confidential 1.the principles of information companies 2.linked-risk and the information dimensions...
TRANSCRIPT
Confidential
1. The Principles of InformationCompanies
2. Linked-Risk and the Information Dimensions of BCBS 239
3. Semantic Processing and the Management of Knowledge
4. The Governance Revolution and DCAM
1Copyright © 2015 EDM Council Inc.
FOUR ESSENTIAL OBSERVATIONS (CONTEXT)
Confidential Copyright © 2015 EDM Council Inc. Page 2
• Lessons from scientific, technical, legal, medical and scholarly publishing
PRINCIPLES OF INFORMATION COMPANIES (CONTENT INTEGRATION)
• Three discoveries that changed the knowledge representation equation
Confidential
Banks are the New Publishers
and must adopt the principles of the information industry in order to meet
regulatory reporting obligations, support model-based strategies and automate
linked processes
3Copyright © 2015 EDM Council Inc.
FINANCIAL SERVICES MEETS THE INFORMATION INDUSTRY
Confidential
Information Industry Meets Finance
Lots of internal and external data
Unshackle from silos and legacy applications
Separate compounding processes (risk formulas, derived calculations, business algorithms)
from data attributes
Harmonize data to common meaning
Facilitate scenario-based analysis
Report to regulators for cross-industry analysis
Report to management for cross-LOB analysis
4Copyright © 2015 EDM Council Inc.
Why Harmonized (common language) Data Matters
Classification risk
Interest rate risk FX risk Spread
riskLeverage risk
Depreciation risk
Correlation risk
Redemption risk
Liquidity risk
Volatility risk
Counterparty risk
Valuation risk
Execution risk
Settlement risk
Custody risk
Exposure risk
Instrument ID Issue versus instrument identification, instruments without codes
Security Classification
Convertible, subordinated, guaranteed, unsecured, preferred, senior, rate-based, backed, index-linked, floating, etc.
Instrument Descriptors Coupon rates, payment dates, effective dates, termination dates, call/put feature
Fundamentals Earnings ratios, market capitalization, dividend rates, capital distribution
Terms & Conditions Conversion rates and dates, sinking fund provisions, maturity dates, reset dates, redemption schemes and dates, restrictions, eligibility, benchmarks, day count conventions
Prices Historical, close, time series, volatilities, correlations, NAV, VWAP, yields, durations, OAS
Legal Entities Ownership, control, affiliates, role performed, identification
Research Analyst reports, reporting dates, credit ratings, categorization, credit enhancement support
Obligations Priority, exercise, debenture, guarantee, obligation
Instructions Standing settlement instructions, transfer agents, tax instructions, regulatory jurisdictions, calendar, currency
Corporate Actions Dividends, mergers, acquisitions, tenders, IPOs, corporate restructure, class actions, consolidations, payments, splits, repayments, liquidation
Risk Types
Data Types
Copyright © 2015 EDM Council Inc. 5
Confidential Copyright © 2015 EDM Council Inc. Page 6
• Degree of interconnectedness
• Transitive relationship• State contingent cash flow• Collateral flow• Degree of centricity • Funding durability• Leverage & liquidity• Guarantee & transmission
of risk• Degree of diversification
Instruments• Identification• Classification• Description (rates, dates,
features, schemes, provisions)
• Value (i.e. price, date, time)• Calculate (volatility,
correlation, yield, duration, tax)
• Maintain (corporate actions)
Entities• Entity type (legal persons,
formal organizations, corporations, partnerships, affiliates, trusts, functional, etc.)
• Ownership structures• Controlling relationships
Obligations• Issuance process• Trade and execution• Guarantee • Allocate and administer• Clear and settle• Transfer
Holdings• Firm portfolio (individual
entity risk)• Corporate structure
(organizational risk)• Industry wide (systemic
risk)
Confidential
Regulatory Data Mandate (context)
• 2008 Crisis: Inability to model contagion (who finances who, who is linked to who, what are the obligations of complex financial instruments)
• Senior Banking Supervisors Group: Observations on Developments in Risk Appetite Frameworks and IT Infrastructure (intractable relationship between data and risk management and definition of control environment)
• BCBS 239: Principles of Risk Data Aggregation and Reporting (governance, content infrastructure and data quality as mandatory objectives)
7Copyright © 2015 EDM Council Inc.
Confidential 8Copyright © 2015 EDM Council Inc.
