Skip to main content
Perspective:
Perspective
8 minute read

Raising the bar on non-financial regulatory reporting (NFRR)

Explore how regulatory authorities have been raising the bar on compliance

Regulatory reporting is not just about financial reports and disclosures. With the ongoing focus and scrutiny of non-financial regulatory reporting (NFRR), financial institutions face new challenges and opportunities in the increasingly complex and scrutinized regulatory environment.

Decoding NFRR

Financial institutions rely upon regulatory and management reports to meet regulatory obligations, manage risks, and effectively run their business. NFRRs are mandated by laws, rules, and regulations and include reporting centered on complex transactional, operational, and corporate governance activities and disclosures not covered through typical income statements, balance sheets, and supplemental schedules.

Depending on their product and geographical scope, financial institutions may have thousands of applicable NFRR obligations scattered across all regions/countries and subject to disparate local, state, and national regulatory authorities.

With this scale comes complexity – NFRRs often span all lines of business (LOBs) and control functions, represent a diverse and complex set of reporting topics, and involve immense operational challenges due to varying report frequencies and local language requirements. The NFRR landscape can be generally grouped into three primary categories:

  • Transaction monitoring reports focused on trade, credit, and market activities occurring with the institution (e.g., Consolidated Audit Trail, Electronic Bluesheets, CFTC Real-Time Reporting)
  • Operational and risk management reports that enable regulators to evaluate the operational processes and risk exposures of an institution (e.g., financial crimes, tax withholdings, IT events, open interest, margins, large positions)
  • Corporate social responsibility and sustainability reports focused on an institution’s activities to promote and comply with corporate social responsibility objectives and initiatives (e.g., political activity & campaign finance, energy consumption & conservation, inspection certifications)
Download the PDF
4 MB PDF

NFRR demographics and footprint

NFRR covers expansive regulatory jurisdictions/regions and regulatory authorities (including local, state, and national regulatory agencies as well as industry and self-regulatory agencies). Below is a listing of example regulatory authorities by region:

  • Office of the Comptroller of the Currency (OCC)
  • Federal Reserve Bank (FRB)
  • Financial Industry Regulatory Authority (FINRA)
  • Securities and Exchange Commission (SEC)
  • Commodity Futures Trading Commission (CFTC)
  • Federal Deposit Insurance Corporation (FDIC)
  • Financial Conduct Authority (FCA)
  • European Securities and Markets Authority (ESMA)
  • Federal Financial Supervisory Authority (BaFin)
  • Prudential Regulation Authority (PRA)
  • People’s Bank of China (PBOC)
  • Reserve Bank of India (RBI)
  • Australian Transaction Reports and Analysis Centre (AUSTRAC)
  • Financial Services Agency of Japan (JFSA)
  • Financial Supervisory Services (FSS)

Raising the bar on NFRR: Risks and consequences

As industry adoption of NFRR has matured, regulatory authorities have continued to raise the bar as it relates to the complexity of reporting requirements and compliance expectations, which has left institutions struggling to keep up.

  • Increasingly complex regulations that result in heightened submission volume and tightened submission timelines. This leads to operational burden on reporting infrastructure and error management/remediation processes.
  • An approach of driving compliance through regulatory exams and monetary fines as evidenced by announcement of recent fines and enforcement actions across Consolidated Audit Trail (CAT), Electronic Blue Sheets (EBS), and other regulations.
  • Heightened expectations around clear ownership, supervisory oversight, reporting controls, automation and accelerated remediation of errors and issues.

Increased regulatory attention and scrutiny is making it more important than ever for firms to design and enhance their NFRR operating models.

Unraveling the complexities: Recurring challenges

NFRR comes with a suite of challenges that extend across the end-to-end NFRR reporting lifecycle – some recurring themes across the industry include:
  • Ineffective governance and oversight
  • Manual data sourcing and reporting
  • Incomplete or incorrect NFRR obligations inventory
  • Siloed execution of reporting processes
  • Lack of clear ownership and accountability
  • Slower pace of issue remediation
  • Inadequate regulatory change monitoring
  • Lack of adequate investment in regulatory reporting transformation 

Components of an effective NFRR Program

When designing an effective NFRR program, organizations should consider the following components:

NFRR Strategy

Define NFRR strategy and definition, including a comprehensive inventory of regulations and reports

Find out more

Policy & Standards

Establish and adopt relevant Policies & Standards that drive accountability for report/data ownership, data management, data quality, and reporting process & controls

Find out more

Governance & Supervisory Framework

Establish enterprise, line of business, and legal entity level governance routines, escalation protocols, risk appetite frameworks, and regulatory exam management processes

Find out more

Integrated Change Management

Perform integrated end-to-end change management governance for both external (e.g., regulatory change horizon scanning) and internal (e.g., product, legal entity, technology) changes

Find out more

Regulatory Reporting Architecture & Transformation

Drive adoption of transformation strategies for authorized data sourcing, requirements traceability, data quality & controls, and report automation

Find out more

Regulatory Reporting Operations

Establish a center of excellence (COE) to drive reporting process standardization, report issue management and remediation, regulatory engagement, and report governance

Find out more

Issue Management

Establish an issue management framework and ensure issues are managed across the end-to-end lifecycle from identification, thematic analysis, prioritization, and remediation

Find out more

Report Health Monitoring

Define NFRR risk appetite and establish program for measuring “report health” through defined key risk and performance indicators at an Enterprise, Line of Business, and Legal Entity level

Find out more

Independent Validation

Execute data testing (anomaly detection, transaction testing, controls testing etc.), second-line monitoring & testing, and third-line independent validation.

Find out more

Progressing along the NFRR maturity journey with Deloitte

Where is your organization on its NFRR journey? Are you building an inventory of regulatory obligations, or are you busy establishing a data testing framework? While each financial institution’s journey is different, the typical journey can be broken down into six stages.

Regardless of where your organization is on its NFRR journey, we at Deloitte, have a suite of accelerators, technology enablers, and industry experience that can be leveraged to help you accelerate your NFRR program. With flexible and tailored program models, we are well-positioned to assist you on your maturity journey.

Download our NFRR point of view to learn more

Did you find this useful?

Yes
No

Thanks for your feedback

Your feedback is important to us

To tell us what you think, please update your settings to accept analytics and performance cookies.

Need help updating cookies?

Reccomendations

Data Analytics and Finance

Explore data management trends in the financial services industry and how organizations are responding.
Perspective

Basel Risk Data Aggregation and Reporting Requirements

Deloitte’s RDARR framework is designed to help financial institutions achieve BCBS 239 compliance.
Perspective