„BCBS 239“ and the "Principles for Effective Risk Data Aggregation and Risk Reporting"
11 PRINCIPLES THAT DESCRIBE DATA REQUIREMENTS FOR BANKS IN DETAIL
I Overall management and infrastructure
1. Governance: Responsibility of the Executive Board and Administrative Board, determination of overall risk management, process documentation, validation standards, safeguarding resources, consideration of changes, group structure neutrality
2. Data architecture and IT infrastructure: Crisis phase, BCM, data governance, data management processes, data dictionary including semantics and data model, responsibility and roles, data properties, control
II Risk data aggregation capacities
3. Accuracy and integrity: automation/control of individual processes, reconciliation and transferability, relevant sources, method and data glossary, data quality concept for monitoring data properties
4. Completeness: collection, aggregation and monitoring of all material risk data, creation of categories
5. Timeliness: appropriate timeframes according to the type of risk, volatility and amount to the overall risk profile, timely reporting (critical risks) in crisis situations and stress phases
6. Adaptability: flexibly providing risk data for processing ad hoc enquiries (in times of crisis, supervisory requirements, etc.) and providing capacity
III Risk reporting
7. Accuracy: Accuracy through reconciliation reports, change and plausibility checks, exception reports, approximations, formulation and justification of accuracy requirements.
8. Comprehensive character: Covering the essential contents of a risk management report. Scope and level of detail in line with the business model and requirements of the recipients; forward-looking orientation.
9. Clarity and value: Definition of recipient appropriate requirements, constant feedback & review, balance between quantitative & qualitative elements, risk data inventory
10. Frequency: Review in normal times & crisis situations, risk type, reporting purpose, recipient specific
11. Preparation: Timely, confidential distribution to recipients, process review
Challenges for the supervisory authorities
IV Regulatory reviews, instruments and cooperation
12. Review
13. Corrective and supervisory actions
14. Transnational measures
More about BCBS 239 Compliance: https://skssolutions.de/en/services/data-governance/data-governance.html