SlideShare a Scribd company logo

delphix-ebook-using-data-effectively-compliance-banking-1

Jes Breslaw, profile picture
Jes Breslaw

Regulatory compliance is a major challenge for banks that requires significant resources. New regulations are constantly emerging in areas like anti-money laundering and privacy, and non-compliance can result in large fines. Using data effectively is key to compliance but current practices of copying and moving large amounts of data are risky, slow, and expensive. Data virtualization provides a better approach by automating data delivery, masking, and testing to help banks respond faster to regulatory demands while reducing costs and risks of non-compliance.

1 of 18
Downloaded 18 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
Other Compliance Journeys MIFID PCI PCI AML AML GDPR GDPR REGULATORY COMPLIANCE FOR BANKS USING DATA TO UNBLOCK THE ROAD AHEAD
REGULATORY COMPLIANCE FOR BANKS2 To make matters worse, FinTech challengers are driving the international banking agenda, disrupting business models with service innovations which established banks are finding expensive to replicate. It’s a zero sum game, more money spent on innovations means less available for compliance and vice versa. This makes compliance the most serious roadblock for banks today. It’s a multi-billion dollar and industry-defining challenge1 with no let up on the horizon. In our survey of top European banking executives, their biggest fears of non-compliance are financially driven as some 53 percent say they will face fines and 51 percent say they will lose customers to rivals. It is all about the money. For their very existence, banks across the world depend on following banking regulators’ licensing rules. The road to compliance runs on data, but data is also needed for day-to-day operations and to test out innovations. Using first-time accurate data for compliance frees up funds to speed up innovative products and services. Compliance delays or even failure though means operations, as well as innovation, are stuck in a jam. Compliance comes at some cost. Since the global financial crisis of 2008, increased regulations have BANKING COMPLIANCE The Financial Services industry is on a testing journey. Interest rates are stuck in the slow lane, mobile apps are overtaking branches, and most banks cannot outpace the regulatory changes affecting multiple areas; from knowing their local customers, to the global challenges facing their FX, Credit and Risk lines of business. MIFID PCI AML
USING DATA TO UNBLOCK THE ROAD AHEAD 3 meant higher costs of compliance for banks. In Europe alone, more than 40 legislative and non-legislative measures have been proposed by the European Commission2 . And there’s more to come. The top 20 biggest global banks have paid more than €211bn in fines3 . Meanwhile regulatory compliance experts who can help banks steer clear of failure have seen their remuneration packages swell by 50%4 . The way your data moves around your IT systems matters. This eBook highlights the most pressing regulatory concerns of European institutions. It sets out the route to tackling the data challenges caused by the recent and prolonged spike in regulations and suggests how to contain the cost of complying. We hope it will unblock your journey to compliance. GDPR
REGULATORY COMPLIANCE FOR BANKS4 Reporting, internally and externally, is core to compliance. In addition to quarterly financial reporting, banks need to report datasets across a long list of liquidity and anti-market abuse regulations while steering a course to prepare for new ones. Efficient reporting allows the reallocation of resources for revenue growth. Poor reporting sends a signal to the regulators to widen their investigations. The risk of penalties ties up significant amounts in contingency funds – up to €8.6 billion for one global, high-street bank. This figure is nearly a sixth of the international banking centre, Luxembourg’s, GDP at €51.86 billion5 . Banks are routinely taking major risks with sensitive data. The risk of losing sensitive data along the reporting journey increases when real datasets are copied and moved to a testing environment or a reporting application. Future regulations like GDPR may also require proof of the data integrity of personal information. Achieving this is not possible for many banks today using their existing processes. In an industry where financial penalties are highly probable and jail time scarily realistic, it’s time for you to embark on a safer route. Imagine compliance processes driven by full, fresh and secure data sets available within minutes, not months or years down the road. Grab your keys. KNOWING YOUR REGULATIONS According to our survey of banking professionals, the most troublesome current regulations to comply with are; Anti-Money Laundering Directive (59 percent), Market Abuse Regulation (48 percent) and the EU-US Privacy Shield (41 percent). Looking ahead, the industry is worried about getting its reporting structure in place for EU Directive on Security of Network and Information Systems (NIS Directive) at 62 percent, the EU General Data Protection Regulation (GDPR) at 54 percent and Money Market Reform at 53 percent. Failing GDPR alone could result in fines of 4% of global turnover up to some €20 million.
USING DATA TO UNBLOCK THE ROAD AHEAD 5
