European Central Bank Banking Supervision published a Supervision Newsletter update setting out its supervisory work programme to strengthen banks’ risk data aggregation and risk reporting (RDARR) capabilities, citing persistent shortcomings and signalling tighter supervisory follow-up where remediation is slow. The ECB described an integrated on-site and off-site framework built on a targeted supervisory strategy launched in 2022. A centrally coordinated on-site inspection campaign started in 2022 to assess implementation of the Basel Committee’s Principles for effective risk data aggregation and risk reporting (BCBS 239) across around one-third of directly supervised entities and is nearing completion after the last inspections began towards the end of 2024, with targeted inspections to continue thereafter. Early findings pointed to weaknesses in internal governance and scope, limited progress on independent validation, and data infrastructure issues including reliance on legacy systems, weak data lineage and taxonomies, misassigned data ownership, recurring manual corrections and weakly controlled end-user computing. The ECB also referenced targeted RDARR reviews conducted over 2024, which found significant gaps against supervisory expectations, including limited recent or regular gap analyses versus BCBS 239, unclear steering value even where analyses exist, and a lack of credible target end dates. The update reiterated that the ECB Guide on effective RDARR published in May 2024 provides a common benchmark for minimum supervisory expectations without imposing new requirements. Separately, results from the 2024 Management Report on data governance and data quality exercise covering 105 banks showed increased management awareness versus the pilot, but continued critical deficiencies, with outputs feeding into SREP scores alongside the Data Quality Indicator score and the Composite Indicator on Reliability score. Next, an overarching approach approved by the Supervisory Board will monitor RDARR capability development across all banks and apply a defined escalation process with timelines and interim milestones. Where initial measures do not deliver timely remediation, the ECB indicated it will use more intrusive tools based on binding measures under Article 16 of the Single Supervisory Mechanism Regulation, including periodic penalty payments.
European Central Bank - Banking Supervision 2025-02-19
European Central Bank Banking Supervision outlines escalation process and potential penalties to address banks’ risk data aggregation and reporting deficiencies
The European Central Bank Banking Supervision outlined its programme to enhance banks' risk data aggregation and reporting (RDARR), noting persistent shortcomings and tighter follow-up for slow remediation. An integrated framework assesses compliance with Basel Committee’s Principles (BCBS 239), revealing governance, data infrastructure, and validation weaknesses. The ECB plans to monitor RDARR development with an escalation process, potentially using binding measures under Article 16 of the Single Supervisory Mechanism Regulation for non-compliance.