Principles, implications and Findings
Principle 1: The Governance Mandate
Implications: Establish the RDA framework, fully documented, appropriately resourced with no organizational barriers and top-of-the-house engagement
BCBS Findings: lack of formal/documented frameworks; need clear owners with demarcation of responsibility; need coordination of requirements among business IT and risk; decentralized and undocumented data policies; need better SLAs and measurement criteria for RDA processes; need higher standard for audit of RDAR
Principles 2,4,6: The Data Infrastructure Mandate
Implications: need integrated data architecture (taxonomies, metadata, identifiers); need controls across the full data lifecycle; need flexible classification and aggregation; must support on-demand, ad-hoc reporting and scenario-based reporting;
BCBS Findings: inconsistent taxonomies, metadata, identifiers and dictionaries; inability to harmonize, integrate and compare among repositories; need identification and definition of CDE; failure to take into account interdependencies between processes
Principles 3,5,7,8: The Data Quality Mandate
Implications: Risk data must be timely, accurate and comprehensive; must adopt authoritative sources and the creation of a data control environment; need to align data to “concepts” for consistency of meaning across the organization; must be able to generate timely risk reporting across all dimensions of quality and all risk categories
BCBS Findings: Too much reliance on manual processes; insufficient data reconciliation (root cause analysis and executable business rules); need better control across lifecycle of data (data inventory, transformation mapping, cross-referencing, authoritative sources)
Governance
Content Infrastructure
Data Quality
BCBS 239 – RISK DATA AGGREGATION
Confidential Copyright © 2014 EDM Council Inc. Page 9
• G-SIBs and D-SIBs are engaged in remediation (G-SIBs spend ~ $230m; D-SIBs are far behind)
• Typically led by Group Risk (leveraging existing initiatives)
• Progress on “foundational governance” (not implemented across enterprise)
• Most RADR initiatives are focused on adherence (have not calculated business value/benefits)
• Data architecture (lineage, taxonomies, harmonization) and reliance on manual processes remain as the big challenges because of magnitude
• Top remediation priorities (in order): data dictionary/taxonomy, data quality monitoring, data consistency between risk and finance, alignment of repositories, process automation
• Remediation challenges are significant (IT architecture and data flows are complex and require extensive work)
• Over 70% of banks have defined the “high level” requirements for adherence but have not translated them into specific data and architecture initiatives
BCBS 239 (current status)
Confidential Copyright © 2015 EDM Council Inc. Page 10
• “Data needs to be standardized and aligned to common meaning”
• “Data is not aligned for exotics and bespoke instruments and doesn’t map to ISDA taxonomy”
• “Data is all over the place with no consistency in reporting of values”
• “Data is not clean enough to perform analysis and we can’t reconcile manually”
• “USI alpha swap is not associated with beta and gamma, can’t link swaps based on multiple criteria”
• “ISDA taxonomy is not granular enough”
• “Complex data compiled from 20 SEFs on a continually changing basis”
• “Each department has a different analytical objective”
• “Must be able to compare data across multiple SDRs”
• “We need a mechanism for mapping, understanding data relationships and unraveling process flows”
• “Can’t unravel trades to analyze notional amounts .. can’t look at entity roles … can’t compute cash flows”
Microcosm of the data challenge: complex instruments; highly customized; links to underlying instruments; links to entities; multiple participants/roles; standard identifiers missing; fragmented trading and reporting processes
According to the CFTC
DERIVATIVES TRANSPARENCY & DATA COMPARABILITY
Confidential
Core Regulatory Initiatives
Copyright © 2015 EDM Council Inc.
• Dodd-Frank Act Title IV, VII, X, XIV = US framework for regulation of swaps markets, hedge funds, CFPB, mortgage, Volker
• EMIR – European Market Infrastructure Regulation (EU version of Dodd-Frank Title VII on derivatives transparency).
• Regulation AB2 = regulations on asset backed securities (unravel links between loan, tranches, pool, etc.).
• FATCA = individual reporting of foreign accounts and FSI reporting of foreign financial accounts about US clients
• UCITS = Undertakings for Collective Investment in Transferable Securities (EU Directive on simplification of prospectus and their expression using clear, accessible and standardized data).
• AIFMD – Alternative Investment Fund Managers Directive (EU proposed law to provide more oversight and transparency to hedge funds and private equity).
• Dodd-Frank Act Title I = the financial stability component (creates Financial Stability Oversight Council and OFR)
• EU System of Financial Supervision = establishment of the European Systemic Risk Board (and ESFS)
• Basel Principles for Effective Risk Data Aggregation and Reporting = implementation of a “data control environment” and healthy “risk appetite framework” within systemically important financial institutions
• Basel III – global regulatory standard on bank capital adequacy, stress testing and market liquidity risk.
• CCAR = Comprehensive Capital Analysis and Review (stress test methodology in the US; CCAR reporting is putting lots of pressure on data alignment and comparability. This includes the FR Y-9C (Bank Holding Company Capital Report) and FR Y-14Q (detailed ‘show your calculation methodology work for BHC). This is the US version of Basel III.
• Solvency II – EU Directive that harmonizes insurance regulation (requirements for capital reserve and reduction of risk of insolvency) – to be implemented January 2014.
• MiFID II – Revised Markets in Financial Instruments Directive (mostly about trading, but does require common instrument identification for consolidated pricing).
• ACORD – Insurance standards development body (UK) likely to be mandated as the format for reporting.
• Regulation SCI – SEC proposed Regulation Systems Compliance and Integrity (to ensure that core infrastructure is functional)
• COREP = Common Reporting requirements (developed by Committee of European Banking Supervisors (CEBS) with the goal of developing a supervisory reporting framework based on common data standards and formats.
• FSB Templates = Common Data Template for G-SIB’s seeking to harmonize the data compounding methodology for reporting.
