SlideShare une entreprise Scribd logo

Financial Crime Projects

Télécharger en tant que PPTX, PDF
D
David Allsop
1  sur  9
FINANCIAL CRIME PROJECTS CONSIDERATIONS FOR A PROGRAMME OR PROJECT MANAGER
Introduction • These slides contain some of my learning as a result of project managing the delivery of a new Financial Crime system and new processes into a bank. • These thoughts represent my own lessons learned from the experience and/or considerations I would make if working on a similarly scoped project or programme in the future. They do not necessarily represent actual events. • I am sharing them with LinkedIn connections in the hope that someone might benefit from the insight and I’d welcome any comments that over time might help keep them up to date or indeed improve them. David Allsop December 2016
Scope Functionality: • Customer Screening • Transaction Monitoring • Real-time Payments Screening Banking Customer Segments: • Retail & Wealth • Local Business • Corporate Project Scope: • 3rd Party Case Management & Workflow FC System & Integration • IT Operations / Service Management • Business Operations & Risk Policy Processes
3rd PartySuppliedSolution-Considerations • Obtain approval to the contract and terms in writing from the CIO and Accountable Exec. If they don’t agree don’t proceed until they do. • Get IT Operations to identify a future Service Manager for the 3rd party application from the outset. Obtain requirements that match the organisations existing and growing expectations of quality and performance. • Ask the software supplier to provide a Project Manager to join the in-house project team, i.e. make it clear that their expertise is being used on the inside – to meet the bank’s goal and objectives - and it’s not just about an at-arm’s- length delivery and run. • If buying all 3 modules focus on Customer Screening first. Create a Proof of Concept (POC) / Prototype initially, in an environment where integration with versions of the Bank’s key systems can be made. Test rigorously, including how to break the system – i.e. performance and capability. Grow the POC throughout the project lifetime. • Ensure that internal system platform architects are accountable too. • If replacing a current system document the current model & the gaps you expect to be filled by the new system. • If it is installed in another bank visit them after you have documented your HL Design and you clearly understand in detail your expectations.
CustomerScreening-Considerations • Unambiguous and Clean Customer data is absolutely critical. • In Requirements and Design, understand what data the software expects to handle. Map it to current internal data categories. Find and fix any gaps and ambiguity. • Resolve issues with Country (of birth or nationality) ISO codes. What classification does the new system use and how does this also map to the external Watchlist you are going to use (e.g. Thomson-Reuters v Dow Jones). Do you want to check “Alias” names too? • Define detailed segmentation rules. Define an Active v Inactive Customer. You don’t want to be screening anymore Customers than you need to. Mapping customers to WLM categories and then mapping these to data rules used by the system are fundamental. • The new system will generate Alerts differently to your existing system. Use the POC to test (functionality and performance) and manage the parameters/settings to ensure Financial Crime Risk teams are happy. Create FC Operations FTE projections. “The Life of an Alert” might be a useful document. What can each user expect to be able to do? • If you can, implement in parallel with an existing system for a period of time. This will achieve credibility with Risk & Operations.
TransactionMonitoring-Considerations • Map the Rules & Settings used in the current system. Compare this to how the new system is configured. Does a difference in logic materially affect the dynamics of Alerts? • If building from scratch, consult the FCA Guidelines documentation in detail. Understand your Customer’s use of different payment types and grade the levels of risk, (i.e. segment 2 payment type = “x” level of risk). Financial Crime Risk Policy should own and complete this task. • Logically understand how combinations of Rules might create multiple Alerts and how Operations can and should manage these. Does it increase FTE? Can it be presented in risk category order? • Use the POC to test and ensure that Customers are not being missed because of a build of of Customer bad data that excludes the Customer from screening. • Ensure that ownership of the configuration of Rules and Parameter Checks is clear, signed off by Risk Committee and is documented.
