The Basel Committee on Banking Supervision ‘Principles for effective risk data aggregation and risk reporting’ (BCBS 239) outlines fourteen key principles to which banks need to adhere to for compliance. While data quality has impacts on all fourteen principles within BCBS 239, principles three through six are specific to ensuring the quality of risk data aggregation. This blog examines how Collibra Data Quality and Observability (CDQ) can help you achieve data quality excellence for risk data aggregation compliance.
Risk data aggregation capabilities
Banks should develop and maintain strong risk data aggregation capabilities to ensure that risk management reports reflect the risks in a reliable way (meeting data aggregation expectations is necessary to meet reporting expectations). Compliance with these principles should not be at the expense of each other. These risk data aggregation capabilities should meet all principles below simultaneously in accordance with BCBS 239 requirements.
Principle 3: Accuracy and integrity
A bank should be able to generate accurate and reliable risk data to meet normal and stress/crisis reporting accuracy requirements. Data should be aggregated on a largely automated basis so as to minimize the probability of errors.
How Collibra can help you manage accuracy and integrity for BCBS 239 compliance
Adaptive and advanced data quality monitors
Identifying accuracy typically requires context and time, to fully understand if the field value is correct. Collibra does this by observing data points over time while keeping a measurement of when each data point was correct or accurate. It can then automatically flag risk data points that become inaccurate. Simple automation will struggle to solve this problem. But our time and context based automation can. Otherwise a human will have to validate each data point. Manual rules will also fail in this case as risk data will adapt, evolve or change over time and the manual rules will require updating.
Figure 1: The outlier detection tab in the overview screen.
For additional information see automatic and advanced data quality monitors.
Managing quality across desktops, spreadsheets and databases
It is important to process all data the same way, to ensure consistent quality measures across desktops, spreadsheets and databases. Collibra Data Quality and Observability does this by using a built-in generic Apache Spark computing engine. Treating a desktop spreadsheet without table headers exactly the same as a database table with headers. In both cases the data will act as a “dataframe” also known as a “dataset” and be processed with the identical set of controls.
For additional information see remote file connections and pushdown processing.
Source to target reconciliation
Collibra Data Quality and Observability provides out-of-the-box “source” to “target” validation rules. It can match if the data in one location is accurate compared to another location. We also enable you to write customer rules to satisfy any reconciliation requirements you may have.
Figure 2: Source to target reconciliation
Additional information on source to target reconciliation.
Consistent data and metric definitions
Data and metric definitions are centrally managed in Collibra to ensure consistency across every system and data source.
Figure 3: Debt to income definition
Managing secure access
Collibra Data Quality and Observability uses role based access control (RBAC) for managing secure access to information. Another best practice that we adhere to is, never copy or store the data. Collibra only scans the data in place, it does not replicate, copy or clone data into its system. Data quality tools that copy data are creating a bigger enterprise risk due to redundant copies and possible security policies being removed in new locations.
For additional information see security configuration.
Principle 4: Completeness
A bank should be able to capture and aggregate all material risk data across the banking group. Data should be available by business line, legal entity, asset type, industry, region and other groupings, as relevant for the risk in question, that permit identifying and reporting risk exposures, concentrations and emerging risks.
How Collibra can help you manage data completeness for BCBS 239 compliance
Broad connectivity
Collibra Data Quality and Observability provides a wide variety of data connectors that can be connected to on and off-balance sheet datasets. These datasets can be aggregated, joined or combined to illustrate risk and data accuracy.
Figure 4: Connection management
Figure 4: Connection management
For additional information see connections and integrations.
Data quality dashboard and reports
Supervisors expect banks to produce aggregated risk data that is complete. We call this coverage. Collibra Data Quality and Observability measures both the coverage and the accuracy of data. It is reasonable to want both measurements because 0% coverage leaves blindspots on accuracy. The ideal state or score would be both 100% coverage and 100% accuracy.
Collibra Data Quality and Observability offers many ways to roll up and visualize data. These include scorecards, list views, summary reports, and the ability to connect a BI tool like Tableau and PowerBI to the metastore and generate a custom rollup view.
Figure 5: Built in report examples
For additional information see reports and coverage reporting.
