EY helps clients create long-term value for all stakeholders. Enabled by data and technology, our services and solutions provide trust through assurance and help clients transform, grow and operate.
At EY, our purpose is building a better working world. The insights and services we provide help to create long-term value for clients, people and society, and to build trust in the capital markets.
Banks need to remediate regulatory reporting issues to gain regulators' trust.
In brief
In the recent times, regulators demand financial services firms to demonstrate how they deliver regulatory reports and are keen to examine their governance and controls to assess the quality of their returns.
At present, most global banks have their regulatory reporting production managed by their Global Capability Centres (GCCs) in India and the major challenge they face is having sufficient controls around manual adjustments and resultant End User Computing (EUCs).
Banks need to come up with remediation plans to deal with data quality issues instead of manually adjusting and modifying their data.
More than a decade ago, based on the learnings from 2008 financial crisis, the Basel committee had developed a new set of regulatory standards with the aim to strengthen the regulation, supervision and risk management of banks. While banks continue to comply with the evolving regulations, the focus of regulators is whether these returns produced by banks are accurate, timely and reliable.
Banks and their Global Capability Centers (GCC) have been making consistent efforts in establishing a robust regulatory reporting framework, however the challenge of fragmented systems, poor data quality and a high reliance on manual workarounds remains.
These challenges result in banks posting numerous recurring and ad hoc adjustments and performing data validation, modifications, calculations using End User Computing (EUC) to support the outputs for regulatory reports.
Such EUCs usually include spreadsheets, databases and queries created by individuals outside the typical IT governance to manage the changing regulatory requirements. While EUCs are flexible and easily accessible solutions they are prone to errors and misstatements that could cause operational and reputational risk.
From a controls and governance perspective, it is critical for global banks and their GCCs to review the underlying rationale for an adjustment posted on regulatory reporting and identify common causes around data sourcing, rule changes, data quality, feed timing, and duplications.
Adarsh Ranka
Financial Accounting Advisory Services Leader, Partner with an Indian member firm of EY Global
The risk posed by such manual interventions and EUCs is one of the major concerns that regulators have been highlighting during their examinations and reviews, especially in instances that lack sufficient oversight and documentation. To address these concerns and mitigate risk, EUCs that are critical to the business need to be identified, monitored, controlled and governed appropriately.
Additionally, banks should remediate data quality issues at the source to eliminate the need for manual adjustments and modifications. This will help banks save time that can be used to focus on analysis and decision making rather than on data aggregation.
Strengthening the connection between ongoing regulatory compliance, technology and best practises is the need of the hour. Banks would require strategic fixes to address the manual interventions in their current operating models especially around posting adjustments on regulatory reporting. They need to focus on establishing sufficient controls over their manual adjustments and EUCs to mitigate the risk of misstatement and address the regulator’s expectations.
The integrity of regulatory reporting is one of the key priorities of regulators and it seems the assessment is bound to continue. It is important that the banks come up with remediation plans that are strategic and appropriately resourced to address the issues highlighted.
As a way forward, banks need to focus on establishing an effective oversight on end-to-end processes supported by detailed documentation, sourcing data from trusted sources, reducing reliance on too many EUCs, and implementing robust reconciliations.
Our Global Capability Centers(GCC) Advisory practice, led by a team of professionals can help your business be future-ready for the digital disruption.
While global banks and their GCCs are currently focusing on the implementation of the regulatory guidelines, specifically Basel 4, which is effective from January 2023, it is vital that they also invest in remediation of existing regulatory reports. The focus of this remediation needs to be structured from a long-term perspective with an emphasis on streamlining data architecture, automation through strategic solutions, and a formalized operating model with extensive controls and governance.
Learn about the key themes arising from regulatory reporting processes like EU Common Reporting (COREP) that is managed through the India shared services centers of global financial services firms.