RealTimePaymentsScreening-Considerations • Integration into the End-to-End Payments Flow within the bank is critical. Payments Architecture needs to sign-off the Design and during Build and Testing the Payments Platform teams need to be heavily involved. • If there are any Customer “Bad Data” issues still outstanding these must be fixed before Payments Screening goes “Live”. • Current & Target Operating Models need to be created during Design, down to the level of Detail agreed with the Business/Operations. This is also true for Customer and Transaction Monitoring. • Performance Testing results must meet Critical Success Factors. • Implementation: The Cut-Over approach from the existing system to the new one needs a sub-project. Ideally, run a Dress Rehearsal. Understand how payments under investigation at the point of Cut- over will be run down and either released or blocked from the required system. The existing system may need decommissioning • Temporary staff may be required in Operations initially until proven process and efficiency is achieved.
KeyConsiderations-Summary • Initiation: • Procurement / Supplier Management governance & process • Business Case – Worst & Best. Is Worse case acceptable to Steering? • Ensure that you will have enough skin in the game from the supplier. Embed their resources in the internal project team as well as having a forum to engage. • Design: • Current Business & Payments (IT) Operating Models need to inform a “minimum requirement’ future design. A Customer data design/mapping is essential. • Detailed Business Operational Designs are needed for all modules – include changes to Risk teams and processes. Consider temporary Org structure if operating a Proof of Concept. • Architecture – someone needs to own the E2E end architecture which means understanding and approving how the new system integrates. • Build and Test: • The Functional Specification that the Supplier will deliver needs to be bomb-tested. If necessary re-write it in the language normally used by the bank’s own analysts. If not clear enough investigate and eradicate any ambiguity. • Functional and Performance testing needs the right amount of time. Implementing one module at a time (e.g. Customer Screening) and using a POC to test integration as well as functionality is recommended. • Test Alert generation against each Data check and setting, even down to testing generating an alert for each individual High Risk country, city/town and Sanctions / PEP candidates. • Agree frequency and scope of uploading the WLM from the external source. • If integrating with Elmer, SARs will need a test slot with the NCA.
KeyConsiderations–Summary–(continued) • Deployment / Business Readiness: • Use a Dress Rehearsal to model the cut-over from old to new. Include the Business (Operations) in this activity so that they have confidence. This will be particularly critical for payments screening. • Ensure that there are no P1 or P2 issues outstanding from OAT sign-off. • You can’t afford to make significant compromises on Test Defects relating to data in order to meet a time deadline. • New Transaction Monitoring Rules need to be tested first. • The Detailed BOD, UAT Results and any application specification and/or UI Design should have been used to create Procedures and enable Operations staff to complete training; getting to know their way round the system before it goes into Production. • The BOD should have documented how the end-to-end SAR process will work. Does the system enable integration with Elmer (NCA) to deliver SARs via encryption or is it still a manual process? • Financial Crime Risk Policy (or similar) structure must own and manage the configuration of Alerting Rules and Parameters. The project needs evidence that Steering members are happy that a governance framework and new processes to manage this are embedded. This may include some Administrator rights to issue control User access to the new application, if not managed separately by an Applications team.

