Finance and Risk Integration

In September 2021, the Prudential Regulation Authority (PRA) released its thematic findings related to the reliability of regulatory reporting in the UK. The PRA expressed concern regarding the significant number of deficiencies identified across a number of banks’ processes as they relate to producing accurate and reliable regulatory returns. In particular, the regulator highlighted that many banks had fragmented cross-functional end-to-end legacy processes that prioritised tactical fixes and relied on ineffective controls. These issues are by no means limited to banks in the UK. Following the 2007/2008 Financial Crisis, regulators around the world, including the BCBS, placed significant pressure on banks to improve their data aggregation and reporting capabilities. Deeply embedded data landscapes and increasingly granular regulatory reporting requirements have, however, together hindered industry refinement in this area. These chronic pain points have not only led to concerning findings by regulators, but also continue to stifle banks’ strategic decision-making and risk management capabilities.

To establish a robust integrated data foundation for downstream data and reporting processes, financial institutions – especially banks – will need to tackle some unglamorous but nonetheless critical tasks. This will include organisational and data structure redesign, data governance reviews, and active remediation of years’ worth of tactical fixes and data workarounds.

Current State

Bank functions, including risk, finance, and treasury, have often employed siloed approaches when sourcing and utilising data throughout the enterprise. These disparate data solutions – each with their own data marts and customised extract-transform-load (ETL) processes – are undoubtedly useful, having allowed these functions the independence and flexibility to meet their own data needs. However, while the same source data is often utilised across functions, the disparate processes that apply along the end-to-end processes of the various risk areas produce diverging and difficult to reconcile outputs. An uncoordinated approach to finance and risk creates pain points throughout the enterprise, with a lack of standardisation, control and transparency often resulting in significant data aggregation and reporting failings. These become most apparent when multiple datasets converge across the functions but cannot be easily compared or consolidated due to the varying views and granularity.

Maintenance of Multiple Extraction, Transformation and Load Procedures

As a result of various individual processes to satisfy reports by discipline, ETL procedures within the bank are often duplicated. To add another layer of complexity, these data extraction procedures are often built using different technologies and will have different teams responsible for the maintenance of these procedures. Changes to front-end systems must be updated across multiple downstream processes and if the change is not consistently applied, this may amplify the reconciliation differences that may have already been experienced in the past.

Inconsistent Application of Adjustments The requirement to adjust data and correct data quality issues, such as financial or reference data,used throughout the processes of aggregating and compiling regulatory reports is often highlighted as a major contributor to the need for a more flexible, ad hoc approach. Adjustments made in each process do, however, introduce a significant risk of alterations being applied in an inconsistent manner, causing further discrepancies in the data used for reporting purposes. Furthermore, required data updates are often not communicated to the original owner of the data, resulting in the same adjustments being applied every month.

The Frustration of Ongoing Reconciliation

Analysts who should be focussed on identifying business insights and trends contained within the available data and providing management information for decisionmaking often spend the largest part of their working day reconciling data and providing explanations for the differences observed. Although in some cases there may be valid reasons for the differences in various reports, the processes do not allow these to be observed simply and therefore a substantial amount of effort is spent reconciling, analysing, and explaining the data used in various processes.

Ambivalent Data Ownership

Data ownership between finance and risk has become increasingly more difficult to determine. For example, regulatory capital requirements rely on highly complex risk-modelling but begin with and are reconciled to financial exposure data, creating uncertainty regarding ownership of this data and the resulting reporting. In many cases, there is no right or wrong answer as to who should own the data, although the preference is often to assign ownership where the data is created. Nonetheless, institutions that do not define and agree upon ownership and responsibility upfront run the risk of limited oversight and accountability, which is only exacerbated by fragmented data processes.

