, Risk and Data Analytics in Meeting the Req...
James Okarimia - Aligning Finance, Risk and Data Analytics in Meeting the Req...
 
James Okarimia Aligning Finance , Risk and Compliance to Meet Regulation
James Okarimia Aligning Finance , Risk and Compliance to Meet RegulationJames Okarimia Aligning Finance , Risk and Compliance to Meet Regulation
James Okarimia Aligning Finance , Risk and Compliance to Meet Regulation
 
Remaking IT for New U.S. Mortgage Rule Compliance
Remaking IT for New U.S. Mortgage Rule ComplianceRemaking IT for New U.S. Mortgage Rule Compliance
Remaking IT for New U.S. Mortgage Rule Compliance
 
Aligning finance , risk and compliance
Aligning finance , risk and complianceAligning finance , risk and compliance
Aligning finance , risk and compliance
 
Implementing a Kenyan Credit Information Sharing System: Progress and Challe...
Implementing a Kenyan Credit Information Sharing System: Progress and Challe...Implementing a Kenyan Credit Information Sharing System: Progress and Challe...
Implementing a Kenyan Credit Information Sharing System: Progress and Challe...
 
James Okarimia - Aligning Finance , Risk and Data Analytics in Meeting the R...
James Okarimia - Aligning Finance , Risk and Data Analytics in Meeting the R...James Okarimia - Aligning Finance , Risk and Data Analytics in Meeting the R...
James Okarimia - Aligning Finance , Risk and Data Analytics in Meeting the R...
 
Banks too slow to modernize core systems ab150911
Banks too slow to modernize core systems ab150911Banks too slow to modernize core systems ab150911
Banks too slow to modernize core systems ab150911
 
Covid-19 Is a Call for Retail Banks to Accelerate Digital Transformation
Covid-19 Is a Call for Retail Banks to Accelerate Digital TransformationCovid-19 Is a Call for Retail Banks to Accelerate Digital Transformation
Covid-19 Is a Call for Retail Banks to Accelerate Digital Transformation
 
APPLICATION OF TWO-STAGE MCDM TECHNIQUES IN EVALUATING THE PERFORMANCE OF ELE...
APPLICATION OF TWO-STAGE MCDM TECHNIQUES IN EVALUATING THE PERFORMANCE OF ELE...APPLICATION OF TWO-STAGE MCDM TECHNIQUES IN EVALUATING THE PERFORMANCE OF ELE...
APPLICATION OF TWO-STAGE MCDM TECHNIQUES IN EVALUATING THE PERFORMANCE OF ELE...
 
Swiss Private Banking and the Rationale for Global Services Deliver
Swiss Private Banking and the Rationale for Global Services DeliverSwiss Private Banking and the Rationale for Global Services Deliver
Swiss Private Banking and the Rationale for Global Services Deliver
 
Managing Costs Related to Increasing Banking Regulation
Managing Costs Related to Increasing Banking RegulationManaging Costs Related to Increasing Banking Regulation
Managing Costs Related to Increasing Banking Regulation
 

Viewers also liked

การจัดการฐานข้อมูลเชิงสัมพันธ์2
การจัดการฐานข้อมูลเชิงสัมพันธ์2การจัดการฐานข้อมูลเชิงสัมพันธ์2
การจัดการฐานข้อมูลเชิงสัมพันธ์2sunisa3112
 
The role of financial ratio on disbrusment of loan to companies idbi.docx rep...
The role of financial ratio on disbrusment of loan to companies idbi.docx rep...The role of financial ratio on disbrusment of loan to companies idbi.docx rep...
The role of financial ratio on disbrusment of loan to companies idbi.docx rep...
Bhoopendra Verma
 
портфоліо пляшко т.п
портфоліо пляшко т.ппортфоліо пляшко т.п
портфоліо пляшко т.пOksana Vyshnevetska
 
Modulo 5
Modulo 5Modulo 5
Modulo 5
Mariius Neek
 
το προσφυγικό ζήτημα στην ελλάδα 19ος αι
το προσφυγικό ζήτημα στην ελλάδα 19ος αιτο προσφυγικό ζήτημα στην ελλάδα 19ος αι
το προσφυγικό ζήτημα στην ελλάδα 19ος αιglikeria82
 
Site documentation
Site documentationSite documentation
Site documentation
stuartbgriffith
 
Credit de sintesis les salines
Credit de sintesis les salinesCredit de sintesis les salines
Credit de sintesis les salinesEmi Mateo
 
