Automating regulatory compliance
The recent financial crisis is placing regulatory compliance under greater scrutiny. According to ASG Technologies’ General Manager in Asia Pacific, Praveen Kumar, Globally Systemically Important Banks or G-SIBs like HSBC, Bank of America, Citibank and more, are mandated to demonstrate their data lineage to qualify for BCBS239 certification.
BCBS 239 or the Basel Committee for Banking Supervision 239 contain principles that aim to strengthen risk data aggregation and reporting.
Data lineage (DL) is data lifecycle that includes the data origins and where the data moves over time. It would include descriptions of what happens to data as it goes through diverse processes and provides some level of visibility into the analytics pipeline, enabling the tracing of errors back to their sources.
So, DL is a key pillar for auditing, compliance and regulations, and G-SIBs would have to transact with each other thus needing DL as a key requirement to be certified by an international body with a standard like BCBS 239.
Compliance to BCBS239 was made mandatory for GSIBs last year with 2017 being the second deadline.
Praveen shared, “Most of the GSIBs we talk to, are in a rush to fix this.”
“Banks have some of the most complicated infrastructure available in any environment. It has to cater to the widest segment of the population from a retail perspective,” Praveen added.
Considering how long the banking industry has been around, there would be a hodge podge of old and new infrastructure at the backend, a complex situation that is further exacerbated by old processes being meshed with new processes.
“So data could be flowing from spreadsheets to in-memory databases. And then processes also span different departments in a bank and servers within a bank. There would be different people manipulating that data on purpose or by design.”
Needless to say, this causes inaccurate and inconsistent data to be churned out, putting banks at risk of breaching compliances and not meeting regulatory standards.
Manual vs. Automatic
Besides compliance to BCBS239, most banks in most countries are mandated by their government to collect business data, after intervals of time.
“Banks try to simply this data collection process, if there are multiple transactions or accounts with the bank,” observed Praveen.
Different functions of a bank have different requirements, for credit cards would collect data differently from the personal banking division.
The bank has to demo how data is collected and then updated on the backend. Dependency checks would have to be done to certify that these processes were rightly followed most of the time, thus building a data lineage, manually.
“This is something which is done yearly, during audit time, necessitating the hire of 30 to 40 persons. They could spend ten times more to fix gaps wherever it may be, for example the infrastructure the code or the apps and so on. With all efforts focused on these, it is hard to prove that there are gaps. A DL solution however, would automate all this.
“With a DL solution, the bank would only need one person for a full year,” Praveen stated.
A solution like ASG’s can help banks understand their data across the organisation, no matter where it is stored.
Over the past few years in Malaysia, ASG has helped financial institutions gain visibility into their data with zero loss, no gaps in almost a fraction of the time compared to the manual method.