Data Compliance for Basel II - Challenge or Burden?
The city of Basel can be chilly in winter and, like its namesake, the Basel II regulations are currently sending a shiver through financial institutions around the world. In a nutshell, Basel II requires financial institutions to put together new systems of governance and control to address three types of risk: operational risk (failure of internal systems and processes), credit risk (setting out the minimum capital a bank needs) and market risk (e.g. exchange rate fluctuations). As with other regulatory requirements, Basel II is not an optional extra, it is a requirement which institutions need to address, and it will not come cheap.
From a technology point of view, there are several products on the market that claim to solve Basel II worries, but this is simply not the case. Marketing departments have been working overtime in the last few years to repackage existing products as “compliance solutions”, but the simple fact remains that meeting legislative requirements demands a broader outlook – no one solution can be a panacea. The data needed to comply with Basel II resides in a variety of operational systems, so understanding and processing this data to please the regulators requires a significant integration effort.
Crucially, companies must “show their workings”. Unfortunately for the more unscrupulous accounting departments in the financial world, it’s not simply enough to say that everything is OK. Basel II represents a tightening up of reporting accountability, and a key element to the regulations is that companies must explain how they arrived at their figures and conclusions.
A major complication for many will be the need to not only drag data out of disparate systems, but also still make sense of it over time and throughout change. M&A, corporate restructuring and changes in classification are a fact of daily life for most large organisations, and financial houses are no different. For example, suppose you want to assess the outstanding positions on trading on a certain day four years ago. If the counter-party with which you were dealing was once classified one way, but in the trading system is now classified another way, how well will your systems cope with this? Add to this the fact that one of your trading partners was acquired two years ago and is now part of a bigger company that you also dealt with. How easy will it be to unravel the transactions of the original company from its now parent company?
At present, one suspects the truth for many companies would involve (a) Excel and (b) a large team of analysts. This method may eventually conjure up the correct answer, but how many manual hours will it take? Even the (relatively) simple matter of assessing overall counter-party risk for today’s trades is not a problem that is universally solved in financial institutions, so it’s very unlikely that current systems will be able to cope with these thornier requirements.
Vendors pushing compliance products rarely discuss the related problems of time and change. This is with good reason, as most software is poor at dealing with these variables. While by no means a solution to solve every compliance headache, financial organisations could start by implementing an enterprise data warehouse. By delivering a clear view of the data from different source systems, business and financial analysts – including compliance officers – are able to track and replicate changes over time.
This should not be seen simply as an exercise to prepare for when the regulators come knocking – deploying an infrastructure which is ready to adapt to change ought to be seen as a real benefit and should be seized with both hands. Companies should use the extra insight to consider making operational changes to the business.
Of course, software is only one part of the solution. Financial institutions need to implement processes and governance structures in order to fully address the issue. The silver lining in the cloud is that once the right systems are put in place, they can provide all sorts of other business insights in addition to helping with the compliance problems. So, while institutions may be cursing the extra investment needed to deal with new compliance legislation, the issues that they address in doing so should have significant side-benefits later. As a psychoanalyst might say, think of regulation as an opportunity rather than as a problem.