UK: The Single Supervisory Mechanism (SSM) - The Big Data Issue

Last Updated: 10 February 2014
Article by Deloitte Financial Services Group

Most Read Contributor in UK, August 2017

2014 is a year of change for banking supervision in Europe. The European Central Bank (ECB), national supervisory authorities and banks are busy preparing for the Single Supervisory Mechanism (SSM), which is scheduled to take responsibility for the prudential supervision of banks in the Eurozone from November 2014.

The current focus of preparations is rightly on getting ready for the start of the new supervisory regime. But if the SSM is ultimately to be a success, preparations need to begin now to tackle the strategic challenges that will become increasingly important in the medium‑term.

We believe that data and analytics (the technological solutions and mathematical techniques that support supervisors in analysing data) should be priorities for strategic investment. They could be the differentiating factors that determine whether or not the SSM delivers on the aspirations that have been set for it: to enhance the quality of supervision and policy making, to identify and implement best practice, and to be ambitious and innovative. Operating on the basis of the status quo could quickly become unsustainable.

This paper is intended to stimulate a debate as to where the ECB in particular might go in tackling these issues over the next few years. It is produced on the basis of Deloitte's experience helping many banks with a wide range of data challenges, and assisting banking authorities to develop their supervisory capabilities.

Responsibility for establishing the new benchmark for data and analytics standards naturally lies with the ECB and national supervisory authorities, but responsibility for delivering the new standards will be borne jointly by banks and supervisors. It is therefore crucial that banks in the SSM engage with supervisors in the process of developing the route map for data and analytics. While we discuss these in the paper with reference to the SSM, the precepts are also relevant to supervisors in other countries (not least because of the prospect of convergence in this area) and to firms that face demands for data from supervisors.

The best outcome will not simply be a re‑engineering of technology and practices around the status quo, but could involve a fundamental rethink of the relationship between banks and supervisors. If innovation in data and analytics can be applied to the production, management and interrogation of data, it will enable the balance of supervisory time to shift further towards addressing problems rather than merely identifying them.

Investment in data and analytics could also help supervisors better handle issues stemming from the increased complexity in banking. For example, how much of supervisory stress testing should be done by banks rather than supervisors? How far will 'modelling' approaches to capital requirements continue as at present, or will they be supplemented by various floors derived from standard formulae? One could even envisage a position where supervisors take greater ownership of the calculation of risk‑weighted assets (RWAs) themselves, for example by gaining direct access to banks' systems to source 'raw' data to double‑check calculations, rather than relying solely on banks. In the process, they could address concerns about opacity and complexity, as well as facilitate supervisory challenge. All these options would reflect changes in the costs and limitations of technology and data that in the past have prevented supervisors from using their own data‑intensive methods.

Making the case to prioritise data and analytics

Of course, data, and to a lesser degree advanced analytics, already lie at the heart of banking supervision. SSM supervisors will have ready access to data reported under the EU supervisory framework, for example, which are extensive in their coverage and will form the bedrock of the SSM approach. Guidelines on the Pillar 2 Supervisory Review Process set expectations about supplementary data requirements.1 At issue now are the steps that can be taken to improve the accuracy and comparability of data that are received; whether and how data requirements should go beyond standard supervisory reporting; and how the information can best be analysed and shared.

The SSM supervisory framework and approach, which will be important in scoping data and analytics requirements, are in development. It is already clear from existing best practice and insights from the ECB's comprehensive assessment exercise what the key features will be. In particular, supervisors require:

  • ready access to complete, high quality, reliable and timely data;
  • comparable data across firms, to support system‑wide and peer group analysis – including the construction of relevant peer groups on a cross‑border basis, and to streamline analysis of individual firms;
  • the ability to perform 'deep dives' on areas of concern at an individual bank, peer group or banking sector level; and
  • the ability to deploy advanced analytical techniques to detect trends and pin‑point areas of concern, to enable supervisors to be forward looking and proactive.

The precise requirements will be further informed by international guidelines, such as the Basel Committee on Banking Supervision's Core Principles for Effective Banking Supervision, which set data requirements for systemically important financial institutions (SIFIs), and by regulatory initiatives in train internationally. For instance, the revised Capital Requirements Directive (CRD IV) and the European Market Infrastructure Regulation (EMIR) have important implications for data.

