Financial institutions and banks are obliged to submit various reports to supervisory institutions periodically. The scope of data, calculations created from them, and newer versions of taxonomies (often requiring new technological solutions, such as the introduction of the XBRL-JSON format) make the obligated entities use IT systems that significantly facilitate the creation of correct reports that meet the requirements of national and European supervisors.  

Increasingly, reporting system providers offer services in the SaaS (Software-as-a-Service) model, which benefits financial institutions. This article will look at these advantages and check what FINGO Systems specialists say about cloud solutions. 

Stronger security resulting from the requirements of supervisory institutions

The process of purchasing cloud systems by financial institutions is more complicated than that of companies operating in a less regulated market.  

The regulator requires that supervised financial institutions deciding to outsource services must first conduct a risk analysis and supplier assessment. Risk assessment involves identification, possible mitigation (transfer, e.g. through insurance), reduction or acceptance (however, this cannot be thoughtless and must be preceded by an in-depth analysis). After adapting the procedures, documentation and safeguards to the needs and actual state of the supervised entity, it must submit a notification to the supervising institution.  

Therefore, some reporting system providers try to complete the process above. They implement the current, highest security standards following the requirements of supervisory institutions so that financial institutions deciding to purchase the system have an easier decision-making path.  

For this reason, companies offering external reporting software in the SaaS model have much higher security than a small organisation could provide with its resources.  

"Responsibility for system security is largely delegated to the SaaS service provider. However, this does not release the recipient from joint responsibility for security - the client's internal infrastructure is the most common target of cyberattacks. The use of good practices, such as password policy, the principle of least privilege, or multi-factor authentication, as well as prevention within the organisation (e.g. training in the basics of network security), are crucial in maintaining an appropriate level of protection of the entire system", says Maciej Bała, Security Operations Engineer at FINGO. 

Maintenance-free updates as a service on the system publisher's side  

Maintaining a SaaS product involves updating the system in two areas. The first is technological, i.e. all activities related to improving the system and correcting errors to ensure safe and uninterrupted access to the cloud application.  

The second area is to update the taxonomy. This is particularly important due to the dynamically changing guidelines of supervisory institutions, both in terms of submitting new reports and the scope of those already in force. In order to ensure compliance with the supervisor's current requirements, cloud systems are constantly updated, and the change itself is automatic and does not involve end users. Thanks to this, bonded institutions no longer have to worry about updates, but they can also be sure that the reports they create are correct.  

"To provide our current and future clients with satisfactory systems, we constantly monitor and take steps to adapt our systems for regulatory reporting to the requirements of supervisory authorities. We implement all system updates without involving users who are already using our cloud systems. Previously, the administrator of IT systems on the client's side would have to perform such an update himself by uploading a new version of the system to the company server", says Joanna Popowicz, Project Manager at FINGO Systems.  

"We are currently preparing to implement solutions enabling the transfer of data related to interest rate risk management in the banking book (IRRBB – Interest Rate Risk in the Banking Book)", she adds. 

Less involvement of IT System Administrators  

An IT Systems Administrator is a person without whom the operation of any larger organization is practically impossible today. The tasks of this employee include, among others, installing and configuring servers, software and end devices and securing processed data. Unfortunately, good IT specialists are sought after and, therefore, difficult to find in the labour market and well-paid. Cloud-based systems have little impact on managing the company's internal infrastructure. This translates into less involvement from internal IT specialists because:  

• eliminates the process of purchasing new servers on which the classic reporting system would be installed;  
• does not require installation of the system on employee desktops or subsequent updates.  

"The role of an IT system administrator when implementing ready-made cloud systems seems to be minimal, but the skills of these specialists are still invaluable in efficiently implementing a new application. S/he has access to the administration console, which s/he manages the permissions of users (his/her colleagues) in our system. Moreover, our clients using the classic reporting system, aSISt, can transfer their data to its cloud equivalent – eON. Then their IT employee helps us migrate data from the company's server to "our" cloud environment", says Bartłomiej Knapik, Release and Platform Manager at FINGO. 

More pleasant creation of reports for regulatory reporting  

In many countries, information marking technology, i.e. XBRL language, has been chosen as the format for regulatory financial reporting to supervisory institutions. This means creation is more challenging than before when reports could be created and sent simply in Excel. Moreover, reporting systems require high computing power due to the amount of data processed. At the same time (depending on the type of financial institution and report), the duration of use of these systems varies.  

For example, some reports, e.g. net stable funding ratio (NSFR) or liquidity coverage ratio (LCR), must be sent daily to the supervising institution. Some reports are prepared less frequently – monthly, quarterly, and annually.  

The advantages of the cloud, such as its scalability and flexibility, make it easier for providers of cloud reporting systems (from a technical and organisational point of view) to provide functions that facilitate the work of people creating reports. An example of such functions in the eON system is the ability for several people to work simultaneously on one report while maintaining a satisfactory system operation speed. Adjusting the elements on the screen according to personal preferences (a customisable graphical user interface (GUI) means that each employee can use the application according to their preferences.  

“Our clients appreciate the reporting service provided in the SaaS model, valuing its high flexibility and efficiency. The ability of many users to collaborate on one report and the ease of sharing specific report cells thanks to unique links and the personalised interface have gained recognition. All this means that it is a well-known solution, presented in a new, even better version”, says Michał Stawniak, Business Development Manager at FINGO Systems.   

Implementation of the functions mentioned above would also be possible in classic systems. Still, it would require the client to provide servers with high computing power, which would not be economically justifiable in companies that occasionally submit reports, e.g., once a quarter. 

Migration to the cloud as a response to ESG assumptions  

Aspects related to the low-emissions economy increasingly appear in conversations in the banking industry. This has resulted in a greater sensitivity of decision-makers to technological solutions that bring financial institutions closer to so-called climate neutrality. There are many possible ways to reduce IT infrastructure emissions. One of them is migration to the cloud, whose resources can be used adequately to the organisation’s current needs, which is particularly helpful in the case of systems used for a very short period. Using systems with a more efficient architecture or implementing a more user-friendly interface will reduce users’ working time.  

“Integrating ESG aspects into a company’s strategy and operations is voluntary and proves the company’s maturity and ethics. This set of principles is closely related to the ISO 26000 standard, which contains guidelines on social responsibility and is intended to promote long-term sustainable development in the organisation, eliminate discriminatory and corrupt behaviour, and minimise the negative impact of activities on the environment. Investors, clients, employees and other stakeholder groups increasingly pay attention to ESG-related practices when making investment decisions or selecting business partners. As a result, financial institutions, including banks, are increasingly paying attention to good practices suppliers use. Their transparent and responsible activities in the ESG area are becoming important criteria for assessing business partners”, says Kinga Brzozowska, Information Compliance Officer at FINGO.  

 Advantages of using a regulatory reporting system in the SaaS model – summary  

Reporting systems offered in the SaaS model have many technological and functional advantages. Their purchase eliminates the tedious process of adapting your infrastructure to the system’s technical requirements, saving time and reducing the involvement of internal IT employees. Cloud systems with intelligently designed architecture can be deployed anytime and place without impacting the environment.