Beruflich Dokumente
Kultur Dokumente
Introduction
In the January 2015 BIS BCBS239 Adoption progress report it was stated that
compliance with Principle 2 (data architecture/IT infrastructure) was rated lowest. BCBS
239 is the first time that the Enterprise IT Architecture profession has been subject to
regulatory scrutiny like its construction and transportation industry forbears.
This has become necessary because Distributed Enterprise IT Architectures have now hit
the same engineering maturity inflection point with both many partial subsystem issues
and in some cases public catastrophic supply chain failures.
Enterprise Architects must shift focus from solely functional analysis models to address
the sustained volume, velocity and variety of data that they now aggregate and process to
produce meaningful measures of Financial Sector business risks.
Lets remind ourselves what the banks are being asked to do when it comes to data
architecture/IT infrastructure:
Conceptual
Logical
Physical
Conceptual:
o What are the core risk data entities that have to be measured, reported
and mitigated?
o What are the component pieces of data that make up these risks?
Logical:
o What are the linkages between the key entities and the component pieces
of data i.e. synthesis, aggregation, transformations?
Physical:
o Similarly, what are the IT Applications that perform the composition of the
risk entities and their subsequent analysis and distribution?
Consistent Discovery and Monitoring of Data Flows both messaging and block
file transfers at both Routing and ETL endpoints
At the moment Banks only have very crude Application Portfolio systems which use an
in-house defined, arbitrary classification of the business functions applications perform
with occasionally some manual audit/regulatory firedrill processes to provide some form of
information connectivity catalogue.
Ironically this current lack of data analysis rigor leads to banks being repeatedly charged
for unauthorized use of fee-liable data during audit cycles, which often runs to many
millions of /$.
Conceptual: When are the key business and information system events in the
trading day: Are there multiple operational daily cycles running across the
business entities? Are these catalogued or have they become part of an
Organizational Folklore?
Conceptual: The why or rationale for how the Risk Aggregation process is
conducted for a particular institution lies at the heart of its Core Business
Operating Model and Business Risk Appetite. If this cannot be documented and is
not reviewed in line with quarterly financial statements significant regulatory
scrutiny can be expected.
Logical: Clear automatically derived Process metrics lie at the heart of ensuring
that the Risk Aggregation Process is being operated in line with an institutions
Core Business Operating Model and that it is helping to alert and protect the
institution in times of stress.
Physical: KPIs must be immutable and irrefutable i.e. directly derived from the
underlying data flows and operations to have any value.
Conceptual: The key controls in this process are a combination of Job Roles +
Operating Committees + Exception/Escalation Chains these need to be
maintained in a sustainable consistent archive and regularly reviewed.
Deputization/Succession planning for attendees also needs to be addressed.
There are multiple geographic concepts that need to be captured to answer this
question i.e.
Real World Geopolitical entities and the judicial/regulatory constraints
they impose on the content of the data
o Organizational Geography (i.e. Business units/Divisions/Legal Entities)
these typically act as segments and groupings of the core risk data entities
and in many cases will be aligned to Real World constraints/boundaries
o Application Portfolio geography As noted in earlier sections there need
to be a clear linkage between risk data entities and the applications
involved in the production and distribution processes
Logical: Real World and Organizational Geographies are generally well
understood concepts the notion of What is an Application however needs to be
clearly defined and agreed both in IT and its client business units. It is notable that
ITIL failed to define a standard for what an application comprises and often
confuses it with the notion of Service which can become a very overloaded term.
o
Conceptual: The key functional elements of the aggregation system are the
corollary of the What section earlier in this document i.e. the operations
performed on the data and the event stimuli along the critical path of the
production process discussed in the When section.
The other key entity that needs to be described to answer the How question is
the notion of process state i.e. How to introspect what is occurring at any point in
time rather than at process or time boundaries?
Logical: The logical model of state needs to be able to answer the questions:- Do
we know What is in flight, is it on time i.e. When and is it sufficiently
complete/correct Why and if not Who is working to remediate things.
Physical: The When Section discussed the need for temporal consistency and a
coherent task scheduling capability in this section all of connections, data flows,
storage and control points and physical mechanisms that deliver them need to be
described.
As with any complex command and control system some level of
redundancy/duplication should be provided but the range and fidelity of integration
and storage techniques needs to be actively managed.
Being compliant with the principles stated by BIS in BCBS239 requires real IT work with
tangible Design+Build assets and sustainable Maintenance processes linking
multiple transaction and reference data systems with real artefacts owned by both Line
and Enterprise Architecture Teams.