As demand for data increases, FIs without appropriate oversight and assigned stewardship of data risk creating a “wild west” environment. A lack of accountability to drive standardisation and quality controls leads to stakeholders sourcing and transforming data as they see fit, undermining any efforts to establish a golden source. This results in data being used for purposes for which it was never intended. Similarly, data adjustments and fixes can be difficult to implement without a data owner overseeing and driving these updates

Neglected Insight Capabilities

Ultimately, the effective consolidation of various output datasets, which enable capabilities such as single view of customer, is impaired by the lack of integration outlined above. Fragmented data processes lead to functions within an institution focusing on completing their own objectives without consideration of the requirements of enterprise-wide services. An example of this would be the failure to produce results at a sufficient level of granularity by one area, which means that it cannot be leveraged by another, for example to build customer value management insights.

Similarly, finance’s month-end close process becomes a reflection of the data architecture that underlies it. Continual maintenance and monitoring through reconciliations, controls, and manual adjustment places chronic strain on deadlines, as well as staff, and ultimately reduces the function’s strategic value.

Given the commonality of data for finance and risk, as well as their established symbiotic relationship, finance and risk integration has become a critical initiative to embed and enforce alignment and collaboration to address these pain points.

FINANCE AND RISK INTEGRATION PRINCIPLES

Finance and risk integration primarily aims to reduce data and process duplications, overlap, and other inefficiencies that result from a siloed data environment. While there is no standard solution that should be applied, certain principles should be followed to address the issues detailed above and the various concerns that regulators have raised.

Centralisation

Stakeholders often assume that the only answer to an integrated risk, finance and treasury landscape is to centralise all processes, but this is not necessarily the case. Although centralisation of data sourcing is not a prerequisite for finance and risk integration, it can remove the complexity of managing multiple, fragmented data marts across the various datasets, which include customer, trade, product, reference, economic, transactional and account data. Institutions can then make use of a common data landing zone and data quality layer, as well as reduced break points, either through a subledger or common date repository. It is advised that the intended solution should have the ability to integrate finance and risk output datasets to facilitate the creation of reconciled and aligned data for use in customer valuation analytics. Tagging general ledger, cost centre and account attributes across datasets at their most granular level allows for powerful insights through customer value management and advanced analytics that can then be built off a solid foundation.

Solves for:

• Disparate Data Solutions

• Adjustments and Corrections

• Reconciliations and Controls

• Data Consolidation and Insights

Standards, Classifications and Taxonomies

Data interpretations and classifications must be defined and agreed upon in order for data to be viewed and utilised consistently across the organisations. Data that is critical to finance and risk processes and reporting (“golden sources”), along with any transformations, should be identified, defined, and explained through documented metadata and business information models, while periodic reviews and appropriate sign-off should be enforced to maintain its relevancy.

Solves for:

• Reconciliations and Controls

Centralisation of Adjustments

Although the application of month end adjustments is often a pain point for organisations, it is not feasible to implement a solution that does not allow for any adjustments. When adjustments to month end data are required, it is important that controls are put in place to ensure consistent application. In addition, a process should be designed to ensure incorrect data that is being adjusted is fixed at source to avoid a situation where the same adjustments are applied every month. By creating more transparency on the adjustments made and by aligning the adjustments between various departments, the organisation is also in a better position to resolve data issues consistently at source, avoiding stakeholder misalignment, which is often a large hurdle in fixing data at source.

Solves for:

• Adjustments and Corrections

Data Governance

The application of BCBS 239 – “Principles of Effective Risk Data Aggregation and Risk Reporting” goes hand in-hand with integration projects and is fundamental to their longevity and effectiveness. It forces organisations to confront the issues of enterprise-wide data ownership and responsibility, as well as determining the controls required across key datasets and metrics – an administrative and intricate task. A robust control framework becomes critical to proper data governance, particularly in the case of complex processes across multiple data sources and systems (for example, trade capture to FRTB and IRRBB or loan management systems to IFRS 9’s ECL). Banks should aim to identify and document their operating model to determine required controls and their ultimate effectiveness. Reconciliations, in particular reconciling to the general ledger, are of paramount importance to ensure alignment between finance and risk. Reconciliations should be formalised into the control framework that is guided by comprehensive documentation of the various end-toend data processes.

