© 2010 IBM Corporation
Enhancing risk management and regulatory compliance capabilities
Duong Cong Minh – IBM Vietnam SWG
© 2010 IBM Corporation
Enterprise Service Bus – Business Integration to Banks
Agenda
2
Why now for integrated Risk Management?
Flexible, Agile Business Connectivity Platform
Customers Reference
Architecture Overview
© 2010 IBM Corporation
Enterprise Service Bus – Business Integration to Banks
Agenda
3
Why now for integrated Risk Management?
Flexible, Agile Business Connectivity Platform
Customers Reference
Architecture Overview
© 2010 IBM Corporation
Enterprise Service Bus – Business Integration to Banks
Problem:Incorrect Valuation of Inherent Risk Regarding Financial Innovation
Lost Trust and Confidence of the Customer
Causing…Business Model Uncertainty about How to Create a Sustainable Advantage
Eroding Margins
Increased Regulation
The Banking Industry is Under Stress
© 2010 IBM Corporation
Enterprise Service Bus – Business Integration to Banks
25 billion market data messages handled each day, placing the global trading IT infrastructure under extreme stress
80% of Financial services firms say their governance, risk and compliance processes are still not integrated across their enterprise
93% of the 285 million electronic attacks in 2008 were focused on the finance sector,
well over half detected by third parties.
The Need for Action is Clear
© 2010 IBM Corporation
Enterprise Service Bus – Business Integration to Banks
Smart risk – Collecting better information, using it quickly and effectively, and minimizing human interaction in routine events
A smarter bank is instrumented, enabling businesses to measure and control data at the atomic level, allowing them to sense and respond quickly and precisely.
A smart bank’s system is built on interconnected data that enables innovation, advances straight through processing and delivers a single source of the truth.
A smart bank enables the rapid, intelligent analysis of a vast mix of structured and unstructured data to inform judgments in order to effectively measure, monitor, and mitigate risk.
INTERCONNECTED INTELLIGENT
+
INSTRUMENTED
=+
BankingSmarter
© 2010 IBM Corporation
Enterprise Service Bus – Business Integration to Banks
The current financial turmoil has revealed six key issues
The world has changed and will change how firms manage riskEnough capital is not enoughMeasuring risk is not managing itPerception is value, and risk assessment can
be highly influenced by confidence and reputationSystemic risk management is a collective
responsibilityRisk needs to be managed across
organization…truly
A smarter approach to risk management is needed
Risk management:
The bank expanded the names checked on its anti-money laundering watch lists from 2,500 to more than 40,000 and reduced the number of false negatives and positives by 75 percent.
75% reduction in false results
© 2010 IBM Corporation
Enterprise Service Bus – Business Integration to Banks
Banking Benefits from Real-time Insight in Risk ManagementBanks can: Understand market and credit risk exposure
across multiple silos
Secure all transactions and forms of interaction
Proactively prevent increasingly sophisticated internal and external prohibited activities
Effectively manage detected events
Proactively manage internal and external potential risks
Understand and manage increasingly complex compliance requirements at optimal cost
© 2010 IBM Corporation
Enterprise Service Bus – Business Integration to Banks
Providing Insight to Risk Management through ConnectivitySmarter Risk Management for Banks
Multiple Information Sources Trusted View
Business Feeds
LOBs
Channels Geographies
• Counterparty• Risk-related• ….
Information Assets
Integrate & Consolidate
Aggregate data from multiple internal and external sources– Internal and external– Structured and unstructured– Real-time and near real-time
Standardize diverse representations of the same information in various sources
Link pertinent risk information across all sources
Reconcile gaps and anomalies in information
Capture lineage and provenance of information stored in the data warehouse
Cognos NowInfoSphere Streams
SolidDBWebSphere Front Office for
Financial Markets WebSphere MQ
WebSphere MQ Low Latency Messaging
© 2010 IBM Corporation
Enterprise Service Bus – Business Integration to Banks
IT
Foundational ExtendEnd-to-End Transform Adapt
Dynamically
Business
From Basic to Advanced, SOA Connectivity & Integrationis fundamental for linking business processes,
applications and information together
IBM's Smart SOAPowers Smarter Business Outcomes Across a Continuum
© 2010 IBM Corporation
Enterprise Service Bus – Business Integration to Banks
Agenda
11
Why now for integrated Risk Management?
