This regulation puts an organisation’s data architecture under the spotlight and the need to provide the capability to support risk reporting.
It is not uncommon for an organisation to have multiple information silos, either by asset classes, business units or business functions, or a combination of all three. In such scenarios the creation of an overarching enterprise-wide risk data architecture may be appropriate. Most organisations already have the associated documents and models in some form. For example, a number of G-SIBs have database and messaging frameworks based around FpML, FIX or ISO 20022 and corporate-wide data dictionaries. In some instances, organisations have created semantic models, that may be based on FIBO. All of which can form the basis of an enterprise-wide risk data architecture.
A solid Data Architecture forms the backbone of any Data Quality (DQ) framework. Ensuring systems use consistent cleansed data, data formats and naming conventions, however that is not the whole story. The models need to have an appreciation of the lifecycle of data items within a key object. For example, a counterparty’s name, registered address, LEI, BIC, trading eligibility, their position within a corporate hierarchy , all may have different valid start/end dates and are independent of the entity itself. Traceability and provenance should also be supported by the Data Architecture, along with the data lineages. It is worth highlighting that it is not just about effectively modelling party data. For example, for each trade there is a need to identify whether the trade status is open and the bank still has an exposure to the deal.
Is there any light at the end of the tunnel?
If one thinks of the exercise as a complete overhaul of the organisation’s data architecture, then achieving adherence is extremely onerous. Nonetheless, if one focuses on key data elements to support aggregated risk, then compliance should be achievable. It is not uncommon for business owners to supply a list of hundreds of data items which they consider to key for risk management. Nonetheless, with a bit of analysis, a concise set of elements should be sufficient to achieve the end goal.