Data and analytics have been found wanting in the past. For example, the recent financial crisis emphasised the need for ready access to timely, accurate and complete data – and highlighted that many banks and supervisory authorities experienced difficulties in providing that. As supervisors sought to tackle problems, their efforts were hampered at times not only by a lack of data, but also by gaps in understanding of the quality of data available, or by difficulties scaling up their analytical infrastructure to quickly perform a 'deep dive' analysis on a particular area of concern at a bank, or across several banks. These experiences illustrated how, in some respects, technology and data governance processes had not kept pace with the growth and increased complexity of banks and banking, even if adequate analytical techniques had been available.

Although the direction of travel is now clear, there is still work to be done in meeting these standards. For example, the Basel Committee's progress report on adoption of its Principles for effective risk data aggregation and risk reporting, published in December 2013, said that awareness had increased, and banks had taken steps towards fully implementing the principles, but "many banks are facing difficulties in establishing strong data aggregation governance [and] architecture and processes ... Instead, they resort to extensive manual workarounds". Although the principles are targetted at SIFIs, other banks should consider them as part of their approach to risk data.

Box 1. Case study: Data and the ECB's comprehensive assessment exercise

Banks involved in the ECB's comprehensive assessment exercise have had first‑hand experience of how data‑intensive the new supervisory approach could be. In late 2013 the largest banks received two data requests (excluding interim field tests and pilot exercises) connected to the first two stages of the exercise: the supervisory risk assessment, and the portfolio selection step in the asset quality review (AQR). These required banks to populate hundreds of data fields.

Having been close to banks through this process, Deloitte has seen the types of issue banks faced with those requests (which are likely to arise again in 2014 as the exercise continues) and how the ECB and national supervisors would like data to be captured on an ongoing basis.

For example, the portfolio assessment template required banks to produce at a summary level a stratification of their banking book, to highlight key risk areas. The issues banks encountered in doing this included:

  • the data required needed to come from a variety of different systems within the bank;
  • in order to manipulate the data to fit the template, a significant numbers of assumptions and interpretations were needed;
  • due to tight time constraints, there was very little opportunity to discuss these issues with the regulatory bodies; and
  • banks that had significant exposures in subsidiaries, especially outside the Eurozone, faced consistency issues – the accounting treatment of loans can be open to interpretation based on local regulations or direction.

The exercise highlighted that banks would have to make major changes to how they collect and store data (and quite possibly in improving the consistency of their processes more generally). Any guidelines adopted in future will also likely necessitate an assessment of and investment in banks' IT infrastructure and business processes (for example, in managing counterparty or product reference data centrally).

These requests were not a one‑off exercise. Much more data will be requested during the next steps of the AQR, under which the quality of the selected portfolios is to be reviewed. And under recently published European Banking Authority (EBA) guidelines, an annual AQR exercise will become a standard part of the supervisory framework across the European Union.

Moreover, the challenges that supervisors encounter will not necessarily be resolved once banks comply with international principles. In part that is because the principles do not cover the breadth of factors – from producing, managing and sharing data; through forming a consistent view; to obtaining analytical insights – that have a bearing on this topic (Box 2). But it is also because what is needed is a shift in culture, beyond pure compliance.

Clearly, these requirements are not unique to the SSM; the difficulties are inherent to banking supervision. The challenge in addressing them, however, is exacerbated by the scale and geographical reach of the SSM, its size, and the disparate activities of the thousands of banks it will supervise. The SSM will encompass around 6000 banking entities in 18 countries. Although only a portion of those by number will be supervised directly by the ECB, the ECB will monitor the activities of all banks (and Eurozone supervisory authorities) on an ongoing basis, and wants to be able to escalate quickly supervisory oversight if the financial condition of any bank deteriorates. It therefore needs a system of early warning indicators to facilitate the monitoring of firms, built around an extensive, reliable data set.

In addition, the SSM will adopt a hub and spoke structure, with centralisation of decision‑making power at the ECB, but a distributed approach across national supervisory authorities regarding day‑to‑day supervision. The ECB will also need to coordinate its activities with resolution authorities, the EBA and the European Systemic Risk Board, and overseas supervisors. Managing this structure will necessitate large and frequent information flows.

