The reliability of regulatory reporting in 2022 – what practitioners really think

In October Teradata hosted 30 heads of regulatory reporting at its London offices together with UK Finance. The Reliability of Regulatory Reporting in 2022 event provided participants with an opportunity to meet, exchange views and experience from the coalface of regulatory reporting.

Distilling the views and experiences of these experts allowed valuable insight into the work now underway to improve this essential area of financial services operations.

Dear CEO

The ’Dear CEO’ letter of last autumn provided a framework and a backdrop for our discussions. There was a consensus that now was the time to prepare for more vigorous application and enforcement of regulatory reporting requirements. The letter calls out the gap between the care and diligence applied to financial reporting and that given to regulatory reports. An increasing number of Section 166 (s166) reviews and potential levying of fines were clear indicators that focus, investment and education are needed now to head off potentially expensive failures and fines in the near future. 

166 Business as usual

For many, the expected flurry of detailed s166 reporting requests and calls for evidence had yet to materialise, but there was widespread agreement that it was a question of “when rather than if” they would receive one. Most expected that soon responding to s166 reports would become “a business-as-usual activity,” and part of the “day-to-day supervisory process.” Following the impositions of fines across the industry, firms are now paying more attention to the ways in which regulatory failings could occur in their organisations. More are adopting risk-based strategies for regulatory returns in efforts to mitigate the chances of failures, but the discussion also acknowledged the need to “bring the rest of the business along with this approach.”

Better interpretation

Building understanding across the business and specifically helping audit committees to understand regulatory reporting to the same level that they do financial reporting was another topic of conversation. Some participants revealed that they had set up “interpretation forums” and were proactively engaging with Boards to explain the interpretation process. These cultural aspects of preparedness are crucial to overcome the instances of poor governance around regulatory interpretation mentioned in the Prudential Regulation Authority (PRA)’s letter. ‘Baking in’ governance to platforms and processes is also critical.

Model control

Data models and end-user computing both have a significant role in regulatory reporting, and adequate controls in these areas is another area of concern for the PRA and firms themselves. Both data models and end user computing (EUC) techniques provide a valuable multiplier effect helping firms to meet the diversity and volume of reporting required with limited data science experts. The group discussed whether the Dear CEO letter had led to restrictions in EUC. While some had cut their use, most agreed that the increasing diversity and amount of reporting made it difficult to reduce EUC.

It was interesting to hear from those tasked with delivering regulatory reporting about the scale and immediacy of the challenge of handling these requirements. Dealing with data quality, and ensuring the right data is in the right place to be quickly and simply leveraged at the scale required, is widely appreciated as fundamental to getting regulatory reporting done right. It was positive to hear that business leaders are now beginning to take regulatory reporting more seriously and providing resources and investment to create robust systems to manage it effectively. However, firms still struggle to make the business case with few direct benefits or growth outcomes available to prove return on investment.

A number of those present have turned to dedicated regulatory reporting software, engines and RegTech in general to help address these requirements. For some RegTech has been “at the forefront of our reporting processes.” Others use it to lesser extents and flagged that one issue was “actually getting people who understand how to use the systems.” This emphasises the broader issue that many mentioned: recruiting for roles in regulatory reporting in general against an overall market skill shortage.

Talk across the industry is of a predicted doubling of the volume of data needed for regulatory reporting over the next two to three years. Understanding where data is sourced, its latency and the controls and checks put upon how it is used will continue to be of fundamental importance to the whole process.