Lineage of all data sources aggregated
Collibra provides end-to-end lineage that documents all data sources, controls and measurements. Full transparency is provided to show data quality as it moves from sources and through the aggregation process.
Figure 6: Exposure at default process lineage
Principle 5: Timeliness
A bank should be able to generate aggregate and up-to-date risk data in a timely manner while also meeting the principles relating to accuracy and integrity, completeness and adaptability. The precise timing will depend upon the nature and potential volatility of the risk being measured as well as its criticality to the overall risk profile of the bank. The precise timing will also depend on the bank-specific frequency requirements for risk management reporting, under both normal and stress/crisis situations, set based on the characteristics and overall risk profile of the bank.
How Collibra can help you manage data timeliness for BCBS 239 compliance
Timeliness dimension
Collibra Data Quality and Observability provides a timeliness dimension, stat rules and conditional alerts that notify you if data is missing, a job has not run and data is no longer fresh or timely.
Figure 7: Data quality dimensions
For additional information stale data conditions.
Proactive notification and assignment
Collibra Data Quality and Observability provides automated assignment and notification assignment as well as integration with ServiceNow so you can respond to data issues in a timely manner. And break records are quarantined for review by data owners. Proactive notification and assignment ensures visibility and accountability.
Figure 8: Data Quality Assignment Queue
For additional information see Assignment Queues, Break Records and ServiceNow
Custom risk data reports
Collibra’s Professional Services can help you create customized dashboards for any critical risk data and frequency requirements using Data Quality and Observability’s robust set of API endpoints.
For additional information see APIs and Custom Reports.
Principle 6: Adaptability
A bank should be able to generate aggregate risk data to meet a broad range of on-demand, ad hoc risk management reporting requests, including requests during stress/crisis situations, requests due to changing internal needs and requests to meet supervisory queries.
How Collibra can help you manage data aggregation adaptability for BCBS 239 compliance
Flexible and adaptable deployment
Collibra Data Quality and Observability enables you to monitor and measure data quality across systems, pipelines and sources in hybrid cloud and on-premises environments. You can deploy on a single virtual machine or large Kubernetes clusters, and jobs can be run in a spark compute layer or pushed down into the database layer. Collibra supports a combination of manual and automated processing, with our extensive APIs enabling integration with notebooks and orchestration tools.
Figure 9: A flexible and adaptable architecture
For additional information see APIs, Notebook and Airflow
Generate subsets of data
Collibra Data Quality and Observability achieves this by allowing a user to set up a ‘dataset’ which can be a table or subset of data in order to run rules to assess risk. The rules can be generic to the dataset or specific to the country.
Modes of operation include: Pushdown, whereby the rules run on the subsets in the database where the data resides or PullUp, whereby the rules run in a spark compute layer allowing rules to be run across many data sources in a virtualized manner.
For additional information see Pushdown and Spark Installation.
Data quality reporting customization
Collibra Professional Services can help organizations to create DQ custom reports and dashboard using data available from the Collibra DQ Metastore.
Additional information on Professional Services.
BCBS 239 risk data aggregation compliance
Accurate, complete and timely data, combined with adaptable data quality and observability processes, are foundational for effective risk management because they enable banks to:
- Identify risks: Accurate and complete data provides a comprehensive picture of the organization’s operations and exposures. This allows for the identification of potential risks that might otherwise be missed due to incomplete or inaccurate information. Timely data ensures that risks are identified promptly, before they escalate
- Assess risks: To effectively assess the likelihood and potential impact of identified risks, robust data is crucial. Complete data allows for a more thorough assessment of potential vulnerabilities, while accurate data ensures the assessment is based on reliable information. Timely data allows for a more accurate assessment of current risk levels
- Respond to risks: Effective responses to risks are predicated on having accurate and timely information about the impact of the event and the affected systems. This data enables informed decision-making regarding mitigation strategies and contingency planning
Collibra Data Quality and Observability can help you meet BCBS 239 risk data aggregation requirements. Providing accurate, complete and timely data with full transparency of aggregation processes and controls is essential for demonstrating compliance, avoiding penalties and maintaining a strong reputation.
Learn more about how we can help you with BCBS 239 compliance.
Watch our webinar Ensuring auditability and transparency to meet new BCBS 239 RDARR Guidelines.
Contact us to schedule a consultation with one of our Financial Services experts.
