Transcript Slide 1

“Necessity is the Mother of Invention”
Gaining Value from Regulatory Demands
Kevin Butcher
Senior Vice-President,
Enterprise Systems,
BMO Financial Group
June 18, 2009
BMO Financial Group’s view on leveraging regulatory projects to gain a
2-for-1 benefit, creating customer and bank value
• A regulatory need can be met in two ways:
– Meet the specific need
– Meet the need with a broader perspective
– BMO’s Anti-Money Laundering example
• The business value depends on sound governance to support
Information Integrity:
– Stewardship/Accountabilities
– Standards, Controls and monitoring
Necessity is the Mother of Invention: Gaining Value from Regulatory Demands
2
The Regulatory World
•
Regulators tend to look at risk aligned to the COSO (Committee of Sponsoring
Organizations of the Treadway Commission) framework:
•
There is particular interest for
information management professionals
to look at things through a compliance,
reporting and information lens
•
At BMO, our view of Enterprise
information is that information should
simultaneously serve business strategy
(Customer, Pace and Growth) and
operations
•
Our Anti-Money Laundering (AML)
efforts illustrate the 2 for 1 outcome
COSO’S Enterprise Risk Management — Integrated Framework
Necessity is the Mother of Invention: Gaining Value from Regulatory Demands
3
AML from a Compliance Perspective
•
Anti-money laundering regulations require an understanding of all customer activity
across the organization in order to ensure there is no money laundering
•
In order to drive the implementation of the AML project on the development side we
worked with the business to link the project to strategic priorities, chiefly “knowing
our customers”
•
What we have to do: consolidate profiles (information about customers and other
people and organizations of interest to the bank) from many systems
Profiles: Personal & Commercial | Private Client Group | Capital Markets | Party
Data Integration: Consolidate | Cleanse | Package
Enterprise Customer View
Necessity is the Mother of Invention: Gaining Value from Regulatory Demands
4
AML from a Customer Perspective
•
Our customer focused program is dedicated to protect our customers’ financial
interests and understand their financial needs
•
Efforts are focused on:
– Building a formal framework to help us become more adept at asking for and
interpreting customer information, resulting in better relationships
– Introducing new processes, technology changes in products to ultimately result
in better service
– Fulfilling compliance of new mandatory regulatory changes for better protection
of our financial system and our customers’ interests
Necessity is the Mother of Invention: Gaining Value from Regulatory Demands
5
The Customer View
Necessity is the Mother of Invention: Gaining Value from Regulatory Demands
6
AML and Challenges in Data Consolidation
•
In order to consolidate the customer profiles across the Enterprise the fields in
numerous information systems across the LOBs must be drawn upon:
Retail Customers
Private Clients
Investors
Third Parties
• E.g.: account and credit information
• E.g.: accounts and authorized investment
owner details
• E.g.: lending and trading products customer
details; names of beneficial owners
The challenge is the
general
management of
information across a
complex multi
divisional company
(e.g. naming
conventions)
• E.g.: account information for brokers with
BMO accounts
Necessity is the Mother of Invention: Gaining Value from Regulatory Demands
7
Emphasis on Information Integrity
•
Whether using information with a customer, a regulator, or for decisions in the
business, information integrity is key
•
Information Integrity has two core components
• Information must be:
•
•
A faithful representation of reality
“Fit for use”
We Achieve Integrity Through:
Clear Accountabilities
Standards & Process
Effective Monitoring &
Reporting
These are key elements to our well defined
governance program
Necessity is the Mother of Invention: Gaining Value from Regulatory Demands
8
Information Integrity Accountabilities
•
Customer data integrity requires stewardship and custodial accountabilities:
Information Life-Cycle
Business
Technology
(Steward)
(Custodian)
Accountabilities
Collection & Quality
• Primary business unit
accountability
• Specifying requirements
• Developing and executing
control
Processing & Integrity
• Specifying requirements
• Developing and executing
control
Access & Use
• Authorizing rights
• Developing and executing
control
Retention &
Disposition
• Specifying requirements
• Confirming destruction of
business records
• Developing and executing
control
Necessity is the Mother of Invention: Gaining Value from Regulatory Demands
9
Accountabilities for Access Privileges
•
Access privileges to customer information is one of the most complicated
accountabilities:
Need for
Need for
Business Use
Compliance Access
Aggregate Data:
Corporate Steward
CAMLO (Chief Anti-Money
Laundering Officer):
Subject Stewardship
Personally Identifiable Information:
LOB Stewards
Necessity is the Mother of Invention: Gaining Value from Regulatory Demands
10
Standards, Controls & Monitoring
•
Standards, controls and monitoring provide the infrastructure for information
integrity
Data Standards
Process Controls
Monitoring Compliance
• Standards are applied at the Enterprise level and
introduced through master data management and
are part of the AML compliance process
• Technology process controls are well developed as
part of our Technology & Operations and Enterprise
Infrastructure business model (e.g. CMMI, ITIL and
COBIT Frameworks)
• Our Information Management Corporate Support
Area develops governance framework with
accountabilities to monitor compliance
Necessity is the Mother of Invention: Gaining Value from Regulatory Demands
11
Concluding Thoughts & Questions
Business
Strategy
Compliance
“2 for 1”
Shared Information
& Governance
Framework to Serve
Both
Necessity is the Mother of Invention: Gaining Value from Regulatory Demands
12