Confidential 1.The Principles of Information Companies 2.Linked-Risk and the Information Dimensions of BCBS 239 3.Semantic Processing and the Management

Confidential

1. The Principles of InformationCompanies

2. Linked-Risk and the Information Dimensions of BCBS 239

3. Semantic Processing and the Management of Knowledge

4. The Governance Revolution and DCAM

1Copyright © 2015 EDM Council Inc.

FOUR ESSENTIAL OBSERVATIONS (CONTEXT)

Confidential Copyright © 2015 EDM Council Inc. Page 2

• Lessons from scientific, technical, legal, medical and scholarly publishing

PRINCIPLES OF INFORMATION COMPANIES (CONTENT INTEGRATION)

• Three discoveries that changed the knowledge representation equation

Confidential

Banks are the New Publishers

and must adopt the principles of the information industry in order to meet

regulatory reporting obligations, support model-based strategies and automate

linked processes


FINANCIAL SERVICES MEETS THE INFORMATION INDUSTRY

Confidential

Information Industry Meets Finance

Lots of internal and external data

Unshackle from silos and legacy applications

Separate compounding processes (risk formulas, derived calculations, business algorithms)

from data attributes

Harmonize data to common meaning

Facilitate scenario-based analysis

Report to regulators for cross-industry analysis

Report to management for cross-LOB analysis


Why Harmonized (common language) Data Matters

Classification risk

Interest rate risk FX risk Spread

riskLeverage risk

Depreciation risk

Correlation risk

Redemption risk

Liquidity risk

Volatility risk

Counterparty risk

Valuation risk

Execution risk

Settlement risk

Custody risk

Exposure risk

Instrument ID Issue versus instrument identification, instruments without codes

Security Classification

Convertible, subordinated, guaranteed, unsecured, preferred, senior, rate-based, backed, index-linked, floating, etc.

Instrument Descriptors Coupon rates, payment dates, effective dates, termination dates, call/put feature

Fundamentals Earnings ratios, market capitalization, dividend rates, capital distribution

Terms & Conditions Conversion rates and dates, sinking fund provisions, maturity dates, reset dates, redemption schemes and dates, restrictions, eligibility, benchmarks, day count conventions

Prices Historical, close, time series, volatilities, correlations, NAV, VWAP, yields, durations, OAS

Legal Entities Ownership, control, affiliates, role performed, identification

Research Analyst reports, reporting dates, credit ratings, categorization, credit enhancement support

Obligations Priority, exercise, debenture, guarantee, obligation

Instructions Standing settlement instructions, transfer agents, tax instructions, regulatory jurisdictions, calendar, currency

Corporate Actions Dividends, mergers, acquisitions, tenders, IPOs, corporate restructure, class actions, consolidations, payments, splits, repayments, liquidation

Risk Types

Data Types

Copyright © 2015 EDM Council Inc. 5


• Degree of interconnectedness

• Transitive relationship• State contingent cash flow• Collateral flow• Degree of centricity • Funding durability• Leverage & liquidity• Guarantee & transmission

of risk• Degree of diversification

Instruments• Identification• Classification• Description (rates, dates,

features, schemes, provisions)

• Value (i.e. price, date, time)• Calculate (volatility,

correlation, yield, duration, tax)

• Maintain (corporate actions)

Entities• Entity type (legal persons,

formal organizations, corporations, partnerships, affiliates, trusts, functional, etc.)

• Ownership structures• Controlling relationships

Obligations• Issuance process• Trade and execution• Guarantee • Allocate and administer• Clear and settle• Transfer

Holdings• Firm portfolio (individual

entity risk)• Corporate structure

(organizational risk)• Industry wide (systemic

risk)

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&ved=0CAcQjRw&url=http://coloringbookfun.com/School%20Supplies/imagepages/image38.html&ei=YT3aVIiKN8OMNsmsgsAB&bvm=bv.85464276,d.eXY&psig=AFQjCNGByoOZflKThfjRCGDhZZM7pi5kag&ust=1423675043354638

Confidential

Regulatory Data Mandate (context)

• 2008 Crisis: Inability to model contagion (who finances who, who is linked to who, what are the obligations of complex financial instruments)

• Senior Banking Supervisors Group: Observations on Developments in Risk Appetite Frameworks and IT Infrastructure (intractable relationship between data and risk management and definition of control environment)

• BCBS 239: Principles of Risk Data Aggregation and Reporting (governance, content infrastructure and data quality as mandatory objectives)


Confidential 8Copyright © 2015 EDM Council Inc.