Data ownership, while a laborious and often tricky task, is fundamental to ensuring senior management is actively engaged in managing its data and enforcing oversight and responsibility. This is particularly important for key regulatory interpretations and ambiguous data processes, such as the calculation and reporting of Risk Weighted Assets, and off-balance sheet data, such as the calculation of limit balances, which is further complicated by differing entity roll ups for risk (entity) and finance (account). One way to address the issue of data ownership is to implement a principle of “publish what you own” – if data is transformed or enriched through any particular process, the enhanced data is owned by the stakeholders of that process, and they must take responsibility for publishing this data for enterprise use.

Solves for:

• Data Governance and Ownership

• Reconciliations and Controls

• Data Consolidation and Insights

PROJECT IMPLEMENTATION CHALLENGES

Resolving reliability of regulatory reporting issues and misalignment between finance and risk are common and typical initiatives within banks. However, many projects do not provide adequate results due to capacity constraints, loss of momentum and, ultimately, a lack of delivery. We recommend that project managers and key stakeholders consider the following when launching and managing a project of this nature:

• A dedicated team should be established to manage and execute the initiative while ensuring a level of flexibility to adapt to changing business requirements and the capacity of the finance and risk teams.
• Project deliverables should be strategically aligned for the good of the enterprise (across finance and risk) rather than just the betterment of a single area or process. Finance and risk integration should ultimately aim to reduce the enterprise-wide inefficiencies of data silos.
• Avoid a big bang approach that leads to project fatigue. Legacy systems and processes are often so entrenched in the architecture of banks that large transformation projects can leave banks with a new set of legacy work arounds. Structure projects into workable streams (i.e. by system, product, process) that can be completed iteratively, thereby providing short-term value, creating momentum and preventing the over-burdening of the finance and risk teams.
• Maintain a strategic vision by considering and applying the principles of finance and risk integration as described above and avoid tactical fixes. Projects should strive to produce long-term, fit for purpose changes. This will require intensive stakeholder consultation and collaboration to replace tactical fixes with a fit-for-purpose, strategic solution.
• Change management is critical. Business buy-in will be required in the beginning to drive engagement. Following this, the accomplishment of iterative deliverables should be celebrated to build momentum for longer-term deliverables. As highlighted by the PRA, banks that have invested in the simplification of their data and the efficiency of their infrastructure were found to have better outcomes and fewer regulatory reporting errors. However, technology should be seen as an enabler for change in conjunction with data and process optimisation and not as a panacea in and of itself.

Finance and risk integration is an opportunity to analyse, optimise, and simplify rather than battle with the complexity of a full transformation initiative.

How Monocle Can Assist

At Monocle, we have over 20 years of expertise in finance and risk integration. We are focused on delivering long-term, customised solutions to our clients and for this reason, we align our finance and risk integration approaches to address each of our clients’ specific pain points and characteristics. Our expertise include:

• Comprehensive enterprise-wide maturity assessment to accurately identify, define and document all finance and risk integration current state, including pain points and inefficiencies.

• Technical expertise regarding data and process architectural design, with consideration of data governance, including BCBS 239, as well as process automation and optimisation, process flow management and reporting optimisation, and data visualisation.

• Programme and project management with experience across various finance and risk integration initiatives, including subledger implementation, common data repository implementation, data governance and control design and embedment, as well as extensive process optimisation.

Monocle’s sustained presence in the banking industry in the United Kingdom, Europe and across Southern Africa ensures we are well acquainted with each of our clients’ respective infrastructure and organisational structure. This competitive advantage allows us to drive and accomplish integration initiatives that inherently require significant collaboration across functions and their individual requirements.

About Monocle

Monocle is one of the largest independent management consulting firms in South Africa specialising in banking and insurance. Since our establishment in 2002, we have worked with industry-leading banks and insurance companies world-wide.

We design and execute bespoke change projects, from start to finish, bridging the divide between business stakeholders’ needs and the complex systems, processes and data that sit under the hood. We offer several unique capabilities to our clients, which have been forged over time through the combination of a highly specialised skillset and extensive experience working with the systems, processes and people that are at the heart of the financial services industry.