A bank should have in place a strong governance framework, risk data architecture and IT infrastructure. The board and senior management are called out to understand coverage and limitations.
Banks must demonstrate the ability to generate accurate and reliable risk data in a timely manner even for ad hoc reports during crisis or at request of the regulator.
BCBS239 explicitly challenges the silo driven structure of banks today with clear requirements to bring a holistic enterprise understanding of risk data, risk data aggregation & reporting. Holistic refers to both the understanding, which must span many disciplines, and to the community, where business, IT and Risk functions need to collaborate to bring consistency and control across the data life cycle. To satisfy this regulation a more collaborative and integrated approach to data and understanding is necessary.