Risk Data Aggregation and Risk Reporting
BCBS 239, also known as the "Principles for effective risk data aggregation and risk reporting," is a set of guidelines published by the Basel Committee on Banking Supervision in January 2013. The primary goal of BCBS 239 is to enhance banks' risk data aggregation capabilities and reporting frameworks. This, in turn, aims to improve risk management and decision-making within banks.
The guidelines consist of 14 principles divided into four key areas: governance and infrastructure, data aggregation capabilities, risk reporting, and supervisory review.
RDARR stands for Risk Data Aggregation and Risk Reporting. It is essentially the practical implementation of the principles outlined in BCBS 239. The main objectives are to strengthen risk management, improve decision-making, and ensure that banks can provide accurate and timely risk information to regulators.
The primary entities impacted by RDARR are large banks, specifically Global Systemically Important Banks (GSIBs) and Domestic Systemically Important Banks (DSIBs).
However, many smaller banks also adopt these principles to improve their risk data aggregation and reporting capabilities. The guidelines impact various stakeholders within these institutions, including senior management, risk management teams, and IT departments.
The BCBS 239 guidelines were initially published in January 2013, marking the beginning of a new era in risk data aggregation and reporting standards. By 2016, 25 institutions were reviewed to assess their compliance with these guidelines. However, by 2019, it was noted that insufficient progress had been made, indicating the need for continued efforts to improve RDARR capabilities.
In 2023, the RDARR publication further emphasized the importance of effective risk data aggregation and reporting. The European Central Bank (ECB) released a comprehensive guide on effective risk data aggregation and risk reporting, which outlines prerequisites for RDARR to assist banks in strengthening their capabilities. This guide builds on good practices observed in the industry and specifies supervisory expectations, aiming to ensure substantial progress in remedying identified structural shortcomings in risk data aggregation.
From 2023 to 2025, RDARR has been identified as a supervisory priority, with ongoing reviews and thematic assessments conducted periodically to ensure that banks are making progress and addressing any deficiencies in their risk data aggregation and reporting practices
In the ECB's Supervisory Priorities for 2025-27, one of the key priorities is for banks to remedy persistent material shortcomings in an effective and timely manner. This is particularly relevant for RDARR, where some banks have not yet fully addressed major deficiencies despite long-standing engagement with supervisors. The ECB emphasizes the need for banks to take decisive action to improve their risk data aggregation and reporting capabilities.
Data governance refers to the framework and processes that ensure high-quality data management throughout its lifecycle. In the RDARR, it involves establishing policies, standards, and procedures to manage risk data effectively. This includes data collection, storage, processing, and reporting.
Data lineage refers to tracing and reporting the flow of data from its origin through various stages of processing to its final form. It involves documenting the data's journey, including its sources, transformations, and destinations. This helps in creating a transparent and traceable path for risk data, ensuring that it can be trusted and effectively used for risk management and regulatory reporting.
© 2025 Regnology Group GmbH Tous droits réservés
EN 
DE 
