Post on 21-Jan-2015
description
The New Compliance Mandate: Enterprise‐Wide Transparency
A Financial Technology Network Webcast
Sponsored by:
Today’s Panelists
Rodney NelsestuenSenior Research Director
Financial Strategies & IT InvestmentsTower Group
(RiskTech Blogger)
Gary RylanderAssociate PartnerIBM Global Business ServicesRisk & Compliance Practice(RiskTech Blogger)
Damian TrzebuniaEnterprise Content Management
Compliance Product MarketingIBM Information Management Software
Greg MacSweeneyEditor-in-Chief, Wall Street & Technology
IBM’s Integrated Risk Management offerings and capabilities are organized around a holistic view of risk
Risk Area Industry Requirement
Financial RiskUnderstand market and credit risk exposure across multiple silos to make financial and risk decisions consistent with business objectives
Financial CrimesSecure all transactions and forms of interaction, proactively prevent increasingly sophisticated internal and external prohibited activities and effectively manage detected events
Operational &IT Risk
Proactively manage potential risks, both internal and external, business and IT, resulting from events impacting operations, processes and applications
Governance & Compliance
Understand and manage compliance across a dynamic set of voluntary and mandatory requirements imposed by multiple regulatory bodies, across operating jurisdictions, at an optimal cost for value
Financial Risk
Financial Crimes
Operational & IT Risk
Governance & Compliance
Integrated Risk Management
Financial Services
TowerGroup – Opening Comments
Regulation of electronic content complicates the IT architecture
New demands for visibility and transparency in financial services have the benefit of delivering business value
On‐demand intelligence will have a growing role in holistic risk management
Electronification of business processes brings new demands to the IT group and redesigns business flows
Source: TowerGroup
Is this transparent?
• >50% over retention
• >75% unclassified or misclassified
• >20:1 duplication
. . .
Financial Services
Frequency of Access and Use
Time
Born DigitalOver 90% of information is born digital … and the rest should become digital
ExpirationRoughly 95% has a retention policy … very little should be kept forever
85%of enterprise information
is unstructured
The Information Lifecycle
Financial Services
Basics of regulatory content management
–E-discovery refers to any process in which electronically stored information (ESI) is sought out, secured, and searched for use in civil or criminal legal cases.
–By year end 2008, 28 states had or were planning e-discovery provisions in their general civil procedure codes or modified specialized rules for business courts
–Data classification is the categorization of data, an approach to storing computer data
•Data can be classified according to its value to the business or how often it needs to be accessed•Goal is to optimize the use of storage for many purposes:economic, technical, legal, and administrative
Diagram Source: EDRM (edrm.net)
E‐discovery regulation brings new architectural and process issues to financial services
The proposed regulatory framework increases the importance of transparency, operational risk management and the underlying dependency on records and systems management
1. If its securitized or traded, it will require transparent, dynamic record keeping throughout its lifecycle
2. If its reported, be prepared to report it with XBRL tags
3. If its an operational risk, be prepared to do quantitative risk reporting
4. If you are a Tier 1 FHC, expect more scrutiny
5. Harmonization among agencies and international bodies will result in less variability among regulatory regimes
6. Greater reliance on prudential instead of rules based regimes will increase the value of being able to prove effective operational risk managementhttp://graphics8.nytimes.com/packages/images/nytint/doc
s/obama-s-plan-for-financial-regulatory-reform/original.pdf
Financial Services
Business value of electronic content
management in action
Source: TowerGroup
CreateDocument
DigitizeDocument
Index, Archive, and Store
User Roles, Business Rules
Disaster Recovery
Obtain Approval, Authenticate, and
Authorize
Regulatory Requirements and Audit Trail
Connect with core processing, loan origination, or lending systems to complete transaction
Execute Transaction
Communicate and Distribute
Technology is your friend in attaining transparency
• Automated Classification– Data– Content
• Deduplication• XBRL beyond reporting
– Automated XBRL Classification of• Documents• Process Definition linked to XBRL taxonomy
• Automated monitoring & audit
Financial Services
Agile Enterprise Content Management
IBM agile ECM helps companies make better decisions faster by:
● Managing all forms of content
● Delivering content intelligence
● Optimizing associated business processes
● Enabling compliance
through an integratedinformation infrastructureUnified platform for content,
process, discovery and compliance
Financial Services
Frequency of Access and Use
Time
Agile Enterprise Content Management Delivers Compliant Information Management
A Standard Model for
Paper, Data and Content
Financial Services
ECM Platform
Enterprise Compliance is Invisible to Line-of-Business
Active Governance (GRC)Security policies, controls and risks
are enforced, tested, monitored, audited and reported “in-process”
Records automatically retained and Classified
Content / E-mail is collected, enhanced and managed in context
with Content Collection and Advanced Classification
Proactive eDiscoverySearch and Analytics
are enabled
Financial Services
InfrastructureSavings
InsuranceSavings
The business case for transparency
Records Management
& Compliance
Labor
LitigationSupport
ProcessSavings
Benefits
Key Benefit buckets
Financial Services
– $75 billion dollar asset regional US bank operating under a national charter in 10 states.