Transparen
cy C
apital Risk/S
tress
Harm
onization
Control Data EnvironmentGoverned by policy, sanctioned by executive management, based on standards, harmonized across the
lifecycle, with clear accountability and monitored by audit
Applications
ToolsData Marts
Warehouses
Sandboxes
Legacy EnvironmentExisting technical and
operational environments
• Disparate data sets• Proprietary interfaces and point-to-point links• Multiple repositories managed independently• Inconsistent formats and data definitions
Alignment to MeaningHarmonized and precise data
based on contractual precision
• Attribute level business glossary/business conceptual ontology• Unique identification and flexible classification scheme• Harmonization and transformation processes (cross-referencing and
mapping across systems) • Metadata repository (administrative, structural, descriptive)
②Manage Data Quality
Fit-for-purpose data without reconciliation and transformation
• Data quality criteria (all relevant dimensions) • Establish data quality control points• Quality assessment and remediation (current state analysis)• Define business rules, thresholds and tolerances• Root cause analysis (trace to source)• Management of data manufacturing chain of supply
③
Technical ImplementationIntegrate data into operational and production environments
• Platform and authorized tool stack• Messaging and distribution
infrastructure• Semantic to logical data model• Logical to physical instantiation• Location identifiers and namespace
management
④
Copyright © 2015 EDM Council Inc.
Scope of Work Required to Achieve a Control Environment
12
Simple
Complicated SimplificationReconciliation of complex
environments
• Designation of “authorized data domains” • Definition of critical data elements (CDEs)• Documentation of end-to-end data flows
(compounding process, derived calculations, risk and business formulas)
①
Copyright © 2015 EDM Council Inc. 13
Business Conceptual Ontology
• Formal and factual model of financial industry business/contractual concepts (ontology of the business structures and legal obligations)
• Expressed as a glossary of terms and definitions plus all business relationships (what “things” are and how they work in the real world)
Primary FIBO Domains
• Product (reference data) Semantics – Foundations, Business Entities, Indices and Indicators, Common Concepts, Equity Instruments, Debt Instruments, Loans, Derivatives, Collective Investment Vehicles, Rights and Warrants
• Market Data (time and date) Semantics – Pricing and Yields, Analytics, Temporal Terms, Credit Rating
• Process Related Semantics – Securities Issuance, Corporate Actions, Transactions, Payment Processing, Portfolio and Holdings
Confidential 14Copyright © 2015 EDM Council Inc.
SEMANTIC PROCESSING – ANALYTICAL GIFT FROM DARPA
• Developed by DARPA in year 2000 (RDF/OWL)
• Managed by World Wide Web Consortia (W3C)
• Concepts organized into taxonomies but allows for separation of “meaning” from “format” from “syntax” from “structure”
• Owns• controlled by• is subsidiary of • is affiliate of • trades with• guarantees • has controlling
interest in • is governed by • is beneficiary • has tax
treatment • has restrictions • cleared by
Financial Process “Predicates”
• has identity • has duration • has price • has terms • has date • has obligation • has constituent • has yield • derived from • has underlying • is union of • has leg • is subordinate to
Copyright © 2015 EDM Council Inc. 15
FIBO Approach
• Ontology of “financial contracts”
• Formally grounded in law and financial processes
• Vendor agnostic• Content
unshackled from structure
• Concepts of “party,” “role,” “issuance,” “agents,” “agreements,” “obligation,” “control,” “ownership,” “affiliate,” “collateral,” etc.
FIBO + Semantic Processing = the Essential Infrastructure for Regulatory Oversight, STP and Data Analytics
Wisnosky Effect
• “Build, Test, Deploy , Maintain”
• Collaborative development process (GitHub, JIRA, Jenkins)
• Rigorous technical governance
• Adopted: Foundations, Business Entities, Indices
• FCTs: Common concepts to all instruments, Equities, Loans
• Original model expressed in RDF/OWL
Regulatory Activity
• BCBS 239: control environment
• ECB: Foundational Building Blocks for a 21st Century Infrastructure
• London: Setting Global Standards for Granular Data
• Basel: CPMI/IOSCO Working Group on Derivatives
• CFTC: Data Standardization Subcommittee
• OFR: Financial Instrument Reference Database
• GLEIF: FIBO-BE
Capability Demo
• Large custodian (G-SIB) POC on IR swaps and business entities
• Classification, aggregation, flexible query, transitive relationships, ownership, control, data quality
• Schema.org (www)• FIBO Vocabulary
(risk data aggregation)
• Data visualization• Business rule
implementation (Regulation W)
• Messaging Alignment (FpML, FIX, MISMO, 20022)
FIBO Ecosystem
• RDF/OWL triple store environment
• Collaboration among world’s leading ontologists
• Practical business value (flexibility)
• Adaptive, ANZ, BoA, Bank of England, Bloomberg, BNP Paribas, BNY Mellon, Citi, CFPB, Deutsche, Freddie Mac, GE Capital, Goldman, HSBC, IBM, Invesco, JPMC, Manulife, Michigan State University, Morgan Stanley, Mphasis, Nordea Bank, OTPP, PWC, RBS, State Street, UBS, University of California Berkeley, US Treasury, Wells Fargo, Google, Yahoo!
Financial Industry Business Ontology (capability)
16
Provide standard definitions of financial concepts and business rules; financial instrument taxonomies, integrated metadata and links to related
1
Classify financial instruments into categories and flag instruments that lack conformance
3
Provide semantic mapping from FIBO elements to other standards e.g. ISDA UPI taxonomy, FpML, MISMO, XBRL, 4
Enable visualizations for taxonomies, financial instruments, all forms of data relationships
5
Provide risk intelligence and analysis legal entity ownership hierarchies and their counterparties
7
Enable precise aggregations across multiple data dimensions
6
Leverage and integrate with other global data standards to maximize commonality and reuse
2
Confidential 17Copyright © 2015 EDM Council Inc.
