Data Governance meets Basel standards

In this article we will show why is Data governance a vital component for Basel standards (BCBS) compliance in the banking industry.

In order to make a clear connection between Data governance and the regulation, first we will clarify what is covered by Basel Committee on Banking Supervision’s standard number 239 (BCBS 239) and what does it mean to implement Data governance. Further on, we will see what does “Having BCBS 239 principles in place” mean and how does Data governance implementation support compliance with the regulation. Finally, we will share our experience and lessons learned based on projects we implemented.

 

Basel Committee on Banking Supervision’s standard number 239 – BCBS 239

The purpose of BCBS 239 is to make sure that banks report on all the risks they are exposed to. Specifically, banks are expected to communicate their risk data aggregation capabilities as well as their internal risks transparently and consistently.

BCBS has a total of 14 principles, that cover four closely related topics:

  • Overarching governance and infrastructure
  • Risk data aggregation capabilities
  • Risk-reporting practices
  • Supervisory review, tools, and cooperation

Out of these 14 principles, the key principles are Principle 2 and Principle 3, so let’s look at them a bit more closely and point out the keywords that highlight the connection of Data governance and BCBS 239 compliance.

Principle 2 is all about data architecture and IT architecture. This principle states that a bank should design, build and maintain data architecture and IT infrastructure that fully supports its risk data aggregation capabilities. Furthermore, the architecture should be designed in a way that it supports risk reporting practices both in regular situations as well as in cases of crisis, while still meeting all the other Principles.

The standard also determines that, in order to achieve the requirements of this principle, banks should establish data taxonomies, collect metadata and create unified naming conventions for data. Banks should also define business and IT roles and responsibilities when it comes to data, its usage and quality.

Principle 3 addresses accuracy and integrity. A bank should be able to generate accurate and reliable risk data to meet normal and stress/crisis reporting accuracy requirements. Data should be aggregated on a largely automated basis so as to minimize the probability of errors.

In addition to Principles’ provisions, They expect banks to measure and monitor the accuracy of data and to develop appropriate escalation channels and action plans to be in place to rectify poor data quality. Even more so, supervisors will question data quality management, which is often wrongly mixed up with Data governance. Data governance includes data quality management, but it covers much more, such as policies and standards for handling data, guiding principles, business rules, data usage rules, data access rules and so on.

 

Data Governance

PWC review on southeast Asia’s banks (2021) shows that not a single bank is fully compliant with the BCBS 239.

According to the same source, most of the challenges preventing the full compliance were identified within the area of data and IT architecture, specifically, related to data issues that Data governance in place could address and solve.

Data governance connects the business (people) with the pieces of information (data) through the technology used by the organization. Each business process in the organization is viewed through these aspects – who is doing what, how and with which data.

Figure shows B-I-T sequence from Data Governance Institute, which emphasizes that data governance lies in the cross-section of these three aspects.

Implementing Data governance means assigning responsibility for all data within one organization to clearly identified data owners and tracking what happens with the data in its lifecycle. This means that one should keep in mind that these three elements: the piece of information (data), business (people) who take care of this data and technology used to store and manage data, are – so to say – inseparable. Data governance implementation is not about adding new tool into your technology landscape. Instead, it is about creating a framework that provides understanding of data ownership, data lifecycle, meaning of the data and acceptable data usage

All of that will result in having a business glossary and data catalog, documented policies describing data consumption via processes, business and technical lineage, as well as in having data monitoring via data quality rules, all of which is exactly what is required by BCBS 239.

 

What does “Having BCBS 239 principles in place” mean?

Through BCBS 239 principles Basel Committee has explicitly introduced qualitative expectations for risk reporting organization, processes and tools. Implicitly, it has quantitative expectations for reporting. These requirements display an increased focus on data quality, as well as emphasis on risk aggregation, timeliness, accuracy and granularity when producing a report.

 

Figure shows relation between Data governance pillars and BCBS 239 requirements.

If we take “producing a Risk report” as an example, Article 37 states that each position in Risk report has to be clearly and unambiguously defined. From Data governance perspective,

  • having a business glossary categorized by risk report positions and
  • having a policy for creating each position in the Risk report

will cover exactly what is required by Article 37.