Principles, implications and Findings

Principle 1: The Governance Mandate

Implications: Establish the RDA framework, fully documented, appropriately resourced with no organizational barriers and top-of-the-house engagement

BCBS Findings: lack of formal/documented frameworks; need clear owners with demarcation of responsibility; need coordination of requirements among business IT and risk; decentralized and undocumented data policies; need better SLAs and measurement criteria for RDA processes; need higher standard for audit of RDAR

Principles 2,4,6: The Data Infrastructure Mandate

Implications: need integrated data architecture (taxonomies, metadata, identifiers); need controls across the full data lifecycle; need flexible classification and aggregation; must support on-demand, ad-hoc reporting and scenario-based reporting;

BCBS Findings: inconsistent taxonomies, metadata, identifiers and dictionaries; inability to harmonize, integrate and compare among repositories; need identification and definition of CDE; failure to take into account interdependencies between processes

Principles 3,5,7,8: The Data Quality Mandate

Implications: Risk data must be timely, accurate and comprehensive; must adopt authoritative sources and the creation of a data control environment; need to align data to “concepts” for consistency of meaning across the organization; must be able to generate timely risk reporting across all dimensions of quality and all risk categories

BCBS Findings: Too much reliance on manual processes; insufficient data reconciliation (root cause analysis and executable business rules); need better control across lifecycle of data (data inventory, transformation mapping, cross-referencing, authoritative sources)

Governance

Content Infrastructure

Data Quality

BCBS 239 – RISK DATA AGGREGATION


• G-SIBs and D-SIBs are engaged in remediation (G-SIBs spend ~ $230m; D-SIBs are far behind)

• Typically led by Group Risk (leveraging existing initiatives)

• Progress on “foundational governance” (not implemented across enterprise)

• Most RADR initiatives are focused on adherence (have not calculated business value/benefits)

• Data architecture (lineage, taxonomies, harmonization) and reliance on manual processes remain as the big challenges because of magnitude

• Top remediation priorities (in order): data dictionary/taxonomy, data quality monitoring, data consistency between risk and finance, alignment of repositories, process automation

• Remediation challenges are significant (IT architecture and data flows are complex and require extensive work)

• Over 70% of banks have defined the “high level” requirements for adherence but have not translated them into specific data and architecture initiatives

BCBS 239 (current status)


• “Data needs to be standardized and aligned to common meaning”

• “Data is not aligned for exotics and bespoke instruments and doesn’t map to ISDA taxonomy”

• “Data is all over the place with no consistency in reporting of values”

• “Data is not clean enough to perform analysis and we can’t reconcile manually”

• “USI alpha swap is not associated with beta and gamma, can’t link swaps based on multiple criteria”

• “ISDA taxonomy is not granular enough”

• “Complex data compiled from 20 SEFs on a continually changing basis”

• “Each department has a different analytical objective”

• “Must be able to compare data across multiple SDRs”

• “We need a mechanism for mapping, understanding data relationships and unraveling process flows”

• “Can’t unravel trades to analyze notional amounts .. can’t look at entity roles … can’t compute cash flows”

Microcosm of the data challenge: complex instruments; highly customized; links to underlying instruments; links to entities; multiple participants/roles; standard identifiers missing; fragmented trading and reporting processes

According to the CFTC

DERIVATIVES TRANSPARENCY & DATA COMPARABILITY

Confidential

Core Regulatory Initiatives

Copyright © 2015 EDM Council Inc.

• Dodd-Frank Act Title IV, VII, X, XIV = US framework for regulation of swaps markets, hedge funds, CFPB, mortgage, Volker

• EMIR – European Market Infrastructure Regulation (EU version of Dodd-Frank Title VII on derivatives transparency).

• Regulation AB2 = regulations on asset backed securities (unravel links between loan, tranches, pool, etc.).

• FATCA = individual reporting of foreign accounts and FSI reporting of foreign financial accounts about US clients

• UCITS = Undertakings for Collective Investment in Transferable Securities (EU Directive on simplification of prospectus and their expression using clear, accessible and standardized data).

• AIFMD – Alternative Investment Fund Managers Directive (EU proposed law to provide more oversight and transparency to hedge funds and private equity).

• Dodd-Frank Act Title I = the financial stability component (creates Financial Stability Oversight Council and OFR)

• EU System of Financial Supervision = establishment of the European Systemic Risk Board (and ESFS)

• Basel Principles for Effective Risk Data Aggregation and Reporting = implementation of a “data control environment” and healthy “risk appetite framework” within systemically important financial institutions

• Basel III – global regulatory standard on bank capital adequacy, stress testing and market liquidity risk.

• CCAR = Comprehensive Capital Analysis and Review (stress test methodology in the US; CCAR reporting is putting lots of pressure on data alignment and comparability. This includes the FR Y-9C (Bank Holding Company Capital Report) and FR Y-14Q (detailed ‘show your calculation methodology work for BHC). This is the US version of Basel III.

• Solvency II – EU Directive that harmonizes insurance regulation (requirements for capital reserve and reduction of risk of insolvency) – to be implemented January 2014.

• MiFID II – Revised Markets in Financial Instruments Directive (mostly about trading, but does require common instrument identification for consolidated pricing).

• ACORD – Insurance standards development body (UK) likely to be mandated as the format for reporting.

• Regulation SCI – SEC proposed Regulation Systems Compliance and Integrity (to ensure that core infrastructure is functional)

• COREP = Common Reporting requirements (developed by Committee of European Banking Supervisors (CEBS) with the goal of developing a supervisory reporting framework based on common data standards and formats.

• FSB Templates = Common Data Template for G-SIB’s seeking to harmonize the data compounding methodology for reporting.

