Attestation needs are inducing automated reporting in banks

September 05, 2017
By: Ishika Mookerjee, Citywire Asia

A rapid rise in regulations is shining the light on the need for more efficient regulatory reporting and risk management processes, as the role of attestation becomes more important than ever. This is creating a niche that some software providers are looking to fill.

AxiomSL, a regulatory reporting software company, has manufactured a data lineage tool that captures and visualises data sources, data flows and business logic from the point of data entry to the final regulatory or internal management report in response to the need for better data management within banks.

‘Regulators are asking for more information on a timely basis and on a more granular level. Earlier they were asking for information quarterly, now it’s monthly or weekly. This is a global trend,’ Abraham Teo, global head of tax products and head of product management, Asia-Pacific, at AxiomSL told Citywire Asia.

AxiomSL is currently working with banks to integrate the software. The tool is meant to aid project management, internal audit and architectural groups, and simplify reporting processes by identifying data sources and interlinkages between reports to support the attestation process. Unlike the US’ requirement for bank holding companies, in Asia, CFO attestation is not formally required, but each bank has a responsible officer for financial and operational reporting to regulators.

‘Regulators are asking who signed the report, who attested them. It’s almost like signing in blood. It is a way of making sure there are responsibilities related to the numbers,’ said Teo.

‘In the past, the regulator said, “We will assume that you’ve verified the accuracy of the numbers,” but now it’s different. Now they are saying, “You don’t have to just give me the number. You have to prove to me where this number came from.” This could happen even five years after the event.’

Most recently, the Australian Prudential Regulation Authority released a number of changes to its reporting requirements, which includes upward revisions to certain reporting thresholds and to include the cost/value of funds and margin data on interest rate forms. In Singapore, the Monetary Authority of Singapore (MAS) has outlined its risk reporting guidelines under the 610 notice, in addition to the requirements under the Basel Committee on Banking Supervision’s regulation BCBS 239, published in 2013 for global systemically important banks. The Hong Kong Monetary Authority has also taken action following the regulation.

The tool, which was made available to banks earlier this year, highlights the data sources used in the generation of a report and the reporting lines, be it related to trading, general ledger or exposure to counterparty risk. It also highlights the impact of updating or decommissioning a data source among other functions.

‘The traditional way has been someone going into Excel, putting in some information, praying that the macros work and then, following some manual intervention, building it into a report,’ said Teo. ‘That’s not going to be sustainable anymore. The way regulators are doing it, they demand automation.’

Automation will also free-up highly skilled analysts, who can be used for data analysis rather than preparing reports. ‘The value of these guys is in understanding the meaning of the data for the bank and they can provide advice and internal reporting that they couldn’t do earlier because they were using 15 days in a month to prepare reports,’ said the expert.

The biggest roadblock for the tool is data storage. While the software can store a lot of data, it depends on how much storage the banks can provide. Teo noted that as the data points grow in number, physical hard disks will no longer be the go-to option. Banks are already choosing to rent public clouds like Amazon or Microsoft, or spend more money and buy private cloud space.

‘One of my clients told me that they bought this virtualisation platform recently so it’s like an internal cloud. They have 1 terabyte of ram available, unlimited database space and some few thousand of CPU cores available,’ said Teo. ‘I can see the trend of the cloud happening. MAS also seems to be on board.’

Once the tool is integrated into banking software, a key concern of private banks comes to the fore – data privacy and permissioning. The tool masks sensitive data, allowing only those with security rights to view it.

‘A lot of our multi-jurisdictional clients set up a central hub in Asia to do the reporting and the people in different jurisdictions just sign off when the reports are submitted. But the preparers might sit somewhere else, in a slightly lower cost location, and they can only see the data pertinent to them,’ said Teo.

This article was originally published by CityWire Asia.