The compliance departments and senior managers of those affected by the UK Financial Services Authority’s (FSA) incoming liquidity reporting regime have finally begun to sit up and take notice of its implications, but what does it all mean for the data management community?
When it was announced at the end of last year in an FSA consultation paper, CP 08/22, very few people took any notice, but the incoming liquidity regime has been headline news for quite some months. As a whole, it seems the industry is largely unprepared for the end of the year deadline, when financial services firms are expected to meet the systems and controls section of the regulation. This will necessarily entail them having in place capabilities to conduct liquidity stress testing and the ability to provide regular reports to the FSA on the firm’s liquidity position. All of which will have a significant impact on the back office. It is no secret that risk management requirements are having an increasingly important impact on data management systems, and this new regime is no exception. The high cost of the new regime (it has been estimated that it will cost the industry three times as much as MiFID to implement) is largely as a result of data challenges. After all, in order to be able to monitor and control liquidity risk, firms will have to find a system to stripe across all the data in their risk system silos. Despite the advent of chief risk officers (CROs) and the increasing number of discussions about enterprise-wide risk management, this is very far from the reality in most financial institutions’ back offices. Risk data tends to sit in very separate and distinct systems and very few (if any) firms are able to examine the risk exposure of their institution from one application. A number of vendors are touting their risk systems dashboards as a solution to this, but how many firms actually have them in place? Much like other regulatory and risk related endeavours, centralising this liquidity risk data is therefore likely to be a popular offering from the vendor community. After all, firms will need systems to aggregate the relevant risk data in a “timely” manner, as specified by the FSA, or face the prospect of penalties. However, the short timescale in which systems must be in place may push firms to invest in tactical rather than strategic solutions, thus somewhat defeating the object of the regime in the first place. Furthermore, liquidity has not really been the remit of risk managers in the past: it is a space that has largely been apportioned to firms’ treasury departments. CROs are therefore being forced to delve into a space that has not been looked at with a view to judging risk exposure, well not in the traditional sense of a Basel style assessment anyway. So, data managers are going to be called upon to help their risk management official whose imperative it will be to set systems in place to track and monitor this risk data, and quickly. “The systems and controls requirements will put huge pressure on firms’ data systems because of the level of granularity and the speed involved,” said CEO of think tank JWG-IT, PJ Di Giammarino, at a recent roundtable on the incoming regime. As Rakesh Nigam, managing director and global head of strategic architecture and core services at Barclays Capital, notes, more work is still required: “Stress testing has implications for data management in terms of keeping the data and the granularity of the data. The work required for this probably isn’t as well understood as it could be at the moment. People are still getting to grips with understanding the regulation that has come out and understanding the implications of that regulation on a broad level, before they begin to implement projects to meet those new requirements. The implementation of those changes would be tough even in a bull market and it is even tougher in this environment.” This is not just a concern for compliance departments, however: the FSA has said that it will not hesitate in taking action against senior managers that it judges have not heeded its warnings. The threat of disbarment and fines should get CEOs’ attention, once the deadline rolls around. Data managers can therefore use this attention to their own advantage. After all, it should further raise the profile of the data management cause. Getting a better handle on risk data will ensure firms stays ahead of the snapping teeth of the regulator and may better prepare these firms for another crisis (or so the theory goes).