Through its Enhanced Data Collection (EDC) initiative, FSRA is modernizing the way it collects data from credit unions. It will improve the utility of the data for risk assessment purposes in support of Principles Based Regulation (PBR).
EDC will bring about two primary changes for credit unions:
The collection of instrument-level data, such as loans and deposits data.
The migration of all existing and new data collections, including instrument-level data, into one channel.
An overview of the EDC initiative can be found at the following link: EDC Overview
The EDC system is expected to launch in Fall 2024. After that time, credit unions will be onboarded in order of size starting with the largest first. The largest credit unions can expect to be onboarded as early as October 2024. Small to mid-sized will be onboarded progressively throughout 2025 in order of size. The goal is to have all credit unions onboarded and reporting under EDC by the end of March 2026.
There are many benefits to this approach:
reduced burden through automated data collection
the potential for reduced capital requirements (for certain verifiably lower risk assets, beyond the current capital risk weightings)
improved Deposit Insurance Reserve Fund (DIRF) adequacy assessment
better data and reporting back to credit unions
FSRA’s EDC team is working with credit unions individually to help them prepare for the launch of EDC. As of April 2024, FSRA is actively engaging with all credit unions through a process known as Data Mapping and Technical Development (Data Mapping). This provides a dedicated forum for FSRA and credit unions to share information and track EDC readiness.
Regulatory and Risk Data Standard (RRDS)
The Regulatory and Risk Data Standard (RRDS) is the document that defines all data requirements for EDC in a standardized format. It contains information on the data points and how to report the data under EDC. This is a living document that will be updated periodically in the future. The current version of the RRDS (link below) is frozen for the duration of the onboarding phase so credit unions have a stable version to work with. The current version of the RRDS can be found here: RRDS Enhanced Dataset V5.1.7 [XLSX].
The data standard is a dictionary of data points that will ultimately improve data quality and make collecting, reporting and using the data more efficient for both FSRA and credit unions.
The data will be collected by way of an automated system (EDC system) that collects the data from credit unions on a regular periodic basis.
The data requirements are defined in the Regulatory and Risk Data Standard (RRDS). The RRDS consolidates all existing data reporting (Regulatory Data) and adds Risk Data templates.
Regulatory Data is all information that is currently reported by credit unions such as the MiR, AiR and financial template data. Going forward, these will be filed through the EDC system and credit unions will be required to start reporting this data through EDC at the time of onboarding.
Risk Data (Instrument-Level Data) is data that pertains to a specific instrument such as a loan or deposit. Examples include Date of Origination of loan and Outstanding amount of loan. Credit unions will initially provide the instrument-level data (Risk Data) as available at the time of onboarding. Thereafter, the system will allow credit unions to progressively add more data from the RRDS to the regular filing over time.
All Regulatory Data will be collected on the same schedule as currently in effect. For instance, financial templates currently collected on a quarterly basis will continue on a quarterly basis. Instrument-level data (Risk Data) will be collected monthly, and the frequency may be increased or decreased in the future.
Yes, the EDC system will replace the MiR/AiR and other forms of data collection once the data is of sufficient quality and completeness to do so. We are allocating 6 months after onboarding for credit unions to ensure the data filed through the EDC system is of sufficient quality and completeness to allow the legacy e-filing system to be decommissioned.
There is a general recognition among various regulators around the world of the risks of weak and fragmented risk data and the need for enhanced data in the modern age. The Basel Committee on Banking Supervision (BCBS) in 2013 issued Principles for Effective Risk Data Aggregation and Risk Reporting (RDAR) which sets expectations regarding management and reporting of risk data.
Various central banks and financial regulators around the world have initiatives to improve the effectiveness and efficiency of data collection.
In Canada, the following organizations collect instrument-level data:
British Columbia Financial Services Authority (BCFSA) currently collects instrument-level data. The FSRA instrument-level data templates are based on the BCFSA materials.
Under the Canada Deposit Insurance Corporation’s (CDIC) Data and System Requirements, members are required to implement a method of identifying, capturing, organizing, and producing deposit liability data on an instrument-level.
Canada Mortgage and Housing Corporation (CMHC) collects instrument level data points on certain mortgages.
This is not a complete list and many other regulators likely collect this information through internal or ad hoc requirements.
Sections 198 and 199 of the CUCPA allow FSRA for the purpose of carrying out its powers and duties under the CUCPA (directly or through delegated authority from the Chief Executive Officer) to require credit unions, their subsidiaries and any other person to provide data.
Items such as “address of collateral” for retail loans, for instance, would be personal information under FIPPA. There are a small number of data points in the Retail Loan schedule such as this which would make the Retail Loans schedule “personal information” under the FIPPA.
FSRA’s collection of the data is permitted under FIPPA. The data is necessary for assessing credit union risk profiles and ultimately the effective implementation of Principles Based Regulation and Risk Based Supervision. Section 38(2) of FIPPA permits the collection of information “necessary to the proper administration of a lawfully authorized activity”.
FSRA would be able to refuse access to any of the data collected that would qualify as either “personal information” or “sensitive commercial information” relating to credit unions under s. 21 and 17(1) of FIPPA.