PRA Letter Sets Out Findings on Reliability of Regulatory Reporting
PRA published a "Dear CEO" letter that sets out findings of a review on the reliability of regulatory reporting and reiterates the supervisory expectations on regulatory reporting. The PRA assessment found significant deficiencies in a number of processes used by firms to deliver accurate and reliable regulatory returns and noted an increased risk of material misstatements from firms that did not meet the expectations. The key findings set out in this letter cover the areas of governance and ownership, controls, and data and investment. Overall, PRA expects for all firms to submit reliable and accurate regulatory returns and for the regulatory reporting process to receive no less rigor than financial reporting.
The following are the key findings and the related supervisory expectations, as set out in the letter:
- With respect to governance and ownership, PRA found instances where responsibilities were dispersed across multiple individuals and teams and delegated too far down the organization. This issue was heightened in some cases where firms had complex and fragmented end-to-end processes, which often meant there was a poor understanding and documentation of the entire process. PRA expects responsibilities to be clear for those involved in all stages of the end-to-end regulatory returns process. PRA also observed instances of poor governance around key regulatory interpretations, including a lack of basic documentation, periodic reviews, and/or appropriate sign-off. In these instances, PRA expects firms to undertake work to identify the key interpretations and judgments, validate these interpretations and judgments, and correct them, where appropriate. When errors are identified for any reason after submission of the returns, firms should review the impact and resubmit where there are material errors.
- With respect to controls, PRA identified a number of gaps in end-to-end processes for regulatory returns, such as insufficient controls around models, issues with End User Computing (EUC), and a lack of reconciliation check for errors. PRA expects operating models to be clearly documented with effective controls at each stage of the process. Poor documentation led to a lack of understanding of both the controls and their effectiveness and ultimately errors in reporting. This was exacerbated by a high degree of manual intervention in the end-to-end processes for regulatory returns.
- PRA review highlighted that many firms have not prioritized investment in regulatory reporting, leading to reduced capacity and capability compared with financial reporting. Focus is often placed on implementing tactical fixes rather than strategic ones. The reviews found that firms must also place greater focus on robust sourcing of data to support allocation of assets between exposure classes. This should be supplemented by clear governance and sign-off when incomplete data is used.
PRA plans to follow up with the relevant firms on specific findings from the review. It expects firms’ remediation plans to be strategic, appropriately resourced, and address the root causes of those issues. Given the importance of robust regulatory returns, PRA expects all banks, designated investment firms, and building societies to consider the findings in this letter and any work they may need to do to remediate applicable issues, to improve the governance, controls, and data in context of the regulatory reporting.
Related Links
Keywords: Europe, UK, Banking, Reporting, Governance, Investment Firms, Internal Controls, Operational Risk, Compliance Risk, Basel, FSMA, PRA
Featured Experts

María Cañamero
Skilled market researcher; growth strategist; successful go-to-market campaign developer

Nicolas Degruson
Works with financial institutions, regulatory experts, business analysts, product managers, and software engineers to drive regulatory solutions across the globe.

David Fihrer
Skilled life insurance actuary; subject matter expert on IFRS 17 and source of earnings
Previous Article
EBA Revises List of Validation Rules for Reporting by BanksRelated Articles
EBA Clarifies Use of COVID-19-Impacted Data for IRB Credit Risk Models
The European Banking Authority (EBA) published four draft principles to support supervisory efforts in assessing the representativeness of COVID-19-impacted data for banks using the internal ratings based (IRB) credit risk models.
EP Reaches Agreement on Corporate Sustainability Reporting Directive
The European Council and the European Parliament (EP) reached a provisional political agreement on the Corporate Sustainability Reporting Directive (CSRD).
PRA Consults on Model Risk Management Principles for Banks
The Prudential Regulation Authority (PRA) launched a consultation (CP6/22) that sets out proposal for a new Supervisory Statement on expectations for management of model risk by banks.
EC Regulation Amends Standards for Calculating Credit Risk Adjustments
The European Commission (EC) published the Delegated Regulation 2022/954, which amends regulatory technical standards on specification of the calculation of specific and general credit risk adjustments.
BIS Hub Updates Work Program for 2022, Announces New Projects
The Bank for International Settlements (BIS) Innovation Hub updated its work program, announcing a set of projects across various centers.
EIOPA Issues Cyber Underwriting Proposal, Statement on Open Insurance
The European Insurance and Occupational Pensions Authority (EIOPA) published two consultation papers—one on the supervisory statement on exclusions related to systemic events and the other on the supervisory statement on the management of non-affirmative cyber exposures.
US Senate Members Seek Details on SEC Proposed Climate Disclosure Rule
Certain members of the U.S. Senate Committee on Banking, Housing, and Urban Affairs issued a letter to the Securities and Exchange Commission (SEC)
EIOPA Consults on Review of Securitization Framework in Solvency II
The European Insurance and Occupational Pensions Authority (EIOPA) published a consultation paper on the advice on the review of the securitization prudential framework in Solvency II.
UK Authorities Issue Regulatory and Reporting Updates for Banks
The Prudential Regulation Authority (PRA) issued a statement on PRA buffer adjustment while the Bank of England (BoE) published a notice on the statistical reporting requirements for banks.
BCBS Issues Climate Risk Principles while HKMA Expresses Its Support
The Basel Committee on Banking Supervision (BCBS) issued principles for the effective management and supervision of climate-related financial risks.