Two strong trends are observed on the European obligatory reporting market. The first is to strive for harmonization, i.e. standardization of the scope of collected data. The second is the increasingly frequent collection of granular (micro) data, e.g. detailed information concerning individual bank loans.  

By expanding the scope of statistics, supervisory institutions obtain results that allow them to make reliable comparisons or notice worrying trends faster, and thus take preventive actions.

Even though the goal is clear, from the point of view of obligated financial institutions, reporting large volumes of data is a demanding task.

The more detailed data for obligatory reporting, the easier it is to make a mistake

Registration reports vary in the scope of required information. The supervisor determines this scope by providing guidelines concerning the content of the file transferred between institutions. For example, in the SInF report we have more than 100 various columns (types of reported data) in several tables.

When a financial institution must report hundreds or even millions of records, it is very easy to make a mistake. Therefore, when constructing a system that supports extensive registry reports, one strives to automate the process as much as possible, thus freeing up the time of employees of the reporting department.

Many elements of the reporting process may be subject to automation, starting with feeding reports by importing data directly from the database, XML, or CSV files, through implementing ETL conversion mechanisms into the system, up to multi-stage validation and generation. These steps can be done completely automatically, and the user may be informed simply by e-mail about the process completion.

No less important is the possibility of carrying out the entire reporting process in one system. Hence, adding the function of a qualified signature, connecting systems directly to the supervisor's gateway or receiving an official receipt (UPO) or other return reports.

Thanks to automation, not only the reporting process is accelerated, but also the accuracy of the reports is ensured.

Data scattering in a financial institution and reporting requirements

Sometimes data are dispersed and located in various systems of a reporting financial institution. From the moment of collecting data, through their verification and processing, up to the final reporting, each phase requires precision and care. In the event of a mistake, the supervisor will call for the report to be corrected. In practice, this means finding an error in the multitude of data, often under a great pressure of time (usually the supervisor imposes very short deadlines). Implementation of the validation mechanisms that navigate directly to the incorrect record significantly facilitates the correction of data, and the ability of collective copying of data between versions of the report allows for efficiently preparation of a correction.

Moreover, when preparing some reports, it is necessary to remember about exceptions. A good example is the CESOP report, which concerns cross-border payments within the EU. Only when the number of individual payments made to one recipient exceeds 25 per quarter is the payment service provider obliged to report such information. If there are fewer transactions, then it is necessary to send only information concerning the lack of data to the report.

Therefore, before reporting granular data, an organization should analyse and map the locations from which the information will be retrieved, what allows compliance with the applicable regulations. Preparing appropriate procedures will also ensure that the data indicated for supply comply with the guidelines of the supervisor.

For persons responsible for preparing reports, apart from the difficulty related to the diversity of data collected by supervisors and often problematic issues related to it, such as the need to count indicators, create groups and baskets, filtering data, etc., the problem related to the sheer amount of data that need to be entered into the report comes to the fore.

When we think about the reporting we remember from a few years ago, the market was dominated by the reports manually prepared by teams of specialists. Today, due to the size of the reports, this is basically impossible. The answer to both the first and second issues consists in a properly prepared process of automatic reports feeding. The work of people is redirected to controlling, verifying, and reconciling the reports before their dispatch. Of course, this also involves many difficult issues, such as the need to identify the origin of data in an organization, as well as to create complex calculation and data processing algorithms.

That's why, as providers of such services, we create flexible tools. Thanks to this, we can take advantage of various data sources as they occur in customer environments, without the need for prior processing. Moreover, we cooperate with customers during the design and preparation of the processes supplying data directly from our customers' environments – explains Grzegorz Backer, Implementation Manager at FINGO Systems.

Multiple entities, one reporting to the local financial market supervisor

Data dispersion may also have a different aspect resulting from the organizational structure, where one group includes many independent entities. An example may consist in capital groups operating on the financial market or associations.

A special case is a situation when two Associations are operating on the banking market in Poland. An Association prepares data for Cooperative Banks, but each of these institutions sends a report independently.

Therefore, when designing the iON system, we had to take care of the absolute separation of the prepared reports. That is why it operates in a multitenant mode.

Each Cooperative Bank (tenant) represents a separate organization that logs into its account to one application installed on the Association's server. After logging in, users see only the reports that belong to their organization and those to which they have permission. In addition, the data of each tenant are stored in separate database schemes. In turn, the Association has only one application to maintain, which significantly reduces infrastructure costs and reduces the overhead on the maintenance of the application. In addition, thanks to implementation of the "Supervisory Dashboard", the Association can easily view the status of reports from all tenants.

The processes are fully automated, which means that most of the operations are carried out automatically by the application, and the status of executing the processes is communicated to the users in the form of notifications. In addition, effective management of roles and permissions ensures efficient functioning of many users from various entities – says Anna Barańska, Product Owner at FINGO Systems.

High computing power needed to process retail data in obligatory reporting systems

The size of a report prepared by an obligated financial institution depends on many factors, e.g. the number of customers, transactions, and even the reporting period, whether it is a day, a month, a quarter or a year. It may happen that during a given period the reporting institution does not identify the relevant data, e.g. that it has not served customers that are US taxpayers. Then it will only have to send information about the lack of accounts for reporting in the FATCA report.

However, in the case of financial institutions serving hundreds of thousands of customers, the volume of data transferred is huge. In such case, the reporting system must not only be able to bear the 'burden' of data processing, but also manage it effectively.

The CRS report submitted once a year should be sent to the supervisor via the e-declaration gateway, which in turn includes a limitation of the size of the uploaded files to 4 MB. This report includes a lot of data, which is why we wanted to effectively divide records into packages so as to minimize the number of generated packages. Moreover, each package must be signed with a qualified signature, so we have implemented a group signing mechanism to minimize the user's workload during dispatching – says Anna Barańska.

The need to ensure efficient data processing encourages more and more financial organizations to choose modern technological solutions based on an external cloud infrastructure i.e. SaaS services. They enable not only efficient preparation of extensive reports, but also allow to shift the burden of maintenance (including frequent updates) to the service provider. As a result, employees of financial institutions responsible for preparing periodic reports work on current reporting requirements, and the employees from IT departments may be directed to other tasks.

Ensuring adequate protection for reported data

Retail reports are very detailed and thus often also contain critical data, e.g. the number of transactions made by an entity. Hence, financial institutions must take specific security measures related to managing and storing data.

Moreover, they must also remember that after the reporting obligation expires, detailed information must be deleted. For this reason, automatic data cleaning mechanisms are implemented in reporting systems after a set time.

We must always remember that data protection means not the protection of spreadsheet cells, but the real security of clients of financial institutions! Nowadays, this is a critical area, because the monetization of data and information and the related level of cybercrime show that data have real and considerable value for criminals. Digital threats get stronger every year, so it is important that ICT companies make every effort not to lag behind in terms of security, even for a moment.

At FINGO, information protection constitutes the central reference point around which we design our systems and build our business strategy and ethical standards – comments Kinga Brzozowska, Information Compliance Officer at FINGO.

Registration reports prepared by financial institutions and banks – summary

Obliged organizations from the financial sector have to face many challenges when preparing detailed reports. Fortunately, we live in a time of progressive digitization and with proper management of the reporting process, many activities can be robotized and automated. As a result, it is possible to gain more time for activities that bring real benefits, as well as to achieve peace of mind resulting from confidence in the correctness and accuracy of the prepared reports.

‍