Ensuring and maintaining the integrity of regulatory returns is a critical part of upholding financial regulations. Not only does it enable regulators to properly monitor financial firms, it also ensures the safety and protection of the wider financial system.
With global regulators now becoming increasingly focused on the integrity of these returns, it’s crucial that firms can demonstrate they are reporting accurate data that presents the whole picture to regulatory authorities. Here, we explore what is expected of firms and how they can ensure their reporting practices are fit-for-purpose.
What do the regulators say?
Global regulators require proof of the integrity of regulatory reporting returns to uphold effective supervision and oversight of both firms individually, and the market as a whole. Regulatory returns provide regulators with data about firms’ financial performance, risk management, and regulatory compliance. This drives accurate assessment of a firms’ financial health and risk identification and management. As well as having a robust regulatory reporting ecosystem, firms are also expected to be able to explain the decisions they’ve made related to reporting requirements. This includes demonstrating accountability for incorrect decisions, and the steps taken to rectify these.
With regulatory requirements becoming increasingly more stringent, firms are being expected to deploy three lines of defence.
- First line: To have a strong senior management attestation process that enhances internal governance and controls around key regulatory returns.
- Second line: To establish a consistent terminology and review policies, systems, and processes to ensure they meet regulatory requirements.
- Third line: To develop and execute an auditing process to provide ongoing assurance of the effectiveness of controls and regulatory compliance.
Is your regulatory reporting fit-for-purpose?
Your lines of defence can only be as strong as the preparation and planning you put into them. They must comply with the relevant reporting provisions and produce accurate data that contributes to the integrity of your regulatory reporting. There are four key areas to consider when setting your lines of defence:
1. Your governance framework
Having defined roles and responsibilities across your entire regulatory reporting cycle is crucial for ensuring a robust, consistent approach to compliance. To achieve this, firms need to be conducting independent reviews of their challenge and certification process, as well as their policies, procedures, and standards. This will enable your workforce to be on the same page. As well as to all know who is responsible for what area, and who to report any issues or concerns to.
Senior management and key stakeholders who hold responsibilities within the reporting cycle should receive targeted training. This could include corporate governance and accountability training, under frameworks like the UK’s Senior Management and Certification Regime (SM&CR).
2. Your control framework
Regulators aren’t solely interested in the fact that firms have a compliance framework in place, but also that it’s robust and controlled. Firms should be looking to gain controls testing and assurance on aspects including their data management controls that are in place to identify, investigate, and resolve data quality issues. Additionally, firms will also need to test their security controls, on aspects like entitlements, protection, retention, and archiving.
It will also benefit firms to identify opportunities for optimising manual processes tied to their key reporting capabilities—for example, through automation and using AI to support regulatory compliance.
3. Your infrastructure and capabilities
Furthermore, firms need to ensure the design and development of their reporting processes and capabilities is up to scratch. This includes having key steps laid out for aspects like data processing and the collation of key reporting data attributes.
Similarly, firms may want to consider developing their own regulatory reporting dashboards that enable them to measure the effectiveness of their data processing.
4. Your interpretations and judgements
Firms need to establish processes that are current and compliant with regulatory requirements. They also need to ensure the interpretations and judgements they make with regards to regulations are clear and consistent. Regulators are becoming increasingly interested in knowing why businesses are making certain decisions, and the information they used to determine these.
To maintain the integrity of your regulatory reporting and ensure accurate returns, it’s essential to stay current with regulatory changes. Regularly assessing and adjusting your compliance processes and policies is key to meeting these evolving standards. This is where outsourcing your regulatory compliance could come in handy.
Need help preparing your first, second, and third lines of defence? Here at Davies, our financial crime and regulatory compliance practice has delivered regulatory reporting advice and assurance to some of the world’s leading financial institutions. We can help you get on track with all four elements discussed above, utilising our regulatory compliance solutions and expertise. Our support reduces reporting complexity while increasing efficiency. Get in touch today to find out more.