COMPLIANCE BLIND SPOTS The volume of data submitted to regulators is accelerating. In the US, the length of the mandatory quarterly call reports has grown to 84 pages, up from 30 pages in the 1980s6 . IT teams are in overdrive, unable to keep up with demands. Many have reached their speed limit. Today’s Compliance Officers have to command a wide range of skills, spending 61% of their time on basic tasks from monitoring to interacting with regulators7 . Three core data issues, security, delivery and testing are faced by IT teams daily and applying the right technology can add velocity to each. 6 REGULATORY COMPLIANCE FOR BANKS
BUCKLE UP Cyber hacks and data leaks have dented consumer trust and damaged revenues in many industries8 . Banks are an obvious target. UK financial firms alone suffer at least 800 data breaches per year9 . Your data should be secured from the start to the end of your journey. Bad habits mean it may not be and four out of five European Bankers (81 percent) tell us they face data security challenges in the compliance journey. Data masking is often swerved because it used to add days to IT processes. Next-generation data masking delivers security and the responsiveness you need. SPEED UP When regulators come knocking, your team better be ready to report. Data delivery is the biggest reporting barrier faced by European Banks as almost all (92 percent) say they face this problem. Our survey proves 36 percent of financial services professionals are at high risk of missing reporting deadlines10 . Complex production environments and multiple copies of the same data can make reporting slow and cumbersome, while manual data delivery risks being less reliable, due to human error. Automation is the only way to go. CHANGE UP Roadworthy reporting applications require rigorous and continuous testing. Poor, stale data and limited environments risk missing compliance deadlines. Although seen as a lesser challenge than security and delivery, two out of five European Banks have data testing issues. It’s time to kick things up a gear or two. A little simulation, or more accurately, data virtualisation, goes a long way. SECURITY DELIVERY TESTING 7USING DATA TO UNBLOCK THE ROAD AHEAD
BUCKLE UP For every change to a reporting application, real data has to be copied and refreshed numerous times throughout its development and test cycle. Much of this data is highly sensitive. Yet, for adequate reporting, regulators do not always require sensitive data such as credit card details, personal addresses and phone numbers. Data provisioning is already a highly manual process, but protecting the data adds even more complexity and cost. However, there is a shortcut. Data masking helps shield sensitive business and personal information, so even in the event of a data breach, hackers gain nothing of value. Some 59 percent of your peers in Europe find data masking troublesome and prevents real-time data from being used. Data Masking has always been a painful task adding days to the provisioning process meaning banks often opt out and risk using sensitive data. However, with the forthcoming GDPR, the legal requirement to masking sensitive data is a lot more explicit and the fines for failure astronomical. Now, you can mask all your sensitive data without the cost and delay using new technology that combines data masking with data virtualization. This allows you to mask data just once and then deliver over and over again. Masking only once allows data to be delivered on demand where it is needed, without human intervention. Fail-safe protection means banks can deliver this data anywhere, across departments, third parties and cloud providers, to save IT costs whilst reducing compliance risk. This might be useful for nearly half of you (49 percent) who believe data masking will improve your organisation’s compliance journey. 8 REGULATORY COMPLIANCE FOR BANKS
USING DATA TO UNBLOCK THE ROAD AHEAD 9 GDPR AT EUROPEAN BANK A large Northern Europe bank had a six month project to mask all sensitive data in preparation for the new EU General Data Protection Regulations (GDPR). Masking 9,500+ data sources used by 128 applications would have taken over two years using current technology and process. Using Delphix the bank automated much of the data masking and delivery process meeting the timeline requirements and saving significant service and storage costs. Now GDPR compliant the bank can provide masked data anywhere in the business in hours, rather than days driving increased agility and innovation.
REGULATORY COMPLIANCE FOR BANKS10 This new route to compliance, known as a data virtualization engine, also lets you control your data by knowing where it is, access data from any point in time, bookmark and retrieve it to meet audit requests. Data Virtualization, as part of data delivery, puts you in the driving seat. Vroom vroom. SPEED UP So security is sorted. Over one-third of your peers (36 percent) find reporting deadlines hard to overcome. Copying and refreshing data is highly manual and creates process bottlenecks which can take multiple administrators several weeks to work through. In our survey, speeding up data delivery (46 percent) is the top capability banks crave to improve their compliance reporting. Next-generation data delivery smoothes out bumps in the road by automating the process and removing physical constraints. ANTI-MONEY LAUNDERING AT GLOBAL BANK In 2012, one of the world’s largest high-street banks was caught facilitating money laundering and requested by a regulator to present a report to show how this large-scale crime happened. Failure to do so meant their operating license was under threat. They had to act fast. Creating a report of this kind used to take 17 days and the bank contemplated telling the regulator it could not be done in time. With next-generation data delivery, time of reporting was reduced to just 25 hours – a reduction of 94%. By instantly creating virtual databases mirroring physical ones, the bank was able to make and distribute data swiftly to reporting teams.