Chart patterns
Chart patternsChart patterns
Chart patterns
ypendharkar
 
Lucerne Minds 14/3 - Home Gardening
Lucerne Minds 14/3 - Home GardeningLucerne Minds 14/3 - Home Gardening
Lucerne Minds 14/3 - Home Gardening
Dominik Schürmann
 
Putuo Study Tour - Shanghai
Putuo Study Tour - ShanghaiPutuo Study Tour - Shanghai
Putuo Study Tour - Shanghai
Anaïs Laurent
 
India top-5000-brands
India top-5000-brandsIndia top-5000-brands
India top-5000-brands
Pooja Chopra
 
портфоліо вишневецької о.п.
портфоліо вишневецької о.п.портфоліо вишневецької о.п.
портфоліо вишневецької о.п.Oksana Vyshnevetska
 
What rage game!
What rage game!What rage game!
What rage game!
Elisabet Cusí Rodríguez
 
Open Education Week 2014 IPTS
Open Education Week 2014 IPTSOpen Education Week 2014 IPTS
Open Education Week 2014 IPTS
iptsedu
 
How are higher education institutions in Europe dealing with openness?
How are higher education institutions in Europe dealing with openness?How are higher education institutions in Europe dealing with openness?
How are higher education institutions in Europe dealing with openness?
iptsedu
 
Group Travel Odyssey
Group Travel OdysseyGroup Travel Odyssey
Group Travel Odyssey
SteveBrinkman
 
портфоліо ткачук т.і.
портфоліо ткачук т.і.портфоліо ткачук т.і.
портфоліо ткачук т.і.Oksana Vyshnevetska
 
מצגת תמא 37ח
מצגת תמא 37חמצגת תמא 37ח
מצגת תמא 37ח
zalulisrael
 
Old show
Old showOld show
Old show
Kim Rowe
 
A patchwork of individual solutions (LOTE 5, 27 feb 2016)
A patchwork of individual solutions (LOTE 5, 27 feb 2016)A patchwork of individual solutions (LOTE 5, 27 feb 2016)
A patchwork of individual solutions (LOTE 5, 27 feb 2016)
Mohamed Hegazy
 

Viewers also liked (20)

การจัดการฐานข้อมูลเชิงสัมพันธ์2
การจัดการฐานข้อมูลเชิงสัมพันธ์2การจัดการฐานข้อมูลเชิงสัมพันธ์2
การจัดการฐานข้อมูลเชิงสัมพันธ์2
 
The role of financial ratio on disbrusment of loan to companies idbi.docx rep...
The role of financial ratio on disbrusment of loan to companies idbi.docx rep...The role of financial ratio on disbrusment of loan to companies idbi.docx rep...
The role of financial ratio on disbrusment of loan to companies idbi.docx rep...
 
портфоліо пляшко т.п
портфоліо пляшко т.ппортфоліо пляшко т.п
портфоліо пляшко т.п
 
Modulo 5
Modulo 5Modulo 5
Modulo 5
 
το προσφυγικό ζήτημα στην ελλάδα 19ος αι
το προσφυγικό ζήτημα στην ελλάδα 19ος αιτο προσφυγικό ζήτημα στην ελλάδα 19ος αι
το προσφυγικό ζήτημα στην ελλάδα 19ος αι
 
Site documentation
Site documentationSite documentation
Site documentation
 
Credit de sintesis les salines
Credit de sintesis les salinesCredit de sintesis les salines
Credit de sintesis les salines
 
Chart patterns
Chart patternsChart patterns
Chart patterns
 
Lucerne Minds 14/3 - Home Gardening
Lucerne Minds 14/3 - Home GardeningLucerne Minds 14/3 - Home Gardening
Lucerne Minds 14/3 - Home Gardening
 
Putuo Study Tour - Shanghai
Putuo Study Tour - ShanghaiPutuo Study Tour - Shanghai
Putuo Study Tour - Shanghai
 
India top-5000-brands
India top-5000-brandsIndia top-5000-brands
India top-5000-brands
 
портфоліо вишневецької о.п.
портфоліо вишневецької о.п.портфоліо вишневецької о.п.
портфоліо вишневецької о.п.
 
What rage game!
What rage game!What rage game!
What rage game!
 
Open Education Week 2014 IPTS
Open Education Week 2014 IPTSOpen Education Week 2014 IPTS
Open Education Week 2014 IPTS
 
How are higher education institutions in Europe dealing with openness?
How are higher education institutions in Europe dealing with openness?How are higher education institutions in Europe dealing with openness?
How are higher education institutions in Europe dealing with openness?
 
