Annex - Granular Data Reporting 3.0 Provisional Implementation Parameters

Annex Email: HKMA E-mail Alert of 08 April 2026 (05:00 p.m. HKT)

Back to Summaries PDF Original Document
Document Information

Title: Annex - Granular Data Reporting 3.0 Provisional Implementation Parameters

Type: Annex

URL: https://brdr.hkma.gov.hk/eng/doc-ldg/docId/20260402-2-EN

Email Received: 2026-04-08 19:13

Summary Created: 2026-04-08 14:07

English Summary (4987 chars)
Quick section switch
Management Summary
  • Purpose / Background: The HKMA is launching "Granular Data Reporting (GDR) 3.0" to modernize the supervisory reporting framework. The goal is to move away from legacy template-based returns toward a granular, scalable data structure (DataGRID framework) that improves reliability and enables more agile, intelligent risk management.
  • One-line conclusion: AIs must transition to a three-phase granular reporting model (2026–2031) featuring parallel reporting, data validation, and eventual independent audit requirements.
  • Key Changes:
  • Implementation of a three-phase rollout (2026–2031) to progressively replace template-based surveys.
  • Requirement for mandatory reconciliation between new granular submissions and existing templates during parallel reporting periods.
  • Introduction of systematic "validation points" and defined tolerance bands (e.g., ±0.1%).
  • Future requirement for external audit reviews under Section 63(3) of the Banking Ordinance.
  • Adoption of modern submission standards, including potential API-based reporting.
  • Future exploration of "on-demand" reporting beyond fixed cycles.
  • Key Dates / Deadlines:
  • Q2 2026: Industry feedback on the roadmap and governance approach.
  • Q3 2026: Industry input on data availability and validation/reconciliation controls.
  • 2026–2028 (Phase 1): Foundation phase; integration of non-financial data and initial pilot audits.
  • 2027–2029 (Phase 2): Scaling and replacement of additional surveys.
  • 2030–2031 (Phase 3): Full implementation and transition to on-demand reporting.
  • Applicability / Impact scope: All Authorized Institutions (AIs) are in scope. The impact spans IT infrastructure, data governance, regulatory reporting functions, and internal audit processes.
  • Recommended management actions:
  • Establish a dedicated GDR 3.0 steering committee to manage system integration and data governance.
  • Review existing risk data architectures to ensure readiness for consolidated granular reporting.
  • Conduct gap analysis on data availability for potential Phase 1 areas (e.g., corporate loans, OTC derivatives).
  • Prepare for active participation in the HKMA industry engagement sessions starting Q2 2026.
  • Develop internal reconciliation capabilities to support the upcoming parallel reporting requirements.
Detailed Summary

1) Document overview
GDR 3.0 is a multi-year supervisory initiative to transform reporting from manual template-based surveys to granular, system-integrated data submissions. The framework is guided by the "DataGRID" principles (Granularity, Reliability, Ingenuity, Discoverability).

2) Main requirements

  • Data Governance: AIs must build scalable infrastructure capable of consolidating risk data, including unstructured and non-financial data.
  • Validation Controls: Implement systemic validation points for all GDR submissions, maintaining a tolerance band (e.g., ±0.1%) for reconciliation discrepancies.
  • Reconciliation: During parallel reporting periods, AIs must reconcile granular data against existing template-based benchmarks.
  • Quarterly/less frequent: Reconcile across 2 periods.
  • Bi-monthly/more frequent: Reconcile across 3 periods.
  • Audit: GDR submissions will eventually be subject to audit reviews pursuant to Section 63(3) of the Banking Ordinance.

3) Key changes

  • Shift from "template-based" to "data-field-based" reporting.
  • Inclusion of non-financial data (e.g., cyber resilience, operational risk).
  • Move toward automated submission methods (API, XML, CSV).

4) Important dates & transition

  • 2026–2028: Phase 1 (Foundation/Governance setup).
  • 2027–2029: Phase 2 (Scaling and survey replacement).
  • 2030–2031: Phase 3 (Full optimization and on-demand reporting).

5) Impact and risks

  • Operations: Requires significant investment in automated data pipelines to reduce manual processing.
  • Compliance: Persistent non-compliance with new granular requirements will trigger supervisory measures.
  • Audit: Potential complexity in audit scope for highly granular fields; early involvement in pilot audits is encouraged.

6) Compliance action checklist

  • Perform "data stock-take" of current risk data sources.
  • Provide feedback to HKMA in Q2/Q3 2026 regarding data field readiness and potential de minimis exemptions.
  • Define internal "validation points" for system-reconstruction of data.
  • Integrate GDR 3.0 requirements into the 2027 UAT schedule for Phase 1.