Recommandé

2 feasibility-study
2 feasibility-study2 feasibility-study
2 feasibility-study
Fajar Baskoro
 
Chapter 02
Chapter 02Chapter 02
Chapter 02
andyburghardt
 
Systems request
Systems requestSystems request
Systems request
Fajar Baskoro
 
Equipment finance projects 101
Equipment finance projects 101Equipment finance projects 101
Equipment finance projects 101
David Pedreno
 
System analysis and design
System analysis and design System analysis and design
System analysis and design
Razan Al Ryalat
 
415 quiz1 answers
415 quiz1 answers415 quiz1 answers
415 quiz1 answers
IIUM
 
Process Mining Meets Causal Machine Learning: Discovering Causal Rules From E...
Process Mining Meets Causal Machine Learning: Discovering Causal Rules From E...Process Mining Meets Causal Machine Learning: Discovering Causal Rules From E...
Process Mining Meets Causal Machine Learning: Discovering Causal Rules From E...
Marlon Dumas
 
Ronan Consulting Group - Systems Selection and Implementation
Ronan Consulting Group - Systems Selection and ImplementationRonan Consulting Group - Systems Selection and Implementation
Ronan Consulting Group - Systems Selection and Implementation
Steve Ronan
 

Recommandé

2 feasibility-study
2 feasibility-study2 feasibility-study
2 feasibility-study
Fajar Baskoro
 
Chapter 02
Chapter 02Chapter 02
Chapter 02
andyburghardt
 
Systems request
Systems requestSystems request
Systems request
Fajar Baskoro
 
Equipment finance projects 101
Equipment finance projects 101Equipment finance projects 101
Equipment finance projects 101
David Pedreno
 
System analysis and design
System analysis and design System analysis and design
System analysis and design
Razan Al Ryalat
 
415 quiz1 answers
415 quiz1 answers415 quiz1 answers
415 quiz1 answers
IIUM
 
Process Mining Meets Causal Machine Learning: Discovering Causal Rules From E...
Process Mining Meets Causal Machine Learning: Discovering Causal Rules From E...Process Mining Meets Causal Machine Learning: Discovering Causal Rules From E...
Process Mining Meets Causal Machine Learning: Discovering Causal Rules From E...
Marlon Dumas
 
Ronan Consulting Group - Systems Selection and Implementation
Ronan Consulting Group - Systems Selection and ImplementationRonan Consulting Group - Systems Selection and Implementation
Ronan Consulting Group - Systems Selection and Implementation
Steve Ronan
 
Business Process Modelling via BPMN, Session I
Business Process Modelling via BPMN, Session IBusiness Process Modelling via BPMN, Session I
Business Process Modelling via BPMN, Session I
AmirHossein Aghdassi
 
1 sad-01-introduction-june2015-rev
1 sad-01-introduction-june2015-rev1 sad-01-introduction-june2015-rev
1 sad-01-introduction-june2015-rev
Fajar Baskoro
 
Software Rollout
Software RolloutSoftware Rollout
Software Rollout
colmbennett
 
Best Practices - Barcode Strategy
Best Practices - Barcode StrategyBest Practices - Barcode Strategy
Best Practices - Barcode Strategy
johnnyg14
 
Business Process Monitoring and Mining
Business Process Monitoring and MiningBusiness Process Monitoring and Mining
Business Process Monitoring and Mining
Marlon Dumas
 
Requirement change management
Requirement change managementRequirement change management
Requirement change management
Abdul Basit
 
Requirements Engineering
Requirements EngineeringRequirements Engineering
Requirements Engineering
MuhammadTalha436
 
The elusive root cause
The elusive root causeThe elusive root cause
The elusive root cause
neebula
 
10 Steps To Successful Enterprise Software Selection
10 Steps To Successful Enterprise Software Selection10 Steps To Successful Enterprise Software Selection
10 Steps To Successful Enterprise Software Selection
PhilKeet
 
Requirements Engineering Processes in Software Engineering SE6
Requirements Engineering Processes in Software Engineering SE6Requirements Engineering Processes in Software Engineering SE6
Requirements Engineering Processes in Software Engineering SE6
koolkampus
 
Requirements management
Requirements managementRequirements management
Requirements management
Syed Zaid Irshad
 
The Role of The System analyst, System architect and Business analyst
The Role of The System analyst, System architect and Business analystThe Role of The System analyst, System architect and Business analyst
The Role of The System analyst, System architect and Business analyst
Akshay Kaleeah
 
My business processes are deviant! What should I do about it?
My business processes are deviant! What should I do about it?My business processes are deviant! What should I do about it?
My business processes are deviant! What should I do about it?
Marlon Dumas
 
Quality Systems Investigation Technique
Quality Systems Investigation TechniqueQuality Systems Investigation Technique
Quality Systems Investigation Technique
Mitchell Manning Sr.
 