11USING DATA TO UNBLOCK THE ROAD AHEAD
REGULATORY COMPLIANCE FOR BANKS12 Creating multiple testing environments boosts efficiency but rapidly increases storage costs. Budgets are tight and doing more testing with less resources is the second biggest capability (34 percent) banks want today during the compliance journey. That demand was closely followed by the need to use real-time copies of data for testing, nearly one-third (31 percent) of European Banks agree in our survey. Testing with subsets or stale data bypasses this problem but sacrifices quality. This is not the strategic solution to compliance your team needs. Robust testing requires non-production environments to be set up exactly the same way as the production environment they test. This means all the different data sets need to be synchronised and rigorously version-controlled. This is not straightforward. Data virtualization empowers you to test more, without taxing production systems so your team can go faster and maintain quality. Testers and analysts have their own copies of real-time and archive data and work in parallel only on their own subset relevant to the immediate reporting task. This speeds up the detection of errors and ultimately speeds up the journey to compliance. CHANGE UP In a recent European Banking Authority stress test across 51 banks, some 82 percent of European banks failed. The results showed a three-year economic shock would set banks back €226 billion of capital11 . Such compliance failure can have serious consequences. Today regulators can even restrict banks’ share buybacks and payouts to shareholders12 . A new route to compliance beckons.
USING DATA TO UNBLOCK THE ROAD AHEAD 13 DODD-FRANK AT LARGE EUROPEAN BANK Data virtualization has helped several global banks respond to the data testing demands of regulations such as Dodd-Frank and European Market Infrastructure Regulation (EMIR). One large European bank used data virtualization to meet its Dodd-Frank reporting requirements. By maintaining a complete up-to-date transaction repository, reporting environments are available on-demand. This allows reporting within 15 minutes of a trade execution, while also clearing messaging backlogs and eliminating reporting failures.
Compliance REGULATORY COMPLIANCE FOR BANKS14 THE JOURNEY AHEAD The journey to compliance has many roadblocks. Copying and moving ever-increasing amounts of data for regulatory reporting has become riskier and more difficult. At the same time, banks are under immense pressure to innovate faster against the disruptive influence of new challenger banks. All are competing for the same IT resource. Compliance reporting can take some of the world’s biggest and resource- rich organisations months to complete. These timeframes are disappearing in the back mirror. It’s time to speed up. Data virtualization has helped some of the world’s biggest banks report faster and more accurately. Data masking has evolved too and no longer needs to be manually repeated over and over again. This leaves your team the time to focus on value-added work such as data interpretation and analysis. It also means data breaches are less of a concern. Banks should embrace future regulatory demands because they lead to higher customer satisfaction and profitability. If your data security, delivery and testing are done right you are nearly on the home stretch. Great compliance needs great data. This can be achieved even if your budget is limited. To find out more about how the Financial Services industry benefit from Delphix’s data expertise, there are two routes you can take:
All other routes 15USING DATA TO UNBLOCK THE ROAD AHEAD DELPHIX DATA VIRTUALIZATION Delphix specializes in data delivery. Our suite of next-generation data masking and data virtualization offerings put banks in the driving seat of regulation. Securely delivering data where and when it is needed for testing, reporting and compliance, frees up IT resources. With Delphix on-board, banks can drive innovation and overtake Challengers even as the regulatory burden rises to meet customer and market expectations.
Fancy a test drive? Try our virtualization engine for free here https://www.delphix.com/products/ free-trial-request Ready to go? Master compliance reporting by arranging a consultation with our experts. https://www.delphix.com/contact-us REGULATORY COMPLIANCE FOR BANKS16 WANT TO KNOW MORE?
1. http://www.ft.com/cms/s/0/e1323e18-0478-11e5-95ad-00144feabdc0.html#axzz4GkeYoKWj 2. http://ec.europa.eu/finance/general-policy/policy/map-reform/index_en.htm#row1 3. http://www.ibtimes.co.uk/20-global-banks-have-paid-235bn-fines-since-2008-financial-crisis-1502794 4. https://next.ft.com/content/8c9bdac4-8281-11e2-843e-00144feabdc0 5. http://data.worldbank.org/indicator/NY.GDP.MKTP.CD?year_high_desc=false 6. http://www.housingwire.com/articles/35929-why-are-there-almost-no-new-banks-since-the-crisis 7. https://risk.thomsonreuters.com/content/dam/openweb/documents/pdf/risk/report/cost-compliance-2016.pdf 8. http://www.belfasttelegraph.co.uk/business/news/talktalk-halts-customer-exodus-after-cyber-attack-but- broadband-base-9000-lower-34898411.html 9. http://www.thisismoney.co.uk/money/saving/article-3108908/Data-breaches-banks-financial-firms-double-two- years.html 10. Delphix Vanson Bourne Survey 2016 11. http://www.reuters.com/article/us-eu-banks-tests-idUSKCN1092EA 12. http://www.ft.com/cms/s/0/9a018afe-3e37-11e6-9f2c-36b487ebd80a.html#axzz4GB56rYkA USING DATA TO UNBLOCK THE ROAD AHEAD 17
68 King William St, London UK EC4N 7DZ delphix.com