Group Travel Odyssey
Group Travel OdysseyGroup Travel Odyssey
Group Travel Odyssey
 
портфоліо ткачук т.і.
портфоліо ткачук т.і.портфоліо ткачук т.і.
портфоліо ткачук т.і.
 
מצגת תמא 37ח
מצגת תמא 37חמצגת תמא 37ח
מצגת תמא 37ח
 
Old show
Old showOld show
Old show
 
A patchwork of individual solutions (LOTE 5, 27 feb 2016)
A patchwork of individual solutions (LOTE 5, 27 feb 2016)A patchwork of individual solutions (LOTE 5, 27 feb 2016)
A patchwork of individual solutions (LOTE 5, 27 feb 2016)
 

Similar to BCBS239 the behemoth lumbers on

BCBS 239 Compliance: A Comprehensive Approach
BCBS 239 Compliance: A Comprehensive ApproachBCBS 239 Compliance: A Comprehensive Approach
BCBS 239 Compliance: A Comprehensive Approach
Cognizant
 
dt_mt_SREP_Pub_BCBS239_200216lo
dt_mt_SREP_Pub_BCBS239_200216lodt_mt_SREP_Pub_BCBS239_200216lo
dt_mt_SREP_Pub_BCBS239_200216lo
Mark Micallef
 
KPMG - BCBS239_Bracing for Change
KPMG - BCBS239_Bracing for ChangeKPMG - BCBS239_Bracing for Change
KPMG - BCBS239_Bracing for Change
Nanda Thiruvengadam
 
BCBS Information Article By Mike Gowlett
BCBS Information Article By Mike GowlettBCBS Information Article By Mike Gowlett
BCBS Information Article By Mike Gowlett
Michael Gowlett PMP, Prince 2 Practitioner
 
BCBS 239
BCBS 239BCBS 239
BCBS 239
Lata Sheth
 
A Review of BCBS 239: Helping banks stay compliant
A Review of BCBS 239: Helping banks stay compliantA Review of BCBS 239: Helping banks stay compliant
A Review of BCBS 239: Helping banks stay compliant
HEXANIKA
 
Risk Data Aggregation Risk Reporting
Risk Data Aggregation Risk ReportingRisk Data Aggregation Risk Reporting
Risk Data Aggregation Risk Reporting
Shelly Biggs
 
201501 The Emerging Equilibrium in Banking
201501 The Emerging Equilibrium in Banking201501 The Emerging Equilibrium in Banking
201501 The Emerging Equilibrium in Banking
Francisco Calzado
 
Banks brace for risk data aggregation and reporting
Banks brace for risk data aggregation and reportingBanks brace for risk data aggregation and reporting
Banks brace for risk data aggregation and reporting
Markit
 
Commercial Banking Solutions | Commercial Banking BPM | WNS
Commercial Banking Solutions | Commercial Banking BPM | WNSCommercial Banking Solutions | Commercial Banking BPM | WNS
Commercial Banking Solutions | Commercial Banking BPM | WNS
RNayak3
 
BCBS 239 risk data aggregation reporting_Feb15_PRINT
BCBS 239 risk data aggregation reporting_Feb15_PRINTBCBS 239 risk data aggregation reporting_Feb15_PRINT
BCBS 239 risk data aggregation reporting_Feb15_PRINT
Richard Powell, Business Transformation
 
Regulatory Dictionaries Symetria white paper
Regulatory Dictionaries Symetria white paperRegulatory Dictionaries Symetria white paper
Regulatory Dictionaries Symetria white paper
Novabase Financial Services
 
Balance Resilience and CX: COVID-19 Impact on Banking Customer Experience
Balance Resilience and CX: COVID-19 Impact on Banking Customer ExperienceBalance Resilience and CX: COVID-19 Impact on Banking Customer Experience
Balance Resilience and CX: COVID-19 Impact on Banking Customer Experience
RNayak3
 
The future of bank risk management full report
The future of bank risk management full reportThe future of bank risk management full report
The future of bank risk management full report
Altan Atabarut, MSc.
 
