Risk data infrastructure: Staying afloat on the regulatory flood

What you need to know to build an enterprise risk and finance reporting warehouse

By Ravi Chari, Sonal Singh and David Rogers, SAS Risk Quantitative Solutions

Banks and financial institutions continue to be presented with revised or new risk-related regulations. And the reporting requirements become more stringent across the globe. For example, the requirements from the European Banking Authority (EBA) for COREP/FINREP and the European Central Bank’s (ECB) recent regulatory requirement for AnaCredit (analytical credit data set) will necessitate granular storage with minimal latency and appropriate definitions for each data element.

Most banks embarked on creating regulatory risk data infrastructure as part of their Basel II implementation. However, this risk data infrastructure was in most cases tactical and limited to meet the immediate Basel II requirements. It’s now often seen as inadequate to meet the needs of the new flow of regulations.

Today banks are still looking to improve their risk data infrastructure to reduce the costs of complying with existing regulation. The introduction of the new regulations is adding to an already stressed situation by requiring more granular data (e.g., asset, liability and off-balance sheet items for liquidity risk) and forecasted data for stress testing.

Data Quality: The Achilles' Heel of Risk Management

One of the key criteria for successful compliance with each of the above-mentioned regulations is the creation of an appropriate risk data infrastructure. The Basel Committee on Banking Supervision (BCBS) published principles for risk data aggregation in January 2013. The principles are structured around four broad areas: governance, data aggregation, risk reporting and supervisory requirements (Figure 1).

The BCBS 239 principles have elevated discussions about governance for risk data management from IT to senior management; however, they don’t provide operational guidelines for a bank to embark on a risk data infrastructure project. Further, there are no accepted best practices or regulatory directives for appropriate risk data infrastructure that will help a bank meet various regulatory requirements from a data perspective.

What are the challenges of a risk data infrastructure and how can they be addressed? Simply put, some of the specific challenges that banks face are:

• Multiple operational systems: Different lines of business have built their own systems, creating scattered and inconsistent data.
• Incomplete data: Banks often lack historical or detailed data. And it’s difficult to access and combine data held in disparate systems.
• Data inconsistencies: Lack of standardized data entry procedures, invalidated data (for example, incorrect addresses), duplicate records, and human error result in poor data quality that is time-consuming to fix.
• Clarity and usefulness of data: Business units may use different terminology for the same data item or business process.

Banks can address these challenges of scattered, incomplete and inconsistent data by first building an enterprise risk and finance reporting warehouse. The SAS^® Detail Data Store (and the related SAS Data Quality infrastructure) can be vitally important to starting such an enterprise risk and finance reporting data warehouse. Building a warehouse and data quality processes solves several issues:

• Scattered data in multiple operational systems: An enterprise risk data warehouse serves as an authoritative source for risk and finance reporting.
• Data integrity: Since an enterprise data warehouse can be the single source of data to all analytical applications and reporting, it is much easier to reconcile the results and reports to the warehouse and then to source systems, such as those for accounting and trade capture. The capabilities of reconciliation and drill back of data will also help banks with supervisory reviews.
• Incomplete data: The enterprise data warehouse enables support for a variety of risk, regulatory and business issues, including Basel III, credit risk, market risk and liquidity risk.
• Data inconsistency: Adding data governance processes on top of the risk warehouse ensures that there are owners and stewards for all risk and finance data. Banks can track all data additions, changes or versioning. And a well-designed enterprise data warehouse would hold data history and offer data versioning.
• Unreliable reporting and terminology: The enterprise data warehouse should be built with a comprehensive dictionary that describes banking data elements for loans, deposits and off-balance sheet items, and provides a complete mapping of physical data structures to business terms.

From a risk perspective, high-quality data is essential to implementing effective risk strategies and ensuring compliance. To learn more about the issues that data presents when dealing with regulatory risk management, read the white paper, Data Quality: The Achilles’ Heel of Risk Management.