Regulatory Report Governance

If you work in a regulated industry, you have probably contributed to the planning, development, review, or distribution of one or more regulatory reports. Regulatory bodies collect those reports from both the private and public sectors for many purposes. For the financial industry, the purpose of the regulatory reporting could be, monitoring the safety and soundness of the individual legal entity, monitoring systemic risk in the banking and financial systems, measurement and operation of monetary policy, cross-border flows and exposures, and compliance with various laws. The US Federal Reserve System alone collects over 80 reports at different cuts, with different definitions, and at different consolidation levels.

Regulatory reports often have errors and omissions. There is a variety of reasons behind this, including an inadequate understanding of data, inconsistent classification, lack of ownership, lack of understanding of the reporting requirements, the complexity of legal entity organization, and mergers and acquisitions. All of these point to inadequate data governance.

To overcome the challenges, we need to establish a structure and consistency in producing reports. We need to ask a few basic questions: what are the reports we produce for various regulators, who is responsible for certifying the accuracy of the metadata of a report, who is accountable for a report, what is the source of data for a specific report or field, are there any known issues with the data used in developing a report, etc. Responding to these questions will help us identify some of the required components for governing regulatory reports.

1. Develop a list of critical reports your organization produces.
2. Create a library of metadata of reports. This may include, scope, frequency, confidentiality, primary regulatory body and country, retention, distribution list, validation check, etc.
3. Link report fields to governed data elements. Report owners need to collaborate with data stewards to define the relationships.
4. Identify data sources for each report field. If you can invest time to identify a specific table/column of a structured data source and link that to a report field, you will save time later.
5. Develop a clear accountability framework. Identify report and schedule owner. Involve the business that produces the data. Reporting is not just a back office function.
6. Understand current control gaps, open issues, and data quality assessment results of the data points required to produce these reports.
7. Define critical success factors, define KPIs, and track those. Correct the course if needed, based on the KPI metrics.