Investigation phase in development of MIS
Investigation phase in development of MISInvestigation phase in development of MIS
Investigation phase in development of MIS
Sarvajeet Halder
 
BUSINESS PROCESS ANALYSIS
BUSINESS PROCESS ANALYSISBUSINESS PROCESS ANALYSIS
BUSINESS PROCESS ANALYSIS
Ajeng Savitri
 
Role of system analyst
Role of system analystRole of system analyst
Role of system analyst
njoyrocky
 
Intelligent Process Management
Intelligent Process ManagementIntelligent Process Management
Intelligent Process Management
Dafna Levy
 
Role of System Analysis & Design
Role of System Analysis & DesignRole of System Analysis & Design
Role of System Analysis & Design
university of education,Lahore
 
Solution Evaluation (BA Role)
Solution Evaluation (BA Role) Solution Evaluation (BA Role)
Solution Evaluation (BA Role)
Shwetha-BA
 
Inovação em Serviços Públicos - Luis Vidigal (Highscore - Outubro 2016)
Inovação em Serviços Públicos - Luis Vidigal (Highscore - Outubro 2016)Inovação em Serviços Públicos - Luis Vidigal (Highscore - Outubro 2016)
Inovação em Serviços Públicos - Luis Vidigal (Highscore - Outubro 2016)
Luis Vidigal
 
PortFolio F21 PDF
PortFolio F21 PDFPortFolio F21 PDF
PortFolio F21 PDF
Nor Fazilah Kamil
 

Contenu connexe

Tendances

1 sad-01-introduction-june2015-rev
1 sad-01-introduction-june2015-rev1 sad-01-introduction-june2015-rev
1 sad-01-introduction-june2015-rev
Fajar Baskoro
 
Software Rollout
Software RolloutSoftware Rollout
Software Rollout
colmbennett
 
Requirement change management
Requirement change managementRequirement change management
Requirement change management
Abdul Basit
 
The elusive root cause
The elusive root causeThe elusive root cause
The elusive root cause
neebula
 
Requirements Engineering Processes in Software Engineering SE6
Requirements Engineering Processes in Software Engineering SE6Requirements Engineering Processes in Software Engineering SE6
Requirements Engineering Processes in Software Engineering SE6
koolkampus
 
Solution Evaluation (BA Role)
Solution Evaluation (BA Role) Solution Evaluation (BA Role)
Solution Evaluation (BA Role)
Shwetha-BA
 

Tendances (20)

Business Process Modelling via BPMN, Session I
Business Process Modelling via BPMN, Session IBusiness Process Modelling via BPMN, Session I
Business Process Modelling via BPMN, Session I
 
1 sad-01-introduction-june2015-rev
1 sad-01-introduction-june2015-rev1 sad-01-introduction-june2015-rev
1 sad-01-introduction-june2015-rev
 
Software Rollout
Software RolloutSoftware Rollout
Software Rollout
 
Best Practices - Barcode Strategy
Best Practices - Barcode StrategyBest Practices - Barcode Strategy
Best Practices - Barcode Strategy
 
Business Process Monitoring and Mining
Business Process Monitoring and MiningBusiness Process Monitoring and Mining
Business Process Monitoring and Mining
 
Requirement change management
Requirement change managementRequirement change management
Requirement change management
 
Requirements Engineering
Requirements EngineeringRequirements Engineering
Requirements Engineering
 
The elusive root cause
The elusive root causeThe elusive root cause
The elusive root cause
 
10 Steps To Successful Enterprise Software Selection
10 Steps To Successful Enterprise Software Selection10 Steps To Successful Enterprise Software Selection
10 Steps To Successful Enterprise Software Selection
 
Requirements Engineering Processes in Software Engineering SE6
Requirements Engineering Processes in Software Engineering SE6Requirements Engineering Processes in Software Engineering SE6
Requirements Engineering Processes in Software Engineering SE6
 
Requirements management
Requirements managementRequirements management
Requirements management
 
The Role of The System analyst, System architect and Business analyst
The Role of The System analyst, System architect and Business analystThe Role of The System analyst, System architect and Business analyst
The Role of The System analyst, System architect and Business analyst
 
My business processes are deviant! What should I do about it?
My business processes are deviant! What should I do about it?My business processes are deviant! What should I do about it?
My business processes are deviant! What should I do about it?
 
