While regulatory reporting by financial institutions is complicated, proving your conformance with the instructions takes it to a whole new level. Companies must capture detailed information at a transaction level and then filter, aggregate, and report in numerous ways to meet the enormous volume of reporting requirements across a wide array of regulatory reports. While meeting the reporting standards and achieving compliance in itself is difficult, evidencing conformance to instructions can be even more challenging.
Conformance requires an in-depth understanding of the reporting requirements, financial products, service offerings, and the company’s specific reporting process. This guide details best practices for achieving conformance, the conformance review process, and strategies to consider.
Conformance Overview
Prioritization
Not all reports contain the same level of risks and requirements, so banking institutions should begin by performing a risk assessment of reports and schedules to gauge the prioritization of conformance reviews. Factors to consider in prioritizing reports include:
- A report’s size and complexity
- The degree of automation in its preparation
- The level of regulatory scrutiny
- A history of errors and restatements
- Known issues
Initial focus can then be placed on high-risk reports, but ultimately each report must conform to reporting requirements and companies must maintain strong evidence supporting conformance.
Frequency
An initial conformance review should be completed to confirm that each of the reporting requirements are met, and that sufficient supporting documentation exists to evidence conformance. On an ongoing basis, conformance reviews and documentation updates should be performed as changes occur. Examples of common changes that should trigger conformance reviews include:
- Changes to reporting instructions
- New FAQs or other supplemental regulatory guidance, business changes, e.g., new products, process changes, and system updates
- Changes in manual adjustment processes
- Identification of errors
A well-established change management process is critical to identify, review, implement, and document changes to maintain ongoing conformance with instructions.
Conformance Review Process
To help maintain conformity, the reporting logic and processes need to align with regulatory requirements, i.e., a conformance review requires a detailed comparison of reporting instructions to the reporting logic and the process utilized to complete the report.
Reporting requirements include:
- Reporting instructions
- FAQs and other published supplemental regulatory guidance
- U.S. GAAP
- Internal company-specific interpretations
Reporting logic documentation includes:
- Data sources – automated and manual
- Data attributes, valid values, and their definitions
- Filtering, mapping, and aggregation logic applied to data
Conformance reviews should consider both inclusion and exclusion logic. It’s also critical to scrutinize relationships across reports, schedules, and line items to help provide consistency and to address nuances where similar items may have different requirements. In such cases, reporting logic must be detailed enough to meet each distinct requirement.
Example: Loans to bank branches are reported differently between the Call Report and the Federal Reserve’s Form FR Y-9C, Consolidated Financial Statements for Holding Companies. Loans to foreign branches of U.S. banks are reported as “Loans to U.S. banks” on the FR Y-9C but are reported as “Loans to banks in foreign countries” on the Call Report.
How Forvis Mazars Can Help
Tackling the complex and evolving reporting landscape can be challenging for financial institutions. At Forvis Mazars, we combine deep financial services experience, in-depth regulatory consulting services, and a strong commitment to delivering an Unmatched Client Experience®. If you have any questions or would like to learn more about how we can help your organization thrive in this complicated space, please reach out to a professional at Forvis Mazars.