DATA MANAGEMENT BEST PRACTICE (JOURNEY OF DISCOVERY)
Confidential 18Copyright © 2015 EDM Council Inc.
DCAM ORIENTATION
Principles of Data Management Must Never
Be Compromised!
Grounded in LawDefined by Contract
Confidential 19Copyright © 2015 EDM Council Inc.
FOCUS ON DATA MANAGEMENT CAPABILITY
Understand Core Principles and Position Internally
Develop … Document … Monitor … Define … Assess … Identify … Evaluate … Confirm … Approve … Control … Operationalize
… Align … Adopt … Create … Map … Measure … Communicate … Integrate … Prioritize … Share … Specify … Empower …
Socialize … Report
Governance to Change Organizational Culture
Core Principles = Simplify (data & process flow, ADS, CDE), Data
Architecture (align to meaning), and Data Quality Control Environment Cultural Change = Data Strategy,
Funding Model, Communication and Measurement
Governance = Implement Standards, Control Budget & Priorities, Integrate into Operational
Environments and Collaborate with Cross-Functional Governance Processes
Confidential
Must be Practical & Work in Real World
Demystify and Position for Adoption
Collaborative Across Industry
Socratic Method
Continual Best Practice Improvement
20Copyright © 2015 EDM Council Inc.
EDM COUNCIL ORGANIZATIONAL MANDATES
Confidential
DCAM Overview
21Copyright © 2015 EDM Council Inc.
Based on Collective Experience
• Synthesis of research and analysis among practitioners (10 year journey)
• Collaboration across the full spectrum of financial services participants
• Socratic method to ensure that the DCAM is practical and in line with the core principles of data management
• Scoring based on: – Level of engagement (knowledge and
scope of authority)– Degree of formality (documented,
standard methodologies, coordinated responsibilities); and
– Evidence (internal artifacts, documents, authorizations, designations, definitions)
Intersection of data management best practice and the reality of financial services operations
Hard Won Lessons
• Harmonized data aligned to contractual meaning (unambiguous shared meaning)
• Legacy repositories, end user computing and existing IT infrastructure
• Social, political and cultural challenges
• Reality of technical implementation, data transformation and IT execution challenges
• Governance implementation and accountability
• Hard to calculate ROI and the limitations of project-based funding
• The importance of top executive “air cover” for sustainability
• The operational obstacles of short term measurement criteria and multiple (conflicting) priorities
Confidential
• Scope of capabilities required to establish, implement and manage data content
• Industry standard for the evaluation of a data management program in the financial industry based on
• degree of stakeholder engagement• formalization of data management practices• level of program activity
DCAM – DATA MANAGEMENT CAPABILITY ASSESSMENT MODEL
Component Scope of Coverage
Data Management Strategy Defines the elements of a sound data strategy, why it is important and how the firm needs to be organized for sustainable implementation
Business Case/Funding Model Addresses the creation of the business case, its accompanying funding model and the importance of engaging senior executive stakeholders
Data Management Program Identifies the organizational requirements needed to stand up a sustainable data management program
Governance Management Defines the operating model and the importance of policies, procedures and standards as the mechanisms for alignment among stakeholders
Data Architecture Focuses on the core concepts of “data as meaning” and how data is defined, described and related (data domains, metadata, critical data elements, taxonomies, common language/ontology)
Technology Architecture Addresses the relationship of data with the physical IT infrastructure needed for operational deployment (integration into operational environments)
Data Quality Establishes the concept of fit-for-purpose data and defines the processes associated with establishing both data control and supply chain management
Data Control Environment The Data Control Environment refers to the process by which the data assets of a firm are managed in order to realize their maximum value
Confidential
DCAM – DATA MANAGEMENT GOVERNANCE EXAMPLE
Data Governance
Component
Data governance structure is created.
Content governance is defined
Policy/standards are written and approved
Program governance controls are in place
Technology governance is aligned
Cross-organizational enterprise data governance is aligned
Program governance is operational
Capability
Policy and standards have been reviewed and approved by relevant program stakeholders
Policy and standards are written and complete
Policy and standards have been reviewed and approved by senior executive governing bodies
Sub-Capability
Policy/standards are developed in collaboration with (business, technology and operations)Policy and standards are complete and verifiedPolicy and standards are in alignment with Data Management Strategy
Policy and standards have been shared and reviewed by relevant stakeholders.Feedback from stakeholders incorporated into the final version of the policy and standardsPolicy and standards have been validated and approved
Policy/standards submitted to the organizational governance mechanism for evaluationPolicy and Standards have been approved
Objectives
Confidential Copyright © 2015 EDM Council Inc. Page 24
DATA MANAGEMENT STRATEGY
Key Concepts
– Align the strategy with business objectives (target state)
– Ensure that stakeholders (business, IT and operations) are engaged
– Ensure that business priorities are defined and reflected in the strategy
– Establish the overall framework (i.e. data domains, role of policy, alignment with capability, criteria for evaluation)
– Establish the framework for effective governance
Defines the long term goal of the data management program. This is the blueprint to gain internal alignment among stakeholders and to define how
the organization will approach the management of data content
Data Management Strategy
Confidential Copyright © 2015 EDM Council Inc. Page 25
Component Capability Sub-capability
1.0DATA MANAGEMENT STRATEGY
Data management strategy (DMS) is specified and shared with relevant stakeholders
• DMS is developed• DMS is aligned with high-level organizational objectives• DMS includes an established mechanism for approval• The DMS has been evaluated as being enforceable by Audit (or the equivalent function)
High level business requirements are captured, prioritized, and integrated into the DMS
• High level business requirements have been documented and used to create the DMS• Requirements incorporated into the data management strategy have been prioritized and
approved by identified stakeholders
The DMS defines the importance of identifying, prioritizing and assuring the appropriate use of authorized data domains.