Quality Systems Investigation Technique
Quality Systems Investigation TechniqueQuality Systems Investigation Technique
Quality Systems Investigation Technique
 
Investigation phase in development of MIS
Investigation phase in development of MISInvestigation phase in development of MIS
Investigation phase in development of MIS
 
BUSINESS PROCESS ANALYSIS
BUSINESS PROCESS ANALYSISBUSINESS PROCESS ANALYSIS
BUSINESS PROCESS ANALYSIS
 
Role of system analyst
Role of system analystRole of system analyst
Role of system analyst
 
Intelligent Process Management
Intelligent Process ManagementIntelligent Process Management
Intelligent Process Management
 
Role of System Analysis & Design
Role of System Analysis & DesignRole of System Analysis & Design
Role of System Analysis & Design
 
Solution Evaluation (BA Role)
Solution Evaluation (BA Role) Solution Evaluation (BA Role)
Solution Evaluation (BA Role)
 

En vedette

Marketing Project Presentation Museum (1)
Marketing Project Presentation Museum (1)Marketing Project Presentation Museum (1)
Marketing Project Presentation Museum (1)
Sally Lin
 
On the Edge Live London
On the Edge Live LondonOn the Edge Live London
On the Edge Live London
Wolfestone Translation
 
Viral Factory Credential 130515
Viral Factory Credential 130515Viral Factory Credential 130515
Viral Factory Credential 130515
Huibae Yang
 

En vedette (12)

Inovação em Serviços Públicos - Luis Vidigal (Highscore - Outubro 2016)
Inovação em Serviços Públicos - Luis Vidigal (Highscore - Outubro 2016)Inovação em Serviços Públicos - Luis Vidigal (Highscore - Outubro 2016)
Inovação em Serviços Públicos - Luis Vidigal (Highscore - Outubro 2016)
 
PortFolio F21 PDF
PortFolio F21 PDFPortFolio F21 PDF
PortFolio F21 PDF
 
Guide marketing project
Guide marketing projectGuide marketing project
Guide marketing project
 
Fundchange koodonation-artez 02152012
Fundchange koodonation-artez 02152012Fundchange koodonation-artez 02152012
Fundchange koodonation-artez 02152012
 
TheatreTEK Project Outline
TheatreTEK Project OutlineTheatreTEK Project Outline
TheatreTEK Project Outline
 
[16.05.11] KIST 청년 소프트웨어 프로젝트 @ 경기과학고등학교
[16.05.11] KIST 청년 소프트웨어 프로젝트 @ 경기과학고등학교[16.05.11] KIST 청년 소프트웨어 프로젝트 @ 경기과학고등학교
[16.05.11] KIST 청년 소프트웨어 프로젝트 @ 경기과학고등학교
 
StUX - IA Summit 2005 - Peter Boersma
StUX - IA Summit 2005 - Peter BoersmaStUX - IA Summit 2005 - Peter Boersma
StUX - IA Summit 2005 - Peter Boersma
 
Cashing in on better wi fi within the retail environment
Cashing in on better wi fi within the retail environmentCashing in on better wi fi within the retail environment
Cashing in on better wi fi within the retail environment
 
Marketing Project Presentation Museum (1)
Marketing Project Presentation Museum (1)Marketing Project Presentation Museum (1)
Marketing Project Presentation Museum (1)
 
On the Edge Live London
On the Edge Live LondonOn the Edge Live London
On the Edge Live London
 
Anne Timony Meehan - Caap project outline 2016
Anne Timony Meehan - Caap project outline 2016 Anne Timony Meehan - Caap project outline 2016
Anne Timony Meehan - Caap project outline 2016
 
Viral Factory Credential 130515
Viral Factory Credential 130515Viral Factory Credential 130515
Viral Factory Credential 130515
 

Similaire à Financial Crime Projects

2 System development life cycle has six stages of creating a sys.docx
2 System development life cycle has six stages of creating a sys.docx2 System development life cycle has six stages of creating a sys.docx
2 System development life cycle has six stages of creating a sys.docx
tamicawaysmith
 
KI_res_24_yrs_exp_big_6
KI_res_24_yrs_exp_big_6KI_res_24_yrs_exp_big_6
KI_res_24_yrs_exp_big_6
keith inman
 
No Choice But to Comply - FATCA
No Choice But to Comply - FATCA No Choice But to Comply - FATCA
No Choice But to Comply - FATCA
Thinksoft Global
 
