PRA published a "Dear CEO" letter that sets out findings of a review on the reliability of regulatory reporting and reiterates the supervisory expectations on regulatory reporting. The PRA assessment found significant deficiencies in a number of processes used by firms to deliver accurate and reliable regulatory returns and noted an increased risk of material misstatements from firms that did not meet the expectations. The key findings set out in this letter cover the areas of governance and ownership, controls, and data and investment. Overall, PRA expects for all firms to submit reliable and accurate regulatory returns and for the regulatory reporting process to receive no less rigor than financial reporting.
The following are the key findings and the related supervisory expectations, as set out in the letter:
- With respect to governance and ownership, PRA found instances where responsibilities were dispersed across multiple individuals and teams and delegated too far down the organization. This issue was heightened in some cases where firms had complex and fragmented end-to-end processes, which often meant there was a poor understanding and documentation of the entire process. PRA expects responsibilities to be clear for those involved in all stages of the end-to-end regulatory returns process. PRA also observed instances of poor governance around key regulatory interpretations, including a lack of basic documentation, periodic reviews, and/or appropriate sign-off. In these instances, PRA expects firms to undertake work to identify the key interpretations and judgments, validate these interpretations and judgments, and correct them, where appropriate. When errors are identified for any reason after submission of the returns, firms should review the impact and resubmit where there are material errors.
- With respect to controls, PRA identified a number of gaps in end-to-end processes for regulatory returns, such as insufficient controls around models, issues with End User Computing (EUC), and a lack of reconciliation check for errors. PRA expects operating models to be clearly documented with effective controls at each stage of the process. Poor documentation led to a lack of understanding of both the controls and their effectiveness and ultimately errors in reporting. This was exacerbated by a high degree of manual intervention in the end-to-end processes for regulatory returns.
- PRA review highlighted that many firms have not prioritized investment in regulatory reporting, leading to reduced capacity and capability compared with financial reporting. Focus is often placed on implementing tactical fixes rather than strategic ones. The reviews found that firms must also place greater focus on robust sourcing of data to support allocation of assets between exposure classes. This should be supplemented by clear governance and sign-off when incomplete data is used.
PRA plans to follow up with the relevant firms on specific findings from the review. It expects firms’ remediation plans to be strategic, appropriately resourced, and address the root causes of those issues. Given the importance of robust regulatory returns, PRA expects all banks, designated investment firms, and building societies to consider the findings in this letter and any work they may need to do to remediate applicable issues, to improve the governance, controls, and data in context of the regulatory reporting.
Keywords: Europe, UK, Banking, Reporting, Governance, Investment Firms, Internal Controls, Operational Risk, Compliance Risk, Basel, FSMA, PRA
Previous ArticleEBA Revises List of Validation Rules for Reporting by Banks
The three European Supervisory Authorities (ESAs) issued a letter to inform about delay in the Sustainable Finance Disclosure Regulation (SFDR) mandate, along with a Call for Evidence on greenwashing practices.
The International Sustainability Standards Board (ISSB) of the IFRS Foundations made several announcements at COP27 and with respect to its work on the sustainability standards.
The International Organization for Securities Commissions (IOSCO), at COP27, outlined the regulatory priorities for sustainability disclosures, mitigation of greenwashing, and promotion of integrity in carbon markets.
The European Banking Authority (EBA) issued a statement in the context of COP27, clarified the operationalization of intermediate EU parent undertakings (IPUs) of third-country groups
The Office of the Superintendent of Financial Institutions (OSFI) published an annual report on its activities, a report on forward-looking work.
The Australian Prudential Regulation Authority (APRA) finalized amendments to the capital framework, announced a review of the prudential framework for groups.
The Bank for International Settlements (BIS) Innovation Hubs and several central banks are working together on various central bank digital currency (CBDC) pilots.
The Financial Accounting Standards Board (FASB) is seeking comments, until November 03, 2022, on the proposed technical and other conforming improvements for the 2023 GAAP Financial Reporting Taxonomy.
The European Central Bank (ECB) published the results of its thematic review, which shows that banks are still far from adequately managing climate and environmental risks.
Among its recent publications, the European Banking Authority (EBA) published the final standards and guidelines on interest rate risk arising from non-trading book activities (IRRBB)