The Single Supervisory Mechanism (SSM) - The Big Data Issue

2014 is a year of change for banking supervision in Europe. The European Central Bank (ECB), national supervisory authorities and banks are busy preparing for the Single Supervisory Mechanism (SSM), which is scheduled to take responsibility for the prudential supervision of banks in the Eurozone from November 2014.

The current focus of preparations is rightly on getting ready for the start of the new supervisory regime. But if the SSM is ultimately to be a success, preparations need to begin now to tackle the strategic challenges that will become increasingly important in the medium‑term.

We believe that data and analytics (the technological solutions and mathematical techniques that support supervisors in analysing data) should be priorities for strategic investment. They could be the differentiating factors that determine whether or not the SSM delivers on the aspirations that have been set for it: to enhance the quality of supervision and policy making, to identify and implement best practice, and to be ambitious and innovative. Operating on the basis of the status quo could quickly become unsustainable.

This paper is intended to stimulate a debate as to where the ECB in particular might go in tackling these issues over the next few years. It is produced on the basis of Deloitte's experience helping many banks with a wide range of data challenges, and assisting banking authorities to develop their supervisory capabilities.

Responsibility for establishing the new benchmark for data and analytics standards naturally lies with the ECB and national supervisory authorities, but responsibility for delivering the new standards will be borne jointly by banks and supervisors. It is therefore crucial that banks in the SSM engage with supervisors in the process of developing the route map for data and analytics. While we discuss these in the paper with reference to the SSM, the precepts are also relevant to supervisors in other countries (not least because of the prospect of convergence in this area) and to firms that face demands for data from supervisors.

The best outcome will not simply be a re‑engineering of technology and practices around the status quo, but could involve a fundamental rethink of the relationship between banks and supervisors. If innovation in data and analytics can be applied to the production, management and interrogation of data, it will enable the balance of supervisory time to shift further towards addressing problems rather than merely identifying them.

Investment in data and analytics could also help supervisors better handle issues stemming from the increased complexity in banking. For example, how much of supervisory stress testing should be done by banks rather than supervisors? How far will 'modelling' approaches to capital requirements continue as at present, or will they be supplemented by various floors derived from standard formulae? One could even envisage a position where supervisors take greater ownership of the calculation of risk‑weighted assets (RWAs) themselves, for example by gaining direct access to banks' systems to source 'raw' data to double‑check calculations, rather than relying solely on banks. In the process, they could address concerns about opacity and complexity, as well as facilitate supervisory challenge. All these options would reflect changes in the costs and limitations of technology and data that in the past have prevented supervisors from using their own data‑intensive methods.

Making the case to prioritise data and analytics

Of course, data, and to a lesser degree advanced analytics, already lie at the heart of banking supervision. SSM supervisors will have ready access to data reported under the EU supervisory framework, for example, which are extensive in their coverage and will form the bedrock of the SSM approach. Guidelines on the Pillar 2 Supervisory Review Process set expectations about supplementary data requirements.1 At issue now are the steps that can be taken to improve the accuracy and comparability of data that are received; whether and how data requirements should go beyond standard supervisory reporting; and how the information can best be analysed and shared.

The SSM supervisory framework and approach, which will be important in scoping data and analytics requirements, are in development. It is already clear from existing best practice and insights from the ECB's comprehensive assessment exercise what the key features will be. In particular, supervisors require:

ready access to complete, high quality, reliable and timely data; comparable data across firms, to support system‑wide and peer group analysis - including the construction of relevant peer groups on a cross‑border basis, and to streamline analysis of individual firms; the ability to perform 'deep dives' on areas of concern at an individual bank, peer group or banking sector level; and the ability to deploy advanced analytical techniques to detect trends and pin‑point areas of concern, to enable supervisors to be forward looking and proactive. The precise requirements will be further informed by international guidelines, such as the Basel Committee on Banking Supervision's Core Principles for Effective Banking Supervision, which set data requirements for systemically important financial institutions (SIFIs), and by regulatory initiatives in train internationally. For instance, the revised Capital Requirements Directive (CRD IV) and the European Market Infrastructure Regulation (EMIR) have important implications for data.

Data and analytics have been found wanting in the past. For example, the recent financial crisis emphasised the need for ready access to timely, accurate and complete data - and highlighted that many banks and supervisory authorities experienced difficulties in providing that. As supervisors sought to tackle problems, their efforts were hampered at times not only by a lack of data, but also by gaps in understanding of the quality of data available, or by difficulties scaling up their analytical infrastructure to quickly perform a 'deep dive' analysis on a particular area of concern at a bank, or across several banks. These experiences illustrated how, in some respects, technology and data governance processes had not kept pace with the growth and increased complexity of banks and banking, even if adequate analytical techniques had been available.

Although the direction of travel is now clear, there is still work to be done in meeting these standards. For example, the Basel Committee's progress report on adoption of its Principles for effective risk data aggregation and risk reporting, published in December...