About a-team Marketing Services
The knowledge platform for the financial technology industry
The knowledge platform for the financial technology industry

A-Team Insight Blogs

Tata Consultancy Services Details a Strategic Approach to BCBS 239 Compliance

Subscribe to our newsletter

As the January 2016 deadline for compliance with BCBS 239 approaches, banks are making substantial data management changes in order to meet the regulation’s requirement for on-demand enterprise-wide risk data aggregation and reporting. The task is not easy and includes data management challenges posed by data silos, legacy systems and poor data governance practices, but emerging data architectures and governance regimes that identify and manage risk can support not only compliance, but also more adaptable and scalable business.


Tata Consultancy Services (TCS) identifies where current data aggregation frameworks are failing and recommends an approach to BCBS 239 that will enable an automated on-demand view of a bank’s risk profile in ‘A Point of View’ paper authored by information architecture specialists Maryann Houglet and Lilian Penna, and entitled BCBS 239: An Urgent Call to Overhaul Risk Data Management.

The paper notes shortcomings in banks’ governance, risk and compliance programmes, and ongoing problems presented by silod IT operations for business functions, and states: “BCBS 239 could be the game changer. The regulation explicitly and directly tackles banks’ data architecture and the governance regime needed to identify and manage risks.”

While globally, systematically important banks will be first to face BCBS 239 compliance in January 2016, the regulation does not stop here, with numerous national regulatory bodies also requiring domestic systemically important banks to comply. Many are taking a tactical approach to compliance, but TCS argues that banks need strategic solutions and sets out a step-by-step approach to improving risk data management through the establishment of a risk data strategy, an architectural framework and a roadmap to BCBS 239 compliance.

The consultancy acknowledges that banks differ in their risk tolerance, profile and data management maturity, and must therefore drive their own approaches to aligning information and data architecture with a risk management framework, but warns: “Moving forward without a plan that incorporates parallel businesses, data and governance programmes can distract from achieving a bank’s compliance goal, introduce risks and increase the time and cost required for compliance.” On a wider scale, it concludes: “The urgency of achieving risk data clarity and transparency through data management principles mandated by BCBS 239 cannot be overemphasised.”

Subscribe to our newsletter

Related content

WEBINAR

Recorded Webinar: Detecting and preventing market abuse

Market abuse – unlawful disclosure of inside information, insider trading, circular trading, “pump and dump” schemes, etc. – poses significant threats to the integrity of capital markets. In 2024, global trading house Trafigura agreed to pay a $55 million fine to the U.S. Commodity Futures Trading Commission (CFTC) for trading with non-public information, manipulating a...

BLOG

A-Team Insight Announces RegTech Award Winners as APAC Navigates Compliance Complexity

A-Team Group is proud to reveal the winners of our inaugural Capital Markets Technology APAC Awards 2025, recognising the firms and solutions demonstrating exceptional innovation across the Asia Pacific region. Alongside this announcement, we have launched our in-depth annual report, “The State of Capital Markets Technology in Asia Pacific 2025”, which examines the key trends...

EVENT

RegTech Summit London

Now in its 9th year, the RegTech Summit in London will bring together the RegTech ecosystem to explore how the European capital markets financial industry can leverage technology to drive innovation, cut costs and support regulatory change.

GUIDE

The DORA Implementation Playbook: A Practitioner’s Guide to Demonstrating Resilience Beyond the Deadline

The Digital Operational Resilience Act (DORA) has fundamentally reshaped the European Union’s financial regulatory landscape, with its full application beginning on January 17, 2025. This regulation goes beyond traditional risk management, explicitly acknowledging that digital incidents can threaten the stability of the entire financial system. As the deadline has passed, the focus is now shifting...