How BCBS 239’s RDARR Principles Can Strengthen Risk Data Aggregation and Reporting in Financial Institutions

The ECB Banking Supervision has identified deficiencies in effective risk data aggregation and risk reporting (RDARR) as a key vulnerability in its planning of supervisory priorities for the 2023-25 cycle and has developed a comprehensive, targeted supervisory strategy for the upcoming years. ​

Banks are expected to step up their efforts and improve their capabilities in Risk Data Aggregation and Risk Reporting as Risk Data Architectures and supporting IT infrastructures are insufficient for most of the Financial Institutions. Hence, RDARR principles are expected to become more and more important during Internal Model Investigations and OnSite Inspections by the ECB.

In May 2024, the ECB published the Guide on effective risk data aggregation and risk reporting to ensure effective processes are in place to identify, manage, monitor and report the risks the institutions are or might be exposed to. With it, the ECB details its minimum supervisory expectations for a set of priority topics that have been identified as necessary preconditions for effective RDARR.

The ECB identifies seven priority areas, considered important prerequisites for robust governance arrangements and effective processes for identifying, monitoring and reporting tasks. The scope of application of these principles is reporting, Key Internal Models and other important models (e.g., IFRS9):

Relevance of BCBS 239 

RDARR represents the implementation of the principles outlined in BCBS 239, which was published by the Basel Committee on Banking Supervision (BCBS) in 2013. BCBS 239 is essential to maintain regulatory compliance, mitigate risks, and drive data-driven decision-making. Non-compliance can result in significant financial penalties, reputational damage, and increased scrutiny from regulatory bodies. Therefore, BCBS 239 is a crucial framework that enhances financial stability by setting robust standards for risk data aggregation and reporting. Its principles encourage institutions to embrace data-driven practices, ensuring resilience, transparency, and efficiency. While challenges such as legacy infrastructure, data quality, and evolving risks persist, banks can overcome these hurdles through strategic investment in governance, technology, and data-driven culture to build end-to-end data transparency. 

Zanders’ view on supervisory planning 

We believe the following 5 topics of the RDARR principles are of major importance for financial institutions: 

Establishing an effective program to review and address these topics, considering the nature, size, scale and complexity of each financial institution, will facilitate alignment with the ECB’s expectations. 

Zanders experience on RDARR implementation 

Data extends beyond being merely a technical database; it is a fundamental component of an organization’s strategic framework. Data-driven organizations are not defined solely by their technological solutions, but by the data culture across the entire organization. At Zanders, we have assisted clients in developing data strategies aligned with RDARR principles and supported the implementation of future-proof data utilization, including the integration of advanced tools such as AI. 

One critical observation is that organizations must urgently address key questions regarding their data: What governance structures are currently in place? Are roles and responsibilities within this governance framework clearly defined? Is the governance being effectively implemented as planned? What training, guidance, and support do employees require? Are data definitions and requirements consistently aligned across all stakeholders? When undertaking such an extensive program, institutions must carefully consider whether a top-down or bottom-up approach will be most effective. In the case of RDARR, success necessitates a comprehensive, dual-directional approach that fosters change across all levels. 

If you are unsure about your compliance with BCBS 239 and RDARR requirements, contact us today to ensure alignment with best practices.