• The DMS calls out the need to identify and prioritize authorized data domains.• The DMS articulates the importance of establishing policy to enforce appropriate use of
authorized data domains.
The DMS is aligned with and mapped to architectural, IT and operational capabilities
• Data architecture concepts have been incorporated into the DMS.• Technology concepts have been incorporated into the DMS.• Operational concepts have been incorporated into the DMS.
The DMS requires the creation of a formally established governance program.
• The DMS defines the purpose and objectives for establishing data governance• The DMS describes the data governance target state organizational structure• The DMS describes the governance roles and responsibilities
The DMS defines how the data management program will be measured and evaluated.
• The DMS defines the importance of developing outcome metrics to determine the effectiveness of the data management program
• The DMS defines the importance of developing tracking and adherence metrics to determine how the data management program itself will be measured.
The data management strategy calls for the creation of a communication and training program
• The DMS describes the importance of establishing a communication strategy• The DMS describes the need for an education and training program to ensure
stakeholder understanding, buy-in and compliance to the data management program
DATA MANAGEMENT STRATEGY
Confidential Copyright © 2015 EDM Council Inc. Page 26
Key Concepts
– Alignment of business case to the activities that are important to the organization and the key stakeholders
– Documentation of the business case and socialization to ensure buy-in (concepts, assumptions and methodology)
– Create the funding model to get the money allocated as well as the authority to enforce funding on a sustainable basis
– Measure total expense and determine ROI in alignment with internal methodologies
This is justification for the data management program; the mechanism for ensuring sufficient and sustainable capital; and the approach for
measuring the costs and benefits of EDM
Data Management Business
Case
BUSINESS CASE (AND FUNDING MODEL)
Confidential Copyright © 2015 EDM Council Inc. Page 27
BUSINESS CASE (AND FUNDING MODEL)
Component Capability Sub-capability
2.0DATA MANAGEMENT BUSINESS CASE AND FUNDING MODEL
The data management business case is aligned to strategic drivers and tangible business outcomes.
• The Data Management Business Case is mapped to and aligned with drivers, requirements and strategy
• High level business outcomes are defined and sequenced.• DM Business Case is socialized and validated by program stakeholders
The data management funding model has been established, approved and adopted by the organization.
• The DM funding model is matched to business requirements, implementation timelines and operational capabilities.
• The DM funding model is aligned with the business process of the organization• Implementation of the DM funding model is enforced.
The funding model can be measured and evaluated against tangible business objectives
• Total expense for the Data Management Program is captured, maintained and analyzed
• A standard methodology for calculating ROI is established• ROI is measured, monitored and used for making Data Management Program
decisions
Confidential Copyright © 2015 EDM Council Inc. Page 28
Key Concepts
– Secure the executive management mandate and ensure that it is communicated across the organization (with the authority to enforce)
– Define the target state in full collaboration with stakeholders and translate into project plans/program deliverables
– Confirm evidence of engagement with stakeholders in terms of funding and resource plans
– Become the advocate for data management and launch the education campaign necessary to ensure that stakeholders understand the concepts/importance of data management(communicate and socialize)
– Implement the data management routines (operationalize)
Establish the data management program, ensure that stakeholders understand the core concepts of data content management /data as a
manufactured product; establish a functional engagement model
Data Management Program
DATA MANAGEMENT PROGRAM
Confidential Copyright © 2015 EDM Council Inc. Page 29
DATA MANAGEMENT PROGRAM
Component Capability Sub-capability
3.0DATA MANAGEMENT PROGRAM
The data management program is established and empowered.
• The Data Management Program is established• The Data Management Program has the authority to enforce adherence and
compliance
The roadmaps for the data management program are developed, socialized and approved.
• Program roadmaps are defined, developed and aligned with the Data Management Strategy
• Program roadmaps are socialized and agreed to by Program Stakeholders• Project plans are developed detailing deliverables, timelines and milestones
Stakeholder engagement established and confirmed
• Identified stakeholders commit and are held accountable to the Data Management Program deliverables
• Funds are allocated and aligned to program roadmaps and workstreams• Resource plans are aligned with and verified against program requirements
Communication program is designed and operational
• Internal communication plans have been created, channels established, plans published and approved.
