Data Implications of Basel III on Financial Institutions

There is no question about it – banks will have to spend money if they are to comply with the new regulatory framework defined by Basel III. The all-encompassing nature of Basel III means that virtually no part of the institution will remain unaffected. But none will probably require as much change as the systems, processes and operations that manage the institution’s data. In particular, the following areas will be crucial. Data Consistency Reconciliation The data used for risk modelling and regulatory reporting must be consistent to ensure coherent correlation between data from two different time periods. The organisation must develop a single ‘repository of truth’ whose credibility holds irrespective of whether it is being used in the calculation of credit, operational, market or liquidity risks. And instead of separately extracting source data for computing RWA (Risk Weighted Assets) and CCR (Counterparty Credit Risk), there should be a single information dump that contains all the parameters necessary for risk calculations and internal or external reporting. Such a data warehouse must provide for reconciliation and internal or external consistency checking of all data within it. Leverage and Liquidity Management Banks must develop techniques and processes for capturing vital business processes, risk data and the technical requirements necessary for developing, validating and back-testing Basel III liquidity ratios. Data warehouse systems must be primed to monitor the thirty day liquidity standard and have sufficient data granularity to capture and project the long term NSFR (Net Stable Funding Ratios) and the short term LCR (Liquidity Coverage Ratios). In addition, the banks data warehouse and risk management system must envisage the ramifications of leverage ratio rules on assets and the capital relationship loop thus adjusting both capital and asset base to be consistent with the leverage tolerance defined by the institution’s strategy. And because the banks that will be most affected by Basel III are those with cross border operations and multiple types of banking products, the risk factors included must allow for stress test consistency across products and markets. Risk Modelling, Reporting and Capital Calculation When modelling risks, financial institutions with multiple risk computation systems must ensure that all risk systems utilize internally consistent risk models. Assessment of liability-asset management, cash flow, liquidity control and counterparty risk must be based on a predictable and repeatable process that will generate the same result from the same data. When performing risk capital calculations, the flexibility of models used must allow risk managers to determine the impact of varied levels of economic and regulatory capital on overall risk. Multiple assumptions can be used to generate scenarios that factor the effect of such key risks as sector concentration risk and region concentration risk. These would then be the basis for generating functional, portfolio and enterprise level reports both for the internal consumption envisaged in Basel III’s Pillar 2 and the external reporting outlined in Pillar 3. Business Process and Operational Improvement Much of the focus on Basel III compliance has been on satisfying the provisions of Pillar 1 – that is, capital, leverage and liquidity management. However, the new framework provides a rare opportunity for banks to make the most use of the changes necessary to comply by evaluating and appropriately changing business processes. Of itself, a business process reengineering project for as complex an organization as today’s bank is, is an expensive process that strains human resources, requires staff retraining and an aggressive change management campaign. Including such process changes as part of a larger Basel III compliance project is likely to get much more buy in with executive management as it will with the bank’s staff. Irrespective of how resistant staff have ordinarily been to changes in the past, few people would want to seem to stand in the way of anything that touches on compliance with industry regulation – something that, in the worst case, can cost the institution its banking licence. That said, successfully changing long standing organizational processes will not happen automatically, Basel III or otherwise. It will take a coordinated and targeted approach that brings on board all relevant technical, functional and operational units within the bank such as finance, risk, IT, operations, legal and human resources. As much as possible, the bank should automate manual processes with an eye on improving the risk management environment within the organization. Process automation to enhance efficiency should however not come at the expense of flexibility. Even as organization’s harness the power of technology to do things faster, the redesign of business processes and the risk data warehouse should be done with the awareness that the business and regulatory is in a constant state of evolution.