Why BCBS 239 and Your Data Governance Program Go Hand-in-Hand
Mention BCBS 239, and it’s sure to bring on a headache for many financial services institutions. But what if the principles set forth in BCBS 239 were actually your friend? And what if embracing these principles as the foundation for your data governance program eased the pain of your regulatory reporting headache once and for all? Non-CCAR banks, and even companies in other financial services sectors such as insurance and asset management, can benefit by adopting the BCBS 239 principles as regulator expectations data governance trickle down and now even trickle across industries.
Released in early 2013, BCBS 239 sets forth a number of principles to define regulator risk reporting expectations:
- Institutions should have accurate, reliable reports available in a timely manner for both business-as-usual and crisis decision making
- Reports should be comprehensive, easy to understand, and flexible enough to meet ad hoc requests
- Data architecture and IT infrastructure should support reporting frequency requirements (daily – and even quicker) as well as crisis reporting
- Limitations in data and report quality should be transparent to report users
Recently, more and more regulators are looking at the BCBS 239 principles and applying them to other regulations, such as CCAR. And the logic makes sense – these principles provide a solid foundation for a data governance program designed to promote sustainable regulatory reporting. And they’re flexible enough to for a variety of requirements, including CCAR and other regulations, and, critically internal information governance standards.
So why do BCBS 239 principles and your data governance program go hand-in-hand? There are a number of reasons. First, BCBS 239 aligns to regulator expectations. By using these principles as the foundation for your data governance program, you’re using the same principles regulators use to assess CCAR and other regulatory reports. They also provide an efficient, integrated approach to data governance that is applicable regardless of which regulations you’re trying to comply with. As regulatory expectations trickle down to smaller institutions, alignment to BCBS 239 makes a lot of sense for non-CCAR banks. In fact, we’re even seeing Canadian insurance regulators looking at BCBS 239 and data governance as the expected standard for their regulatory reporting.
Because BCBS 239 is a set of principles it allows flexible interpretation and in many ways outlines common-sense expectations for data and report governance, making it easy for the organization to digest. Along those same lines, these principles are business-friendly. They facilitate business ownership and engagement of data governance, which is exactly what you need if your goal is to have sustainable regulatory compliance. Adopting the BCBS 239 principles also demonstrates commitment to consistent data governance for internal and external reporting, a key consideration for the regulators, judging by their feedback.
Finally, BCBS 239 principles position companies to adapt to future internal and external reporting changes. Because more and more regulators are looking to these principles as a guide, you’ll be ready to take on any regulatory update or change that comes your way if you start applying those principles to your data governance practice today.
Simon is the Collibra Global Financial Services Market Lead. During his 20+ years of management consulting services experience at leading consultancies EY and PwC, Simon helped financial services institutions design and implement information and data governance processes to support internal, external, and regulatory reporting including BCBS 239 and CCAR.