Flexible, Agile Business Connectivity Platform
Customers References
Architecture Overview
© 2010 IBM Corporation
Enterprise Service Bus – Business Integration to VPBank
An Integration Strategy is NecessaryCore Business System Needs Information From Files, Apps, Customers, Partners
Point-to-point, FTP, batch interfaces are brittle, expensive to maintain, and unreliable
I/T can’t help the business innovate and compete because all funding allocated to “maintaining the spaghetti bowl”
Not cost-efficient to optimize existing business process without absorbing the high cost of an application migration
No mechanism to track long-lived process, or alert business users when a process stalls or fails
It’s the natural result when each application implementation project is allowed to pick it’s own integration methodology
Individual projects will usually take the “path of least resistance” – good for the project short-term, bad for the enterprise long-term
Infrastructure built with no blueprint or strategic vision results in a “spaghetti bowl”of interfaces and technology over time
© 2010 IBM Corporation
Enterprise Service Bus – Business Integration to VPBank
Inflexible, complex operations and silo’d data prohibits banks from focusing on their clients
Compliance Reporting
Account Opening
Anti-Money Laundering
Payments Processing
Customers
Partners
Regulators
3rd Party Service
Providers
Processes
© 2010 IBM Corporation
Enterprise Service Bus – Business Integration to VPBank
Organizations Leverage SOA Connectivity & IntegrationTo Address Critical Banking Business Needs
“Fast, flexible & reliable access to all transaction and account data”
“Trust, management & security for customer account and business risk data”
“Make it easy for the bank to access applications and data across and beyond the enterprise”
Banking Business Needs Common Adoption Patterns
Service Visibility & Governance
ESB Messaging & Enrichment
Extend Connectivity to Partners & Customers
© 2010 IBM Corporation
Enterprise Service Bus – Business Integration to VPBank
The Power of ESB Messaging and Enrichment for Banking
Customer Centric Integration and Services Branch and Multi-Channel
Integration
Simpler Self-Service Banking Products
Integrated offerings across channels with reliable data
access and movementDistributed Banking Infrastructure offering enriched by access to centralized services
Core Banking Payments System Renewal
Ensure new systems still deliver robust
reliability with end-to-end Data Integrity
Offer new services by easily creating and connecting new, low-cost Web 2.0 apps
© 2010 IBM Corporation
Enterprise Service Bus – Business Integration to VPBank
A Service:
A repeatable business task
(e.g., check customer credit; open new account)
The Neutral Way to Integrate = SOAChoreograph existing legacy, packaged, and external services
Service Orientation:
A way of integrating your business as linked
servicesand the outcomes that
they bring
Service Oriented Architecture (SOA):
An IT architectural style that supports service orientation
Composite Business Service:
A set of related & integrated services that
support a business process built on an SOA
CheckCustomer
CheckCredit
OpenAccount
CollectFunds
BusinessProcess
Completion
CRM System Financial System Business Partner System Core Banking System
© 2010 IBM Corporation
Enterprise Service Bus – Business Integration to VPBank
End to End Visibility with IBM Enterprise Integration
Example process: Loan Origination Process
Core BankingLOS Card System eBanking DWH
Leverage WebSphere For all business application integration To optimize existing business process that spans across apps, core banking, and
business partners To monitor business process inside or outside of Bank For reduced risk and lower implementation costs
Create Customer
Loan & Submit
Loan Verification
and Evaluation
Customer Loan
ApprovalRelease
Credit LoanKeep track of Loan & Interest
Liquidate credit
contract
Dynamic cross-referencing, etc
Compensating transactions, etc.