The Enterprise Application Portfolio and supporting functional taxonomy must become
concrete reference data entities.
Linkage of dataflows to each of the Application/Environment instances must be achieved
through significant mechanisation and automated physical discovery toolsets manual
firedrill collections of user opinions is not an option.
NB Excel, PowerPoint and Word artefacts are only ancillary to the core solution.
And finally The data produced by this exercise should be used for the strategic
optimisation of the organisation not just for appeasing a set of faceless regulatory
bureaucrats. You can only manage what you measure is a very old business maxim.
A bank should have in place a strong governance framework, risk data architecture and IT infrastructure.
A bank should establish integrated data taxonomies and architecture across the banking group, which
includes information on the characteristics of the data (metadata), as well as use of single identifiers
and/or unified naming conventions for data including legal entities, counterparties, customers and
accounts.
A banks risk data aggregation capabilities and risk reporting practices should be:-Fully documented
and subject to high standards of validation. This validation should be independent and review the
banks compliance with the Principles in this document. The primary purpose of the independent
validation is to ensure that a banks risk data aggregation and reporting processes are functioning
as intended and are appropriate for the banks risk profile. Independent validation activities should
be aligned and integrated with the other independent review activities within the banks risk
management program, and encompass all components of the banks risk data aggregation and reporting
processes. Common practices suggest that the independent validation of risk data aggregation and risk
reporting practices should be conducted using staff with specific IT, data and reporting expertise.
What is actually happening in practice is that each major institutions regional banks are
lobbying/negotiating with their local/regional regulators to agree on an initial form of
compliance typically as some form of MS Word or PowerPoint presentation to prove that
that they have an understanding of their risk data architecture. One organization might
write up 100 page tome to show its understanding and another might write up 10. The
ask is vague and the interpretation is subjective. Just what is adequate?
Data Points A Data Point is what is actually reported as a number based on the intersections/dimensions
of an XBRL report, i.e., effectively a cell in a spreadsheet.
Paths Each Data Point is created from a Path, i.e., the flow of data via a group of Applications and
Interchanges. NOTE:Many Data Points will be generated from a single path although given the number of
data points in a regulatory report we can expect that many different paths will exist across the application
estate.
Interchanges Multiple data interchanges will exist between applications (even within a path) to produce
a data point these will be message or batch-based and be related to different topics and formats. As
a rule of thumb each data entity/format being moved, any distinct topics used to segregate it, and each
transport used to move it, results in a separate interchange being defined. When you start to think about
the complexity that this rule of thumb implies you get to the heart of why BCBS 239s requirement for accurately
describing Data Architectures is needed and why moving to a logical approach levels the playing field.
Schedulers Applications and Interchanges are both controlled by schedulers. In an ideal world there should
be a single master scheduler but in reality multiple schedulers abound in large complex organisations.
Identifying the number of places where temporal events are triggered is a major measure of technical +
configuration risk and variability in a banks risk architecture. As I stated, a single controlling scheduler
should be the right thing to do in an ideal world but the lessons of the RBS batch failure are a textbook
case of concentration risk in a system design.
An Example Path: So putting it all together we get a picture like this: (I.E. the path above comprises)
5 Applications, 4 Interchanges 2 of which are message based, 2 of which are scheduled (FTP etc), 2
Controlling Schedulers
So for each reporting period the dates of the last functional change and platform change
should also be reported and the number of functional and platform changes in the
reporting period.
Almost there
By applying a BIAN (or similar) mapping to the abstract Applications + Interchanges graph
we now have a comparable set of functional and data flow based topologies across the
set of reporting banks described in Banking language rather than abstract algebra. We
can now ask questions as to why Bank A has 6 reference data systems vs Bank B who
may have 2, or why the number of interchanges between 2 functional domains ranges
from 20 in Bank A to 120 in Bank B.
As with the abstract model, adding this form of consistent dimensionality drives reporting
convergence; if data lies outside statistical norms then it will naturally provoke curiosity
and scrutiny.
b. Reduce the likelihood of future banking IT failures since it does not deliver
continuously improving comparative measurement and analysis?
c. Improve the ROI to bank shareholders of their holdings and dividend payouts as it
does not provide means to target efficiency improvements in IT systems and
supporting institutional knowledge?
It wont. We are paying people to draw pictures, and we have no idea if it is correct. We
have to move into a more grown up world and take the human element out we can
actually create a comparative scale.