In parallel to these requirements, technology is evolving rapidly and data and analytics are ripe for investment. Failure to think strategically now about medium‑term capabilities may leave supervisors and banks increasingly behind the curve and it will be significantly harder and more costly to make changes once other approaches have become embedded. It will also be a missed opportunity to drive convergence across the banking industry in data and technology standards (and to the extent lack of convergence leads to inefficiencies, the cost of banking and financial services will be higher – a cost that ultimately will fall on households and the real economy).

Box 2. Understanding the challenges

Producing, managing and sharing data

A lack of structure, the absence of common definitions and poor quality can contribute to making data difficult to understand, manage and share. Regulatory reports provide some structure and a schedule for submission (most commonly at the end of each quarter), but supervisors need to request information on an ad hoc and ongoing basis for all manner of reasons. The granularity and frequency of data requested will vary across banks, in particular as the size and impact of their activities vary. That said, it is likely that the approach to less significant banks will be more data‑driven than for significant banks, which would create a proportionately higher demand for data granularity, relative to the size of the banks.

Loosely, data generated by a bank can be separated into data that supervisors will always want to collect on a periodic basis; data which they want to have the ability to collect on an ad hoc basis; and data which they believe they will never need. Regulatory reports provide a common set of definitions for banks, but only cover a relatively small set of data. The total set of data collected on a regular or ad hoc basis seldom changes except when there is a substantial change in supervisory approach or responsibilities, for example the one we have been witnessing since 2008. The split though between data collected on a regular basis and data collected on an ad hoc basis might well change. And there is also the potential that on occasion supervisors will unexpectedly ask for information in the 'never' category, and/or insist on different formats from those they have hitherto used.

In the absence of common definitions, it is more time consuming for supervisors to make ad hoc data requests and to compare data across different banks because of potential differences in definitions or naming conventions. For banks, the lack of common definitions often means they manage multiple descriptions of the same data across their business, including across risk and finance, as well as for supervisors. During the banking crisis supervisors were surprised by how hard it was for some banks to produce data that should have been core to those banks' own risk management. Often the difficulties were to some significant degree due to different definitions between a bank's own internal view and that of the supervisor, underlining the need for agreeing definitions upfront.

Standardisation of data structure and definitions is essential if the ECB is to achieve the sought‑after harmonisation of supervision across the Eurozone, as well as ensure it can supervise banks on its preferred terms. If the problems were fixed, supervisors might need to collect or retain less data. While significant improvements might be required before the quality of data is sufficiently improved, if supervisors had more confidence in the data they saw and found it simple and quick to access additional data, they might conclude less data were needed upfront.

Forming a consistent view

Clearly, supervisors should be able to form a consistent view on the firms that they supervise, drawing together all of the information they have available. However, in practice it is often difficult to do so. Information about a firm can come from several different sources, through a variety of channels, in different formats and to a number of different supervisors. That is not necessarily a reflection of a disorganised system. On the contrary, a well‑organised supervisory authority with specialists pursuing a number of leads and monitoring a range of information sources, and experienced supervisors digging into different issues through whatever sources of information a bank has (board packs, management information, risk data), would find itself in that situation.

The emphasis the SSM places on peer group analysis adds another dimension to the aggregation problem. Not only will SSM supervisors want to be able to compare banks with similar business models, but they will need to be able to do so for banks in different countries. Language differences across the 18 Eurozone members compound the problem. The geographical breadth of the Eurozone means SSM supervisors are likely to have to process data in several different languages. Can they be sure, for example, that definitions of 'willingness to pay' mean the same in every one of these?

Even once the problems of structure and language have been addressed, data would typically still be held in a variety of places. Supervisors can spend a significant amount of time manipulating and pulling together data. In some circumstances data in disparate locations may not be known, or the costs of pulling them together may be too costly to be practical. A tool that could bring these data together would also have application to thematic reviews or macro prudential supervision, given that the former relies heavily on comparison between firms and the latter on aggregating (hopefully consistent) data.

Analytical insights

A third challenge is a supervisor's ability to draw analytical insights from data – and in particular the ability to anticipate problems rather than reacting to them once they have crystallised. Judgement‑based supervision requires an inquisitive, analytically strong supervisory team whose work extends beyond receiving information on how banks comply with the requirements they are subject to, and an operating model that supports the team in testing hypotheses.