KI_res_24_yrs_exp_big_6
KI_res_24_yrs_exp_big_6KI_res_24_yrs_exp_big_6
KI_res_24_yrs_exp_big_6
keith inman
 
UNIT-III SYSTEM DEVELOPMENT LIFE CYCLE.pptx
UNIT-III SYSTEM DEVELOPMENT LIFE CYCLE.pptxUNIT-III SYSTEM DEVELOPMENT LIFE CYCLE.pptx
UNIT-III SYSTEM DEVELOPMENT LIFE CYCLE.pptx
abhiisharma0504
 
Adept Change Management_Panna Visani 2015_1
Adept Change Management_Panna Visani 2015_1Adept Change Management_Panna Visani 2015_1
Adept Change Management_Panna Visani 2015_1
Panna Visani MBCS ACCA
 
Evolution of the computer in the organization
Evolution of the computer in the organizationEvolution of the computer in the organization
Evolution of the computer in the organization
viviana50396
 
System Analysis And Design_FinalPPT_NirmishaK
System Analysis And Design_FinalPPT_NirmishaKSystem Analysis And Design_FinalPPT_NirmishaK
System Analysis And Design_FinalPPT_NirmishaK
Shehla Ghori
 

Similaire à Financial Crime Projects (20)

Practical tips for implementing corporate performance management system
Practical tips for implementing corporate performance management systemPractical tips for implementing corporate performance management system
Practical tips for implementing corporate performance management system
 
2 System development life cycle has six stages of creating a sys.docx
2 System development life cycle has six stages of creating a sys.docx2 System development life cycle has six stages of creating a sys.docx
2 System development life cycle has six stages of creating a sys.docx
 
Whitepaper:Barriers to Effective and Strategic SPM Compensation
Whitepaper:Barriers to Effective and Strategic SPM CompensationWhitepaper:Barriers to Effective and Strategic SPM Compensation
Whitepaper:Barriers to Effective and Strategic SPM Compensation
 
Corebanking transformation – a wining formula
Corebanking transformation – a wining formulaCorebanking transformation – a wining formula
Corebanking transformation – a wining formula
 
KI_res_24_yrs_exp_big_6
KI_res_24_yrs_exp_big_6KI_res_24_yrs_exp_big_6
KI_res_24_yrs_exp_big_6
 
CRM Implementations and Upgrades
CRM Implementations and UpgradesCRM Implementations and Upgrades
CRM Implementations and Upgrades
 
Who Does What, When, and How for a Divestiture?
Who Does What, When, and How for a Divestiture?Who Does What, When, and How for a Divestiture?
Who Does What, When, and How for a Divestiture?
 
Erp
ErpErp
Erp
 
No Choice But to Comply - FATCA
No Choice But to Comply - FATCA No Choice But to Comply - FATCA
No Choice But to Comply - FATCA
 
KI_res_24_yrs_exp_big_6
KI_res_24_yrs_exp_big_6KI_res_24_yrs_exp_big_6
KI_res_24_yrs_exp_big_6
 
UNIT-III SYSTEM DEVELOPMENT LIFE CYCLE.pptx
UNIT-III SYSTEM DEVELOPMENT LIFE CYCLE.pptxUNIT-III SYSTEM DEVELOPMENT LIFE CYCLE.pptx
UNIT-III SYSTEM DEVELOPMENT LIFE CYCLE.pptx
 
Improving Speed to Market in E-commerce
Improving Speed to Market in E-commerceImproving Speed to Market in E-commerce
Improving Speed to Market in E-commerce
 
Shorten Your Development Time with an Extensible Design for Apex
Shorten Your Development Time with an Extensible Design for ApexShorten Your Development Time with an Extensible Design for Apex
Shorten Your Development Time with an Extensible Design for Apex
 
Adept Change Management_Panna Visani 2015_1
Adept Change Management_Panna Visani 2015_1Adept Change Management_Panna Visani 2015_1
Adept Change Management_Panna Visani 2015_1
 