Regulatory Change is a Business Opportunity, not a Burden
Regulatory Change is a Business Opportunity, not a Burden Regulatory Change is a Business Opportunity, not a Burden
Regulatory Change is a Business Opportunity, not a Burden
Amit Agrawal
 
A Guide for Credit Providers Moving to Participate in CCR by David Grafton
A Guide for Credit Providers Moving to Participate in CCR by David GraftonA Guide for Credit Providers Moving to Participate in CCR by David Grafton
A Guide for Credit Providers Moving to Participate in CCR by David Grafton
David Grafton
 
Benefits-of-Financial-Technology-for-Banks_RMA Jan 2017
Benefits-of-Financial-Technology-for-Banks_RMA Jan 2017Benefits-of-Financial-Technology-for-Banks_RMA Jan 2017
Benefits-of-Financial-Technology-for-Banks_RMA Jan 2017
Max Zahner
 
Banks Must Act on their Early Warning Systems or Risk ROE Downturn
Banks Must Act on their Early Warning Systems or Risk ROE DownturnBanks Must Act on their Early Warning Systems or Risk ROE Downturn
Banks Must Act on their Early Warning Systems or Risk ROE Downturn
Paperjam_redaction
 
Bcbs 239 principles of effective risk data aggregation and risk reporting
Bcbs 239 principles of effective risk data aggregation and risk reportingBcbs 239 principles of effective risk data aggregation and risk reporting
Bcbs 239 principles of effective risk data aggregation and risk reporting
vikas0707
 
bcbs239
bcbs239bcbs239
bcbs239
Paul Childerhose
 

Similar to BCBS239 the behemoth lumbers on (20)

BCBS 239 Compliance: A Comprehensive Approach
BCBS 239 Compliance: A Comprehensive ApproachBCBS 239 Compliance: A Comprehensive Approach
BCBS 239 Compliance: A Comprehensive Approach
 
dt_mt_SREP_Pub_BCBS239_200216lo
dt_mt_SREP_Pub_BCBS239_200216lodt_mt_SREP_Pub_BCBS239_200216lo
dt_mt_SREP_Pub_BCBS239_200216lo
 
KPMG - BCBS239_Bracing for Change
KPMG - BCBS239_Bracing for ChangeKPMG - BCBS239_Bracing for Change
KPMG - BCBS239_Bracing for Change
 
BCBS Information Article By Mike Gowlett
BCBS Information Article By Mike GowlettBCBS Information Article By Mike Gowlett
BCBS Information Article By Mike Gowlett
 
BCBS 239
BCBS 239BCBS 239
BCBS 239
 
A Review of BCBS 239: Helping banks stay compliant
A Review of BCBS 239: Helping banks stay compliantA Review of BCBS 239: Helping banks stay compliant
A Review of BCBS 239: Helping banks stay compliant
 
Risk Data Aggregation Risk Reporting
Risk Data Aggregation Risk ReportingRisk Data Aggregation Risk Reporting
Risk Data Aggregation Risk Reporting
 
201501 The Emerging Equilibrium in Banking
201501 The Emerging Equilibrium in Banking201501 The Emerging Equilibrium in Banking
201501 The Emerging Equilibrium in Banking
 
Banks brace for risk data aggregation and reporting
Banks brace for risk data aggregation and reportingBanks brace for risk data aggregation and reporting
Banks brace for risk data aggregation and reporting
 
Commercial Banking Solutions | Commercial Banking BPM | WNS
Commercial Banking Solutions | Commercial Banking BPM | WNSCommercial Banking Solutions | Commercial Banking BPM | WNS
Commercial Banking Solutions | Commercial Banking BPM | WNS
 
BCBS 239 risk data aggregation reporting_Feb15_PRINT
BCBS 239 risk data aggregation reporting_Feb15_PRINTBCBS 239 risk data aggregation reporting_Feb15_PRINT
BCBS 239 risk data aggregation reporting_Feb15_PRINT
 
Regulatory Dictionaries Symetria white paper
Regulatory Dictionaries Symetria white paperRegulatory Dictionaries Symetria white paper
Regulatory Dictionaries Symetria white paper
 
Balance Resilience and CX: COVID-19 Impact on Banking Customer Experience
Balance Resilience and CX: COVID-19 Impact on Banking Customer ExperienceBalance Resilience and CX: COVID-19 Impact on Banking Customer Experience
Balance Resilience and CX: COVID-19 Impact on Banking Customer Experience
 
The future of bank risk management full report
The future of bank risk management full reportThe future of bank risk management full report
The future of bank risk management full report
 
Regulatory Change is a Business Opportunity, not a Burden
Regulatory Change is a Business Opportunity, not a Burden Regulatory Change is a Business Opportunity, not a Burden
Regulatory Change is a Business Opportunity, not a Burden
 