Transparen

cy C

apital Risk/S

tress

Harm

onization

Control Data EnvironmentGoverned by policy, sanctioned by executive management, based on standards, harmonized across the

lifecycle, with clear accountability and monitored by audit

Applications

ToolsData Marts

Warehouses

Sandboxes

Legacy EnvironmentExisting technical and

operational environments

• Disparate data sets• Proprietary interfaces and point-to-point links• Multiple repositories managed independently• Inconsistent formats and data definitions

Alignment to MeaningHarmonized and precise data

based on contractual precision

• Attribute level business glossary/business conceptual ontology• Unique identification and flexible classification scheme• Harmonization and transformation processes (cross-referencing and

mapping across systems) • Metadata repository (administrative, structural, descriptive)

②Manage Data Quality

Fit-for-purpose data without reconciliation and transformation

• Data quality criteria (all relevant dimensions) • Establish data quality control points• Quality assessment and remediation (current state analysis)• Define business rules, thresholds and tolerances• Root cause analysis (trace to source)• Management of data manufacturing chain of supply

③

Technical ImplementationIntegrate data into operational and production environments

• Platform and authorized tool stack• Messaging and distribution

infrastructure• Semantic to logical data model• Logical to physical instantiation• Location identifiers and namespace

management

④

Copyright © 2015 EDM Council Inc.

Scope of Work Required to Achieve a Control Environment

12

Simple

Complicated SimplificationReconciliation of complex

environments

• Designation of “authorized data domains” • Definition of critical data elements (CDEs)• Documentation of end-to-end data flows

(compounding process, derived calculations, risk and business formulas)

①


Business Conceptual Ontology

• Formal and factual model of financial industry business/contractual concepts (ontology of the business structures and legal obligations)

• Expressed as a glossary of terms and definitions plus all business relationships (what “things” are and how they work in the real world)

Primary FIBO Domains

• Product (reference data) Semantics – Foundations, Business Entities, Indices and Indicators, Common Concepts, Equity Instruments, Debt Instruments, Loans, Derivatives, Collective Investment Vehicles, Rights and Warrants

• Market Data (time and date) Semantics – Pricing and Yields, Analytics, Temporal Terms, Credit Rating

• Process Related Semantics – Securities Issuance, Corporate Actions, Transactions, Payment Processing, Portfolio and Holdings


SEMANTIC PROCESSING – ANALYTICAL GIFT FROM DARPA

• Developed by DARPA in year 2000 (RDF/OWL)

• Managed by World Wide Web Consortia (W3C)

• Concepts organized into taxonomies but allows for separation of “meaning” from “format” from “syntax” from “structure”

• Owns• controlled by• is subsidiary of • is affiliate of • trades with• guarantees • has controlling

interest in • is governed by • is beneficiary • has tax

treatment • has restrictions • cleared by

Financial Process “Predicates”

• has identity • has duration • has price • has terms • has date • has obligation • has constituent • has yield • derived from • has underlying • is union of • has leg • is subordinate to


FIBO Approach

• Ontology of “financial contracts”

• Formally grounded in law and financial processes

• Vendor agnostic• Content

unshackled from structure

• Concepts of “party,” “role,” “issuance,” “agents,” “agreements,” “obligation,” “control,” “ownership,” “affiliate,” “collateral,” etc.

FIBO + Semantic Processing = the Essential Infrastructure for Regulatory Oversight, STP and Data Analytics

Wisnosky Effect

• “Build, Test, Deploy , Maintain”

• Collaborative development process (GitHub, JIRA, Jenkins)

• Rigorous technical governance

• Adopted: Foundations, Business Entities, Indices

• FCTs: Common concepts to all instruments, Equities, Loans

• Original model expressed in RDF/OWL

Regulatory Activity

• BCBS 239: control environment

• ECB: Foundational Building Blocks for a 21st Century Infrastructure

• London: Setting Global Standards for Granular Data

• Basel: CPMI/IOSCO Working Group on Derivatives

• CFTC: Data Standardization Subcommittee

• OFR: Financial Instrument Reference Database

• GLEIF: FIBO-BE

Capability Demo

• Large custodian (G-SIB) POC on IR swaps and business entities

• Classification, aggregation, flexible query, transitive relationships, ownership, control, data quality

• Schema.org (www)• FIBO Vocabulary

(risk data aggregation)

• Data visualization• Business rule

implementation (Regulation W)

• Messaging Alignment (FpML, FIX, MISMO, 20022)

FIBO Ecosystem

• RDF/OWL triple store environment

• Collaboration among world’s leading ontologists

• Practical business value (flexibility)

• Adaptive, ANZ, BoA, Bank of England, Bloomberg, BNP Paribas, BNY Mellon, Citi, CFPB, Deutsche, Freddie Mac, GE Capital, Goldman, HSBC, IBM, Invesco, JPMC, Manulife, Michigan State University, Morgan Stanley, Mphasis, Nordea Bank, OTPP, PWC, RBS, State Street, UBS, University of California Berkeley, US Treasury, Wells Fargo, Google, Yahoo!

