Addressing the Challenges of BCBS 239 Compliance With a Modern Approach to Data Management

Last Published: Feb 23, 2024 |
Peter Ku
Peter Ku

VP, Chief Industry Strategist – Financial Services

BCBS 239, or the Basel Committee on Banking Supervision's 239 Principles for effective risk data aggregation and reporting, outlines guidelines intended to enhance banks' ability to identify, aggregate and report risk data accurately and promptly. Despite its importance, especially for Globally Systemically Important Banks (G-SIBs), compliance with BCBS 239 has proven challenging for many institutions. As of the end of 2023, only two out of 31 G-SIBs have met the Basel Committee’s requirements to comply with BCBS 239, according to the Basel Committee on Banking Supervision.1

Regulators are showing impatience with the slow pace of adoption of BCBS 239 risk data aggregation and reporting principles. Banks that fail to meet these requirements face potential fines. The magnitude of these fines can vary based on the jurisdiction and the extent of non-compliance. Banks that fail to comply may also face increased scrutiny from regulators.

Banks were given three years to January 2019 to reach full compliance, but some complain that was too little given the sheer size of the overhaul required. Many of the challenges impacting BCBS 239 adoption are data- and technology-related. 

How Data and Technology Impacts BCBS 239 Adoption

Many banks operate on legacy IT systems that were not designed with modern data management capabilities in mind. These systems often result in data silos, where information is stored in disparate databases and formats, making it difficult to aggregate and report risk data across the organization effectively. Ensuring high data quality and consistency across the bank requires significant effort, especially when dealing with legacy data and systems. Banks often struggle with inconsistent data definitions, incomplete data sets and the absence of standardized data management practices.

Adopting new technologies to improve data aggregation and reporting capabilities is essential for compliance with BCBS 239. However, integrating new technologies with existing systems, ensuring data compatibility and maintaining data integrity during the transition can be challenging. In addition to technology playing a critical role, organizations also require effective controls, data governance and oversight mechanisms for BCBS 239 compliance. Establishing these mechanisms across complex organizations may pose difficulties, especially in aligning business objectives with risk data aggregation and reporting requirements.

Modern Data Management and Data Governance Solutions Matter for BCBS 239 Compliance

To comply with BCBS 239, it’s critical to invest in modern, capable and cost-efficient data management and governance technology, beginning with data integration.

Data Integration Solutions

Data integration solutions help source, transform, validate and make the right data from each source system available in the data warehouses (on-premises or in the cloud) for risk modeling, aggregation and reporting. Data integration can help to transfer and sync data from different systems, types and formats between systems and applications. It’s not a one-and-done event, but a continuous process that keeps evolving as business requirements, technologies and frameworks change.

Data Quality Management Tools

Data quality management tools are equally important to ensure data errors and anomalies do not impact systemic risk management and regulatory reporting. Quality data is critical for BCBS 239 reporting and poor-quality data can have negative implications for internal measures and cause regulatory reporting errors. Data quality issues are often the result of database merges or systems/cloud integration processes. In this case, data fields that should be compatible are not due to schema or format inconsistencies. But more broadly, data quality problems can also be caused by human errors, system errors and data corruption. Data quality problems can stem from incompleteness, inaccuracy or inconsistency. Data duplication, when there are multiple copies of the same data, may also result in discrepancies, including measurement and reporting errors.

Data Catalog

A data catalog plays an important role in providing transparency into the lineage of all data used for risk management in support of BCBS 239. A data catalog is a centralized inventory of data assets (and information about those data assets). It enables organizations to find and understand data efficiently. However, data catalogs can do more than help users locate data. A data catalog can offer the modern enterprise a better way to harness the power of its data for analytics and artificial intelligence (AI) initiatives by:

  • Finding data assets (e.g., datasets, tables, files and more) across disparate databases, data lakes and other systems and applications
  • Identifying and organizing information about an organization’s data, such as its source, data lineage, relationship to other data, classification and associated business glossary terms
  • Determining which data within the organization is relevant and fit for use to support BCBS 239

Master Data Management Solutions

Master Data Management (MDM) solutions support advanced stress testing and scenario analysis by providing a consistent and comprehensive dataset. The dataset can be used to assess the impact of various stress scenarios and identify credit, market, operational and liquidity risk exposures with clients and counterparties – capabilities essential for BCBS 239 compliance. MDM can help banks understand potential vulnerabilities and develop contingency plans to address them by creating a single authoritative source of customer, counterparty, securities instrument and employee master data for all systems to benefit.

Data Governance and Data Marketplace Solutions

Finally, data governance and data marketplace solutions are essential to allow chief data officers to organize their data governance team, define roles and rights and define policies/standards/definitions of critical data elements used to comply with BCBS 239. With a modern data marketplace, data owners and subject matter experts can certify datasets. Data consumers can provide ratings and reviews for datasets, enabling social curation of data. Organizations can enable an AI-powered data Q&A platform to allow subject matter experts to answer common questions from users. In addition, users can add custom attributes and annotations to datasets, further enhancing business-IT collaboration and search results to harness tribal knowledge and improve literacy.

A Platform vs. Point Solution Approach to Success

Having capable data integration, data quality, data catalog, master data management and data governance solutions can help G-SIBs comply with BCBS 239 and other regulations, including:

  • Comprehensive Capital Analysis and Review (CCAR)
  • Federal Reserve 2052A Report (FR2052A)
  • Know Your Customer/Anti-Money Laundering (KYC/AML)
  • Environmental, Social and Governance (ESG) reporting

Over the years, the banking industry has relied heavily on custom-built solutions and point software for each requirement from vendors to address these needs. In today’s budget-constrained, time-sensitive and resource-limited reality, adopting custom-developed software ostitching point solutions together does not scale. Organizations can benefit from a single platform with all the necessary capabilities available in the cloud, fully integrated and interoperable and built to scale for enterprise-wide use. In addition, a comprehensive data management platform powered by AI automates thousands of manual tasks, significantly improving productivity, reducing costs, and accelerating time-to-value. That is what Informatica’s Intelligent Data Management Cloud (IDMC) powered by CLAIRE AI delivers today.  

Next steps

Ready to learn more? Explore the following resources to see how Informatica can help your bank expedite BCBS 239 compliance:




First Published: Feb 23, 2024