BCBS239 and Why MDM: A Beginner’s Guide
I’ve been asked recently if we can work with our sales, our partners and our customers to ensure that MDM is part of the conversation when they are discussing BCBS 239. The biggest challenge for me was to understand what BCBS 239 is; why MDM should be a part of complying with it and how to explain why an Informatica-based solution can deliver the best customer outcomes. During my quest to resolve these questions I amassed a lot of information and it occurred to me that others might find my “Least You Should Know” or LYSK useful also.
What is BCBS 239 and who does it impact?
BCBS stands for Basel Committee on Banking Supervision. The BCBS 239 is a 28 page directive whose “guidelines call for sweeping changes in how banks handle their data governance, lineage and architecture”. See this useful article for more information.
Why did the BCBS decide this directive was necessary?
It is all about banks being able to manage risk and being able to demonstrate that they can manage risk through clear, unambiguous, timely and defensible reporting. One of our partners – Deloitte – gives a good explanation in their white paper which says:
“As the 2008 financial crisis made clear, each bank must prioritize addressing gaps in its Risk Data Aggregation and Reporting (RDAR) capabilities. Without these capabilities, senior management is unable to obtain an accurate and in-depth picture of the risks the bank faces. With BCBS 239, the Basel Committee addresses existing gaps in RDAR. It introduces 14 principles with which banks must comply within three years of being designated as a global or domestic SIB*. These principles include “Completeness,” “Timeliness” and “Adaptability.”
*An SIB is a “Systemically Important Bank” which means no one can afford for it to fail…..
Why is BCBS compliance so hard for Banks?
It seems that the real problem is that in the past Banks and other financial institutions have dealt piecemeal or tactically with how they approach compliance with regulation. They have not taken a strategic approach to any aspect of compliance. BCBS compliance will necessitate an enterprise approach to risk management and reporting, or in other words to all of the data pertaining to risk both internally and externally that is connected to the bank.
Why is this relevant for Informatica and our Customers?
Since an enterprise approach to data is the necessary first step towards compliance is “an all-encompassing assessment of existing data management processes.” But what does this mean in easy steps?
Part 1: Everyone needs to use the same language: This means agreeing what terms to use. “Questions such as ‘which data elements matter the most’, ‘what do we call them?’ and ‘are these meanings consistent across the enterprise?’ all need to be on the table. Central to this is a common data dictionary, which maps different attribute names to a single underlying definition.”
Part 2: Everyone is responsible for governing the data: Who controls it? Who brings it together? Where is it? “Without good governance, banks risk big misunderstandings and big mistakes. And it goes beyond the confines of IT. BCBS 239 specifically calls out business, operations, auditors and risk managers as playing a central role in risk data aggregation. It starts with establishing general principles for oversight of data sets and also includes identifying how people relate to those data sets.”
Part 3: Every Piece of Data must be included: You can’t completely assess your risk unless you have all the data. “Risk data spans several broad categories including entities, securities, and transactions and positions. Banks might have already achieved their BCBS 239 target for some of these, but failing to address all of them collectively is akin to doing nothing at all. Effective analysis of risk cannot work ??
So what does MDM have to do with BCBS 239?
There is an Informatica White Paper you can read that will give you a really good overview of how Next-Generation Master and Reference Data Management for managing counterparties, clients and securities instruments as part of an holistic BCBS 239 approach. However, there are also a number of our customers and business partners who believe that MDM is critical to success in these initiatives:
- Read how BJ Fesq, Chief Architect & Chief Data Officer at CIT Group, who received the 2015 Overall Information Technology Leader Award from Ventana Research, recognising BJ for his work to enhance CIT Group’s data management to comply with new regulatory requirements
- Review Fannie Mae’s approach to compliance incorporating MDM
- See this Infoverity Blog on the need for Master Data within BCBS 239
- And this one from Agile Solutions about “Why MDM in Financial Services in 2016”
And here are some Informatica articles on Regulatory Compliance, more specifically around BCBS239, that outlines the challenges and solutions in this space. MDM is becoming a major supporting capability for both its ability to master the key data entities that get reported on, but also to expose and remediate more data quality issues:
- Informatica blog article on what Domestic SIBs can learn from Global SIBs.
- Informatica blog article on the key capabilities required to realise Regulatory Compliance as an Opportunity, with specific reference to BCBS239
The answer is a single platform
The beauty of using MDM for BCBS239 is that it uses the same underlying platform and capabilities as those required for delivering Customer Centricity programmes.
A Customer Centricity programme using MDM already provides the main capability requirements to support Regulatory Compliance. Here is an Informatica blog article that expands on the sources of data used to build a Customer360 solution, with the added benefit this is a significant portion of the data required for BCBS239.
Why should CDOs and CIOs in banks be interested in talking to Informatica and our partners?
We are the only leader in all the solution areas needed to address compliance with this regulation and we provide the only Intelligent Data Platform approach. Our partners provide the expertise required to take banks on their journey towards compliance from both an Informatica solution, data governance and broader process point of view.
This article entitled “8 Things You Probably Don’t Know About BCBS 239” provides a good answer to that question! Also, from a timing viewpoint the Global SIBs had a date of 1st January 2016 to get their compliance roadmap in place and the Domestic SIBs are just starting to get underway.