THE CIO PLAYBOOK NINE STEPS CIOS MUST TAKE FOR SUCCESSFUL DIVESTITURE
THE CIO PLAYBOOK NINE STEPS CIOS MUST TAKE FOR SUCCESSFUL DIVESTITURETHE CIO PLAYBOOK NINE STEPS CIOS MUST TAKE FOR SUCCESSFUL DIVESTITURE
THE CIO PLAYBOOK NINE STEPS CIOS MUST TAKE FOR SUCCESSFUL DIVESTITURE
 
Proj Mgmt.ppt
Proj Mgmt.pptProj Mgmt.ppt
Proj Mgmt.ppt
 
Mistakes we make_and_howto_avoid_them_v0.12
Mistakes we make_and_howto_avoid_them_v0.12Mistakes we make_and_howto_avoid_them_v0.12
Mistakes we make_and_howto_avoid_them_v0.12
 
Evolution of the computer in the organization
Evolution of the computer in the organizationEvolution of the computer in the organization
Evolution of the computer in the organization
 
System Analysis And Design_FinalPPT_NirmishaK
System Analysis And Design_FinalPPT_NirmishaKSystem Analysis And Design_FinalPPT_NirmishaK
System Analysis And Design_FinalPPT_NirmishaK
 
Calto Commercial RIS Systems
Calto Commercial RIS SystemsCalto Commercial RIS Systems
Calto Commercial RIS Systems
 

