Principles for effective Risk Data Aggregation, IT Infrastructure and Governance: turn regulatory obligation to operational and strategic benefits
How to maximize business value when implementing increasing regulatory-driven data management requirement?
Manfredo is a Managing Risk Consultant in Finalyse Brussels. He is an expert in Regulatory Calculations and Reporting in the financial sector; he worked in both Banking and Insurance business. He has wide experience with Pillar I (Solvency 2, CRR/CRD IV) and Pillar III solutions (QRTs, COREP, Pillar 3). Manfredo has extensive experience in migration projects and implementation of business driven ambitions within IT integrated architectures. Manfredo has deep knowledge of BCBC239 principles and the RDARR capabilities with a focus on Data Governance. He is a Product Owner and a certified SAFe Agile Scrum Master.
The Integrated Reporting Framework (IReF) is the ECB project to harmonise and integrate the different statistical reporting requirements that Banks in the Eurozone currently submit to national central banks, such as:
BSI (Balance Sheet Items)
MIR (Monetary Financial Institution Interest Rates)
SHS (Securities Holdings Statistics)
AnaCredit
Core objective of IReF is the move towards a Single, Granular and Harmonised data model, instead of multiple and different statistical regulatory reports. Banks will report only once, at the most granular level, to National Banks and ECB.
The ECB confirmed the implementation roadmap and published key milestones in June 2026. A one-year pilot phase is planned to start in Q2 2030, with first official IReF reporting from Q2 2031 (including a one-year parallel run). A public consultation on the draft IReF Regulation is expected in the 2nd half of 2027.
BCBS 239 ("Principles for effective risk data aggregation and risk reporting," Basel Committee, 2013) is a prudential/supervisory standard — not a specific report — requiring banks (initially G-SIBs/D-SIBs) to have the governance, architecture, and data infrastructure to accurately aggregate risk data and produce reliable, timely risk reports, especially in stress/crisis situations. Its 14 principles cover:
Governance and data architecture
Accuracy, integrity, completeness, and timeliness of risk data
Adaptability and comprehensiveness of risk reporting
Supervisory review and cooperation
| Dimension | BCBS 239 | IReF |
|---|---|---|
| Nature | Principles-based supervisory expectation on data/reporting capability | Regulatory reporting obligation (ECB) |
| Scope | Bank-wide risk data aggregation (credit, market, liquidity, operational risk) | Statistical reporting (balance sheet, credit, securities holdings data) |
| Output | Internal risk reporting and regulatory reporting | External granular regulatory reporting (NCB and ECB) |
| Underlying logic | Sound data lineage, single source of truth, data quality controls | Single granular data model, "report once," standardised definitions |
The answer is No. The link between IReF and BCBS239 is about the IT Architecture.
IReF is not meant as a standard to implement BCBS 239; compliance with one does not equal compliance with the other. However, they share the same underlying data management philosophy:
Single source of truth: Both push banks away from siloed, report-specific data marts toward a granular data layer that can feed multiple reporting
Data quality & lineage: BCBS 239's principles on accuracy, completeness, and traceability of risk data are the same capabilities banks need to produce reliable IReF's granular, transaction level submissions
Granularity trend: Both reflect the broader Supervisory shift from aggregated templates to granular, on-demand data towards the longer-term Integrated Reporting System (IRS) ECB vision
Strategic reuse: Banks investing in BCBS 239-compliant data infrastructures (data warehouses, lineage tools, quality controls) are well-positioned to reuse that infrastructure for IReF — and vice versa. Neither mandates the other, but building one well substantially reduces the cost of the other
The ECB Banks' Integrated Reporting Dictionary (BIRD) initiative is the missing link between the BCS239 and IReF.
The Banks' Integrated Reporting Dictionary (BIRD), an ECB initiative, helps connect BCBS 239 with regulatory reporting. It is a free, voluntary data model that shows how banks can use the data already available in their risk and finance systems to produce prudential, statistical, and other regulatory reports.
While BCBS 239 focuses on strong data governance and risk reporting, BIRD provides a practical way to organise data so it can support both internal risk management and regulatory reporting, including future IReF requirements. By using a common data model, banks can improve consistency and avoid duplicating work across different reporting frameworks.
Today, a euro area bank typically submits several separate statistical reports to its National Bank, each with its own scope, frequency, granularity; even though they often draw on overlapping underlying data (e.g. the same loan, the same counterparty, the same security).
| Framework | What it covers | Frequency (typical) | Granularity |
|---|---|---|---|
| BSI (Balance Sheet Items) | Monetary financial institutions' balance sheet: loans, deposits, holdings by sector/maturity | Monthly | Aggregated |
| MIR (MFI Interest Rates) | Interest rates applied on loans and deposits to households/non-financial corporations | Monthly | Aggregated |
| AnaCredit | Credit granted to legal entities, loan by loan | Monthly | Granular (loan level) |
| SHS-S (Securities Holdings Statistics) | Securities held by/on behalf of the bank (bonds, equities, funds) | Monthly/Quarterly | Granular (security by security) |
A single corporate loan secured by securities can be reported into all four frameworks: AnaCredit, BSI, MIR, and SHS-S. Although they draw on much of the same underlying data, each report has its own format, timeline, and slightly different definitions of key concepts.