Financial Industry Business Ontology (capability)

16

Provide standard definitions of financial concepts and business rules; financial instrument taxonomies, integrated metadata and links to related

1

Classify financial instruments into categories and flag instruments that lack conformance

3

Provide semantic mapping from FIBO elements to other standards e.g. ISDA UPI taxonomy, FpML, MISMO, XBRL, 4

Enable visualizations for taxonomies, financial instruments, all forms of data relationships

5

Provide risk intelligence and analysis legal entity ownership hierarchies and their counterparties

7

Enable precise aggregations across multiple data dimensions

6

Leverage and integrate with other global data standards to maximize commonality and reuse

2


DATA MANAGEMENT BEST PRACTICE (JOURNEY OF DISCOVERY)


DCAM ORIENTATION

Principles of Data Management Must Never

Be Compromised!

Grounded in LawDefined by Contract


FOCUS ON DATA MANAGEMENT CAPABILITY

Understand Core Principles and Position Internally

Develop … Document … Monitor … Define … Assess … Identify … Evaluate … Confirm … Approve … Control … Operationalize

… Align … Adopt … Create … Map … Measure … Communicate … Integrate … Prioritize … Share … Specify … Empower …

Socialize … Report

Governance to Change Organizational Culture

Core Principles = Simplify (data & process flow, ADS, CDE), Data

Architecture (align to meaning), and Data Quality Control Environment Cultural Change = Data Strategy,

Funding Model, Communication and Measurement

Governance = Implement Standards, Control Budget & Priorities, Integrate into Operational

Environments and Collaborate with Cross-Functional Governance Processes

Confidential

Must be Practical & Work in Real World

Demystify and Position for Adoption

Collaborative Across Industry

Socratic Method

Continual Best Practice Improvement


EDM COUNCIL ORGANIZATIONAL MANDATES

Confidential

DCAM Overview


Based on Collective Experience

• Synthesis of research and analysis among practitioners (10 year journey)

• Collaboration across the full spectrum of financial services participants

• Socratic method to ensure that the DCAM is practical and in line with the core principles of data management

• Scoring based on: – Level of engagement (knowledge and

scope of authority)– Degree of formality (documented,

standard methodologies, coordinated responsibilities); and

– Evidence (internal artifacts, documents, authorizations, designations, definitions)

Intersection of data management best practice and the reality of financial services operations

Hard Won Lessons

• Harmonized data aligned to contractual meaning (unambiguous shared meaning)

• Legacy repositories, end user computing and existing IT infrastructure

• Social, political and cultural challenges

• Reality of technical implementation, data transformation and IT execution challenges

• Governance implementation and accountability

• Hard to calculate ROI and the limitations of project-based funding

• The importance of top executive “air cover” for sustainability

• The operational obstacles of short term measurement criteria and multiple (conflicting) priorities

Confidential

• Scope of capabilities required to establish, implement and manage data content

• Industry standard for the evaluation of a data management program in the financial industry based on

• degree of stakeholder engagement• formalization of data management practices• level of program activity

DCAM – DATA MANAGEMENT CAPABILITY ASSESSMENT MODEL

Component Scope of Coverage

Data Management Strategy Defines the elements of a sound data strategy, why it is important and how the firm needs to be organized for sustainable implementation

Business Case/Funding Model Addresses the creation of the business case, its accompanying funding model and the importance of engaging senior executive stakeholders

Data Management Program Identifies the organizational requirements needed to stand up a sustainable data management program

Governance Management Defines the operating model and the importance of policies, procedures and standards as the mechanisms for alignment among stakeholders

Data Architecture Focuses on the core concepts of “data as meaning” and how data is defined, described and related (data domains, metadata, critical data elements, taxonomies, common language/ontology)

Technology Architecture Addresses the relationship of data with the physical IT infrastructure needed for operational deployment (integration into operational environments)

Data Quality Establishes the concept of fit-for-purpose data and defines the processes associated with establishing both data control and supply chain management

Data Control Environment The Data Control Environment refers to the process by which the data assets of a firm are managed in order to realize their maximum value

Confidential

DCAM – DATA MANAGEMENT GOVERNANCE EXAMPLE

Data Governance

Component

Data governance structure is created.

Content governance is defined

Policy/standards are written and approved

Program governance controls are in place

Technology governance is aligned

Cross-organizational enterprise data governance is aligned

Program governance is operational

Capability

Policy and standards have been reviewed and approved by relevant program stakeholders

Policy and standards are written and complete

Policy and standards have been reviewed and approved by senior executive governing bodies

Sub-Capability

Policy/standards are developed in collaboration with (business, technology and operations)Policy and standards are complete and verifiedPolicy and standards are in alignment with Data Management Strategy

Policy and standards have been shared and reviewed by relevant stakeholders.Feedback from stakeholders incorporated into the final version of the policy and standardsPolicy and standards have been validated and approved

Policy/standards submitted to the organizational governance mechanism for evaluationPolicy and Standards have been approved

Objectives


DATA MANAGEMENT STRATEGY

Key Concepts

– Align the strategy with business objectives (target state)

