14 December 2017
Paul McPhater

Getting down to the data

Paul McPhater - Markit

12Posts 31,706Views 0Comments

BCBS 239 governance: so what does good look like?

07 August 2014  |  2667 views  |  0

Dealing with data is an issue that senior management has long been aware of. As Moody's put it in a report last year, "it is often the elephant in the room – a big something to be dealt with, but one that is almost always too big to tackle, or one that is postponed as tomorrow's problem". With BCBS 239 a bank's board and senior management are now very much centre stage as the owners of the dreaded data problem. And it's not just the tier 1 banks that need to take notice, there is an increasing belief that this regulation is merely a foot note, it isn't the end game.

Under BCBS 239, there are some key questions that senior managers must know the answer to. These include:

  • What are the limitations that prevent full risk data aggregation?
  • Do I understand what those limitations are and their impact in terms of coverage (e.g. risk not captured or subsidiaries not included), technical (e.g. model performance indicators or degree of reliance on manual processes) and legal (legal impediments to data sharing across jurisdictions)?
  • How are the reports I'm reading and making decisions based on impacted by these limitations?
  • Do we have adequate resources deployed to meet the standards required?
  • Have we agreed service level standards with our outsourcers?
  • With a lack of concrete parameters set, are we meeting a high enough standard across all the data and reporting standards?
  • Who has responsibility for what?
  • Is there a stratification of control from execs, to management and business leads to day-to-day users?

As mentioned already, if BCBS 239 is not the end game then it makes sense for all banks to take notice. The financial crisis exposed risk, data and IT failures throughout the entire community, so looking to BCBS 239 as a starting point for minimum standards of best practice makes sense. Why would the regulators stop at the G-SIBs or the D-SIBs? Surely the ultimate goal has to be better risk management for all.

TagsRisk & regulationPost-trade & ops

Comments: (0)

Comment on this story (membership required)

Latest posts from Paul

When one yes equals BCBS 239 compliance

23 March 2015  |  2020 views  |  0 comments | recomends Recommends 0 TagsRisk & regulation

RDA: do the responses stack up?

24 February 2015  |  2041 views  |  0 comments | recomends Recommends 0 TagsRisk & regulationPost-trade & ops

Risk data aggregation: what progress this past year?

10 February 2015  |  1958 views  |  0 comments | recomends Recommends 0 TagsRisk & regulation

Another Lehman’s legacy: connecting the data dots

19 November 2014  |  2674 views  |  0 comments | recomends Recommends 0 TagsRisk & regulationPost-trade & ops

Data audits: invaluable insights into costs

22 October 2014  |  2061 views  |  0 comments | recomends Recommends 0 TagsRisk & regulationPost-trade & ops

Paul's profile

job title COO Enterprise Software
location London
member since 2014
Summary profile See full profile »
COO Enterprise Software at Markit - based in London.

Paul's expertise

Member since 2014
12 posts0 comments
What Paul reads
Paul's blog archive
2015 (3)2014 (9)

Who's commenting on Paul's posts