Sticking The Landing On BCBS 239

The Basel Committee on Banking Supervision (BCBS) report on the progress of compliance with its BCBS 239 risk data aggregation principles, which was issued in January, includes a statement that global systemically important banks (G-SIBs) are still having difficulty with data aggregation governance, architecture and processes, according to a comparison of surveys conducted for 2013 and 2014.

The report makes recommendations about what G-SIBs and other firms should do to be better prepared for full implementation of BCBS 239 principles by 2016. Those recommendations, however, are all along the lines of instituting guidance, making management more involved, doing self-assessment and exchanging information, but falling short of concrete calls to action.

Some industry experts say there should be no half measures, if firms really want to pass the stress tests prescribed in the BCBS 239 principles.

In a recent webcast, John Eliseo, head of data modeling at Thomson Reuters, said firms must define a set of policies for risk data aggregation, and be robust that there is only one way information should flow. Any data outside of that flow won't be supported and is at the user's own risk.

"Different systems are doing different things and you have to bring the information together to do any sort of analysis on it," he said. The ideal is a system that is already integrated and connected, that "tends to just snap together like Lego." Complete information sets can be scrutinized in any way a user wants, added Eliseo.

The first step, which is one that many have not yet taken, is freeing oneself from legacy systems, according to John Bottega, principal at Data Management Advisory Services and a senior advisor and consultant to the EDM Council, a co-sponsor of the webcast.

"The first need is simplification—identifying and prioritizing what's the most important data," he said. "Start to extract that from the plethora of legacy environments."

Trying to alter a legacy systems environment is too cumbersome, as Bottega describes. "So we reverse-engineer from critical functions and critical data back to its source," he said. "This creates the methodology and approach."

Consolidating data and eliminating outmoded data management systems are concrete actions that the industry can take to better handle risk data aggregation and pass annual stress tests. Although BCBS 239 charges G-SIBs with the directive to better control information management, the BCBS itself, the architect of the principles, falls short of prescribing decisive measures. Firms are aware of the problem and evidently are devising solutions, as explained by Eliseo and Bottega, but it remains to be seen if they will succeed—and if BCBS's next year-end report will be more promising, heading into 2016.