For banks operating across the eurozone, these differences often mean reconciling multiple reporting requirements for the same underlying data.
Instead of four (or more) separate reporting lines, the bank reports once, at the most granular level needed (loan-level, security-level, counterparty-level), into a single harmonised data model.
The ECB and National Banks then derive the BSI aggregates, MIR rates, AnaCredit views, and SHS-S positions internally from that one granular dataset; thus, eliminating duplicate submissions, resolving definitional inconsistencies across countries, and removing the need for the bank to maintain four parallel reporting pipelines for what is fundamentally the same underlying data.
BCBS 239 sets the internal data governance bar a bank should meet to manage risk data soundly. IReF is a concrete external reporting regime that rewards banks who already meet that bar.
Treating IReF purely as a reporting project (rather than a data architecture project) misses the synergy, and risks duplicating the data infrastructure investment banks should already be making for BCBS 239 compliance.
Are you looking to simplify your IRB model landscape? To put a stop to the sprawling repair programs and countless findings? Drawing on extensive experience with supervisory engagements, Finalyse can support banks in their IRB and standardized approach journey.
Finalyse has successfully helped clients:
Ensure compliance with regulatory expectations (CRR and EBA)
Redevelop their IRB models
Implement their standardized capital calculation
Validate the IRB rating chain (models, data and governance)
Optimize their RWA calculation and remove unnecessary capital burden
Our consultants bring hands-on experience across regulatory, risk, and operational dimensions of credit risk, enabling institutions to move from concept to execution with confidence.
Finalyse InsuranceFinalyse offers specialized consulting for insurance and pension sectors, focusing on risk management, actuarial modeling, and regulatory compliance. Their services include Solvency II support, IFRS 17 implementation, and climate risk assessments, ensuring robust frameworks and regulatory alignment for institutions. |
Check out Finalyse Insurance services list that could help your business.
Get to know the people behind our services, feel free to ask them any questions.
Read Finalyse client cases regarding our insurance service offer.
Read Finalyse blog articles regarding our insurance service offer.
Designed to meet regulatory and strategic requirements of the Actuarial and Risk department
Designed to meet regulatory and strategic requirements of the Actuarial and Risk department.
Designed to provide cost-efficient and independent assurance to insurance and reinsurance undertakings
Finalyse BankingFinalyse leverages 35+ years of banking expertise to guide you through regulatory challenges with tailored risk solutions. |
Designed to help your Risk Management (Validation/AI Team) department in complying with EU AI Act regulatory requirements
A tool for banks to validate the implementation of RWA calculations and be better prepared for CRR3 in 2025
In 2027, FRTB will become the European norm for Pillar I market risk. Enhanced reporting requirements will also kick in at the start of the year. Are you on track?
Finalyse ValuationValuing complex products is both costly and demanding, requiring quality data, advanced models, and expert support. Finalyse Valuation Services are tailored to client needs, ensuring transparency and ongoing collaboration. Our experts analyse and reconcile counterparty prices to explain and document any differences. |
Helping clients to reconcile price disputes
Save time reviewing the reports instead of producing them yourself
Helping institutions to cope with reporting-related requirements
Be confident about your derivative values with holistic market data at hand
Finalyse PublicationsDiscover Finalyse writings, written for you by our experienced consultants, read whitepapers, our RegBrief and blog articles to stay ahead of the trends in the Banking, Insurance and Managed Services world |
Finalyse’s take on risk-mitigation techniques and the regulatory requirements that they address
A regularly updated catalogue of key financial policy changes, focusing on risk management, reporting, governance, accounting, and trading
Read Finalyse whitepapers and research materials on trending subjects
About FinalyseOur aim is to support our clients incorporating changes and innovations in valuation, risk and compliance. We share the ambition to contribute to a sustainable and resilient financial system. Facing these extraordinary challenges is what drives us every day. |
Finalyse CareersUnlock your potential with Finalyse: as risk management pioneers with over 35 years of experience, we provide advisory services and empower clients in making informed decisions. Our mission is to support them in adapting to changes and innovations, contributing to a sustainable and resilient financial system. |
Get to know our diverse and multicultural teams, committed to bring new ideas
We combine growing fintech expertise, ownership, and a passion for tailored solutions to make a real impact
Discover our three business lines and the expert teams delivering smart, reliable support