ECB publishes final RDARR Guide – what does this mean for institutions?

Why the supervisory authority has specific expectations regarding the appropriate implementation of the RDARR data requirements at this particular time

In today’s banking world, decisions based on data are central to business success. This development enables innovative ways of adding value and is essential for optimizing operational processes. Efficient management and use of this data is not only critical for operational efficiency, but also for robust risk management. Regulatory bodies have recognized the importance of these developments and have issued specific regulations, such as BCBS 239, to meet these new requirements.

Despite the introduction of this regulatory framework back in 2013, supervisory authorities are still identifying significant structural deficiencies in implementation at many banks. In response, the European Central Bank (ECB) published the Guide to Effective Risk Data Aggregation and Reporting (RDARR) in July 2023, which contains clearly formulated implementation expectations that have already been discussed in previous best practice publications. This was aimed at improving the progress of implementation, which in the view of the supervisory authorities has so far been insufficient. The final guide was published on May 3, 2024, taking into account the feedback from the consultation phase with market participants.

The ECB has identified seven key areas for action in the Guide:

  • Tasks and responsibilities of the management body
  • Sufficient scope of application
  • Effective framework for data governance
  • Integrated data architecture
  • Group-wide data quality management and standards
  • Timeliness of internal risk reporting
  • Effective implementation programs

The ECB has identified seven key areas for action in the Guide:

  • Tasks and responsibilities of the management body
  • Sufficient scope of application
  • Effective framework for data governance
  • Integrated data architecture
  • Group-wide data quality management and standards
  • Timeliness of internal risk reporting
  • Effective implementation programs

For better readability, we at fink. have broken down the requirements of the supervisory authority into three central areas, which the regulator is particularly targeting with this publication:

Establishment of robust
data governance structures

Dedicated strategic support and relevance at Management Board level

Objective: Relevance and assertiveness to continuously improve data aggregation capabilities and data quality

  • Sharpening the strategy for data management
  • Setting up, driving forward and controlling the necessary measures (budget allocation and escalation)

Competence equipment of the 3-Lines-of-Defense (LoD)

Objective: Appropriate and functional governance framework

  • Introduction or strengthening of the validation function (2nd LoD) in a clear-cut organizational structure.
  • Improvement of the central DG/data management function. Adapted resources to fulfill the strategic goals (“change-the-bank excellence”).
  • Clearly defined roles and responsibilities

Comprehensive coverage of bank management

Objective: Group-wide uniformity of the procedures applied

  • Determination of relevance for entities, departments, processes and along the data lifecycle.
  • Clear end-to-end documentation of data for reports, models and KPIs at attribute level.

Data management methods integrated
into bank management

Embedding the DQ results in bank management

Objective: Consideration of the impact of DQ errors on the information quality of management-relevant key figures

  • Determination of the influence of DQ errors on the informative value of management-relevant key figures.
  • Dedicated reconciliation strategies (“by design”), clearly documented defaulting strategies for DQ errors
  • Complete register of all DQ errors and clear assignment of responsibilities (data user & data owner).

Implementation of DQ rules and DQ reporting

Objective: Holistic, automated measurement and control of data quality

  • As automated as possible, from the source system to the final report including all EUCs (prerequisite: adequate level of detail in technical data lineage).
  • Use of rule-based and statistical test rules.
  • Improvement of aggregation and drill-down capacities in DQ reporting for the presentation of DQ in management reporting.

Minimization of error susceptibility through improved process documentation and IT integration

Objective: Reduction of error susceptibility

  • Careful documentation of manual processes and successive transfer of EUCs with a material impact on data quality into stable IT processes.
  • Documented corrections using the dual control principle as a last resort

Future-proof fit-for-purpose architectures

Adequacy of the bank management architecture for stress situations

Objective: Modernization of the IT architecture to enable timely and granular reporting even in times of crisis

  • Expansion of dedicated ad hoc reporting and simulation capabilities.
  • Reduction of IT fragmentation and continuous digitalization and automation of data aggregation and bank management processes.

Complete overview of the technical context of bank architecture

Objective: Disclosure of harmonization and optimization potentials as well as transparency regarding technical correlations for deriving DQ implications

  • Developing the capacity to carry out impact analyses in the event of DQ anomalies.
  • Up-to-date and complete data lineages from a technical perspective and, in particular, from a business perspective for the bank as a whole.

New technologies for adaptable and efficient control

Objective: Changes can be made quickly, cost-effectively and in a modular fashion

  • With cloud-based technologies, MVP-based data products can bring rapid improvements.
  • Sandbox-based approach for successive training of the team.
  • Also useful for enhancing existing bank management platforms.

Classification of specific implementation expectations

BCBS239 initiatives are often focused purely on the fulfillment of regulatory requirements (“check-box” mentality). The use of the scope to create concrete added value for the bank is often neglected. A long-term strategy to improve RDARR capacities while achieving cost reductions cannot be achieved through singular, uncoordinated “tactical” measures. In order to avoid such inefficiencies, holistic transformations are usually necessary, but these are rarely found in the current market or are not pursued with the necessary consistency.

Holistic view of data: fink. helps to implement the ECB requirements for an integrated data architecture

In the feedback statement also published by the ECB on the feedback from the consultation phase of the ECB draft, the supervisory authority’s expectations of a holistic approach based on an integrated data architecture are once again emphasized. As a first step, institutions should gain clarity about the key activities that are necessary for them.

Click on the picture for a better view.

At fink. we have a comprehensive transformation framework and concrete project experience in the implementation of RDARR requirements. We support you in the classification of the RDARR requirements, the implementation of efficient measures for your institution and in the preparation and monitoring of on-site inspections (OSIs) by the supervisory authorities.

Contact at fink.

Matthias Mersdorf
Managing Director

e-mail
Phone: +49 172 7507 479

Noëmi Schmutzer
Managing Director

e-mail
Phone: +43 676 8819 1100

Roderick Unterschemmann
Senior Consultant

e-mail
Phone: +49 162 2913 493