STRESSED TIMES Take Control of Data, Avoid Regulatory Panic

Presented by:

Jon Asprey – VP, Strategic Consulting

2

The increasing risk and compliance workload

STRESSED TIMES

The data mountain

• Increasingly frequent submissions & requirements for more granular data

• Better data quality needed to avoid month end panic

• CCAR 14 M – Monthly submission, 300 + attributes

The IT bottleneck

• IT does not provide visibility or flexibility needed

• Clarity and access regarding data feeds required

• Business needs results in a week, IT suggests 3 months

The data governance need

• Risk & compliance teams require direct data access to identify data/process issues

• Supports & drives better governance and control

• BCBS – Risk Data Aggregation – 11 principles

3

Financial firms strive for process efficiency and automation to reduce risk

Data defects are indicative of (and cause) process breaks

Front office Operationaldatabase

Datawarehouse

Finance &

accounting

Treasury

(Liquidity reporting)

Risk

(Credit Risk – Reg reporting)

Finance &

accounting

(Month-end processing)

Confirmations

& clearing

Manual intervention

Reconciliation Reconciliation

Remediation

Remediation

A “hidden factory” is born to deal with exceptions – RISK is introduced

DATA DEFECTS – THE DOMINO EFFECT The downstream impact is multiplied

4

Observations from our client engagements

KEY OBSERVATIONS

• Determining roles, authority & accountability are critical

• A defined process must then be articulated

Establish organization &

process

• Detailed data insight is required to uncover issues

• Collaboration and review of evidence with SME’s critical

Define Standards

• Transparency is expected by regulators

• Cultural barriers and fear must be addressed

• Benefits extend beyond compliance Provide visibility

5

Regulators increasingly interested in principles of data governance

1. ORGANIZATION & PROCESS

Executive Group

Management Group

Working Group

PortfolioSMEs

Business Analysts

Data Analysts

Data Governance

Board

Responsible Exec

Data Steward

• Demonstrate to regulators & internal stakeholders

that proper processes and procedures are in place

• Framework for measuring and monitoring data quality

needed

• Executive level ownership &

accountability for dealing with

issues

• Defined roles and standards

required

6

Engagement and iteration needed

2. DEFINE STANDARDS

To develop a dictionary you must know what the data contains (baseline profile)

Update business rules and data dictionary accordingly

Monitor and report, refine periodically

Data profiling identifies

potential defects

Review anomalies

with Experts (SMEs)

Adjust and refine rule

based on feedback

& document

Policy No Gross written prem Pol Inception Dt Risk Cat

PX2344343 23000.00 01/05/2012 MAR

PX2344344 0.00 01/01/2199 XXX

PX2344345 15/05/2012 AUT

Policy No Gross written prem Pol Inception Dt Risk Cat

PX2344343 23000.00 01/05/2012 MAR

PX2344344 0.00 01/01/2199 XXX

PX2344345 15/05/2012 AUT

Policy No Gross written prem Pol Inception Dt Risk Cat

PX2344343 23000.00 01/05/2012 MAR

PX2344344 0.00 01/01/2199 XXX

PX2344345 15/05/2012 AUT

Gross written

premium should

always be populated

Zero and blank

values are identified

Exceptions noted,

genuine defects

validated

7

Visibility and transparency required

3. PROVIDE VISIBILITY

• Senior level

management need

more visibility into

data quality

• Transparency and

communication are

key

• Benefits extend far

beyond compliance

requirements

• Dashboards drive

and monitor data

remediation

• Senior level

management need

more visibility into

data quality

• Transparency and

communication are

key

• Benefits extend far

beyond compliance

requirements

• Dashboards drive

and monitor data

remediation

8

Case study – CCAR Monthly

submissions

(North American Bank)

9

Background and context of the CCAR 14M challenge

CCAR DATA ASSURANCE

Multi-step process to prepare, review and test files prior to submission to Federal Reserve Board

Source systems

Data Extraction &

ETL

Aggregation & staging

Pre -Submission

Reconciliation, review &

attestation

Data aggregator (FRB appointed)

Federal Reserve Board

Submission

The business challenge

• Client required solution to provide data assurance around data submission and

attestation

• Risk team required to be able to update rules and deploy changes in hours not weeks

• Monthly execution of 300+ rules with up to 2 rule-set updates per month

10

SOLUTION APPROACH Overview of CCAR process at a US bank

11

Measureable business improvement

BENEFITS & IMPACT OF THE SELF-

SERVICE DATA ASSURANCE APPROACH

• Over 25 Risk users trained & provided access in

3 months

• Over 2000 business rules built to date

• Centre of excellence forming

Adoption was rapid & transformative

Automation & reduced reliance on

IT

• Teams able to react to the rapid and changing

demands of the FRB and aggregators

• Turn around times of days not weeks

• Focus on automation and repeatability

Providing added assurance for

attestation

• Greatly improved transparency

• Business level access to exposure - level data

• Supporting current attestation process as

evidence of best practice

12

Benefits of the self-service model

CONCLUSIONS

Definition and structure from the regulator is helpful

Business empowerment and data “transparency”

is critical

Self-service data assurance

environment

Business SMEs Risk analytics

Pre -Submission

Volume of data and frequency of rule

changes are prohibitive

Dashboards

Data “drill-down”

13

Fundamental concepts needed but business enablement is key

IN SUMMARY TO SUCCEED…

Establish organization &

process

Define Standards

Provide visibility

Business SMEs

Data access, assurance

& enablement Underpinned by

There is business value upside as well as regulatory compliance

14

Jon Asprey – VP, Strategic Consulting jon_asprey@trilliumsoftware.com www.trilliumsoftware.com @jon_asprey

For further information contact

THANK YOU & QUESTIONS