On 27 January, the Better Legislation for Smoother Implementation (BLSI) community hosted the first virtual breakfast of the year, dedicated to the question of emerging technologies in regulatory reporting.
This webinar was a great opportunity to connect and explore the topic with the audience, building on the preliminary findings of the European Commission’s study on emerging technologies and innovative practices in regulatory reporting. The valuable inputs and suggestions from the participants will be analysed and fed into the study.
We had also the pleasure to learn from the experience of an SME, e-Attestations, thanks to our invited speaker Emmanuel POIDEVIN, with regard to the use of technologies in support the regulatory reporting process to reporting entities.
If you would like to see the event, you can find the video recording here.
About the upcoming study
The attendees recommended addressing and including some of the following points in the upcoming study:
- Application Program Interfaces (APIs) are key for the interconnection of data, creating a network of data available and enhancing the “pull approach” towards data sources. This approach aims to reduce the administrative burden on the reporting and regulatory side, as data would be extracted directly from businesses by the regulators, where it originates. More concretely, APIs (re)use could have a more immediate and positive impact that the use of emerging technologies at the moment, as it is widely available, against emerging technologies which are still more an exception to the rule.
- Public institutions should make open data available, consistent, reliable, up-to-date and processable by all actors (making it FAIR), to ensure that all stakeholders can benefit from the data, and not only the private companies that exploit it. Both APIs and open data are already available and publicly accessible and should be taken into account when implementing emerging technologies in regulatory reporting. These technologies set-up costs (making data available, for instance) are not the real issue, against what it is widely believed, the main costs are related to system processing.
- These preconditions should be considered before and when using technologies for their successful implementation/use:
- Technology (re)use potential, budget, and legislation should be "connected" and aligned;*
- EU institutions should set fit-for-purpose legislation;
- Make adequate and available support for the (re)use of standards;
- Before committing to use an existing solution, a more thorough inventory of existing solutions should be made in order to choose the most appropriate one to reuse. Reusing existing tools could be an immediate solution, but it can also “tie” future processes to legacy problems. The process needs to be streamlined.
- More and better communication and training would advance emerging technologies implementation on the regulatory reporting process:
- Training and support for EC professionals will help to build a trustful relationship between data providers and data receivers;
- Data literacy trainings and are available and should be promoted, such as for instance, the ones shared on the data.europa portal. The EC Library also offers relevant data knowledge and it is accessible to everyone.
- Concrete examples of other innovative approaches used in regulatory reporting suggested by participants:
- Reportnet 3, from the European Environment Agency , is a reporting tool for national data submission towards EU climate and environment legislation. It encompasses and shows all environmental data flows in Europe, and it is designed to match the reporting requirement of the coming one or two decades;
- The INSPIRE initiative created a spatial data infrastructure, whose goal is to enhance the sharing of harmonized spatial data and services between public authorities in order to assist environmental policy-making and activities that may have a direct or indirect impact on the environment.
Q&A regarding emerging technologies and innovative approaches within the regulatory reporting process:
We are also happy to share the questions and answers to some of the questions that were raised during the session:
- What is the SIGMA Model? It is available here, although the SIGMA 2 project (i.e. the follow-up project) is ongoing and will be available very soon. It will focus on a "machine-to-machine" approach, i.e. from a push to pull approach to data.
- Who chooses the particular standard that will be used from the 'widely adopted standards'? Should there be a competent authority? Governance is essential. It becomes even more complex if we need standards in different policy areas that may be subject to different governance regimes. This very important aspect will be considered in our report.
- Regarding the “pull approach” of Recommendation 8: Who is responsible for data protection issues? This is exactly why there is a need for digital-ready reporting clauses that give a solid legal basis for doing things differently. Each policy officer designing his regulatory process has to pass the data protection checks that are the responsibility of data protection officers.
- How could the tools the Commission is using for reporting be shared with us? with a view to use them in our agency. You can see a list of some reusable tools here: https://webgate.ec.europa.eu/fpfis/wikis/display/reportingcommunity/IT+Support+for+Regulatory+Reporting. We will take up your request with the EC IT governance. There is a strong trend towards open-source solutions that would allow easy reuse, but for reusable solutions within the Commission that are not open source, organisational constraints may still exist.
About the presentation of e-Attestations, an SME (invited speaker):
- e-Attestations is an SME providing third-party management solutions, also called “third party governance, risk and compliance”.
- Its role is to process all the due diligences and assessments for its clients, which are economic operators or suppliers in the private sector.
- In doing so, e-Attestations gathers, verifies, processes, maintains and shares the information (identity data) so that its clients can govern all their compliance issues.
- e-Attestations delivers its service through online tools mainly, such as SAAS portals and API.
How does third-party management solutions work?
- More and more organisations want to have a holistic approach, to gather all information at once.
- Reusable data are shared through an integrated portal ecosystem. The API allows to share and integrate existing and processable data directly into the client’s systems.
- Third-party management solutions bring several benefits, such as reliable data, up-to-date information, auditability, trust, privacy, data protection, reduced processing costs.
- There are also challenges to third-party management solutions, such as the rules to follow that can be challenging, standardised frameworks are not applicable to any company, and there is a need to, by-design, consider the industry, the geography, the size and the risks.
Q&A regarding eAttestations:
- Are these reporting tools also provided to administrations?
e-Attestations’s job is to process all due diligence. The way the information is delivered to its clients varies:
- Through a SASS portal, with an interface, where data are collected from many sources and gathered in a standardised framework by e-Attestations.
- Through processable data, such as API, clients can process the data on their own.
- Through tools and software such as Tableau.
- e-Attestations is also often asked to deliver the end-user interface.
- Which coordinated system do you use for the graphic presentation of data?
e-Attestations does not use a specific software, but different data analytics processes, depending on the type and scope of the data to be analysed. For instance, Tableau and Bewi can be used. e-Attestations can provide data in any format.
- Is Tableau GDPR compliant?
No, the online version of Tableau is not GDPR compliant. It is GDPR compliant if used on your local server in Europe.
- Are Tableau and Bewi similar to WGS-84 or ETRS?
Not exactly. Tableau and Bewi are visual analytics platforms, while WGS-84 (World Geodetic System) and ETRS89 (European Terrestrial Reference System 1989) are used as standards, as reference coordinate systems by GPSs (Global Positioning Systems).
To receive information on our upcoming, become a member of our Better Legislation for Smoother Implementation community and subscribe to our newsletter.
If you have any questions, do not hesitate to contact us.