knowledge 8 May 2017 |

Getting Regulatory Reporting Right

Background

Regulatory reporting is key to the effective supervision of banks. The CBI uses regulatory returns for a number of purposes,  including:

• assessing a bank’s risk profile;
• monitoring a bank’s adherence to regulatory  requirements;  and
• assessing a bank’s financial position.

The CBI recently completed a thematic inspection of a number of international banks with a view to assessing the extent  to which it can rely on the accuracy and integrity  of  regulatory  returns submitted. It published its Report outlining the results of that inspection on 12 April 2017.

Overview

The thematic inspection specifically focused on the banks’ processes for generating:

• Risk Weighted Assets (RWAs) and own funds  for  Common  Reporting (COREP);
• Off-balance sheet items, Financial reporting  (FINREP); 
• Large Exposure Returns  (LEX); and
• Liquidity Coverage Ratio (LCR).

Following on from  the  inspection,  the Report sets out a number of findings and outlines  the  CBI’s  expectations  in  relation to these findings. In summary, these are as follows:

Quality and comprehensiveness of documented products: a number of banks had  inadequate  or  incomplete  procedures for  the  generation  of  the  regulatory returns.  The  CBI  expects  banks  to  ensure that they have established comprehensive documented procedures for the  preparation of  regulatory  returns,  which,  at  a minimum,  address  the  points outlined in Finding 1 of Appendix 1 of the Report. It also expects the relevant procedural document to be approved at an appropriate management forum and to be  reviewed  at least annually.

Resourcing of the Regulatory Reporting Function: the resourcing of the Regulatory Reporting  Function  is  deficient  in  a number of banks, from both a human and Information Technology perspective. Regarding human resources, the CBI is concerned that a number of banks over- relied  on  the  experience  and  knowledge of key staff, had no  formal  training  for staff, no formal succession plan, and had failed to ensure staff awareness  of  the bank’s  regulatory  obligation. Regarding IT, in general, the generation of regulatory returns  was  excessively  manual  with limited  integration  of  source  systems  and an over reliance on manual adjustments and Microsoft  (MS) Excel.

Reconciliation and Data Quality Assurance: a number of banks had failed to  put  in  place  a  robust  reconciliation and  data  quality  assurance process aimed at  ensuring  the  integrity  of  the data employed in the regulatory returns. Data quality issues were identified in all banks to varying degrees. In addition, a  number  of  banks  had  failed  to  put  in place a formal data attestation  process between business lines and the Regulatory Reporting Function, which, combined with gaps in data validation and verification, resulted in the use of inaccurate data for  the  generation  of  regulatory  returns. The Report also identified a number of fundamental errors in regulatory reporting submissions, which should have been identified and remediated during the management  review  process.

Deficiencies  in  the  three  lines  of defences:  according  to  the  Report,  the scope, depth and frequency of the Internal Audits conducted within the banks relating to the  end  to  end  regulatory  reporting process fell significantly below the CBI’s expectations.

Inconsistencies in the  implementation of the LCR: instances of material misreporting  were  identified  in  relation to the LCR (DA). The Report also identifies three common  themes  in  relation  to  the LCR (DA) process, relating to:

• incorrect inflow and outflow rates being used due to misclassification of elements of  the LCR;
• weaknesses in the approach used for consideration of the Historical Look-Back Approach; and
• inadequate development of the Liquidity Risk Framework in relation to the LCR requirements.

Categorisation and reporting of large exposures: a number of banks failed to adequately document the LEX reporting process and the thematic inspections identified misreporting issues due to system limitations and  the  requirement for excessive manual intervention in the production of the return. The inspection identified common themes in relation to the categorisation and reporting of LEX relating to:

• a lack of comprehensive procedural documentation;
• inaccurate reporting of LEX under Article 394(1)(b) of the Capital Requirements Regulation  575/2013;
• a sub-standard reconciliation process; and
• lack of adequate review and approval of the return.

Next Steps

The CBI has written to all of the international banks informing them  about its findings and has issued reconciliation plans to the in-scope banks with specific timeframes set for the closure of the issues identified.

The CBI expects all banks operating in Ireland to have in place robust regulatory reporting  processes  and  controls that are  proportionate  to  their business. In view of the fact that only one of the banks inspected by the CBI demonstrated an  appropriate  control environment in relation to the production of their regulatory returns, each bank should carefully evaluate the adequacy of its regulatory reporting framework in light of the findings set out in the Report and put   in place remediation plans for any issues identified.

For information about McCann FitzGerald’s Financial Services Compliance Support see here.