Financial Crime Projects

  • 1. FINANCIAL CRIME PROJECTS CONSIDERATIONS FOR A PROGRAMME OR PROJECT MANAGER
  • 2. Introduction • These slides contain some of my learning as a result of project managing the delivery of a new Financial Crime system and new processes into a bank. • These thoughts represent my own lessons learned from the experience and/or considerations I would make if working on a similarly scoped project or programme in the future. They do not necessarily represent actual events. • I am sharing them with LinkedIn connections in the hope that someone might benefit from the insight and I’d welcome any comments that over time might help keep them up to date or indeed improve them. David Allsop December 2016
  • 3. Scope Functionality: • Customer Screening • Transaction Monitoring • Real-time Payments Screening Banking Customer Segments: • Retail & Wealth • Local Business • Corporate Project Scope: • 3rd Party Case Management & Workflow FC System & Integration • IT Operations / Service Management • Business Operations & Risk Policy Processes
  • 4. 3rd PartySuppliedSolution-Considerations • Obtain approval to the contract and terms in writing from the CIO and Accountable Exec. If they don’t agree don’t proceed until they do. • Get IT Operations to identify a future Service Manager for the 3rd party application from the outset. Obtain requirements that match the organisations existing and growing expectations of quality and performance. • Ask the software supplier to provide a Project Manager to join the in-house project team, i.e. make it clear that their expertise is being used on the inside – to meet the bank’s goal and objectives - and it’s not just about an at-arm’s- length delivery and run. • If buying all 3 modules focus on Customer Screening first. Create a Proof of Concept (POC) / Prototype initially, in an environment where integration with versions of the Bank’s key systems can be made. Test rigorously, including how to break the system – i.e. performance and capability. Grow the POC throughout the project lifetime. • Ensure that internal system platform architects are accountable too. • If replacing a current system document the current model & the gaps you expect to be filled by the new system. • If it is installed in another bank visit them after you have documented your HL Design and you clearly understand in detail your expectations.
  • 5. CustomerScreening-Considerations • Unambiguous and Clean Customer data is absolutely critical. • In Requirements and Design, understand what data the software expects to handle. Map it to current internal data categories. Find and fix any gaps and ambiguity. • Resolve issues with Country (of birth or nationality) ISO codes. What classification does the new system use and how does this also map to the external Watchlist you are going to use (e.g. Thomson-Reuters v Dow Jones). Do you want to check “Alias” names too? • Define detailed segmentation rules. Define an Active v Inactive Customer. You don’t want to be screening anymore Customers than you need to. Mapping customers to WLM categories and then mapping these to data rules used by the system are fundamental. • The new system will generate Alerts differently to your existing system. Use the POC to test (functionality and performance) and manage the parameters/settings to ensure Financial Crime Risk teams are happy. Create FC Operations FTE projections. “The Life of an Alert” might be a useful document. What can each user expect to be able to do? • If you can, implement in parallel with an existing system for a period of time. This will achieve credibility with Risk & Operations.
  • 6. TransactionMonitoring-Considerations • Map the Rules & Settings used in the current system. Compare this to how the new system is configured. Does a difference in logic materially affect the dynamics of Alerts? • If building from scratch, consult the FCA Guidelines documentation in detail. Understand your Customer’s use of different payment types and grade the levels of risk, (i.e. segment 2 payment type = “x” level of risk). Financial Crime Risk Policy should own and complete this task. • Logically understand how combinations of Rules might create multiple Alerts and how Operations can and should manage these. Does it increase FTE? Can it be presented in risk category order? • Use the POC to test and ensure that Customers are not being missed because of a build of of Customer bad data that excludes the Customer from screening. • Ensure that ownership of the configuration of Rules and Parameter Checks is clear, signed off by Risk Committee and is documented.
  • 7. RealTimePaymentsScreening-Considerations • Integration into the End-to-End Payments Flow within the bank is critical. Payments Architecture needs to sign-off the Design and during Build and Testing the Payments Platform teams need to be heavily involved. • If there are any Customer “Bad Data” issues still outstanding these must be fixed before Payments Screening goes “Live”. • Current & Target Operating Models need to be created during Design, down to the level of Detail agreed with the Business/Operations. This is also true for Customer and Transaction Monitoring. • Performance Testing results must meet Critical Success Factors. • Implementation: The Cut-Over approach from the existing system to the new one needs a sub-project. Ideally, run a Dress Rehearsal. Understand how payments under investigation at the point of Cut- over will be run down and either released or blocked from the required system. The existing system may need decommissioning • Temporary staff may be required in Operations initially until proven process and efficiency is achieved.
  • 8. KeyConsiderations-Summary • Initiation: • Procurement / Supplier Management governance & process • Business Case – Worst & Best. Is Worse case acceptable to Steering? • Ensure that you will have enough skin in the game from the supplier. Embed their resources in the internal project team as well as having a forum to engage. • Design: • Current Business & Payments (IT) Operating Models need to inform a “minimum requirement’ future design. A Customer data design/mapping is essential. • Detailed Business Operational Designs are needed for all modules – include changes to Risk teams and processes. Consider temporary Org structure if operating a Proof of Concept. • Architecture – someone needs to own the E2E end architecture which means understanding and approving how the new system integrates. • Build and Test: • The Functional Specification that the Supplier will deliver needs to be bomb-tested. If necessary re-write it in the language normally used by the bank’s own analysts. If not clear enough investigate and eradicate any ambiguity. • Functional and Performance testing needs the right amount of time. Implementing one module at a time (e.g. Customer Screening) and using a POC to test integration as well as functionality is recommended. • Test Alert generation against each Data check and setting, even down to testing generating an alert for each individual High Risk country, city/town and Sanctions / PEP candidates. • Agree frequency and scope of uploading the WLM from the external source. • If integrating with Elmer, SARs will need a test slot with the NCA.
  • 9. KeyConsiderations–Summary–(continued) • Deployment / Business Readiness: • Use a Dress Rehearsal to model the cut-over from old to new. Include the Business (Operations) in this activity so that they have confidence. This will be particularly critical for payments screening. • Ensure that there are no P1 or P2 issues outstanding from OAT sign-off. • You can’t afford to make significant compromises on Test Defects relating to data in order to meet a time deadline. • New Transaction Monitoring Rules need to be tested first. • The Detailed BOD, UAT Results and any application specification and/or UI Design should have been used to create Procedures and enable Operations staff to complete training; getting to know their way round the system before it goes into Production. • The BOD should have documented how the end-to-end SAR process will work. Does the system enable integration with Elmer (NCA) to deliver SARs via encryption or is it still a manual process? • Financial Crime Risk Policy (or similar) structure must own and manage the configuration of Alerting Rules and Parameters. The project needs evidence that Steering members are happy that a governance framework and new processes to manage this are embedded. This may include some Administrator rights to issue control User access to the new application, if not managed separately by an Applications team.