• Communication plans with external regulators bodies are created and approved.• Active engagement with external industry and standards bodies are in place
Data Management Routines are Established, Operational and Measured
• Routines for support of the data management program have been established• Issue identification, prioritization, escalation and conflict resolution are defined and
operational• Metrics (i.e.: KPIs, KRIs) are defined and used to track Program progress
Confidential Copyright © 2015 EDM Council Inc. Page 30
DATA GOVERNANCE
Key Concepts
– Set up the Office of Data Management (CDO, governance plan, PMO, resources)
– Establish the governance structure to ensure that people are in place and accountable (aligned with business and control functions)
– Develop the policies and content standards in full collaboration with stakeholders backed by authority of executive management (this is the key to data management)
– Operationalize governance (routines, ongoing requirements management, priorities and escalation procedures)
– Implement the control environment (strategic data domains, critical business elements, taxonomies/ontology, identifiers; enforce policy and standards)
– Align with IT and cross-functional policies (a symbiotic relationship requiring careful orchestration within the culture of your organization)
The rules of engagement for implementation of the data management program. The focus is on implementation of policies, standards and
operational procedures necessary to ensure that stakeholders “behave”
Data Governanc
e
Confidential Copyright © 2015 EDM Council Inc. Page 31
DATA GOVERNANCE
Component Capability Sub-capability
4.0DATA GOVERNANCE Data governance structure is created.
• Data Management Office (DMO) is created• The DMO has an executive owner• The data governance plan is created• Program Office (PMO) is established and staffed with required skill sets• Enterprise governance structure is designed and implemented
Content governance is defined
• Authorized data domains have been identified and inventoried• Critical data elements (CDEs) have been identified and inventoried• Data domain taxonomies have been developed and are actively maintained• Unique and precise data identification schemes and methodologies have been defined,
applied and are in use.• Data classifications are defined and assigned
Policy and standards are written and approved
• Policy and standards are written and complete• Policy and standards have been reviewed and approved by relevant program
stakeholders• Policy and standards have been reviewed and approved by senior executive governing
bodies
Program governance is operational
• Funding Model is Operational• Program governance routines are established• Requirements are captured and prioritized• Escalation Procedures are developed and documented
Program governance controls are in place
• Project review and approval processes are established• Policy and standards are enforceable and auditable• Metrics are in place to track program adherence, progress and outcomes• Formal training programs have been designed and implemented
Tool Stack governance is aligned
• Platform governance is established• Data distribution governance is established• Data storage governance is established• BI, ETL and data tool governance is established
Cross-organizational enterprise data governance is aligned
• Data governance is aligned with information security policy• Data governance is aligned with privacy and cross-border policy• Data governance is aligned with external data usage policy and standards• Data governance is aligned with legal and compliance data policy
Confidential Copyright © 2015 EDM Council Inc. Page 32
DATA ARCHITECTURE
Key Concepts
– Define the scope of data and how logical data domains are linked to physical repositories
– Define attribute-level metadata and align with financial industry business ontology (the goal is unambiguous shared meaning across the enterprise)
– Designate critical data attributes based on facts about how instruments and business relationships truly operate
– Implement governance processes to ensure alignment and harmonization to data meaning
The “design of information content” including the identification of data domains, establishment of taxonomies, alignment with contractual obligations, documentation of metadata and designation of CDEs
Data Architectur
e
Confidential Copyright © 2015 EDM Council Inc. Page 33
DATA ARCHITECTURE
Component Capability Sub-capability
5.0DATA ARCHITECTURE
Identify the data (logically and physically)
• Logical domains of data have been identified, documented and inventoried.• Underlying physical repositories of data have been identified, documented and
inventoried
Define the data (semantically and structurally)
• Attribute level “business” definitions are defined, documented and approved by relevant stakeholders
• Taxonomies and ontologies are created, documented, maintained and governed• Metadata is defined
Govern the data (establish sustainable data architecture governance)
• Data architecture governance procedures are established to ensure authorized as well as controlled use of data
• Data architecture governance procedures are in place and aligned with business governance processes
• Data architecture governance procedures are in place and aligned with technology
Confidential Copyright © 2015 EDM Council Inc. Page 34
TECHNOLOGY ARCHITECTURE
Key Concepts
– Define the technology architecture with IT and business stakeholders
– Translate into actionable roadmap with adequate budget
– Align with platform governance mechanisms
– Define the technology tool stack, data storage strategy and implementation roadmaps
– Align with business continuity planning
The “design of physical architecture” including the platforms and tools in support of data management implementation. This is domain of IT and
defines how data is acquired, stored, integrated and distributed
Technology Architectur
e
Confidential Copyright © 2015 EDM Council Inc. Page 35
TECHNOLOGY ARCHITECTURE
Component Capability Sub-capability
6.0TECHNOLOGY ARCHITECTURE Technology architecture is defined
and governed
• Technology architecture strategy is defined and agreed to by relevant stakeholders.• An actionable roadmap is developed and adopted for implementation of the
technology architecture• Platform governance structure and processes are in place.
Data technology tool stack is identified and governed
• Technology tool selection strategy is defined and verified by relevant stakeholders• Technology tool roadmap is developed and implemented• Tool selection governance structure and process is in place and operational
Data storage (lifecycle) management strategy defined and governed
• Data storage management strategy is defined and agreed to by relevant stakeholders
• Data storage management roadmap is developed and implemented• Storage governance structure and processes are in place and operational
Operational risk planning is in place• Data infrastructure contingency planning is defined and in place• Operational Risk Governance Structure and processes are in place and operational
Confidential Copyright © 2015 EDM Council Inc. Page 36
DATA QUALITY
Key Concepts
– Set up the data quality program including how assessments will be conducted, roles and responsibilities and how quality will be governed)
– Perform the current state assessments (profile, analyze, grade)
– Perform data cleansing and remediation
– Manage the chain of supply (establish data quality control points, links to authoritative sources, business rules)
– Measure and trace to root cause (supported by audit)
Deliver to business users data that is fit-for-purpose. The goal is data that users trust and have confidence in to be exactly what they expect it to be
without the need for reconciliation and data transformation
Data Quality
Confidential Copyright © 2015 EDM Council Inc. Page 37
DATA QUALITY
Component Capability Sub-capability
7.0DATA QUALITY PROGRAM Data quality program is established
• The data quality strategy and approach is defined and socialized• Accountable parties have been identified and roles and responsibilities have been
assigned. • The Data Quality roles and responsibilities have been communicated.