– No formal policy to delete or otherwise reduce the amount of data held across the institution. Some kept, some discarded, no discipline.
– No metadata or tagging process to identify data and its value
– Email archiving done via an automated tool but no classification system
– A data warehouse exists which is under separate governance and policy must address all data in the institution that is kept in the enterprise data warehouse.
– Coordination with governance resources over the data warehouse is recognized as a fundamental need.
– While bank has not outsourced significant business processes, it is evaluating several BPO/ITO options. Policy should provide for this potential
• Include unstructured electronic data including credit files, loan documents, legal documents and vendor contracts
• Back up vendor has all servers in a storage area network (SAN) – need to extend policy to vendor.
Case Study: A national bank develops e-discovery capability – Current state
– Developed an e‐discovery policy with a process and IT roadmap
– Prior to policy setting, the bank established a means to decide its retention goals
• The value of information to the bank – with a classification system
• Risk assessment of keeping information of different types –with amelioration strategies
E‐discovery policy must coordinate with policies on physical assets as well as electronic assets – but won’t day one.
Case study: a national bank’s compliance with e-discovery policy
Outsourcing can be another ally
• Make it someone else’s responsibility too
• Make your KPI’s their SLA’s
• Reduce your costs
• Leverage community “learning” and assets
– Best practices
– Someone else’s SAS 70
– Analytics as a Service trained on a global sample
Financial Services
ROI of Compliant Information Management
11
22 33
44
Control Growth, remove duplicate
data – reduce storage costs by
50%-80%
Automate decisions, clean up legacy data –
save up to 17 cents per document
Enforce records retention to reduce
eDiscovery and storage costs by
50-80%
Optimize eDiscovery decisions to
reduce costs byup to 80%
Leveraging a common
infrastructure accelerates cost
reduction
Financial Services
• IBM Assessment Expertise
– New: Free No Paper Weight ½ Day Checkupat no obligation
• Register here: https://www.informationmanagementrequest.com/mk/get/npw0509rp
– In‐depth No Paper Weight Prescriptive Assessments now available from the IBM Centre of Excellence for Compliant Information Management
• IBM Solutions
– Agile ECM solutions for Content, Process, Compliance and Discovery
– Information Infrastructure solutions
The No Paper Weight ProgramSave money. Risk less. Know more. Go green.
Financial Services
Get Connected with IBM and our Risk Community
http://www.ibm.com/banking/riskhttp://www.risktech.financetech.com
Social Network Groups for Financial Services where risk isn’t the only topic
http://www.linkedin.com/groups?gid=1946782
IBM Offerings & Capabilities Educational Videos, White Papers and Blogs by Risk Subject Matter Experts
http://www.linkedin.com/groups?gid=1894930
Websites enabling you to engage with our Subject Matter Experts
Financial Services
Q&Aplease submit your question now
Resources To View This or Other Events On‐Demand Please Visit:
http://www.techweb.com/webcasts
For more information on this topic please visit:
http://www.ibm.com/banking/riskhttp://www.risktech.financetech.com
IBM Offerings & Capabilities RiskTech for Educational Videos, White Papers and Blogs by Risk Subject Matter Experts
Social Network Groups for Financial Services where risk isn’t the only topic
http://www.linkedin.com/groups?gid=1946782 http://www.linkedin.com/groups?gid=1894930