Knowing who (more as a role than in terms of exact person) is responsible for risk data used in calculation of each position in Risk report is exactly what Data ownership and Data stewardship of Data governance framework are covering (and Article 34 is asking). By ownership and stewardship, we mean both technical and business sidewise, and we also mean escalation procedures and action plans in case of poor data quality.

So, if we go back to BCBS 239 requirements, as described above through Principles, it turns out that having implemented Data governance directly and significantly contributes to BCBS 239 compliance.

 

Authors: Jelena Jančiev Basrak, Senior Consultant and Antonija Tadić, Consultancy Head – CQ at Poslovna inteligencija

Picture sources: Pixabay, Poslovna inteligencija

Kontaktirajte nas

Business & Data Analysis
Planning, OLAP & Reporting & Financial consolidation
Data Integration, Data Migration & Data Engineering
Data Governance, Data Quality & Master Data Management
Data Science
DWH models
XBRL point
ConQ Content Analytics
SynQ

I acknowledge that the personal data I submit through this contact form will be used by Poslovna inteligencija d.o.o. to contact me and provide information related to my inquiry/application. I consent to Poslovna inteligencija using my submitted personal data to send newsletters containing information about news, products, and services of Poslovna inteligencija. I also acknowledge that I can unsubscribe from receiving newsletters at any time by clicking the 'Unsubscribe' link in each newsletter. Comprehensive information related to my rights and the use of my personal data can be found in Poslovna inteligencija's Privacy Policy.:
Yes No *

Please don't insert text in the box below!

The fields marked with * are required

Posljednje Blog objave

At Poslovna inteligencija, we are data experts. Our dedication to transforming business data utilization has led us to a partnership with Tableau, the global frontrunner in data visualization. This partnership is more than just a collaboration; it's our commitment to arm companies with the tools they need to unlock the full potential of their data.
In the age of digitalization, data is like the new oil. But extracting value from data over the long-term requires a strategy – and this post will help you establish one. We’ll cover why data strategy is important, how data strategy supports business strategy, and the 9 essential elements your data strategy should contain to be successful. Let’s dive in.
Environmental, Social, and Governance (ESG) reporting is not just a business trend but a regulatory necessity. It has become a crucial framework for assessing a company's impact on society and the environment, as well as its governance practices.
Financial consolidation is challenging for many reasons, but the biggest one for large enterprises is managing the complexity of the financial data itself. We will show you how IBM Cognos Controller can simplify the process and what are the best practices to maximize efficiency in financial consolidation.
In today’s digital age, data has become just as important as the products themselves. But for it to become valuable, data needs to be governed. In this article, you will learn how to implement a data governance strategy, as well as how data maturity assessments can help your organization get from simple data management to real-time data governance.
Financial consolidation is an essential process for an organization, especially if it has multiple entities. As a finance manager or executive, it empowers you with a complete understanding of your organization's financial well-being, enabling you to make informed decisions about where to allocate resources and how to plan strategically.
In today's competitive business landscape, maximizing profitability and unlocking your organization's true potential are critical to sustained success. PI Profitability Solution, powered by the IBM Planning Analytics with Watson platform, helps you achieve precisely that.
Data governance is the most important, yet most overlooked, part of creating an enterprise-level analytical system. It’s the key to making data-driven business decisions, but many enterprises don’t do it right – or not at all.
Scroll to Top

Budite u toku s novostima

Budite u toku s novostima

Prijavite se na naš newsletter i budite uvijek u toku s novostima i tehnologijama iz svijeta Poslovne inteligencije.


Business & Data Analysis
Planning, OLAP & Reporting & Financial consolidation
Data Integration, Data Migration & Data Engineering
Data Governance, Data Quality & Master Data Management
Data Science
DWH models
XBRL point
ConQ Content Analytics
SynQ

I acknowledge that the personal data I submit through this contact form will be used by Poslovna inteligencija d.o.o. to contact me and provide information related to my inquiry/application. I consent to Poslovna inteligencija using my submitted personal data to send newsletters containing information about news, products, and services of Poslovna inteligencija. I also acknowledge that I can unsubscribe from receiving newsletters at any time by clicking the 'Unsubscribe' link in each newsletter. Comprehensive information related to my rights and the use of my personal data can be found in Poslovna inteligencija's Privacy Policy.:
Yes No *

Please don't insert text in the box below!

The fields marked with * are required