Early warning indicators – using and learning from historical data and extrapolating current trends to make comparisons over time and across peers, and identify outliers – is an important example. The SSM will be uniquely placed to monitor trends across Eurozone countries at a level of granularity which is not available to other institutions. Indicators can look at a number of variables across capital, funding, risk‑taking and earnings, both in absolute terms and in terms of growth rates. This of course is not a new idea, but it is typically difficult to establish and maintain the right suite of tests and calibration of threshold. Developing a system that is manageable and remains core to day‑to‑day supervision would be a significant and important achievement.

Finally, there is the question of how best to automate the 'mechanised' part of the supervisory process, which uses quantitative data to assess key risk factors and metrics before supervisory judgement is applied. An effective technological solution could free up a substantial amount of time for supervisors.

The need to work with the ECB and its supervisory approach can be an impetus for firms to review their existing analytical tools and processes. In particular, the ECB will be elaborating its requirements for risk appetite setting and risk management, which may well be more rigorous than some of those set by national supervisors. At the very least banks will be asked to confirm (with evidence) that their current analytical capabilities are sufficient.

Shared challenges; diverging interests

The challenges do not only lie at the door of supervisors. Banks share an interest in addressing them and should be ready to engage in understanding the issues and finding workable solutions. That said, bankers' and supervisors' interests will diverge at some point. For example, priorities or preferred solutions might diverge because of different views on the appropriate time frame for delivery, or perceived synergies. The cost of data harmonisation will differ by bank, depending on how their current state diverges from proposed 'templates'. Or details may be difficult to agree because of the different perspectives from which banks and supervisors come to problems. Ultimately, the agreed solution will be the product of negotiation and compromise on both sides.

There are many different ways the challenges could be tackled. Some of those will be more cost effective than others for banks. For example, is it better for the ECB to go it alone on stress testing or try to co‑ordinate with US and UK initiatives? Is it better to build on the Basel Committee's risk data aggregation principles than do something different? Is complete standardisation realistically achievable? If it isn't, where would standardisation add the most value?

Banks and supervisors could both benefit from a more efficient supervisory process. Banks should provide high quality, consistent data in line with regulatory and supervisory specifications. Supervisors need to improve the specification of the data required from banks. While this may not necessarily result in a less intense supervisory approach, it could enable banks and supervisors to utilise available resources better, deriving more accurate insights from data which are already being requested and collected.

There could also be indirect benefits. For example, the same tools that enable banks to efficiently share information with supervisors, and enable supervisors to analyse banks' business models and risk profiles effectively and in a timely manner, could also be utilised to improve risk management or management information sharing within banks themselves. In many ways, the objectives which a supervisor will have in its data management are similar to the objectives a firm will have internally and there is no reason why the two processes cannot often inform and complement each other.

Banks need to get better at producing and processing the data needed for firm‑specific internal use in line with their strategy, business model and related risk‑management needs. Regulatory submissions have too often in the past been seen as an overhead, but data submitted to supervisors can provide insights to the firm. Separately, the costs of 'getting it wrong' on supervisory reporting are steadily increasing. And in future, supervisors and resolution authorities will want legal entity data; in the past banks have often run their business in a way that cuts across legal entities so that forming a legal entity view of risks has been difficult.

Supervisors and banks need to identify a forum where the issues can be discussed. Too often data and analytics have been relegated to 'backroom' issues. They now need leadership, and a collaborative approach between banks and supervisors. Stakeholders need to build a business case for change, so that projects can be properly considered against other demands for resources and investment.

To put data and analytics on a sustainable footing for the future, it is important that the process of cooperation not only delivers an agreed specification of data to be reported, but also a better understanding of the limitations of data, and where bank‑specific (or national or regional) differentiation is necessary. Whilst common standards and principles will be useful in tackling the problems, in the detail, a one‑size‑fits‑all approach applied indiscriminately across the SSM will be counterproductive.

Realising the ambitions – what might the solutions look like?

There are a number of tools and technologies – and methods and approaches – that could be applied to address the problems identified. Some of the difficulties and confusion may be inevitable or irreducible. But there are certainly some areas where progress can and should be made, to ensure that the supervisory apparatus has the right building blocks and the flexibility to evolve in future to keep pace with developments in banking.