A Guide for Credit Providers Moving to Participate in CCR by David Grafton
A Guide for Credit Providers Moving to Participate in CCR by David GraftonA Guide for Credit Providers Moving to Participate in CCR by David Grafton
A Guide for Credit Providers Moving to Participate in CCR by David Grafton
 
Benefits-of-Financial-Technology-for-Banks_RMA Jan 2017
Benefits-of-Financial-Technology-for-Banks_RMA Jan 2017Benefits-of-Financial-Technology-for-Banks_RMA Jan 2017
Benefits-of-Financial-Technology-for-Banks_RMA Jan 2017
 
Banks Must Act on their Early Warning Systems or Risk ROE Downturn
Banks Must Act on their Early Warning Systems or Risk ROE DownturnBanks Must Act on their Early Warning Systems or Risk ROE Downturn
Banks Must Act on their Early Warning Systems or Risk ROE Downturn
 
Bcbs 239 principles of effective risk data aggregation and risk reporting
Bcbs 239 principles of effective risk data aggregation and risk reportingBcbs 239 principles of effective risk data aggregation and risk reporting
Bcbs 239 principles of effective risk data aggregation and risk reporting
 
bcbs239
bcbs239bcbs239
bcbs239
 

BCBS239 the behemoth lumbers on

  • 1. The New Normal - living with continuous regulatory change in the financial markets BCBS239: the behemoth lumbers on
  • 2. 2 © GFT 2015 Introduction Across the financial system, Global Systemically Important Banks (G-SIBs) are continuing to wrestle with the regulatory behemoth that is BCBS239 as they near the compliance deadline. More so than many regulations, the sheer size and scale of BCBS239 makes it a particularly daunting challenge for banks to overcome. Annual budgets of tens of millions of dollars, and total programme costs typically in the 50 to 150 million dollar range attest to the scale of the challenge. With the January 2016 deadline rapidly approaching, there still remains a very large question mark over the extent to which G-SIBs will be compliant. In January 2015, the Basel Committee on Banking Supervision published its second report on the progress made by the G-SIB banks in their attempts to comply with the 11 banking Principles of BCBS239. The report, entitled “Progress in adopting the principles for effective risk data aggregation and risk reporting” provides an update and a report on progress towards the 11 Principles set out in the January 2013 BIS Document. Although generally improvements have been made since the first progress report was released in December 2013, some banks have reported a downgrade in their ability to meet compliance requirements. 14 of the 31 G-SIBs said they would be unable to comply with at least one of the 11 Principles by January 2016. The picture that emerges is one where many banks are struggling to establish strong governance, data aggregation, architecture and processes. BCBS239 requires the implementation of large-scale, global strategic IT infrastructure, which is difficult enough, but also needs the cultural, business process and governance changes to support it. The BIS has also highlighted the concern that many banks continue to rely on manual workarounds to achieve compliance. Despite the mixed response from some banks, many still believe that full compliance will be possible by January 2016. With so much still to be achieved, is this a sign of overconfidence? It is likely that banks may have overestimated their predicted levels of compliance, and what is now required is a thorough and honest appraisal by each individual G-SIB on what they still need to do to comply with BCBS239. The challenges facing G-SIBs The origins and drivers of BCBS239 can be traced back to the 2008 financial crisis; as a response to the analysis and interrogation that inevitably followed. At the height of the crisis, it became apparent that banks were unable to aggregate data quickly or effectively enough, preventing them from identifying risk exposures and acting appropriately on them. As the crisis unfolded, their ability to make appropriate business decisions was compromised by data quality issues and their inability to aggregate risk information quickly and accurately. The Principles of BCBS239 require banks to strengthen their risk data aggregation capabilities and internal risk reporting practices. If banks are going to comply with these Principles by the January 2016 deadline, they need urgently to review their current governance structures, data architectures, IT infrastructure and capabilities, as well as think about the overall culture that exists within their individual institution towards data and risk analysis. The self-assessments by the G-SIBs clearly show how difficult complying with the Principles has proven to be. The size, scope, and complexity of this regulation pose a set of unique challenges, on top of other local and regional regulations that banks are already tackling. The self-assessments demonstrate that there is still much to be accomplished, including: addressing the heavy reliance on manual processes and tactical fixes, creating consistent documented processes for the aggregation of risk data at the Group level, improving the handling, aggregation and proper accounting of collateral, and improving the reconciliation and control processes for risk data aggregation. The question now is whether G-SIBs have enough time remaining to comply with the deadline, and if their remediation programmes are currently delivering the required changes to make this happen. BCBS239 is a “non-prescriptive” regulation; the onus is on the banks to decide how they intend to interpret the Principles as well as set and defining their own minimum standards for compliance. By way of a motoring analogy, if banks are driving along the road towards a destination called “BCBS239 Compliance”, each G-SIB is currently at a different stage of the journey, with some having much further to travel than others. For some, they are still struggling to determine exactly where “Compliance” is on the map, or the best route to get there!
