Information & Data Management News

BCBS 239 Risk Aggregation: Complicated or Automated?

There is a lot happening in this graph.  BCBS 239 principals say you need to be on top of it.

bcbs 239

Legal entity impacts to risk visbility

The principles driving BCBS 239 cover a lot of ground, but they can be enabled with two foundational assets any bank has been managing for years: the customer lists and reference data.  But, the gap is the ability to tie the two together. Previously, there was no compelling reason to benchmark how accurate a risk profile these assets provided.  That has changed with the introduction of the Basel Committee and the Financial Stability Board who asses how all systemically important financial institutions (SIFI) measure up to their principles.  In the coming years, this will also fall to those below the SIFI label as the Fed applies similar principles to smaller institutions or the merge or two institutions that cross the $50 billion mark. Enterprise Customer List – The forgone conclusion. They are often called Customer Master, Party Master or a Customer Information File.  They all serve the same purpose, having a complete list of whose money the bank has and who has the bank’s money.  But, how often are they the same legal entity?  How often are they even an individual?    They could be an account, a risk grade, and a receivable… even a prospect.  Master data solutions can match these together and identify duplicate customers.  They can separate who is a customer verses what roles does the customer play. You do get insight into where you have understated risk within a customer and where that customer touches multiple business units.  What it doesn’t give you is hierarchy.  Complete risk aggregation requires hierarchy.  Automated risk aggregation requires a reference hierarchy.    Reference Data – Hierarchy and Segmentation Every industry has data providers that cater to it.  For banking, Dun and Bradstreet is the benchmark.  They provide the critical components that allow a bank to segment its risk reporting to meet the completeness requirement of the BCBS239 principles:  legal entity/ownership, industry, and region.  Quick Wins from Matching to a reference data provider Hierarchy -> Matching and Aggregation Using the core master data capability of matching will give you automation that is critical to meet the following key principles:

  1. Timeliness : Matching automation allows you quickly identify new clients and where they introduce risk across the different tranches.    This keeps your aggregation reporting up to date.
  2. Accuracy: Reference data providers mitigate the data quality issues introduced from data entry short cuts or portfolios added through acquisition.

Completeness  -> Segmentation Merging your customers with a reference data set gives you an incredible level of enrichment that covers the principle to capture and aggregate risk across the slices BCBS 239 identifies:

  • Parent Relationships: Legal ownership and operational control
  • Industry: NAICS, SIC
  • Geography: Country, Region, State, City, Lat/Long/Radius
  • Size: Global employees, employees at the location, sales in dollars
  • Demographics: Minority ownership

Governance and Infrastructure -> Automation and Adaptability Master data solutions are designed to on-board new customers, identify them, then enable the distribution of that enriched and controlled information back out to the management reports, stress test and ad-hoc and supervisory requests. Master data solutions also allow for adaptability:  New sources, new customers, to data attributes.   When designed by an experienced team, these solutions become the core for auditable client information and governance metadata to meet the pillars of BCBS239. Even though global systemically important banks are the focus right now, risk aggregation and the principles in BCBS 239 will be applied to a broader group as national level regulators focus their attention on domestic banks.  Understanding how deduplication and hierarchy enrichment can accelerate (and automate!) risk reporting will reduce fear of the unknown within your organization and may just uncover foundational IT assets already in place, ready to be leveraged in a new way. Do you have some thoughts or questions on this topic?  Contact us to get the conversation going. Adam Sigg, Director, Customer Solutions Group