Quality of existing stores of data are identified and assessed.
• All relevant data have been identified and prioritized.• Data is profiled, analyzed and graded• Data remediation has been planned, prioritized and actioned.
Quality of new data is monitored, analyzed and reported
• Data Quality ‘control points’ are in place along the full spectrum of the data supply chain.
• Data Quality Metrics are captured, reported and used to drive data remediation.• Root-Cause analysis is performed• Data Quality processes are audited
Confidential Copyright © 2015 EDM Council Inc. Page 38
DATA OPERATIONS
Key Concepts
– Ensure that business requirements are captured and aligned with data management strategy
– Define the end-to-end data management lifecycle and align with standards/policy
– Unravel the data compounding processes for derived data and business calculations
– Align data operations across the information ecosystem
Coordination of the components of data management into a cohesive operational model; ensure that controls are in place for consistency across
the lifecycle; align with organizational privacy and security policies
Data Operatio
ns
Confidential Copyright © 2015 EDM Council Inc. Page 39
DATA CONTROL ENVIRONMENT
Component Capability Sub-capability
8.0DATA Control Environment
A control environment is established and operational
• Control environment structures are established • Control environment procedures are operational. • Control environment adheres to industry best practices
Control environment supports the data management lifecycle
• Control environment ensures data sourcing and procurement are performed in alignment with business requirements
• Critical end-to-end data flows and essential attributes for in-scope business processes are defined and mapped.
• The compounding processes and calculations for derived and transformed data are identified, documented and mapped
Control environment ensures that the discipline of data management is operating collaboratively with cross-organizational Control Functions.
• Control Function policies and standards are aligned with Data Management policies and standards
• Regular routines are established with cross-organizational control teams.• All data entered into the ecosystem of the control environment is subject to cross-
organizational controls.
Confidential Copyright © 2015 EDM Council Inc. Page 40
DCAM – DATA MANAGEMENT CAPABILITY ASSESSMENT MODEL
Not Initiated Data management capabilities are disorganized and performed on an ad hoc basis
Degree of Engagement Degree of Formalization Level of Activity
In Process (conceptual) • Understanding of data management capabilities are rudimentary
• Participation is sporadic and informal• Data management discussions are
taking place mostly among practitioners
• Processes and capabilities are variable and developed as needed
• Documentation is informal and conceptual• Accountability is informal • Resources are allocated via negotiation
Evidence Based
Evaluation
In Process (developmental)
• Data management capabilities are understood at the operational level
• Participation is reliant on individuals (not institutionalized)
• Senior management support and organizational buy-in are emerging
• Stakeholders have business or functional responsibilities
• Data management capabilities are documented and debated
• Methodologies, policies and procedures are being defined
• Resources are allocated as part of the annual budget cycle
• Roles, responsibilities and accountability is formally established
In Process (defined) • Business users take an active role in data management processes
• Stakeholders have decision-making/P&L authority
• Executive management is aware of and engaged in data management activities
• Data management routines exist and are operational
• Policies, procedures and standards are documents in structured format
• Resources are allocated to ensure program sustainability
• Roles and responsibilities are coordinated across business units
Capability Achieved Data management capabilities are embedded into operations
Capability Enhanced Data management capabilities are embedded into the culture of the organization
Confidential Copyright © 2014 EDM Council Inc. Page 41
DCAM PLATFORM
Supports automated response collection and consolidation from identified stakeholders
Aggregates responses and provide detailed analytics in real-time including complex charts and detailed filters
Supports benchmarking results against previous assessments and peers
Confidential Copyright © 2014 EDM Council Inc. Page 42Page 42
► Governance framework for data management is defined within DCAM
(including alignment with risk and finance governance mechanisms)
► DCAM Strategy and Program process areas
(alignment to risk as well)
► Data policy and standards are a focal point of DCAM
► Funding model for RDA is broader than data
(DCAM ensures the data funding issues are covered)
► Culture and communication is shared with risk function
(most likely driven by the risk organization)
► The Data Aggregation components of RDA are covered in DCAM
(Architecture will be shared with technology)
► Process controls and security controls are elements of ‘partnership’. These will be the responsibility of other groups (operations; business continuity; info-security). These are defined as “ecosystem” in DCAM. The DM Program must be ALIGNED to other key stakeholders
► Data Quality is a key component of DCAM
(profile, assess, remediate, business rules, supply chain management)
DCAM Alignment to the BCBS 239 Objectives
Pillars of a Data Management Best Practice
DATA PROGRAM
Strategy, Governance, funding model, TCO and measurement, requirements management,
resource strategy, business semantics, business process flows, data flows, data
quality, executable business rules, integration strategy
