Technology is a huge part of BCBS 239 compliance. Here are three ways purpose-built risk management software makes it easier to comply with this regulation.
The aftermath of the 2008 global financial meltdown served as a major wakeup call for banks, reminding them that they need to approach risk at a strategic level.
Weak data aggregation practices within banks were largely to blame for causing losses worth millions of dollars, so the rules have changed. Banks are now required to use technology that supports strong risk data aggregation and efficient reporting at all times. To enforce this, The Basel Committee on Banking Supervision (BCBS), in collaboration with the Financial Stability Board (FSB) enacted a new regulation, BCBS 239.
The regulation guides banks toward effective data aggregation with 14 principles. If you’re a global systemically important bank (G-SIB) or a systemically important bank (D-SIB), you need to evaluate your processes, data structure, and technology capabilities against these principles. This is so you can determine any compliance gaps and identify ways to fix them.
To effectively comply with all 14 principles, you need to be using appropriate risk-management technology. Here’s the three major ways it helps you in this process:
1. Gather accurate risk data
It’s not uncommon when banks grow quickly through acquisitions or new market segments, to end up with multiple IT architectures and systems that don’t communicate with one another. Do you have a single source of truth for the data you rely on? Or is it stored in different areas of the company, in different systems, resulting in constant questions around the accuracy and precision of data?
If the latter is true, the only option for getting the data you need to present to your supervisors is to go through the labor- and time-intensive process of manually coordinating with siloed departments. This puts the accuracy of your data in question.
Purpose-built risk management software helps you by capturing relevant data from diverse systems automatically and continuously into one consolidated and consistent format. Now you can improve the quality of your data and generate reports more easily.
“If you’ve been relying on risk processes that depend on periodic annual, quarterly, or monthly data flows, sorry to say they’re inadequate for volatile market environments.”
2. Be flexible enough to meet regulator requests in real time
BCBS 239 Principle 6 states that banks should be able to generate aggregate risk data to meet a broad range of reporting requests—like requests during stress/crisis situations, requests due to changing internal needs, and requests to meet supervisory queries.
Can you guarantee that data you gather can be quickly consolidated into your risk overview without any gaps in your data? Or is your data exported on a periodic basis? If you’ve been relying on risk processes that depend on periodic annual, quarterly, or monthly data flows, sorry to say they’re inadequate for volatile market environments. You need quick access to data for much more agile, fact-based decision making.
Regulators want you to be able to gather and analyze risk data quicker—and on their timelines. Risk management software automates the flow of information across systems, business units, roles, and management tiers. This way you make sure that the right insights are delivered to the right decision makers or supervisors, at the right time.
3. Create comprehensive reports
The quality of your reports are such a big part of BCBS 239 that they’re mentioned in each and every principle.
Principle 9 in particular focuses on the quality of reporting, demanding that your reports:
Visualizations always do a much better job than reams of data in spreadsheets when it comes to showing where controls have been tightened or compliance processes changed.
Better Practices for Compliance Management
- 5 common challenges with compliance management
- What a high-performance compliance management process looks like
- Where to start for your own compliance management transformation
- Top 8 compliance processes where technology can raise the bar
- Key technology considerations for achieving a high-performance compliance program.