About a-team Marketing Services
The knowledge platform for the financial technology industry
The knowledge platform for the financial technology industry

A-Team Insight Blogs

Opinion – BCBS 239 Compliance: Slip Slidin’ Away?

Subscribe to our newsletter

By Jennifer L. Costley, Ph.D., Principal, Ashokan Advisors

“Slip slidin’ away
Slip slidin’ away
You know the nearer your destination
The more you’re slip slidin’ away…”

– Paul Simon

A couple of weeks ago, the Basel Committee on Banking Supervision (BCBS) issued their second annual progress report on the adoption of the Committee’s Principles for effective risk data aggregation and risk reporting (BCBS 239). Published in 2013, the Principles aim to strengthen risk data aggregation and risk reporting at banks to improve their risk management practices and decision-making processes. The 31 firms designated as global systemically important banks (G-SIBs) are required to implement the Principles in full by 2016.

The report reviews banks’ progress in 2014 and updates a 2013 self-assessment survey completed by G-SIBs, other large banks and their supervisors. The revised survey was shortened from the 2013 version, focusing on the issues considered as “essential and/or critical for compliance purposes” and those where self-reported performance was weak in in 2013.

Even filtered through the objective, analytical writing found throughout the report, the news is not good. The headline: Of the 31 participating banks, 14 reported that they will be unable to fully comply with the Principles by the 2016 deadline, compared with 10 G-SIBs in 2013. BCBS reached several key conclusions based on the survey:

– Overall, there were only minor improvements in average ratings.

– Many banks continue to struggle with the establishment of strong data aggregation governance, architecture and processes and in addition “fail to recognize that governance/infrastructure Principles are important prerequisites for facilitating compliance with other Principles.”

– Many banks actually downgraded their scores in governance (P1), infrastructure (P2) and risk data aggregation (P3-P6), citing factors such as project delays, project complexity, and “scope creep” once the full impact of the regulation was understood.

The report provides details on the results for each of the 11 Principles, including challenges and potential strategies for compliance, well worth reviewing.

It is clear from the document that BCBS is concerned about both the reported slippage against the January 2016 deadline and the significant likelihood that things may get worse: “Regarding the compliance date, the results of the 2014 questionnaire raise some concerns that banks intending to comply by the January 2016 deadline may be overly ambitious… it would appear that a number of firms will find it difficult to fully comply with the Principles by 2016, judging from a review of the work that remains to be done.”

Subscribe to our newsletter

Related content

WEBINAR

Upcoming Webinar: Navigating a Complex World: Best Data Practices in Sanctions Screening

5 November 2025 10:00am ET | 3:00pm London | 4:00pm CET Duration: 50 Minutes As rising geopolitical uncertainty prompts an intensification in the complexity and volume of global economic and financial sanctions, banks and financial institutions are faced with a daunting set of new compliance challenges. The risk of inadvertently engaging with sanctioned securities has...

BLOG

From AI Sprint to AI Live Testing – FCA Leads the Way

The UK Financial Conduct Authority (FCA) recently published its Proposal For AI Live Testing engagement paper outlining a 12-month pilot inside the regulator’s AI Lab. This is designed to enable firms with production-ready AI models to trial them in controlled live-market conditions, under close FCA technical and supervisory support, exploring output-driven validation, model-risk safeguards and...

EVENT

Data Management Summit New York City

Now in its 15th year the Data Management Summit NYC brings together the North American data management community to explore how data strategy is evolving to drive business outcomes and speed to market in changing times.

GUIDE

The DORA Implementation Playbook: A Practitioner’s Guide to Demonstrating Resilience Beyond the Deadline

The Digital Operational Resilience Act (DORA) has fundamentally reshaped the European Union’s financial regulatory landscape, with its full application beginning on January 17, 2025. This regulation goes beyond traditional risk management, explicitly acknowledging that digital incidents can threaten the stability of the entire financial system. As the deadline has passed, the focus is now shifting...