Home

 

 

 

 

 

Compliance and Risk

 Background
Data Manager
Operations Manager
Across the Bank
Multiple Systems
Multiple Responsibilities
Prove it!
PaceMaker Solution
PVS Solution
Professional Services


Compliance and Risk

Background

Financial services organisations need to cope with a bewildering array of regulations. There is a general move away from rigid supervision based regulations to those based on forcing financial institutions to study and understand the risks that their particular organisation faces. Basel II and Sarbanes Oxley are well-known examples, but there are also local and European regulations such as Bafin, MiFID and ISO 9000 / ISO 14000, which need to be integrated into everyday processes.

Demonstrating compliance with both the spirit and the detail of such regulations is a distinct challenge for Risk and Operations Managers.

Compliance is often viewed as an unnecessary, costly and time-consuming exercise. However, embracing the opportunity to leverage the benefits to your competitive advantage is a strategy that makes a lot of sense. Further, no institution can afford to have its reputation damaged by shortfalls in its controls.

In the day-to-day running of the bank, two roles contribute greatly to the mitigation of Operational Risk – the Data Manager and the Operations Manager.

Compliance for the Data Manager

As the Data Manager, you will have noticed the ever-increasing responsibility to ensure that end-of-day or intra-day pricing for enterprise-wide distribution is accurate and verified. New instrument types and OTC instruments contribute to a further increase in the demands. Achieving a verified and credible price has never been more important. Adequate archiving and reporting of the prices – and of the methods used to verify them – is a standard requirement.

The challenge is to ensure that every individual data item – whether it is sourced from the standard providers, specialist suppliers or in-house applications – is managed appropriately. Each item must be  collected in a timely manner, rigorously tested against a variety of criteria, published within strict timeframes across multiple time zones, with a detailed Audit Trail to demonstrate the application of best practices, as dictated by regulations. Collection of historical performance statistics is also required to facilitate analysis of the underlying processes and Six Sigma style continuous process improvement.

Compliance for the Operations Manager

As the Operations Manager, you are interested in best-of-breed operating efficiency. You need the fullest transparency into each and every transaction as it makes its way through the business, as well as the ability to flag and to systematically resolve errors as they occur. Sarbanes Oxley et al. do not change those requirements – your professional pride is probably still the strongest regulatory driver here.

However, Compliance is not just about doing a great job. Compliance requires that you can demonstrate that you have done so and that you have adhered to documented procedures and guidelines in the process. The monitoring environment you deploy must provide for ad-hoc generation of reports as required by the regulators. You will need detailed Audit Trails of errors and of the steps taken to resolve them, encompassing both automatic and manual intervention. Processing rules and workflows – including detailed change history – must be documented. Performance metrics are needed to support process analysis and improvement if Operational Efficiency is to remain a competitive advantage. In short, your requirements list for a process monitoring solution has just grown considerably!

Across the Bank

Operational Risk and the associated Compliance requirements affect various areas of the business – individually and collectively. The details of implementation will, of course, vary from case to case. A generic discussion of the issues involved, must address:

  • The definition and application of appropriate rules and guidelines
  • Process monitoring with support for systematic – where possible, automatic – resolution of discrepancies and errors
  • Reporting – on a case by case basis or across the entire process, over varying time periods

Multiple Systems

We all know that the world of transaction processing is far from perfect! Heterogeneous systems – by definition – do not always have the same view of how data should be represented or transactions processed. Errors are a fact of life. Compliance solutions must support the definition of rules and procedures for dealing with errors in a speedy, efficient and consistent manner. For many types of errors – such as missing data fields, data mismatches or out of sequence transactions – automatic rules-based resolution can be applied. Regulatory requirements mean that these rules – and their case-by-case application, together with the before and after values – must be properly documented. Other instances of error resolution will require manual intervention. Here, the integration of standard workflow tools and processes is probably appropriate. Again, documentation – preferably in conjunction with real-time monitoring of the resolution process – is mandatory.

Multiple Responsibilities

The transactions that are subject to compliance seldom lie within a single area of responsibility. Full life cycle compliance requires monitoring of the detailed processing in the front, middle and back office systems. At the highest level, you need an overview of all current transactions, consolidated to provide a summary of the general health of the system. Once a problem transaction has been identified, you will need as much information as possible to ensure speedy resolution. The monitoring instance needs to understand the detail of each step, the expected inputs and outputs and the relevance of the steps and their sequence to the overall transaction. Drill-down functionality is required to view the detail of a processing failure and manual intervention must be supported and triggered automatically, where appropriate.

Prove it!

Speedy, effective resolution is key, but it must occur within the constraints of the predefined rules and guidelines. Again, support for automatic, rules-based resolution and for manual intervention is required. Existing workflow tools and solutions must be fully integrated into the monitoring environment.

In addition to the speedy and effective resolution that your customers have come to expect of you, you will need support for the documentation that the Regulator demands of you. Reporting functionality is needed to document individual errors and their resolution. KPI metrics – average failure rate, mean time to resolution etc. – will need to be maintained and updated in real-time. The analysis of these metrics will provide valuable insights into process improvement initiatives, which implies that the reporting scope and detail will change over time. The available functionality needs to address the generic requirements of Compliance Regulations, such as demonstrating transparency for Sarbanes-Oxley, the automatic capture of audited and logged data for MiFID or the ability to provide detailed operational data for Basel II.

PaceMaker Solution

PaceMetrics offers products, solutions and professional services to address the main business issues associated with Compliance and Operational Risk Management. Working with your business and technical specialists we can provide customised implementation of real-time monitoring, data verification and regulatory reporting.

PaceMaker is a non-intrusive, real-time monitoring system that provides end to end control and full transparency into every business transaction. A powerful Rules Engine defines the business logic to support different transaction types and to recognise the sub-components of each transaction as they are processed by multiple sub-systems. An easy-to-use Dashboard provides configurable views of processing status across the business from high level throughput to drill-down functionality into the detail of any transaction. Rules-based exception resolution can be applied to issues where it is appropriate and workflow instances can be automatically generated where manual intervention is required. The inherent escalation and reporting functionality of the underlying workflow infrastructure can even be integrated into the monitoring process itself.

Transaction processing statistics – and even the transaction detail itself – as well as resolution history, are captured for documentation and reporting purposes within the PaceMaker Operational Event Store. This historical data provides ideal source data for Six Sigma process analysis, as well as providing insight into common faults and guidance on the better deployment of your resources.

Price Verification Server Solution

The PaceMetrics Price Verification Server can be integrated into an overall solution to ensure that prices used are valid, complete and correct. The Rules Engine determines how price inconsistencies are handled and resolved, workflow tools can be integrated to initiate and to coordinate manual processes. The PVS Dashboard provides a single view of the entire price validation life cycle and allows instant drill-down to facilitate problem resolution. Key parameters can be saved to facilitate analysis of and reporting on the validation process.

Professional Services

Best of breed tools alone are not sufficient to guarantee the successful rollout of an end-to-end Operations solution. No two organisations are the same. The PaceMetrics Professional Services team ensures that the tools are implemented so as to reflect the nuances of your business and to ensure regulatory and corporate compliance. The PaceMetrics Professional Services team has a wealth of experience across all areas of the financial services industry and works to a structured but flexible implementation methodology to ensure effective rollout across your Business Processes.

 

Copyright PaceMetrics Limited © 2008. All rights reserved.   www.pacemetrics.com   ::    Sitemap