  • 3. 3 © GFT 2015 With the growing awareness that time is running out, there is increasing pressure to simply meet the “letter of the law” (i.e. to tick the boxes for compliance), rather than to embrace the full spirit of the regulation as hoped for by BIS; with banks seeking to implement significant operational and cultural change in the management of their risk data. With limited time remaining, it is very likely that many of the G-SIBs will now only be capable of achieving the minimal standards for compliance, with many manual workarounds and legacy issues to be resolved at a later date. Problematic areas for compliance ¬ Governance structures BSBS239 states that banks should have in place strong governance frameworks. However, achieving this has proven highly problematic. A robust governance framework should be the foundation which banks can use to help build their BCBS239 solution – without this, compliance becomes increasingly difficult to achieve. Due to their size, G-SIBs will naturally face many challenges relating to their data architectures and the roles and responsibilities associated with this architecture. Poor quality data can be linked to the existence of many data sources and formats with perennial questions about formats, data quality, SLAs and ownership. Improved governance is vital, but it also requires G-SIBs to define clear data standards, identifying where high quality data comes from and what it should look like. G-SIBs need to document exactly how their data is managed in terms of the processes, controls, responsibilities and reporting. Mapping the “data lifecycle” and making it accessible and available to relevant stakeholders will be vital. A key aspect, however, is that governance structures are not just robust, but flexible. Banks must be able to aggregate data across different entities, business lines and risk types, not simply for a particular point in time, but to evolve over time and keep up with business, legal and regulatory changes. Significantly more flexible data architectures must be in place to allow for real-time and ad-hoc reporting in both normal and stressed conditions, such as the 2008 global financial crisis. ¬ Risk data activities Risk data management has been raised by BCBS239 to a new level. During the financial crisis, it became clear that weak risk data aggregation, reporting capabilities and an overreliance on manual processes were major issues. Many of the limitations and deficiencies in these areas arose because firms had numerous, disparate data sources using different formats, technologies, nomenclature and data quality assurance processes. These problem areas were highlighted in the most recent progress report, with 8 firms reporting that they would not be fully compliant on Principle 3 (Accuracy and integrity). Key elements of compliance on Principle 3 will include improved and more robust quality assurance processes and the introduction of standardised taxonomies and data protocols. Ultimately, improved risk data will help banks improve their decision-making, identifying where their exposures lie and reporting this data as quickly as possible to those who can do something about it. For example, with better visibility of aggregated risk data, a risk manager could identify issues quickly, before they become problems. The recent Russian debt crisis provides a classic example, whereupon many firms were unable to understand their exposure to the problem, and were therefore unable to do anything about it. ¬ Information technology High quality data aggregation cannot be achieved without the appropriate information technology (IT) and data architecture. The regulators reported that during the financial crisis, the IT systems and data architectures found in many banks were inadequate to support the management of financial risk. The regulators noted that those institutions which had better risk data management processes were the ones that had the appropriate technology, and platforms in place to help them analyse their risk data better. BCBS239 will stimulate the need to reassess existing legacy systems and technology and consider whether firms can deliver data in the required format to answer the questions being asked of them. This will require major IT infrastructure projects for many G-SIBs, which may include updating or replacing core legacy systems, to avoid leaving themselves a looming “technical debt” for the future.
  • 4. 4 © GFT 2015 ¬ Legacy technologies Updating embedded legacy systems is, however, no easy task, and will inevitably lead to an increase in spending by banks on their risk aggregation technology. The level of investment required and the scale of projects deployed will depend on how entrenched the legacy platforms are and the selection of appropriate replacements. These challenges are compounded by the need to continue to meet bank risk and reporting obligations, while at the same time overhauling their legacy technologies. ¬ Manual workarounds The 2015 progress report revealed that G-SIBs are continuing to rely heavily on manual workarounds to deal with the demands of complying with BCBS239. Manual workarounds and tactical mitigants are typically major constraints on the flexibility, adaptability and operational robustness of BCBS239 solutions. Although manual workarounds and tactical mitigants (such as end-user applications) are sometimes difficult to avoid, it must be remembered that they increase “process debt” which carries a heavy penalty to be paid at some point in the future. As with any debt which accumulates over time with a crippling