– Ensure that stakeholders (business, IT and operations) are engaged

– Ensure that business priorities are defined and reflected in the strategy

– Establish the overall framework (i.e. data domains, role of policy, alignment with capability, criteria for evaluation)

– Establish the framework for effective governance

Defines the long term goal of the data management program. This is the blueprint to gain internal alignment among stakeholders and to define how

the organization will approach the management of data content

Data Management Strategy


Component Capability Sub-capability

1.0DATA MANAGEMENT STRATEGY

Data management strategy (DMS) is specified and shared with relevant stakeholders

• DMS is developed• DMS is aligned with high-level organizational objectives• DMS includes an established mechanism for approval• The DMS has been evaluated as being enforceable by Audit (or the equivalent function)

High level business requirements are captured, prioritized, and integrated into the DMS

• High level business requirements have been documented and used to create the DMS• Requirements incorporated into the data management strategy have been prioritized and

approved by identified stakeholders

The DMS defines the importance of identifying, prioritizing and assuring the appropriate use of authorized data domains.

• The DMS calls out the need to identify and prioritize authorized data domains.• The DMS articulates the importance of establishing policy to enforce appropriate use of

authorized data domains.

The DMS is aligned with and mapped to architectural, IT and operational capabilities

• Data architecture concepts have been incorporated into the DMS.• Technology concepts have been incorporated into the DMS.• Operational concepts have been incorporated into the DMS.

The DMS requires the creation of a formally established governance program.

• The DMS defines the purpose and objectives for establishing data governance• The DMS describes the data governance target state organizational structure• The DMS describes the governance roles and responsibilities

The DMS defines how the data management program will be measured and evaluated.

• The DMS defines the importance of developing outcome metrics to determine the effectiveness of the data management program

• The DMS defines the importance of developing tracking and adherence metrics to determine how the data management program itself will be measured.

The data management strategy calls for the creation of a communication and training program

• The DMS describes the importance of establishing a communication strategy• The DMS describes the need for an education and training program to ensure

stakeholder understanding, buy-in and compliance to the data management program

DATA MANAGEMENT STRATEGY


Key Concepts

– Alignment of business case to the activities that are important to the organization and the key stakeholders

– Documentation of the business case and socialization to ensure buy-in (concepts, assumptions and methodology)

– Create the funding model to get the money allocated as well as the authority to enforce funding on a sustainable basis

– Measure total expense and determine ROI in alignment with internal methodologies

This is justification for the data management program; the mechanism for ensuring sufficient and sustainable capital; and the approach for

measuring the costs and benefits of EDM

Data Management Business

Case

BUSINESS CASE (AND FUNDING MODEL)


BUSINESS CASE (AND FUNDING MODEL)


2.0DATA MANAGEMENT BUSINESS CASE AND FUNDING MODEL

The data management business case is aligned to strategic drivers and tangible business outcomes.

• The Data Management Business Case is mapped to and aligned with drivers, requirements and strategy

• High level business outcomes are defined and sequenced.• DM Business Case is socialized and validated by program stakeholders

The data management funding model has been established, approved and adopted by the organization.

• The DM funding model is matched to business requirements, implementation timelines and operational capabilities.

• The DM funding model is aligned with the business process of the organization• Implementation of the DM funding model is enforced.

The funding model can be measured and evaluated against tangible business objectives

• Total expense for the Data Management Program is captured, maintained and analyzed

• A standard methodology for calculating ROI is established• ROI is measured, monitored and used for making Data Management Program

decisions


Key Concepts

– Secure the executive management mandate and ensure that it is communicated across the organization (with the authority to enforce)

– Define the target state in full collaboration with stakeholders and translate into project plans/program deliverables

– Confirm evidence of engagement with stakeholders in terms of funding and resource plans

– Become the advocate for data management and launch the education campaign necessary to ensure that stakeholders understand the concepts/importance of data management(communicate and socialize)

– Implement the data management routines (operationalize)

Establish the data management program, ensure that stakeholders understand the core concepts of data content management /data as a

manufactured product; establish a functional engagement model

Data Management Program

DATA MANAGEMENT PROGRAM


DATA MANAGEMENT PROGRAM


3.0DATA MANAGEMENT PROGRAM

The data management program is established and empowered.

• The Data Management Program is established• The Data Management Program has the authority to enforce adherence and

compliance

The roadmaps for the data management program are developed, socialized and approved.

• Program roadmaps are defined, developed and aligned with the Data Management Strategy

• Program roadmaps are socialized and agreed to by Program Stakeholders• Project plans are developed detailing deliverables, timelines and milestones

Stakeholder engagement established and confirmed

• Identified stakeholders commit and are held accountable to the Data Management Program deliverables

• Funds are allocated and aligned to program roadmaps and workstreams• Resource plans are aligned with and verified against program requirements

Communication program is designed and operational

• Internal communication plans have been created, channels established, plans published and approved.