The solutions we suggest are intentionally ambitious. The ECB and national supervisory authorities should start with pilot studies, running a proof of concept stage and building the business case. Using best practice for project design, development and management will further increase the chances of success. In the intervening years, whilst strategic solutions are being developed, steps should be taken to limit the further accumulation of problems – for example, by focusing efforts to restrict the growth of unstructured data.

Producing, managing and sharing data

Bringing greater structure and quality to data should be a priority and should feature early in any strategic plan. It is crucial to set the right foundations, as data are generated or collected, in order to maximise the effectiveness of the down‑stream analytical processes. Greater structure will also provide a common language for banks and supervisors to discuss data, and understand data needs.

Key to bringing structure is to develop a common data hierarchy (to support the organisation of data) and data dictionary (capturing meanings, relationships, usage and format). These are familiar concepts (even if the terminology might not be) and there are many examples of existing systems that offer at least some elements of a hierarchy or dictionary. In supervision, regulatory returns (such as the EU's Common and Financial Reporting frameworks, COREP and FINREP), or data templates for recovery and resolution planning, are organised around defined data frameworks; there is a global initiative to agree a Legal Entity Identifier (LEI) system that would give each entity a unique reference code; and various industry groups coordinate collaborative efforts to develop standardised frameworks for particular financial instruments or business activities (such as the Financial Industry Business Ontology being developed by the Enterprise Data Management Council and its members).

What is lacking is a common, comprehensive framework for banking supervision that could be applied to define any piece of information that a supervisor needed to request. That would be an ambitious task, but one where progress is possible. The solution might lie in developing or consolidating some existing frameworks. Or it might lie in an alternative approach, where the structure and framework are agreed in advance, but at least some of the detail is allowed to evolve organically.

In combination, the quality of data should be addressed, in particular by raising the completeness and accuracy of the associated meta data. These are 'data about data', which describe the content and context of data. One component, reference data, includes items such as currency, and the name and location of the counterparty. When transaction data are created, they need to be 'tagged' with unique identifiers based on the relevant reference data fields for that transaction. Reference data are most useful when they are based on commonly adopted terms, and banks and supervisors should encourage the development of, and subscribe to, the same central bodies managing these data. The LEI initiative is a good case in point. Good data management requires investment in technology, governance and processes to create and maintain consistent and accurate data.

Forming a consistent view

Data formats can create a significant obstacle, whether over time, across a peer group, or even across what should be complementary information on a single firm or issue. In particular, unstructured data – data found in, for example, reports, emails, board packs – is difficult to process. The information is typically text heavy, but also often contains important quantitative information.

In practice, it is time consuming and inefficient to manage unstructured data in its raw form. Techniques such as text analytics or data mining can be used to extract information that can then be stored in a structured way, and in turn processed more easily. This could be achieved in part by integrating this technology within a portal through which banks submit data to supervisors.

Another barrier to comparing data, which is particularly pertinent to the SSM given its geographical reach, is differences in language. Banks will be permitted to communicate with the ECB in any of the official languages of the European Union. Much of the raw data, in particular for 'deep dive' assessments, will be in the local language. Text analytics or data mining tools can also be applied to these problems, although the scale required for the SSM will be novel. Text mining libraries are typically set up by a combination of topical and linguistic experts and would capture the same concepts in different languages.

Also important in forming a consistent view is the ability to bring different information sets together. The new generation of visualisation tools (such as Qlikview, Tableau, Microstrategy and Spotfire, amongst others) enable relatively quick construction of visual reports. These visualisation tools are generally very good at showing concentration and correlations quickly or for analysing trends over time, and are easily accessible from anywhere in the world. For example, it is possible to create reports, and place them on a server for access by multiple users at any time from mobile devices such as tablets, eliminating the need for carrying reams of confidential reports and paper. An additional benefit of these visualisation tools is their drill‑down capability, which would enable supervisors to quickly examine potential problem areas.

Analytical insights

Applying some of the changes considered above, supervisors will have access to a large, high quality data set, ripe for applying many of the 'big data' tools that have become mainstream in a number of other settings and industries. These tools can be applied to interrogate data, and identify trends and patterns, or to make predictions. They could be used to generate novel insights for supervisors, in particular by leveraging the unique perspective supervisors have across peer groups or the banking sector as a whole, or to provide a reality‑check against analysis provided by banks.