(Data Management Capabilities)
IT ENVIRONMENT
Data workflow, process capabilities and limitations, technical architecture, legacy reconciliation, messaging standards, data
management platform, supply chain management
(Technical Architecture, Framework Standards and Process Engineering)
CONTENT INFRASTRUCTURE
Standards for the unique and precise identification of instruments, entities,
classification schemes [LEI, loan ID, universal product ID, Metadata management, sector
classification, instrument categorization]
(Identifiers and Ontologies)
Regulatory Drivers
• Transparency (Dodd-Frank, Regulation AB2, UCITS, FATCA, AIFMD)
• Systemic Risk Oversight (DFA Title I, Basel III, BCBS 239/Risk Data Aggregation Principles, CCAR, Firm Data Submission Frameworks (FDFF), Solvency II, ACORD, COREP, FSB Templates)
• Functional Areas (degree of interconnectedness, transitive exposure, collateral flows, concentration, degree of centricity, funding durability, leverage and liquidity measures, guarantee and transmission of risk, degree of diversification, systemic contagion)
• Surveillance (shadow banking, electronic execution, structural vulnerability, consumer protection, hedge funds, insurance and reinsurance)
Business Drivers
• Data Errors and Repairs (reconciliation, exception processing, convoluted models, trade repairs, valuation miscalculation, settlement instruction mismatches, bad corporate action processing)
• Data Utilization (manual processes, maintenance of proprietary feeds and interfaces, redundant systems, duplicate master files, duplicate accounts, integration and transformation challenges)
• Data Reporting (links between instruments (what we trade) entity (with whom we do business) obligations (based on role) and holdings (what’s in our portfolios)
• Business Development (upselling opportunities, enhanced client service, new product engineering, contextual big data mining, process automation, product and client ROI)
Regulatory Data Mandate
Data Management Landscape
Copyright © 2015 EDM Council Inc.43
• Governance Mandate - Documented policies and procedures, executive management accountability, coordination across IT, business, data. independent audit)
• Data Infrastructure Mandate - integrated data architecture (taxonomies, metadata, identifiers), control across full data lifecycle, flexible classification and aggregation, comparability across repositories, identification of CDE
• Content- data quality (timely, accurate, comprehensive, clear), alignment to contractual meaning, data lineage and root cause remediation, authoritative sources, on-demand and ad hoc reporting capabilities, near real time reporting.
Confidential
Big tasks facing the industry (and the clock is ticking)
Adopt content standards (everything is built on this infrastructure)
Implement industry-wide best practice (based on reality)
Measure and benchmark continuously (using DCAM and EDMC mechanisms)
Collaborate with regulators (and vendors)
Adoption of control environment is absolutely possible in the near term (unique moment of data management)
44Copyright © 2015 EDM Council Inc.
SUMMARY AND CONCLUSION
Transport Layer (HTTP, TCP/IP, FTP)Facilitation of computer-to-computer communication
in alignment with W3C and IETF standards
Messaging Layer (XML, CSV, SWIFT, Web Services)Transactions are communicated to involved parties via messaging.
Examples are FIX, ISO 20022, FpML for derivatives, MISMO for loans, XBRL for balance sheet data
Location Layer (URL, URI, DNS)Web-based location identifiers enable data to be accessed across the web. Namespace
management is included
Information Technology and O
perations Governance
Managem
ent of architectural approach, data distribution platform, transform
ation processes and data integration
Data M
anagement G
overnanceM
anagement of data m
anagement strategy, organizational m
odel, funding model, governance
structure, organizational alignment and operational culture
Data Quality StrategyFit-for-Purpose - completeness, coverage, conformity,
consistency, accuracy, duplication, timeliness. Data Quality Management - profiling, testing, cleansing,
QA process and implementation of business rules
Mapping to Common MeaningAlignment of data meaning from one format to another. The goal is consistency of meaning across repositories. This includes mapping of business concepts, mapping of
relationships and format transformation
Shared Vocabularies (dictionary, taxonomies, metadata)
Adoption of common financial language. Must ensure that
concepts are both precise and based in legal certainty
Identification (LEI, ISIN)Unique and precise identification of the financial instruments and business entities that form the
baseline components of our industry
Ontology (OWL, UML, 1st order logic, modal logic)
Representation of data to record the logical relationship between terms in
the context of business reality
Query Layer (SPARQL, SQL, CQL, NQL, Natural Language Processing)Mechanism for perform structured queries over linked datasets
Data Management Infrastructure
Copyright 2014 EDM Council, Inc.
Reference Data
Market D
ataand N
ews
Positions and Transactions
Corporate Actions
Analytical Layer Database Types: instrument, entity, transaction, holdings | Core Processes: issuance, trade, servicing, retirement |
Analytical Inputs: cash flow, obligations base on role performed; ownership/control and positions[the essential ingredients for scenario-based analysis and ability to understand links/relationships]
Confidential
Contact
Michael Atkin
Managing Director, EDM Council
(o) 301.933.2945
(m) 240.602.8390
www.edmcouncil.org
John Bottega
Senior Advisor & Consultant
CDO Forum | Data Management Practice
908.510.3826
Dennis Wisnosky
Senior Advisor and Consultant
Financial Industry Business Ontology
630.240.6910
46Copyright © 2014 EDM Council Inc.