About the whitepaper
The financial services sector in Canada is strongly regulated with the objective of mitigating risks, meeting investor expectations, and guaranteeing a safe customer experience. The Office of the Superintendent of Financial Institutions (OSFI), an independent agency of the Government of Canada, is responsible for supervision and regulation of federal banks, credit unions, insurance, and loan companies.
Among other regulations, OSFI is also responsible for overseeing the implementation of the BCBS (Basel Committee on Banking Supervision) 239, also known as the Principles for effective risk data aggregation and risk reporting. While the BCBS 239 was initially aimed at Global Systemically Important Banks (G-SIBs), it has since become the financial industry standard and applies to federal institutions as well.
The global financial crisis of 2007 had uncovered gaps in the data architectures and IT in most financial institutions, which made effective management of financial risks impossible. Of primary concern was the inability of financial institutions to accurately aggregate risk exposures and quickly and effectively identify risk concentrations at various levels. The BCBS 239 aims to help financial institutions strengthen their risk data aggregation capabilities and internal risk reporting practices to enhance risk management and decision-making processes. It outlines principles across four key areas, namely:
- Overarching governance and infrastructure
- Risk data aggregation capabilities
- Risk reporting practices
- Supervisory review, tools, and cooperation
These principles apply to all key internal risk management models, including those for capital, liquidity, and operational risk. Strong risk data aggregation capabilities, coupled with appropriate IT infrastructure and data governance, can ensure seamless flow of complete, accurate information and plays a role in the compilation of high-quality risk management reports.
While at present, only federally regulated financial institutions are required to comply with BCBS 239, most of the principles outlined within it can be adopted as best practices by provincial institutions as well. Timely and high-quality risk management reports are also essential for internal decision-making and for risk management of new products and services, and implementation of the BCBS 239 principles can help financial institutions improve efficiency, reduce likelihood of losses, and increase overall profitability.