• Communication plans with external regulators bodies are created and approved.• Active engagement with external industry and standards bodies are in place

Data Management Routines are Established, Operational and Measured

• Routines for support of the data management program have been established• Issue identification, prioritization, escalation and conflict resolution are defined and

operational• Metrics (i.e.: KPIs, KRIs) are defined and used to track Program progress


DATA GOVERNANCE

Key Concepts

– Set up the Office of Data Management (CDO, governance plan, PMO, resources)

– Establish the governance structure to ensure that people are in place and accountable (aligned with business and control functions)

– Develop the policies and content standards in full collaboration with stakeholders backed by authority of executive management (this is the key to data management)

– Operationalize governance (routines, ongoing requirements management, priorities and escalation procedures)

– Implement the control environment (strategic data domains, critical business elements, taxonomies/ontology, identifiers; enforce policy and standards)

– Align with IT and cross-functional policies (a symbiotic relationship requiring careful orchestration within the culture of your organization)

The rules of engagement for implementation of the data management program. The focus is on implementation of policies, standards and

operational procedures necessary to ensure that stakeholders “behave”

Data Governanc

e


DATA GOVERNANCE


4.0DATA GOVERNANCE Data governance structure is created.

• Data Management Office (DMO) is created• The DMO has an executive owner• The data governance plan is created• Program Office (PMO) is established and staffed with required skill sets• Enterprise governance structure is designed and implemented

Content governance is defined

• Authorized data domains have been identified and inventoried• Critical data elements (CDEs) have been identified and inventoried• Data domain taxonomies have been developed and are actively maintained• Unique and precise data identification schemes and methodologies have been defined,

applied and are in use.• Data classifications are defined and assigned

Policy and standards are written and approved

• Policy and standards are written and complete• Policy and standards have been reviewed and approved by relevant program

stakeholders• Policy and standards have been reviewed and approved by senior executive governing

bodies

Program governance is operational

• Funding Model is Operational• Program governance routines are established• Requirements are captured and prioritized• Escalation Procedures are developed and documented

Program governance controls are in place

• Project review and approval processes are established• Policy and standards are enforceable and auditable• Metrics are in place to track program adherence, progress and outcomes• Formal training programs have been designed and implemented

Tool Stack governance is aligned

• Platform governance is established• Data distribution governance is established• Data storage governance is established• BI, ETL and data tool governance is established

Cross-organizational enterprise data governance is aligned

• Data governance is aligned with information security policy• Data governance is aligned with privacy and cross-border policy• Data governance is aligned with external data usage policy and standards• Data governance is aligned with legal and compliance data policy


DATA ARCHITECTURE

Key Concepts

– Define the scope of data and how logical data domains are linked to physical repositories

– Define attribute-level metadata and align with financial industry business ontology (the goal is unambiguous shared meaning across the enterprise)

– Designate critical data attributes based on facts about how instruments and business relationships truly operate

– Implement governance processes to ensure alignment and harmonization to data meaning

The “design of information content” including the identification of data domains, establishment of taxonomies, alignment with contractual obligations, documentation of metadata and designation of CDEs

Data Architectur

e


DATA ARCHITECTURE


5.0DATA ARCHITECTURE

Identify the data (logically and physically)

• Logical domains of data have been identified, documented and inventoried.• Underlying physical repositories of data have been identified, documented and

inventoried

Define the data (semantically and structurally)

• Attribute level “business” definitions are defined, documented and approved by relevant stakeholders

• Taxonomies and ontologies are created, documented, maintained and governed• Metadata is defined

Govern the data (establish sustainable data architecture governance)

• Data architecture governance procedures are established to ensure authorized as well as controlled use of data

• Data architecture governance procedures are in place and aligned with business governance processes

• Data architecture governance procedures are in place and aligned with technology


TECHNOLOGY ARCHITECTURE

Key Concepts

– Define the technology architecture with IT and business stakeholders

– Translate into actionable roadmap with adequate budget

– Align with platform governance mechanisms

– Define the technology tool stack, data storage strategy and implementation roadmaps

– Align with business continuity planning

The “design of physical architecture” including the platforms and tools in support of data management implementation. This is domain of IT and

defines how data is acquired, stored, integrated and distributed

Technology Architectur

e


TECHNOLOGY ARCHITECTURE


6.0TECHNOLOGY ARCHITECTURE Technology architecture is defined

and governed

• Technology architecture strategy is defined and agreed to by relevant stakeholders.• An actionable roadmap is developed and adopted for implementation of the

technology architecture• Platform governance structure and processes are in place.

Data technology tool stack is identified and governed

• Technology tool selection strategy is defined and verified by relevant stakeholders• Technology tool roadmap is developed and implemented• Tool selection governance structure and process is in place and operational

Data storage (lifecycle) management strategy defined and governed

• Data storage management strategy is defined and agreed to by relevant stakeholders

• Data storage management roadmap is developed and implemented• Storage governance structure and processes are in place and operational

Operational risk planning is in place• Data infrastructure contingency planning is defined and in place• Operational Risk Governance Structure and processes are in place and operational


DATA QUALITY

Key Concepts

– Set up the data quality program including how assessments will be conducted, roles and responsibilities and how quality will be governed)

– Perform the current state assessments (profile, analyze, grade)

– Perform data cleansing and remediation

– Manage the chain of supply (establish data quality control points, links to authoritative sources, business rules)

– Measure and trace to root cause (supported by audit)

Deliver to business users data that is fit-for-purpose. The goal is data that users trust and have confidence in to be exactly what they expect it to be

without the need for reconciliation and data transformation

Data Quality


DATA QUALITY


7.0DATA QUALITY PROGRAM Data quality program is established

• The data quality strategy and approach is defined and socialized• Accountable parties have been identified and roles and responsibilities have been

assigned. • The Data Quality roles and responsibilities have been communicated.