7) Appendices/attachments summary

  • Potential Data Scope: Lists current and expanded financial data areas (e.g., Corporate loans, OTC derivatives, Commitments) and non-financial areas (e.g., Cyber resilience, Tech risk management) to be phased in over the 2026–2031 timeline. This list serves as a reference for AIs to identify necessary data infrastructure upgrades.
中文摘要 (1873 chars)
快速切換摘要區塊
管理層摘要
  • 目的/背景 金管局 (HKMA) 為提升監管數據的顆粒度與現代化水平,推出 GDR 3.0 計劃,旨在透過標準化數據報送,逐步淘汰傳統模板式 (Template-based) 報表,並建立更智能的風險數據層。
  • 一句話結論 金融機構須在 2026-2031 年間,透過三個階段逐步升級數據治理與基礎設施,實現從「模板報表」向「顆粒化數據報送」的轉型,並於過渡期內執行數據對賬與審計。
  • 關鍵變更
  1. 實施三階段路線圖 (2026-2031),逐步擴大報送數據範圍。
  2. 建立「平行報送期」,機構需同時提交顆粒化數據與現有報表進行對賬。
  3. 引入嚴格的數據質量驗證機制,包括系統化驗證點與誤差容忍度 (預設 ±0.1%)。
  4. 納入審計要求,依據銀行條例第 63(3) 條進行合規審查。
  5. 未來考慮採用 API 報送及「按需報告」(On-demand reporting) 模式。
  • 重要日期 / 截止日
  • 2026-2028: 第一階段(基礎架構與數據覆蓋)。
  • 2027-2029: 第二階段(擴展覆蓋與替代報表)。
  • 2030-2031: 第三階段(全面實施與優化)。
  • 適用對象 / 影響範圍 所有認可機構 (AIs)。
  • 管理層建議行動
  1. 立即盤點現有系統內的風險數據,評估數據治理與基礎設施的就緒程度。
  2. 積極參與 HKMA 2026 年起的行業諮詢,就數據範圍及豁免條件提供反饋。
  3. 建立現代化風險數據層,避免僅為合規而進行「一次性」系統改進。
  4. 準備平行報送期間的對賬能力,特別是針對關鍵驗證點的系統化重構能力。
  5. 與審計部門討論並規劃 GDR 3.0 的審計框架(含先導審計評估)。
詳細摘要

1) 文檔概述
本文檔為 HKMA 顆粒化數據報送 (GDR) 3.0 的暫行執行參數。其核心目的在於透過整合結構化與非結構化數據,提升監管效率,並最終取代既有的模板報表體系。

2) 主要要求

  • 數據質量控制 機構需實施數據驗證控制(基於系統化重構的驗證點),並在必要時設定 ±0.1% 的誤差容忍度。
  • 數據對賬 在平行報送期間,機構需將顆粒化數據與傳統報表進行對賬。頻率高於雙月報的需連續三期對賬,季度或更低頻率的需連續兩期對賬。
  • 審計合規 GDR 提交需經由符合材料準確性的審計檢視。HKMA 將探索先導審計方案,並按數據性質決定審計範圍。

3) 關鍵變更

  • 報送方式 由「填表模式」轉向「顆粒化數據庫輸出」,未來將研發 API 與標準化格式 (XML/CSV) 報送。
  • 審計深度 引入數據現場/非現場審計機制,並視風險影響程度調整審計細節。

4) 重要日期與過渡安排

  • 2026 Q2-Q4 行業諮詢期,涵蓋路線圖、數據可用性及執行計劃完善。
  • 2027 啟動 Phase 1 用戶驗收測試 (UAT) 與生產環境數據驗證。
  • 2026-2031 正式分階段實施,過渡期間設有平行報送期。

5) 對機構的影響與風險

  • 營運 系統需具備處理大量顆粒化數據的能力,並調整現有報送流程。
  • 技術 需建立與數據治理配套的基礎設施,若僅作簡單對接將導致後續維護成本高昂。
  • 合規 持續不合規將面臨 HKMA 的監管措施,且數據質量責任由機構自行承擔。

6) 合規動作清單 (Checklist)

  • [ ] 執行數據資產清單盤點 (Data Stock-take)。
  • [ ] 建立數據驗證與對賬控制模組。
  • [ ] 參與 HKMA 的 GDR 3.0 諮詢會議及反饋程序。
  • [ ] 規劃並執行階段性審計測試。
  • [ ] 設計現代化風險數據架構 (符合 DataGRID 原則)。

7) 附件/附錄摘要

  • 潛在數據範圍 (Potential Data Scope) 文件詳列了 Phase 1(如企業貸款、債務證券、住宅按揭等)及後續階段的金融與非金融數據(如網絡安全、營運風險等)。此清單僅供參考,實際範圍將在諮詢過程中根據監管需求調整。