The idea of applying mathematical and statistical techniques to data collected by supervisors is not novel, but the sophisticated algorithms now available that power big data analytics could deliver a step‑change in the quality of the insights compared to traditional data applications. For example, 'intelligent algorithms' could be deployed to 'learn' about typical trends and deviations in data, both across peer groups and over time, in order to be able to identify where changes represent a material deviation for a particular bank or peer group, as a prompt for further investigation. Or mathematical techniques for finding patterns in data could be used to simplify the complex array of information that supervisors collect on firms.

Pulling all this together

We return to where we began. 2014 is a year of change for prudential supervision in Europe. This paper is intended to stimulate debate as to how issues around data and analytics might be tackled over the next few years. The SSM provides a unique opportunity to address these challenges from a (largely) clean sheet.

Although responsibility falls to the ECB to take forward the discussion in this area, data and analytics are a key issue of shared interest between all banks and their supervisors. Getting it right will require coordination and cooperation, to develop a shared understanding of the challenges, and potential benefits. The outcome will have a material influence on the success of the SSM, and how effectively banks meet supervisory expectations in this area. Through smart, ambitious adoption of technology and best practice, supervisors and banks could not only make success more likely, but also enhance risk management and fundamentally change the supervisory relationship around data for the better.


1. See, for example, the Basel Committee on Banking Supervision's paper on 'International convergence of capital measurement and capital standards', Supervisors are required to "review and evaluate banks' internal capital adequacy assessments and strategies ... and take appropriate supervisory action if they are not satisfied with the result of this process"

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

To print this article, all you need is to be registered on

Click to Login as an existing user or Register so you can print this article.

In association with
Related Video
Up-coming Events Search
Font Size:
Mondaq on Twitter
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).
Email Address
Company Name
Confirm Password
Mondaq Topics -- Select your Interests
 Law Performance
 Law Practice
 Media & IT
 Real Estate
 Wealth Mgt
Asia Pacific
European Union
Latin America
Middle East
United States
Worldwide Updates
Check to state you have read and
agree to our Terms and Conditions

Terms & Conditions and Privacy Statement (the Website) is owned and managed by Mondaq Ltd and as a user you are granted a non-exclusive, revocable license to access the Website under its terms and conditions of use. Your use of the Website constitutes your agreement to the following terms and conditions of use. Mondaq Ltd may terminate your use of the Website if you are in breach of these terms and conditions or if Mondaq Ltd decides to terminate your license of use for whatever reason.

Use of

You may use the Website but are required to register as a user if you wish to read the full text of the content and articles available (the Content). You may not modify, publish, transmit, transfer or sell, reproduce, create derivative works from, distribute, perform, link, display, or in any way exploit any of the Content, in whole or in part, except as expressly permitted in these terms & conditions or with the prior written consent of Mondaq Ltd. You may not use electronic or other means to extract details or information about’s content, users or contributors in order to offer them any services or products which compete directly or indirectly with Mondaq Ltd’s services and products.


Mondaq Ltd and/or its respective suppliers make no representations about the suitability of the information contained in the documents and related graphics published on this server for any purpose. All such documents and related graphics are provided "as is" without warranty of any kind. Mondaq Ltd and/or its respective suppliers hereby disclaim all warranties and conditions with regard to this information, including all implied warranties and conditions of merchantability, fitness for a particular purpose, title and non-infringement. In no event shall Mondaq Ltd and/or its respective suppliers be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortious action, arising out of or in connection with the use or performance of information available from this server.

The documents and related graphics published on this server could include technical inaccuracies or typographical errors. Changes are periodically added to the information herein. Mondaq Ltd and/or its respective suppliers may make improvements and/or changes in the product(s) and/or the program(s) described herein at any time.


Mondaq Ltd requires you to register and provide information that personally identifies you, including what sort of information you are interested in, for three primary purposes:

  • To allow you to personalize the Mondaq websites you are visiting.
  • To enable features such as password reminder, newsletter alerts, email a colleague, and linking from Mondaq (and its affiliate sites) to your website.
  • To produce demographic feedback for our information providers who provide information free for your use.

Mondaq (and its affiliate sites) do not sell or provide your details to third parties other than information providers. The reason we provide our information providers with this information is so that they can measure the response their articles are receiving and provide you with information about their products and services.

If you do not want us to provide your name and email address you may opt out by clicking here .

