Navigating the Regulatory Data Labyrinth: Foundations, Collaboration, and the Pursuit of Trust

Regulatory reporting remains a significant challenge for financial institutions, driven by ever-evolving requirements and the sheer volume and complexity of data involved. A recent webinar, hosted by A-Team Group and co-sponsored by Nice Actimize and Derivative Service Bureau, brought together industry experts to discuss best practices in data management for regulatory reporting, offering valuable insights for firms operating in this demanding landscape.

This must be coupled with a clear ownership model that sees, as one speaker put it, “top-down ownership and bottom-up ownership” come together. Without senior sponsorship, strategic direction is lost; without engagement from those closest to the data, crucial detail is missed. Furthermore, a central, discoverable data catalogue is vital – a single source where modelled and owned data can be easily found and accessed by the organisation.

Overlaying these elements is a comprehensive control framework, designed and operated effectively from upstream sources to downstream reporting, with controls governing data both in motion and at rest. Regulators, it was noted, increasingly scrutinise the operational effectiveness of these controls, including pre- and post-processing checks and reconciliations.

The Data Labyrinth

Improving data quality, identified by audience polling as a primary pain point, necessitates a continuous process rather than a one-off effort. This starts with active data discovery – proactively engaging with business units to understand the platforms, markets, and products being used to ensure data coverage.

A data catalogue and agreed glossary are fundamental to maintaining consistency across different business lines and classifying data effectively. Validation and cleansing processes are important, but their ongoing nature was heavily emphasised; this is not a “set and forget” undertaking. Standardised formats, structures, and definitions across data sets are crucial to enable consistent interpretation, tackling the common issue of different departments defining the same data point differently. One speaker pointed to the role of international standards, such as those managed by the Derivative Service Bureau, in providing this necessary consistency and enabling tracking of instruments from a risk perspective.

Getting Aligned

Effective collaboration between compliance, IT, and business units is paramount for enhancing regulatory reporting effectiveness. This requires clarity on roles and responsibilities and agreed processes for how these teams will work together towards common goals like accuracy, completeness, and timely data availability.

A ‘data factory model’ approach was suggested, encompassing data provisioning, quality monitoring (with both tactical and strategic remediation), and clearly defined ownership to facilitate remediation efforts across systems and functions.

Defining producers and consumers of data creates a clear contract; the producer owns the data, and the consumer – i.e. compliance – sets the acceptable quality standards. This framework removes ambiguity when issues arise, allowing for straightforward conversations about meeting defined requirements. While automation is essential to keep pace with data volumes, periodic human oversight and robust reporting mechanisms are needed to prevent the “set and forget” failures observed in the past.

Aligning data governance frameworks across multiple jurisdictions introduces significant complexity due to varying legal, regulatory, technological, and operational factors. Conflicting requirements and different interpretations of the same data elements are common challenges. Legacy systems and data silos were highlighted as major technological impediments. Resource constraints and knowledge transfer also pose difficulties.

Leveraging Standards and Metrics

While challenging, firms often leverage the Basel Committee’s BCBS 239 principles as a global template, then adapt that model – adding regional or local flavours (e.g., US GAAP, J GAAP and domestic reporting rules) – to meet specific regulatory requirements.

The key best practice involves establishing robust governance, data management, strategic IT architecture, reporting/analytics policies, and control frameworks that can operate effectively across these varying requirements.

Measuring the performance of data governance involves both quantitative and qualitative metrics. Quantitative measures focus on tangibles like the number of engaged data role holders, critical data elements identified and measured, or data quality measures in place. This includes measuring the coverage and quality of critical data elements (e.g., completeness, validity) and the coverage of accountability for these elements.

Qualitative measures assess the broader benefits, such as improved business access to data, reduced time spent developing new platforms, or fewer regulatory reporting breaches resulting from better data quality. It was also noted that there’s a need to measure not just the underlying data’s performance but also the performance and coverage of the metadata itself. Successful measurement provides “actionable, measurable and enforceable” insights.

Advanced Technology

Experience suggests that solutions lacking visibility into their calculations or resolution processes, even if highly effective, are often unacceptable because internal validation and challenge are impossible. The key requirements are, as one expert noted, “explainability and repeatability.” Users need to understand the process at a sufficient level – likened to knowing how to make a cup of tea without needing to understand the molecular physics – and be confident that inputs will yield predictable outputs. Trust in the data, built upon the foundations of governance, controls, and transparency discussed earlier, is a prerequisite for leveraging AI effectively. Tactical remediation, such as using bots to address incomplete data elements, was cited as a promising use case, but the human ‘checker’ remains essential alongside the automated ‘maker’.

Bringing it Home

While regulatory mandates are a primary driver for standards adoption, greater benefits arise from voluntary use cases. The power of “mutualisation” – consensus-building among parties working together on common understandings and standards – significantly improves overall data quality and reduces fragmented, individual investments in interpretation and solutions. Increased public-private sector collaboration reflects a shared goal of leveraging these approaches to reduce the regulatory reporting burden. The aim is to achieve robust, integrated data that ensures reports across various mandates are consistent and trustworthy, enabling regulators to accurately assess financial stability.

In conclusion, panellists offered several key takeaways for firms in their data management journey:

• Establishing clear data accountability and ownership is non-negotiable.
• Building solid foundational elements – a data model, catalogue, glossary, and control framework – is critical.
• Continuous effort through regular reviews and checks is essential; this is not a “one and done” exercise.
• Firms should actively evangelise the benefits of better data quality beyond just regulatory compliance to secure broader business buy-in.
• Finally, participation in industry initiatives and standards bodies allows firms to benefit from mutualisation and contribute to solutions that address common challenges across the industry.

These principles, applied rigorously, form the basis for navigating the complex world of regulatory reporting and data management effectively and building trust in the data used by firms and regulators alike.