rate of interest, technical and process debt can reach unmanageable proportions as complexity rises unabated. This situation increases the potential risk to the firm and also inflates the cost to eventually make a more strategic change in future. G-SIBs have been advised to “simplify their current IT architecture and data flows across departments and legal entities” in order to streamline the aggregation process and to enable quick aggregation of risk data during times of stress. However, with such embedded systems and processes, accumulated over many years, this is easier said than done. Banks need to understand and monitor closely the amount of technical and process debt they are storing up for the future, and ensure that there are plans and a budget in place to address this challenge. One such plan would be to include implementation debt assessment and remediation strategies into regular technical and business audits. ¬ Leadership requirements Delivering the projects required for BCBS239 compliance requires effective leadership within every G-SIB. The 2015 progress report recommended greater engagement from senior management and boards of directors, and more awareness of the risk and data aggregation capabilities within each bank. Senior management and board members have to start thinking differently about risk data management. They need to create a culture where everyone begins to think about data in a more in-depth and holistic way. Senior management has to understand the value of IT and data and demonstrate to all stakeholders how it impacts on the ability to make better business decisions, as well as meeting the requirements of BCBS239 compliance. Board members should take an active interest in, and responsibility for, the data quality and aggregation capabilities which ultimately underpin risk management strategy and decision-making. Accountability for risk is not something that can be delegated; ultimate responsibility for risk management sits with the board and executive committee members. Senior management needs to monitor and engage more actively in the delivery of projects, paying close attention to the progress and to become cognisant of trade-offs in terms of “strategic” versus “tactical” approaches, as well as the long term viability and robustness of solutions. As with many regulatory change initiatives, BCBS239 has too often been viewed simply as an issue for IT to resolve. This thinking has to change. The ability to store, deliver and report the required risk data is intrinsically linked to the IT capabilities within each bank, but senior management should be seeking to develop a framework that allows them to work more collaboratively with IT stakeholders to create effective policies and strategies for risk management. Board members should be directly involved in assessing whether the project implementation is on track, as well as identifying and enabling the timely resolution of any obstacles to implementation. It requires those in IT departments and those managing data to think about IT along business lines rather than in an organisational silo.
  • 5. 5 © GFT 2015 What has been the North American experience? Historically, BCBS239 has not been not high on the agenda for US domestic banks, compared with their European counterparts, yet the more vigorous action- oriented approach of American regulators has already provided strong incentives to make progress on some BCBS239 Principles. OCC Enforcement Actions have been very effective in forcing compliance, with recent examples touching on data aggregation principles. Interestingly, these enforcement actions tend to be quite specific, and also call for Executive Committee and sometimes board involvement in supervision and monitoring. What can D-SIBs learn from the G-SIB experience? Under the BCBS239 guidelines, D-SIBs are not required to implement BCBS239 by January 2016, but the Bank for International Settlements (BIS) recommended that regional regulators apply a three year timeframe for compliance, commencing with the individual organisations’ designation as a D-SIB. Since the regulators’ recognition of D-SIBs is not a globally synchronised process, there is a blurring of timelines, but D-SIBs are now beginning to budget, plan and mobilise their BCBS239 programmes. Starting from scratch, and with three years to implement, D-SIBs should be able to take advantage of the experiences and lessons learned by many of the G-SIBs, such as not launching a programme without clear data taxonomies or governance processes, and ensuring attention is paid to the proper inclusion of collateral in the programme. By avoiding these costly mistakes, using time and budget more efficiently, and ensuring that appropriate tools, processes and accelerators are utilised, D-SIBs can reduce project risk and aim for a better quality and more timely end result. Moreover, D-SIBs who seize the opportunity to get it right the first time will also be able to avoid the near-ubiquitous tactical mitigants and manual processes found in the approach of G-SIBs. They can focus on strategic build, rather than burden themselves with costly technical and process debt for years to come. In sharp contrast to the majority of G-SIBs, it is even possible that some D-SIBs will realise the gains in efficiency, reduced probability of losses, enhanced strategic decision-making, and increased profitability cited by the BIS as the core benefits of improving their risk data aggregation capabilities. The challenges and problem characteristics for D-SIBs are of course different from G-SIBs. However, D-SIBs are smaller and typically less complex than G-SIBs, with fewer distinct entities and source systems, so the scale of the costs and challenges are reduced and, in principle at least, more