Quality of existing stores of data are identified and assessed.

• All relevant data have been identified and prioritized.• Data is profiled, analyzed and graded• Data remediation has been planned, prioritized and actioned.

Quality of new data is monitored, analyzed and reported

• Data Quality ‘control points’ are in place along the full spectrum of the data supply chain.

• Data Quality Metrics are captured, reported and used to drive data remediation.• Root-Cause analysis is performed• Data Quality processes are audited


DATA OPERATIONS

Key Concepts

– Ensure that business requirements are captured and aligned with data management strategy

– Define the end-to-end data management lifecycle and align with standards/policy

– Unravel the data compounding processes for derived data and business calculations

– Align data operations across the information ecosystem

Coordination of the components of data management into a cohesive operational model; ensure that controls are in place for consistency across

the lifecycle; align with organizational privacy and security policies

Data Operatio

ns


DATA CONTROL ENVIRONMENT


8.0DATA Control Environment

A control environment is established and operational

• Control environment structures are established • Control environment procedures are operational. • Control environment adheres to industry best practices

Control environment supports the data management lifecycle

• Control environment ensures data sourcing and procurement are performed in alignment with business requirements

• Critical end-to-end data flows and essential attributes for in-scope business processes are defined and mapped.

• The compounding processes and calculations for derived and transformed data are identified, documented and mapped

Control environment ensures that the discipline of data management is operating collaboratively with cross-organizational Control Functions.

• Control Function policies and standards are aligned with Data Management policies and standards

• Regular routines are established with cross-organizational control teams.• All data entered into the ecosystem of the control environment is subject to cross-

organizational controls.


DCAM – DATA MANAGEMENT CAPABILITY ASSESSMENT MODEL

Not Initiated Data management capabilities are disorganized and performed on an ad hoc basis

Degree of Engagement Degree of Formalization Level of Activity

In Process (conceptual) • Understanding of data management capabilities are rudimentary

• Participation is sporadic and informal• Data management discussions are

taking place mostly among practitioners

• Processes and capabilities are variable and developed as needed

• Documentation is informal and conceptual• Accountability is informal • Resources are allocated via negotiation

Evidence Based

Evaluation

In Process (developmental)

• Data management capabilities are understood at the operational level

• Participation is reliant on individuals (not institutionalized)

• Senior management support and organizational buy-in are emerging

• Stakeholders have business or functional responsibilities

• Data management capabilities are documented and debated

• Methodologies, policies and procedures are being defined

• Resources are allocated as part of the annual budget cycle

• Roles, responsibilities and accountability is formally established

In Process (defined) • Business users take an active role in data management processes

• Stakeholders have decision-making/P&L authority

• Executive management is aware of and engaged in data management activities

• Data management routines exist and are operational

• Policies, procedures and standards are documents in structured format

• Resources are allocated to ensure program sustainability

• Roles and responsibilities are coordinated across business units

Capability Achieved Data management capabilities are embedded into operations

Capability Enhanced Data management capabilities are embedded into the culture of the organization


DCAM PLATFORM

Supports automated response collection and consolidation from identified stakeholders

Aggregates responses and provide detailed analytics in real-time including complex charts and detailed filters

Supports benchmarking results against previous assessments and peers

Confidential Copyright © 2014 EDM Council Inc. Page 42Page 42

► Governance framework for data management is defined within DCAM

(including alignment with risk and finance governance mechanisms)

► DCAM Strategy and Program process areas

(alignment to risk as well)

► Data policy and standards are a focal point of DCAM

► Funding model for RDA is broader than data

(DCAM ensures the data funding issues are covered)

► Culture and communication is shared with risk function

(most likely driven by the risk organization)

► The Data Aggregation components of RDA are covered in DCAM

(Architecture will be shared with technology)

► Process controls and security controls are elements of ‘partnership’. These will be the responsibility of other groups (operations; business continuity; info-security). These are defined as “ecosystem” in DCAM. The DM Program must be ALIGNED to other key stakeholders

► Data Quality is a key component of DCAM

(profile, assess, remediate, business rules, supply chain management)

DCAM Alignment to the BCBS 239 Objectives

Pillars of a Data Management Best Practice

DATA PROGRAM

Strategy, Governance, funding model, TCO and measurement, requirements management,

resource strategy, business semantics, business process flows, data flows, data

quality, executable business rules, integration strategy

(Data Management Capabilities)

IT ENVIRONMENT

Data workflow, process capabilities and limitations, technical architecture, legacy reconciliation, messaging standards, data

management platform, supply chain management

(Technical Architecture, Framework Standards and Process Engineering)

