Enterprise architecture – because it is a design, planning and analytically-oriented function in the company - already offers the specific methods and approaches to create the necessary foundation for a lean implementation of BCBS 239.
Enterprise architecture provides a structured view of your IT architecture, data architecture and process landscape, while helping you to plan a risk-optimized target architecture. In a central repository (single source of truth) - as required by BCBS 239 – all relevant information and relationships are stored and documented. A central portal provides wiki-like information, but better structured, with well-defined model integrity mechanisms. Data models, data flow diagrams, process diagrams, architectural sketches with attached documents, automatically-generated risk reports and dashboards help you to better understand impacts, evaluate risks and compare scenarios easily, without much manual work.
An enterprise architecture should not only support the documentation, planning and analysis of data and IT architecture. At MEGA, we strongly believe that enterprise architecture should and can add value within the different departments of the company. This is why we offer our customers solutions that link enterprise architecture with risk management. Risk management supports companies in their process of risk identification, risk assessment and risk treatment while using the same process, IT and data model information.
As required by BCBS 239, risk-relevant information should be consistently captured and stored. The demand for faster, more automated and flexible risk reporting can be easily met by leveraging a central repository.
If you have not thought about it yet, you should definitely start as soon as possible. Globally relevant banks must implement BCBS 239 by 01.01.2016, while national banks have a little bit more time. As already mentioned, MaRisk will become obligatory for all banks in Germany.