easily managed. On the other hand, D-SIBs will also generally be more sensitive to budgetary pressures and cost of ownership. In addition, D-SIBs will not necessarily have the large regulatory change and execution teams required to undertake this ambitious and far-reaching regulatory project. D-SIBs who undertake BCBS239 programmes with a more strategic approach, and pay close attention to the painful lessons learned by G-SIBs, should be able to reduce risks and project costs, and achieve compliance, but an integrated risk aggregation platform which adds value. Conclusion On 1st of January 2016 what can we expect to find? Will the G-SIBs be in a position to confidently say they have met all the Principles asked of them, or will they be desperately seeking an extension from the regulators? It is clear from the progress report that many banks do not expect to achieve full compliance and they will likely have significant additional remediation and implementation activities beyond this date. G-SIBs with outstanding items will then need to demonstrate adherence to agreed plans that specifically focus on those areas that need urgent attention, and they will risk regulatory censure or penalties if they fail to meet their commitments.
  • 6. 6 © GFT 2015 Succeeding with BCBS239 The key to success for any firm should begin with senior management taking the lead in embracing the importance and value of risk data management within each institution. Those firms who succeed not only in complying by the deadline, but also improving their strategic aggregation and management of their risk, will be those that: 1. Embrace the strategic opportunity for change and ensure appropriate strategy, commitment and investment 2. Implement a complete system of robust governance, project supervision and reporting 3. Minimise manual workarounds for compliance, thereby reducing their future technical debt, process debt and end-user application policies 4. Establish risk data taxonomies, with consistent documentation of the aggregation process 5. Include all collateral positions and sources in addition to firm exposures 6. Implement robust reconciliation and data quality control processes We have seen that many firms faced by the huge demands of BCBS239 and other competing regulations rely heavily on manual workarounds and tactical mitigants in order to comply with requirements. Such solutions compromise long-term value and indeed can work counter to the spirit and objectives of BCBS239. Such firms should be identifying how they can make the transition towards implementing more strategic solutions. Taking and managing risk is at the very core of banking, so it is profoundly appropriate that firms should be able to flexibly and accurately aggregate risk information. Whether they are a G-SIB or a D-SIB, firms should appreciate that BCBS239 is not simply another form of regulation that requires compliance; it is an opportunity to entirely re-evaluate their risk data aggregation, management and reporting, ultimately leading to better governance, better decision-making and improved operational efficiency.
  • 7. 7 © GFT 2015 AML & Risk Practice Lead (USA) As AML and Risk Practice Lead, Alan focuses on how best to change compliance, AML and risk operations through new processes and targeted IT investment. He and his teams are currently guiding new and automated AML risk assessment services and are helping in the early identification of rogue traders for major international banks. With GFT, Alan has been involved in addressing immediate regulatory and compliance challenges focusing on risk assessment, business process, policy and workflow. He has co-designed and developed new global compliance risk assessment frameworks, methodologies and executive reporting systems, supporting more accurate targeting of transaction monitoring systems and the identification of rogue trading and potential market abuse. Managing Principal, Risk Consulting John is a Managing Principal in risk consulting, with over 20 years’ experience in the financial sector, delivering solutions in risk management and front office derivatives trading. John has experience with strategic systems, performing risk and P&L for equity swaps, portfolio swaps, and FX hedges for over 800 trading books across four principal legal entities. John previously worked at Goldman Sachs on the specification, development and validation of a jump to default methodology, as well as undertaking similar roles with JP Morgan and Credit Suisse. Managing Principal, GFT Tony has 17 years of investment banking experience gained in line, change and programme management roles, running operational and IT teams. He is responsible for a number of ‘in-flight’ regulatory change programmes for a number of banking clients, including BCBS239 compliance initiatives. Featured Specialists Alan Morley Tony Sodhi John Barclay
  • 8. 8 © GFT 2015 About GFT GFT is one of the world’s leading solutions providers in the finance sector offering consulting, implementation and maintenance for a broad range of IT applications. Combining technological expertise and seamless project management with a deep understanding of the financial industry, GFT is a reliable partner for well-known companies all around the globe. Headquartered in Germany, GFT has stood for technological expertise, innovative strength and outstanding quality for over 25 years. › gft.com This report is supplied in good faith, based on information made available to GFT at the date of submission. It contains confidential information that must not be disclosed to third parties. Please note that GFT does not warrant the correctness or completion of the information contained. The client is solely responsible for the usage of the information and any decisions based upon it.