Basel II is a set of guidelines for the determination of minimum solvency requirements for banks issued by the Basel Committee on Banking Supervision.

Basel II focuses on three primary risk categories as well as other risk types. The following primary risk categories must be addressed to achieve Basel II compliance:

• Credit risk: The risk of a counterparty default. Credit risk measurement techniques have historically measured credit risk on a relative scale. The Basel II Accord attempts to transform relative risk measures into absolute risk measures based on four drivers of credit risk: exposure, probability of default, loss given default, and maturity.
• Market risk: The risk of a market disruption.
• Operational risk: The risk of direct or indirect loss resulting from inadequate or failed internal processes, people, and systems or from external events.

A decision on which approach to use for credit risk (i.e. standardized approach, foundation internal rating-based approach, or Advanced Internal Rating-Based approach (AIRB)) and operational risk (i.e. Basic Indicator Approach (BIA), Standardized Approach (SA), Advanced Measurement Approach (AMA)) are key decisions that should reflect and support the business and technology strategies of a bank.

In general, Basel II compliance is a calculations exercise that relies on IT systems for enterprise-level information and analysis.

Information Governance Implications

Basel II is an externally imposed risk management framework for banks. It is widely used by banks in the European Union; although a few of the largest US banks are also required to comply, as of 2007. Basel II's requirements for operational risk management encompass information governance disciplines. Effective information governance is also required to ensure availability of current and accurate financial data, including customer and portfolio data, for use in credit and risk calculations.