Application Neutral Process Mgt End-to-End Monitoring – Business & Systems
Enterprise Service Bus
Customer RelationshipManagement
Product/ServiceDevelopment
EnablingProcesses
Product/ServiceSupport
Loan Process Management
Gateway System
WebSphere = Middleware market leader
© 2010 IBM Corporation
Enterprise Service Bus – Business Integration to VPBank
SOA Guidelines for Bank
Evaluate the “as-is” application landscape and the “to-be” application landscape if embarking on a major transformation initiative
– Like walking with a blindfold on without this
Understand the integration strategy and the integration technology needed before starting the application implementation
– One of the biggest mistakes of many implementations
Establish I/T infrastructure “blueprints” and consolidate the number of software vendors
– Without this, the I/T organization will not be an enabler of the “agile enterprise” or be able to help the business innovate
Implement a governance strategy to stay on track and ensure maximum ROI– Near impossible to lower TCO and maximize ROI without governance
Choose a set of core partners who can assist and validate your SOA strategy– Different perspectives are healthy for your business
Think big, Start small, Execute fast
11
33
22
55
44
© 2010 IBM Corporation
Enterprise Service Bus – Business Integration to VPBank
Enterprise Service Bus (ESB) ESB serves as the “integration highway” between disparate systems / process platforms Establishing Enterprise I/T Governance, Governance bodies, and controls is essential Enforces “quality of service” as data moves throughout the enterprise Provides a common, application independent, backbone
Data Mapping Auditing ValidationAggregation Monitor
Error HandlingRouting Pub/Sub Transaction
Commonly managed by Integration I/T Staff
Enterprise Service Bus
Commonly Managed by Application I/T Staff
Web ServicesRepository &Management
WebSphereProcessServer
App. LOS
PaymentGateway
APP APP
EnterpriseWeb Service
WebSphereAdapter
DWH
MessageQueue
CoreBanking
3rd PartyAdapter
CRM
ISO8583/Socket
Card System
IntranetPortal
MSApp.
MSApp.
PublishSearch
Governance
ServiceRepository
ServiceRepository ESR
Global:
© 2010 IBM Corporation
Enterprise Service Bus – Business Integration to VPBank
Agenda
20
Why now for integrated Risk Management?
Flexible, Agile Business Connectivity Platform
Customers Reference
Architecture Overview
© 2010 IBM Corporation
Enterprise Service Bus – Business Integration to VPBank
Customer Example: SilverLake Integration – BIDV
© 2010 IBM Corporation
Enterprise Service Bus – Business Integration to VPBank
Customer Example: SilverLake Integration – BIDV
© 2010 IBM Corporation
Enterprise Service Bus – Business Integration to VPBank
Customer Example: SilverLake Integration – VietinBank
Legend
Syslog
10.10.2.67:80Silver Lake
Core banking
PC
Web Service Consumer
Web Service Provider
External System(Partners, Core
Securities)
DMZ (Test)
LAN
10.10.2.86
Flow 1: ISO8583/TCP
Flow 2: Web Service Query of Investor's account.
Provided by IBM
MQ: MQT21AMQ
Syslog
DataPower XI50
FW1443
192.168.9.2
FW22080
192.
168.
6.10
0:20
80
192.
168.
5.1
Mask: 255.255.255.0
GW: 10.10. 2.1
10.10.2.67
Mask: 255.255.255.0
192.
168.
9.4
MQ user name: Q.LOCAL.XI50
Request/reply queue:
Q.LOCAL.XI50.REQUESTQQ.LOCALXI50.REPLYQ
MQ
WS-Security withSOAP/HTTPS
SOAP/HTTPS
Message Broker10.10.2.70:80
VietinBankSWITCHISO8583/TCPVNPay
Web Service Consumer
10.10.2.202 ISO8583/TCP
ISO8583 transformation
WebSphere Transformation Extender
ISO8583 mapped file
MQ
Services
WS-Proxy•XML Threat Protection•XML Data Validation•Load Balancing•SSL Channel Security•Auditing•Authentication•Authorization•Others:•Service Level Management
ISO8583/HTTP
TCP Repeater
© 2010 IBM Corporation
Let’s Build a Smarter Planet
Asia Commercial BankMulti-Channel Bank Transformation
IBM Confidential
© 2010 IBM Corporation
Enterprise Service Bus – Business Integration to VPBank
Agenda
25
Why now for integrated Risk Management?
