The financial crisis revealed the inadequacy of banks’ risk data systems, with institutions frequently unable to provide up-to-date reports on risks and exposures. This undermined confidence and led regulators to focus on the quality of risk data and supporting systems and processes.
Most banks do not aggregate, store and analyze data in a coordinated fashion. Consequently reports are often compiled manually at great expense, are inaccurate and/or incomplete, and arrive too late to influence trading and operations. It can take as long as 60 days to compile a group-wide set of risk figures.
- Efficiency: risk data is often owned and stored by different functions (markets, risk control, finance, back-office). Too much time is spent on data aggregation and not enough on actual risk management
- Flexibility: a lack of scenario analyses and reports hinders the ability to react to market events and regulatory requests
- Quality: with multiple systems, risk data is often incompatible, inconsistent, incomplete and duplicated
- Ownership: ownership of risk data shuffles uneasily between the control function and the IT function, with little accountability or commitment to quality.
Banks need to review and improve their risk IT infrastructures. Basel Pillar 2 provides guidance for strengthening risk data collection and internal risk reporting practices, calling for:
- strong governance from boards and senior management
- accuracy, integrity and timeliness of risk data
- regular, clear, punctual risk and regulatory reporting
- periodic reviews by supervisors.
A streamlined risk IT architecture requires investment in systems for transmitting and reporting risk data. It also calls for greater standardization, common data models, integrated systems and, in some cases, data warehouses.
By consolidating risk data, banks can produce more insightful analyses that improve risk management and business judgment. With more up-to-date, accurate reports, organizations can adapt quickly to competitive threats and regulatory change, making compliance simpler and less challenging.
Improved data aggregation can also reduce capital requirements. For example; by capturing all collateral contracts, risk-weighted capital calculations become more realistic.
Renovating the risk IT infrastructure can be a significant expense for banks and requires fundamental organizational changes. However, it brings immense strategic benefits and should be a top management priority.
Four key questions on your risk data management
- Do you have a fully automated system for collecting and analyzing data?
- Is there a single owner of all your risk data?
- Have you defined your organizational risk architecture?
- Are you confident about the accuracy and timeliness of risk data reporting?
To discuss these questions further contact:
To read the full article, download the PDF.