Australia’s prudential regulator will replace the nation’s primary data collection platform used determine the health and capital resilience of banks, insurers and superannuation funds.
Documents released to industry reveal the Australian Prudential Regulatory Authority (APRA) will undertake a once-in-a-generation overhaul of its core financial data system that will provide the government with far more timely, accurate and granular information on financial stakeholders.
“APRA’s data transformation program will fundamentally change all aspects of data management,” the documents say, adding its Direct to APRA (D2A) data collection system “is nearing end-of-life and must be replaced”.
Banks, insurers and superannuation firms currently use D2A – a Java-based Oracle application – to securely connect with APRA to complete and submit financial data forms that represent the backbone of prudential reporting and compliance.
However the government and particularly Treasury have become progressively more frustrated by the inherent limitations of the system as digitised capital flows often move much faster than previous systems were designed for.
At the same time, the pace of regulatory requirements is quickening as financial watchdogs seek to mitigate systemic risk by changing the mix of capital requirements in sectors like the mortgage market.
Many of the reporting mechanisms used by industry date back to a pre-digital era that have made near time or real time assessments slow and labour intensive rather than fast and automatic.
APRA is yet to receive business case and funding approval for the project, however it is understood the platform replacement is regarded as an urgent priority.
At the moment data is submitted to APRA on either a monthly or quarterly basis either using manual data entry or uploading XML/XBRL files, which the regulator then uses data to oversee the market and develop policy.
This process uses the D2A client software and is authenticated with the government’s AUSkey PKI credential – which the Australian Taxation Office is phasing out in favour of the new myGovID digital identity credential.
Reporting entities – what are essentially Australia’s financial services sector – have cited future credentialing as an issue, as well as the D2A system’s lack of ability to upload even basic data file formats like CSV/XLS or JSON files.
“Entities highlighted the difficulties that downloading software onto a designated computer creates, such as the inability to share reporting responsibilities across the organisation, and support and maintenance constraints,” APRA’s response to industry report [pdf] states.
“Entities also highlighted the amount of time and effort required to request and receive a separate AUSkey for each individual user.”
APRA says it “recognises the limitations imposed by D2A” is now looking to replace the near end-of-life system with a new data collection solution that aims to improve “core data collection capabilities”.
The future end-to-end solution is expected to improve usability and automate the collection of quality data.
The regulator will use feedback provided by 1800 reporting entities, third-party service providers and RegTech providers during the engagement process earlier this year to select the solution.
Many submissions from industry have asked for a data collection system that requires “less manual entry and needing less duplication in data submitted”
More than 60 percent of respondents, for instance, said “that they would be willing to adopt a machine-to-machine upload facility” via API, but there was also a “strong preference” for the solution to support “both basic and advanced submission channels and formats”.
APRA hopes to “include the majority of the solution features suggested”, but notes that this may require “significant customisation” and cause the regulator to take on “greater than expected” costs.
“APRA will seek a new solution which imposes minimal upfront change to how entities submit data, while encouraging the adoption of more advanced data submission methods over time,” its response to industry report states.
“APRA’s intention remains to implement a minimally customised commercial off-the-shelf (COTS) solution.
“Our initial market research suggests that the features desired by entities are consistent with available core product offerings.”
The regulator will release a tender for new solution later this month and hopes to engage either a single software provider or consortia of providers by January.
The procurement will cover systems integration, support and maintenance and software, while hardware, project management and organisational change management will be provided by APRA.
APRA is open to using a protected cloud-based solution and open source software for the build.
Delivery of the new solution will be separated into three phases: design, implementation and support, with implementation to take place until late 2019. Support will be required for up to five years beyond this.
Five years of historical submission and additional data like reporting schedules and contact information will also need to be migrated to the new solution.