Flexible, Agile Business Connectivity Platform
Customers Reference
Architecture Overview
© 2010 IBM Corporation
Enterprise Service Bus – Business Integration to VPBank
26
System Context Diagram
BankESB
External Partners
Internet Banking
Bank Core Banking
Card Sys Gateway
MQ / Web Services
Web Services
Sock
ets
–IS
O85
83
Web Services
MQ
Web Service Client
Web Services
© 2010 IBM Corporation
Enterprise Service Bus – Business Integration to VPBank
Legend
Logical Architecture
Syslog
PC
192.168.6.84:8232System X
192.168.6.82:8232System X
WAS: wast12
WAS: wast21Web Service
Provider
Web ServiceProvider
PC
Web Service Consumer
Web Service Provider Web Service
Consumer
External System
(Partners, Core Securities)
DMZ LAN Branch Office Collection System
192.168.5.44
Flow 1: Web Service Query of Branches’Payable
Flow 2: Web Service Query of Household Loan Installment.
Flow 3: Web Service transformation of MQ interface.
Provided by IBM
MQ: MQT21A
Web Service Consumer
WAN
SOAP/HTTP
MQ
Syslog
WS Message BrokerDataPower XI50
FW1443
192.168.9.2
FW22080
192.
168.
6.10
0:20
80
192.
168.
5.1
Mask: 255.255.255.0
GW: 192.168. 201.3
192.168.201.134
Mask: 255.255.255.0
192.
168.
9.4
SOAP/HTTPS
WS-Security withSOAP/HTTPS
172.23.84.41
SOAP/HTTPS
Core Banking
Message Broker
WS-Proxy•XML Threat Protection•XML Data Validation•Load Balancing•SSL Channel Security•Auditing•Authentication•Authorization•Others:•Service Level Management
© 2010 IBM Corporation
Enterprise Service Bus – Business Integration to VPBank
IBM SOA banking architecture for reference
WebSphere Message Broker (ESB)
Cognos Loans Origination Risk Mgmt
Core Banking
CRM and others..
DWH ODS
ETL
PortalMBTT
Branch Mobile Internet
Customers
Message
Queue
DataPowerfor B2B
Partners
Securities Customs Tax Payment
© 2010 IBM Corporation
Enterprise Service Bus – Business Integration to VPBank
TCO Reduction Pricing advantage Time to Deploy Cost to manage and maintain
Risk Mitigation Interoperability with Core Banking
and other applications Market-proven platform
Improve Business Innovation Process-driven (model, execute,
monitor, adapt) Leverage VPBank for standardized
business processes Leverage SOA for strategic
differentiators
Advantage of IBM TechnologyLower TCO, mitigate risk, and improve the business
1
2
3
© 2010 IBM Corporation
Enterprise Service Bus – Business Integration to VPBank
Benefits of Adopting an Enterprise Service Bus (ESB)
Reduced development costs and speed of deployment– Robust ESB products allow for graphical assembly of interfaces between
applications
Lowers costs to maintain post-production– Interfaces are far more flexible to changes in the application landscape– Robust management, monitoring, and reporting facilities– Graphically oriented integration flows easily understood by someone other than the
person who developed it
Lowers cost of future development– All interfaces are inherently reusable and become “corporate assets”– Interface descriptions can be stored, searched, and loaded from a universal service
repository– Service repository can also govern security standards and lifecycle
Supports Real-time, Near-real-time, and batch oriented interfaces; allowing I/T to move data at an optimal efficiency for the business demands
Service Oriented Methodology Enables Option for True Business Process Optimization & Monitoring in the Future
© 2010 IBM Corporation
Thank You
© 2010 IBM Corporation
Enterprise Service Bus – Business Integration to VPBank
Connect & Save with ESB Messaging and EnrichmentIBM ESB Messaging and Enrichment Portfolio
WebSphere MQ: providing a messaging transport on distributed platforms to connect virtually any commercial IT system, extendable with WebSphere MQ File Transfer Edition
WebSphere MQ LLM: high throughput transport optimized for speed for your SOA
WebSphere Message Broker : built for universal connectivity and transformation in heterogeneous IT environments
WebSphere ESB: optimized with WebSphere Application server for an integrated SOA platform
WebSphere DataPower Integration Appliance XI50: purpose-built hardware for simplified deployment and hardened security
WebSphere DataPower LLM: predictive, low latency messaging and routing for data distribution in a purpose-built, hardware appliance