Data Governance and Data Quality Management

In 2024, the European Central Bank (ECB) published its final 'Guide on effective risk data aggregation and risk reporting (RDARR)', specifying minimum supervisory expectations for financial institutions to strengthen their capabilities in risk data aggregation and data quality management. At the same time, it made banks' RDARR capabilities one of its supervisory priorities, as did national regulators like Bundesbank.

The RDARR Guide introduces a harmonised framework that operationalizes the BCBS 239 principles and includes structured criteria for data governance, integrated data architectures, and quantifiable data quality metrics in risk and financial reporting. It provides guidance not only at the European level, but also to nationally regulated institutions that are subject to MaRisk AT 4.3.4 and AT 4.3.5.

Regulatory Background

The BCBS 239 framework sets out 14 principles to establish robust data aggregation and risk reporting capabilities and ensure effective risk management and decision-making. These aim to enhance the accuracy, completeness, timeliness, and adaptability of risk information across institutions.

Historically, implementation progress has varied significantly among banks. Many have struggled to implement BCBS 239 principles due to legacy IT infrastructure, fragmented data architectures, and insufficient governance frameworks. Supervisory assessments have shown considerable gaps, which is why the ECB RDARR Guide seeks to narrow these gaps by clarifying supervisory expectations, introducing measurable compliance criteria, and reinforcing accountability through senior management oversight.

Key data quality dimensions

The ECB RDARR Guide outlines four data quality dimensions that banks should monitor: 1) Accuracy, 2) integrity, 3) completeness and 4) timeliness. In practice, there are more, such as consistency, uniqueness, validity or traceability, that should be considered along the data lifecycle of data creation, data storage and integration, and data use. However, the four dimensions in the RDARR Guide are the minimum that banks must manage.

How to Measure Data Quality …

To manage data quality, institutions need to operationalize and report it. Measuring the individual dimensions is non-trivial and aggregating them in a meaningful way even more so. BDO Professor for Digital Data Analysis and Audit Support Andreas Igl has published the 'Handbuch Datenqualität' targeted at practitioners, in which he shows how to measure the various dimensions of data quality and how to aggregate them in a context-specific Feature Reliability Score (FRS).

The FRS aggregates ratings from various data quality dimensions into a single value or a vector of values. Its primary goal is to enable a quick and comparable assessment of the quality of individual features, which makes it a powerful tool for monitoring and managing data quality.

… to actively manage it

The journey does not stop here. Data quality is never perfect and depends on the context in which the data is used. Banks must define acceptable thresholds that they subsequently need to monitor to create transparency on weaknesses to support risk-based narratives, such as ICAAP model buffers and Pillar 1 MOC (Margin of Conservatism) concepts.

Deviations must be analyzed to identify structural issues that need to be remedied. Measuring without acting upon identified deviations creates no value and only adds costs.

In the age of artificial intelligence, data quality has never been more critical. AI models rely on high-quality data to generate reliable insights and predictions. Inconsistent, incomplete, or outdated data directly impact business outcomes and undermine trust in analytics. Ensuring strong data quality is therefore not only a technical and regulatory necessity but also a strategic imperative.

How we can support you

Based on our industry experience from audit and advisory assignments, our knowledge of typical areas of regulatory concern, and supported by a solid academic background, we can help you implement or improve your data governance framework. Our services include:

1. Scope: Identify the steering-relevant KRIs/KPIs and their constituent critical data elements (CDEs) to provide focus and avoid mission creep.
2. Data Governance Framework: Define roles & responsibilities and document in hands-on policies and procedures.
3. Data architecture & data lineage: Create a comprehensive data taxonomy including a business data dictionary and a metadata repository with clear data ownership, appropriate technical and business validation rules and functional and technical data lineage for CDEs.
4. Data quality management: Design and implement a comprehensive process for identifying data quality issues, e.g. by means of your institute-specific Feature Reliability Score, documenting issues and effectively remediating them.
5. Data quality reporting: Design and implement a focused data quality reporting for all relevant stakeholders.
6. Technical implementation: Select, design and implement appropriate tools for data governance and data quality management as well as improve the structure of your technical data infrastructure.
7. On-site inspections and remediation programs: Moreover, we can help you prepare for and carry out regulatory on-site inspections as well as plan, set up and execute remediation programs to sustainably close regulatory findings.
8. Data Literacy: Build your employees' data competence and embed it across your organization to ensure that your data governance framework works in actual, daily practice.