CONTENT INFRASTRUCTURE

Standards for the unique and precise identification of instruments, entities,

classification schemes [LEI, loan ID, universal product ID, Metadata management, sector

classification, instrument categorization]

(Identifiers and Ontologies)

Regulatory Drivers

• Transparency (Dodd-Frank, Regulation AB2, UCITS, FATCA, AIFMD)

• Systemic Risk Oversight (DFA Title I, Basel III, BCBS 239/Risk Data Aggregation Principles, CCAR, Firm Data Submission Frameworks (FDFF), Solvency II, ACORD, COREP, FSB Templates)

• Functional Areas (degree of interconnectedness, transitive exposure, collateral flows, concentration, degree of centricity, funding durability, leverage and liquidity measures, guarantee and transmission of risk, degree of diversification, systemic contagion)

• Surveillance (shadow banking, electronic execution, structural vulnerability, consumer protection, hedge funds, insurance and reinsurance)

Business Drivers

• Data Errors and Repairs (reconciliation, exception processing, convoluted models, trade repairs, valuation miscalculation, settlement instruction mismatches, bad corporate action processing)

• Data Utilization (manual processes, maintenance of proprietary feeds and interfaces, redundant systems, duplicate master files, duplicate accounts, integration and transformation challenges)

• Data Reporting (links between instruments (what we trade) entity (with whom we do business) obligations (based on role) and holdings (what’s in our portfolios)

• Business Development (upselling opportunities, enhanced client service, new product engineering, contextual big data mining, process automation, product and client ROI)

Regulatory Data Mandate

Data Management Landscape

Copyright © 2015 EDM Council Inc.43

• Governance Mandate - Documented policies and procedures, executive management accountability, coordination across IT, business, data. independent audit)

• Data Infrastructure Mandate - integrated data architecture (taxonomies, metadata, identifiers), control across full data lifecycle, flexible classification and aggregation, comparability across repositories, identification of CDE

• Content- data quality (timely, accurate, comprehensive, clear), alignment to contractual meaning, data lineage and root cause remediation, authoritative sources, on-demand and ad hoc reporting capabilities, near real time reporting.

Confidential

Big tasks facing the industry (and the clock is ticking)

Adopt content standards (everything is built on this infrastructure)

Implement industry-wide best practice (based on reality)

Measure and benchmark continuously (using DCAM and EDMC mechanisms)

Collaborate with regulators (and vendors)

Adoption of control environment is absolutely possible in the near term (unique moment of data management)


SUMMARY AND CONCLUSION

Transport Layer (HTTP, TCP/IP, FTP)Facilitation of computer-to-computer communication

in alignment with W3C and IETF standards

Messaging Layer (XML, CSV, SWIFT, Web Services)Transactions are communicated to involved parties via messaging.

Examples are FIX, ISO 20022, FpML for derivatives, MISMO for loans, XBRL for balance sheet data

Location Layer (URL, URI, DNS)Web-based location identifiers enable data to be accessed across the web. Namespace

management is included

Information Technology and O

perations Governance

Managem

ent of architectural approach, data distribution platform, transform

ation processes and data integration

Data M

anagement G

overnanceM

anagement of data m

anagement strategy, organizational m

odel, funding model, governance

structure, organizational alignment and operational culture

Data Quality StrategyFit-for-Purpose - completeness, coverage, conformity,

consistency, accuracy, duplication, timeliness. Data Quality Management - profiling, testing, cleansing,

QA process and implementation of business rules

Mapping to Common MeaningAlignment of data meaning from one format to another. The goal is consistency of meaning across repositories. This includes mapping of business concepts, mapping of

relationships and format transformation

Shared Vocabularies (dictionary, taxonomies, metadata)

Adoption of common financial language. Must ensure that

concepts are both precise and based in legal certainty

Identification (LEI, ISIN)Unique and precise identification of the financial instruments and business entities that form the

baseline components of our industry

Ontology (OWL, UML, 1st order logic, modal logic)

Representation of data to record the logical relationship between terms in

the context of business reality

Query Layer (SPARQL, SQL, CQL, NQL, Natural Language Processing)Mechanism for perform structured queries over linked datasets

Data Management Infrastructure

Copyright 2014 EDM Council, Inc.

Reference Data

Market D

ataand N

ews

Positions and Transactions

Corporate Actions

Analytical Layer Database Types: instrument, entity, transaction, holdings | Core Processes: issuance, trade, servicing, retirement |

Analytical Inputs: cash flow, obligations base on role performed; ownership/control and positions[the essential ingredients for scenario-based analysis and ability to understand links/relationships]

Confidential

Contact

Michael Atkin

Managing Director, EDM Council

(o) 301.933.2945

(m) 240.602.8390

[email protected]

www.edmcouncil.org

John Bottega

Senior Advisor & Consultant

CDO Forum | Data Management Practice

908.510.3826

[email protected]

Dennis Wisnosky

Senior Advisor and Consultant

Financial Industry Business Ontology

630.240.6910

[email protected]


mailto:[email protected]

http://www.edmcouncil.org/



Documents

Confidential 1.The Principles of Information Companies 2.Linked-Risk and the Information Dimensions of BCBS 239 3.Semantic Processing and the Management