BCBS 239 (non-)compliance | KPMG | IE

A sorry tale and two long tails: BCBS 239 (non-)compliance

BCBS 239 (non-)compliance

The Basel Committee has published the latest assessment by supervisors of G-SIB compliance with the Principles for effective risk data aggregation and risk reporting (also known as “BCBS 239” after the numbering of the Basel Committee paper in which the Principles were set out).

1000

Contact us

Also on KPMG.com

The sorry tale

The latest assessment (based on a survey of supervisors undertaken in July 2016) is not good.

Only one G-SIB (out of thirty) fully complied with the Principles (with one more expected to do so by the time the results were announced), even though the implementation deadline for G-SIBs was back in January 2016.

None of the eleven Principles were met by all G-SIBs. The highest rate of non-compliance was found for Principle 2 (data architecture and IT infrastructure), where half the G-SIBs were materially non-compliant. This is of particular concern to supervisors because Principle 2 is regarded as one of the two preconditions (the other is on governance) to ensure compliance with the other Principles.

As in previous assessments, G-SIBs were most compliant on risk management reporting (Principle 11) – but the problem here is without adequate data and IT there can be no assurance that these risk reports are accurate and timely.

Key challenges for (some or most) G-SIBs remain:

  • The technical issues in executing complex and large-scale IT and data infrastructure projects;
  • Weaknesses in data quality controls;
  • An inability to define and apply materiality thresholds; and
  • Treating the Principles as a one-off compliance exercise, and not considering the Principles when pursuing new business initiatives. 

 

A long tail

Supervisors expect many G-SIBs to take another two to three years to achieve full compliance with the Principles, with a high level of execution risk in achieving even this heavily delayed timetable.

Another long tail

The Basel Committee reminds supervisors that they should also be applying the Principles to D-SIBs, of which there are seven in Ireland, and that it might be wise to begin the implementation process as early as possible, given the experience with G-SIBs. Already through supervisory interactions, we see that the CBI is de facto moving to impose these requirements on the large local banks.

Connect with us

 

Request for proposal

 

Submit