If you do not wish to receive any future announcements of products and services offered by Mondaq by clicking here .

Information Collection and Use

We require site users to register with Mondaq (and its affiliate sites) to view the free information on the site. We also collect information from our users at several different points on the websites: this is so that we can customise the sites according to individual usage, provide 'session-aware' functionality, and ensure that content is acquired and developed appropriately. This gives us an overall picture of our user profiles, which in turn shows to our Editorial Contributors the type of person they are reaching by posting articles on Mondaq (and its affiliate sites) – meaning more free content for registered users.

We are only able to provide the material on the Mondaq (and its affiliate sites) site free to site visitors because we can pass on information about the pages that users are viewing and the personal information users provide to us (e.g. email addresses) to reputable contributing firms such as law firms who author those pages. We do not sell or rent information to anyone else other than the authors of those pages, who may change from time to time. Should you wish us not to disclose your details to any of these parties, please tick the box above or tick the box marked "Opt out of Registration Information Disclosure" on the Your Profile page. We and our author organisations may only contact you via email or other means if you allow us to do so. Users can opt out of contact when they register on the site, or send an email to with “no disclosure” in the subject heading

Mondaq News Alerts

In order to receive Mondaq News Alerts, users have to complete a separate registration form. This is a personalised service where users choose regions and topics of interest and we send it only to those users who have requested it. Users can stop receiving these Alerts by going to the Mondaq News Alerts page and deselecting all interest areas. In the same way users can amend their personal preferences to add or remove subject areas.


A cookie is a small text file written to a user’s hard drive that contains an identifying user number. The cookies do not contain any personal information about users. We use the cookie so users do not have to log in every time they use the service and the cookie will automatically expire if you do not visit the Mondaq website (or its affiliate sites) for 12 months. We also use the cookie to personalise a user's experience of the site (for example to show information specific to a user's region). As the Mondaq sites are fully personalised and cookies are essential to its core technology the site will function unpredictably with browsers that do not support cookies - or where cookies are disabled (in these circumstances we advise you to attempt to locate the information you require elsewhere on the web). However if you are concerned about the presence of a Mondaq cookie on your machine you can also choose to expire the cookie immediately (remove it) by selecting the 'Log Off' menu option as the last thing you do when you use the site.

Some of our business partners may use cookies on our site (for example, advertisers). However, we have no access to or control over these cookies and we are not aware of any at present that do so.

Log Files

We use IP addresses to analyse trends, administer the site, track movement, and gather broad demographic information for aggregate use. IP addresses are not linked to personally identifiable information.


This web site contains links to other sites. Please be aware that Mondaq (or its affiliate sites) are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of these third party sites. This privacy statement applies solely to information collected by this Web site.

Surveys & Contests

From time-to-time our site requests information from users via surveys or contests. Participation in these surveys or contests is completely voluntary and the user therefore has a choice whether or not to disclose any information requested. Information requested may include contact information (such as name and delivery address), and demographic information (such as postcode, age level). Contact information will be used to notify the winners and award prizes. Survey information will be used for purposes of monitoring or improving the functionality of the site.


If a user elects to use our referral service for informing a friend about our site, we ask them for the friend’s name and email address. Mondaq stores this information and may contact the friend to invite them to register with Mondaq, but they will not be contacted more than once. The friend may contact Mondaq to request the removal of this information from our database.


This website takes every reasonable precaution to protect our users’ information. When users submit sensitive information via the website, your information is protected using firewalls and other security technology. If you have any questions about the security at our website, you can send an email to

Correcting/Updating Personal Information

If a user’s personally identifiable information changes (such as postcode), or if a user no longer desires our service, we will endeavour to provide a way to correct, update or remove that user’s personal data provided to us. This can usually be done at the “Your Profile” page or by sending an email to

Notification of Changes

If we decide to change our Terms & Conditions or Privacy Policy, we will post those changes on our site so our users are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. If at any point we decide to use personally identifiable information in a manner different from that stated at the time it was collected, we will notify users by way of an email. Users will have a choice as to whether or not we use their information in this different manner. We will use information in accordance with the privacy policy under which the information was collected.

How to contact Mondaq

You can contact us with comments or queries at

If for some reason you believe Mondaq Ltd. has not adhered to these principles, please notify us by e-mail at and we will use commercially reasonable efforts to determine and correct the problem promptly.