„BCBS 239“ and the "Principles for Effective Risk Data Aggregation and Risk Reporting"



I Overall management and infrastructure

1. Governance: Responsibility of the Executive Board and Administrative Board, determination of overall risk management, process documentation, validation standards, safeguarding resources, consideration of changes, group structure neutrality

2. Data architecture and IT infrastructure: Crisis phase, BCM, data governance, data management processes, data dictionary including semantics and data model, responsibility and roles, data properties, control

II Risk data aggregation capacities

3. Accuracy and integrity: automation/control of individual processes, reconciliation and transferability, relevant sources, method and data glossary, data quality concept for monitoring data properties

4. Completeness: collection, aggregation and monitoring of all material risk data, creation of categories

5. Timeliness: appropriate timeframes according to the type of risk, volatility and amount to the overall risk profile, timely reporting (critical risks) in crisis situations and stress phases

6. Adaptability: flexibly providing risk data for processing ad hoc enquiries (in times of crisis, supervisory requirements, etc.) and providing capacity


III Risk reporting

7. Accuracy: Accuracy through reconciliation reports, change and plausibility checks, exception reports, approximations, formulation and justification of accuracy requirements.

8. Comprehensive character: Covering the essential contents of a risk management report. Scope and level of detail in line with the business model and requirements of the recipients; forward-looking orientation.

9. Clarity and value: Definition of recipient appropriate requirements, constant feedback & review, balance between quantitative & qualitative elements, risk data inventory

10. Frequency: Review in normal times & crisis situations, risk type, reporting purpose, recipient specific

11. Preparation: Timely, confidential distribution to recipients, process review


Challenges for the supervisory authorities

IV Regulatory reviews, instruments and cooperation

12. Review

13. Corrective and supervisory actions

14. Transnational measures


More about BCBS 239 Compliance: https://skssolutions.de/en/services/data-governance/data-governance.html