By Phillip Dutton, CEO, Solidatus
The aftermath of the 2008 financial crisis underscored the necessity for robust risk management and decision-making frameworks within financial institutions. As a response, the Basel Committee on Banking Supervision (BCBS) introduced BCBS 239 in January 2013, a set of 14 principles designed to enhance banks’ risk data aggregation and reporting capabilities.
BCBS 239 aims to strengthen banks’ ability to aggregate risk data and improve decision-making by ensuring data accuracy, completeness, and timeliness. Compliance is essential for fostering trust in financial systems and mitigating systemic risks. However, meeting these requirements involves overcoming significant technical and organisational hurdles.
Despite a deadline of January 2016, only two of the 31 assessed global systemically important banks (G-SIBs) fully comply with all principles as of 2024, according to PwC. It is worth noting that domestic systemically important banks (D-SIBs) were expected to adopt BCBS 239 principles as well, within three years of being so designated by their respective national supervisor. At the time of writing, precisely zero D-SIBs are compliant.
This lack of compliance is largely due to challenges in modernising IT infrastructures and managing diverse, global operations. At the heart of these challenges lies a critical component: data lineage.
Why data lineage is critical for BCBS 239 compliance
BCBS 239’s principles demand traceability and governance. Compliance requires banks to aggregate risk data accurately and consistently across their global operations. They must validate the quality of their data, ensuring it aligns with business requirements, and demonstrate clear traceability and lineage to both regulators and internal stakeholders.
Data lineage helps by creating a map view of all systems and data flows. Banks can see where data comes into the business, where it has been used, how it travels through different systems, and is changed, and to see any data quality issues before it is used in its often critical, strategic and regulatory uses.
Be warned though, basic data lineage isn’t enough. Regulators often inform banks that the data lineage they have in place is not up to scratch. Typically, organisations will use the data lineage functionality included in other software they have, such as a data catalog. They assume that this means they have done what is required by regulators but later discover that the basic form of lineage included in this software is neither broad nor detailed enough for the regulators.
In its May 2024 guide, the European Central Bank states that: You need to have a data lineage solution as a minimum element of your data governance. And that, data lineage needs to be both ‘complete’, thereby encompassing a view of all the data flows across all systems, from end-to-end of your business. Not just a subset. And secondly, it must be granular and detailed, or to the ‘attribute’ level in their terms.
In short, this means that banks must be able to drill from that broad map view, right down to the column in a table level, not just to the table level. Anything less is not sufficient.
Advanced data lineage technology enabling compliance
Advanced data lineage technology plays a pivotal role in enabling compliance by offering powerful automation and visualisation capabilities. These modern tools help banks address compliance challenges effectively.
For instance, dynamic visualisation enables banks to map and display complex data relationships, providing a comprehensive view of their data landscape and enhancing both governance and quality. Automated updates ensure that data owners receive real-time alerts about potential issues, significantly reducing the manual workload.
Additionally, version control features enable banks to compare and maintain different versions of data flows, facilitating quick impact assessments and improved change management. Lastly, federated workflows distribute tasks to subject matter experts, democratising data governance and mitigating the risks associated with over-reliance on key personnel.
Leveraging technology for data lineage
When HSBC began a multimillion-dollar Wholesale Credit Lending transformation program, it had three key outcomes in mind: Reducing time to decision from months to minutes, reducing time to distribute funds to customers from months to hours, and protecting and preserving by enhancing their risk management controls. However, the bank faced a major challenge: it lacked a comprehensive understanding of its data, making it impossible to develop an effective migration strategy and achieve its targets.
Using data lineage technology, a team of two was able to document and model HSBC’s entire Credit and Lending book in under six months, demonstrating traceability from source to consumption. In total, the team successfully modelled 2,000 source tables with 80k+ fields, and 18k+ data linkages across 40 source systems used globally. The data lineage solution created a cost saving of 90%.
Meeting BCBS 239’s demands requires financial institutions to embrace modern data lineage solutions. These tools address the complexities of siloed systems, operational inefficiencies, and poor data quality, enabling compliance while delivering significant cost savings and operational improvements.
For banks striving to foster trust and confidence in their data, robust data lineage is not just a regulatory requirement, it is a strategic imperative.
