Best Practices in BCBS 239 Compliance


Unravelling Sellside Risk Management Data Rationalisation

This report, Best Practices in BCBS 239 Compliance, summarises lessons learned by GreySpark Partners in assisting a number of investment banks in the implementation of risk management data rationalisation programmes. Global and regional bank must undertake these risk management data rationalisation programmes in order to comply with the Basel Committee on Banking Supervision’s (BCBS) Principles for Effective Risk Data Aggregation and Risk Reporting frameworks, which are commonly referred to as BCBS 239. BCBS 239’s principles are designed to create a new global matrix for transparency within the management of systemic risk.

Read More

BCBS 239’s overarching governance and infrastructure principle requires banks to establish robust risk data aggregation capabilities across their various business divisions that trade a wide range of products and asset classes. The key objective of this governance and infrastructure principle is to ensure that the underlying data on positions, valuations, sensitivities and any inputs to P&L calculations are gathered and distributed in a consistent manner.

In reaction to BCBS 239, banks initiated large-scale IT and business change programmes to address the issues inherent in their risk reporting processes. The banks began building consolidated IT platforms that integrated risk information that was previously held in risk discipline silos and within internal finance divisions.

In 2015, many banks are struggling to establish strong data aggregation, architecture and processes to comply with BCBS 239. For example, GreySpark has observed that many banks have not adequately planned to comply with the regulations at an organisational level and that the banks have not yet devoted significant-enough levels of resources to implement change management programmes related to compliance with the regulations. Despite these problems, there are ultimately many benefits for a bank associated with achieving a level of full compliance with the BCBS 239 frameworks, of which the most significant is enhanced credibility with regulators, shareholders and general public.

This report presents a range of observed best practices developed by GreySpark for banks to follow in readying their organisations for compliance with BCBS 239. Specifically, this report can be used by banks to develop new ways to collect and organise internal and external risk management data, and the report assess the ways in which existing technology systems vital to these processes can be utilised in adapting to BCBS 239 frameworks.

Published on: 24 Nov, 2015

Please login or register to download this report for free


Best Practices in BCBS 239 Compliance – Table of Contents

  • 1.0 BCBS 239: The Aftermath of the Financial Crisis
    • 1.1 Areas of Impact
    • 1.2 Systematically Important Banks
    • 1.3 Complying with BCBS 239 is Complex and Costly for the Banking Industry
  • 2.0 The Principles of BCBS 239
    • 2.1 Compliance with BCBS 239
    • 2.2 The Overarching Governance and Infrastructure Principle
    • 2.3 Risk Data Aggregation Capabilities
    • 2.4 Risk Reporting Practices
    • 2.5 Supervisory Practices within Systemically Important Banks
    • 2.6 There are Two Compliance Approaches for BCBS 239
  • 3.0 The BCBS 239 Risk Aggregation and Risk Reporting Framework
    • 3.1 Organisational Tasks to Meet Risk Reporting and Aggregation Requirements
    • 3.2 The Consequences for Technology and Infrastructure
  • 4.0 Applying a BCBS 239 Change Process across the Bank
    • 4.1 Achieving BCBS 239 Target State Compliance
  • 5.0 The Outcomes of BCBS 239 Compliance Initiatives
  • 6.0 Common Challenges Faced by Banks in Complying with BCBS 239
    • 6.1 Resourcing Challenges
    • 6.2 Businesses Model Challenges
    • 6.3 Tackling a Lack of Organisational Awareness
    • 6.4 Tooling Challenges
    • 6.5 BCBS 239 Compliance Programme Funding Challenges
    • 6.6 BCBS 239 Compliance Programme Planning Challenges
    • 6.7 Change Management
    • 6.8 Track the Changes in the Existing Architecture
  • 7.0 BCBS 239 Lessons for Systematically Important Banks
    • 7.1 Lesson 1: Ensuring Individual and Organisational Accountability
    • 7.2 Lesson 2: Developing a Holistic Overview of Organisational Risk
    • 7.3 Lesson 3: Ensuring Adequate Resourcing
    • 7.4 Lesson 4: Engage with the Regulators
  • 8.0 Realising BCBS 239 Compliance Opportunities
  • 9.0 Appendices
    • 9.1 BCBS 239: A List of the Regulation’s Principles and Requirements
    • 9.2 Glossary of Terms
    • 9.3 Table of Figures