BCBS 239 is a new banking regulation standard set by the Basel Committee. This standard aims to increase banks’ capacity to aggregate and report financial risk data and to improve the quality of this risk data. Find out which principles make up this standard, which institutions are concerned, the deadlines for application, and the procedure for complying with it.
In recent years, the world has faced a series of severe financial crises. The 2007 crisis, in particular, has raised doubts about the regulations in force. Many banks have been unable to provide balance sheets for their exposure to financial risks such as credit risk, market risk, liquidity risk and capital risk. For this reason, these banks were not in a position to Aggregate risk data because of insufficient capacity.
That is why the The Basel Committee has decided to act by deploying new measures. As a reminder, the Basel Committee is made up of representatives of central banks and prudential authorities from various countries including France, Germany, Canada, the United States and Russia. It is responsible for banking supervision.
On January 9, 2013, the Basel Committee has published the BCBS 239 standard. (Basel Committee on Banking Supervision’s standard number 239). This set of principles aims to enable banks to improve their reporting capabilities and make regulatory reporting more reliable. The Basel Committee believes that banks should carry out the following more risk reportingand improve the quality of information (data) presented. In sum, banks must be able to assess the quality of the information submitted.s financial risk exposure. and manage those risks.
BCBS 239: What are the 14 principles of this new standard of banking regulation?
The BCBS 239 includes a total of 14 principles. Eleven of these principles are intended for banking institutions, the other three for supervisory authorities. The eleven principles for banking institutions are as follows separated into three parts (streams): global governance and infrastructure, data aggregation capabilities, and reporting capabilities.
Global governance and infrastructure
In the global governance and infrastructure section, there are two principles. The first principle of governance is to establish an governance review solid data quality. This governance must involve all levels of the institutions concerned in order to improve financial reporting. Regulatory reporting will be more accurate and relevant, and decision-making processes will be more reliable.
The second principle concerns IT infrastructure. The banks concerned must set up and manage a data architecture and IT infrastructure. This infrastructure will enable the automation and reliability of the data aggregation chain and key reporting.
Risk data aggregation capabilities
In the capacities section risk data aggregationIn addition, banks are asked to improve the accuracy and integrity of their risk data. Specifically, banks must produce accurate and reliable data and automate the data aggregation process as much as possible.
Banks must also comply with a new completeness principle. It is mandatory to have all data relating to the significant risks incurred by the group, and to have data by business line, legal entity or sector.
To respect the topical principleIn addition, institutions must have access to up-to-date risk data. They must also adapt their data aggregation and updating operations.
Finally, the adaptability principle requires banks to produce aggregated risk data for one-off notification requests. This adaptability is valid in normal times, but also in times of crisis.
Improving risk reporting practices
In order to improve risk reporting practices, banking institutions must again demonstrate accuracy. The risk management reporting must be accurate and preciseand give a faithful representation.
The principle of representativeness requires banks to produce reports covering the different families of risks. It is also mandatory to adapt the level of detail in these reports.
For a better clarity and usefulnessIn addition, banks are now required to report on risk management. These reports must be clear, concise, relevant and tailored to the needs of the recipients.
The production frequency and distribution of reports must also be precisely defined. In doing so, banks must take into account the needs of the recipients.
Finally, the distribution principle requires banks to distribute reports on risk management to the parties concerned. These reports must preserve the confidentiality of risk data.
Prudential supervision, tools and cooperation between supervisors
The principles in the latter part are not addressed to banks, but to regulators. The first principle is supervisory. Regulators must regularly monitor banks’ compliance with the 11 principles.
They must also take corrective actions and prudential measures. This means requiring effective measures if banks’ data aggregation capacities and reporting practices are insufficient. It is also a question of using the appropriate resources, procedures and tools to support banks in the implementation of these principles.
Finally, the prudential authorities must cooperate with each other. This cooperation should lead to better monitoring and review of the banks’ application of the principles.
BCBS 239: Which institutions are concerned and what are the deadlines for implementation?
The BCBS 239 standard applies to all banking institutions ” G-SIBsThese are systemically important banking institutions at the global level. Thirty of these banks were required to comply with this requirement. before 1 January 2016.
The banks ” D-SIBs “This also applies to systemically important banking institutions at the national level. However, these banks have three years to comply with the new principles after being designated by national regulators. The deadline is therefore set at January 2019.
BCBS 239: What are the difficulties and advantages for banks?
While systemically important banks worldwide were required to comply with BCBS 239 by 1 January 2016, the most of them have fallen behind. In order to avoid heavy fines, these institutions have made a commitment to the regulators to make the application of these 11 principles their priority.
In particular, banks are struggling to apply the principles of IT infrastructure, accuracy and integrity, and adaptability. The difficulty is related to technological issues. Banks need to align their financial, IT and risk architectures to be able to apply the principles. Data silos need to be transformed into more coherent and flexible systems, with an upstream database providing a single data source for regulatory reporting and internal control.
The supervisors are aware of the difficulty to apply the BCBS 239 principles, and are lenient with institutions that fall behind as long as they show good will. In practice, banks that fail to meet the deadline must provide a recovery plan.
Despite these difficulties, BCBS 239 may also be advantageous for banks. The application of these principles can solve long-standing problemsand to improve data aggregation and information delivery capacity. Thus, banks will be able to pmake good decisions more quickly in the face of financial risks.
In addition, banks can turn the BCBS 239 into competitive edge using these principles to innovate, modernize, and anticipate future developments in the sector. Thus, banks will be able to better manage their business and gain in efficiency.
Banks: how to comply with BCBS 239?
The simplest way to comply with the various principles imposed by BCBS 239 is to define a way forwardand to identify priority areas for action. In concrete terms, the banks’ objective is to strengthen the IT systems infrastructure in order to generate better reporting, improve the process of extracting and producing risk data and refine risk management models.
To achieve this, it is important to follow three main steps. First of all, a general compliance assessment of the institution will help identify its weaknesses and define the standards to be implemented. Second, it is imperative to equip themselves with the necessary resources and skills to leverage risk data to make better decisions and comply with the principles of governance, accuracy and adaptability.
Finally, banks need to improve the consistency and quality of their risk data by ensuring that the information that makes up the reports comes from a sole source. It’s called Direct Sourcing.