View
120
Download
4
Category
Preview:
DESCRIPTION
R&D Projects at the GRCTC
Citation preview
Dr. Tom Butler Technology Centre Principal Investigator
An Enterprise Ireland
& IDA Ireland Initiative
1 1
Funded by:
A Global Perspective
Greater regulatory oversight globally since 2008
Increasingly lengthy and complex regulations
Increasingly large fines—HSBC $1.92 billion for AML, BNP Paribas $9bn
Poor qualification and quantification of risk
Inadequate compliance knowledge management and reporting
Inadequate Information Systems
Poor data Integration of heterogeneous data silos Ambiguity and imprecise data semantics Absence of a common vocabulary
2
Compliance
Banks
Board of Directors
CEO
Sales and Trading
Legal
Investment
Research
Risk Management
Audit & Compliance
IT
Operations
Data Management
Compliance
Compliance
Compliance
Compliance
Governance
Compliance
Risk
Governance
Risk
Risk
Governance
Risk
Risk Mgmt.
Risk
Governance
Front Office
Middle Office
Back Office
MIS & BI
DMS e-Com e-Bus CRM DW
BSA Dodd- Frank
CFR Rules
FINRA Rules
Basel III SOX Solvency II FATCA
Compliance
Risk
Governance
Regulators
USA
EU
Japan
U.K.
France
China
Germany
India
Semantic technologies extract meaning from text and data, including video, voice and images
Big data —requires semantic technology that makes sense out of data for humans, or automates decisions
Mature technologies based on semantic web…
Provide advanced text analytics, statistics, data mining, machine learning and knowledge management
5
Big financial institutions are using semantic technology today to better understand, manage and unlock the value of their data.
If you are dealing with complex data integration challenges, semantic technology offers a compelling solution.
CDW is dead? State Street Corp…is experimenting with semantic
databases since 2012
…information storage solutions with flexible data structures that prioritize meaning in relationships.
6
7
Semantic Repository based on the Semantics of Business Vocabulary and business Rules (SBVR)
Financial Industry Regulatory Ontology (FIRO)
Financial Industry GRC Ontology (FIGO)
FIRO
Clarifies communication within and between GRC officers, the business, and other stakeholders.
Defines data semantics and business rules that underpins the design of information systems
Reduces the business costs of the misinterpretation of regulatory rules
US Bank Secrecy Act Use Case
Helps reconcile data inconsistencies in repositories and facilitate software redesign.
8
GRC Data Virtualization Integrate GRC data silos
Basis for Compliance Knowledge Management Solutions, e.g. Wells Fargo Securities
Vocabulary for Operational Risk (VOR)
.
10
11
Research Project Content
Providers
FinTech
Companies
Professional
Services
Financial
Services
1. Regulatory Compliance
Change Management System
RCMS √ √ √ √
2. Regulatory Compliance
Interpretation Methodology
RIM √ √ √ √
3. Regulatory Compliance
Information System
RIS √ √ √ √
4. Regulatory Compliance
Knowledge Base
RKB √ √ √ √
5. Regulatory Compliance
Knowledge Management
System
RKMS √ √
6. Regulatory Compliance
Maturity Model
RMM √ √ √
The objective of this project is to provide support to; 1) Query legislation, regulations and other texts in order to identify
compliance imperatives;
2) Identify changes to existing legislation and regulation introduced by amendments to existing law or new law;
3) Enable Regulatory Compliance Change Management.
Aid GRC Executives answer questions such as:
‘What are the various obligations in an individual instrument of legislation or regulatory rule?
And…
Query unstructured legislation and regulatory texts to identify prohibitions, particular types of obligations, derogations, exemptions, exclusions, and so on.
12
The RCMS helps identify sections/paragraphs etc.
RIM ensures that they are understood unambiguously
Using the Semantics of Business Vocabulary and business Rules (SBVR) to transform such text into a Regulatory Compliance Natural Language (RCNL).
13
First module will enable SMEs to create SBVR-compliant business and regulatory vocabularies and rules
E.g. build a Regulatory Compliance Natural Language in a human and machine readable format
Java-based application and XML document store
Future modules will publish and make the vocabulary and rules accessible
14
Semantics repository containing vocabulary and rules
Licensable components in GRC application development
Ontology family modules
Persists FIRO and FIGO-based RDF/OWL components
Export Universal Resource Indicators (URIs) for business, GRC, etc. to access the knowledge base
Implemented as an XML-based document store
X-Query and SPARQL endpoints
Linked with open GRC data and standards like the Financial Industry Business Ontology (FIBO)
15
A suite of application components GRC ontology, process models and design patterns
Enable financial services organisations and GRC software vendors to develop apps Data virtualization and analysis of structured and
unstructured GRC data
Query siloed operational and GRC structured and unstructured data
Inference over data to identify previously unidentified patterns and relationships
Enable risk management and compliance reporting 16
17
GRC Data
Stores
Accounts Mortgages Loans Pensions Funds Legal Trading
Production
Data Stores
Audit Process
Planning Execution Review Reporting Issuance
Authorize start of Audit
Prepare Audit Guide
Approve Audit Guide
Prepare Announcement of Audit and Kick Off
Meeting
Execute Audit
Evaluate Control Environment and Develop Issues
Prepare Draft Audit Report
Collect Comments and Update Report
Prepare Closing Meeting
Collect Comments and Update Report
Close and Archive Audit
Documentation
Issue Audit Report
Audit Announcement
and Kick Off Meeting
Discuss and Validate Audit
Guide (optional)
Discuss and Validate Issuance
(optional)
Review Draft Audit Report
Audit Report Issuance
Review Draft Audit Report
Review Draft Audit Report and
Closing Meeting
Review Audit Report and
Sign Issuance Clearance
Form
Yes
No
Yes
No
Yes
Comments
GRC Processes,
FinTech Applications
and Audits
Load
Extract
Transform
18
GRC Data
Stores
Accounts Mortgages Loans Pensions Funds Legal Trading
Production
Data Stores
Operational/Organizational
Ontologies
Domain-Specific Ontologies
Foundational Ontologies
19
GRC Data
Stores
Accounts Mortgages Loans Pensions Funds Legal Trading
Production
Data Stores
Query Related
Data
Make Inferences
Report
Provides a means for planning GRC process improvements across an enterprise
Continuous incremental improvement following an evolutionary path through stages of increasing capability
Excel-based assessment tool
Demonstrator for web-based software application
Assessments linked to regulatory domains Integrated with RKB
20
21
Research Project Industry Collaborators
1. Regulatory Compliance Change
Management
RCMS Wolters Kluwer
2. Regulatory Compliance Interpretation
Methodology
RIM Bank of Ireland, CitiGroup
Wells Fargo, Linklaters, Object
Management Group, Stanford
Research Institute, Coherent
Knowledge Systems, Model Systems,
Business Semantics Ltd.
3. Regulatory Compliance Information
System
RIS TBD
4. Regulatory Compliance Knowledge Base RKB Bank of Ireland
CitiGroup
5. Regulatory Compliance Knowledge
Management System
RKMS TBD
6. Regulatory Compliance Maturity Model RMM Bank of Ireland, AIB, Citi, BAE Detica,
Walkers Group
Recommended