More Related Content

PDF
Pwc gdpr survey 2018
Paperjam_redaction
 
PDF
The Evolution of Data Privacy: 3 things you didn’t know
Symantec
 
PDF
Signacure Brochure
Dave Lloyd
 
PDF
Webinar Deck - Protect Your Users' Online Privacy
Ensighten
 
PDF
Is Ukraine safe for software development outsourcing?
N-iX
 
PDF
Chief Audit Execs speak out: Cybersecurity & risk management
Grant Thornton LLP
 
PDF
2016-09-05-Lessons_Learned_From_The_FTC_v1c
Raj Goel
 
PDF
7 major changes in big data security in 2021
Antenna Manufacturer Coco
 
Pwc gdpr survey 2018
Paperjam_redaction
 
The Evolution of Data Privacy: 3 things you didn’t know
Symantec
 
Signacure Brochure
Dave Lloyd
 
Webinar Deck - Protect Your Users' Online Privacy
Ensighten
 
Is Ukraine safe for software development outsourcing?
N-iX
 
Chief Audit Execs speak out: Cybersecurity & risk management
Grant Thornton LLP
 
2016-09-05-Lessons_Learned_From_The_FTC_v1c
Raj Goel
 
7 major changes in big data security in 2021
Antenna Manufacturer Coco
 

What's hot (19)

PDF
2014 Data Breach Industry Forecast
- Mark - Fullbright
 
PDF
ManagingRiskWithVDR
jokeung
 
PDF
Solving the Encryption Conundrum in Financial Services
Echoworx
 
PDF
The growing mandatory requirements to protect data- secure PostgreSQL
Rajni Baliyan
 
PDF
sc_can0315_28373
Katherine Thompson
 
PDF
Top 10 GDPR solution providers 2020
TheCEOViews
 
DOCX
Top gdpr assessment tools
Rajivarnan R
 
PDF
INFOGRAPHIC: The Evolution of Data Privacy
Symantec
 
PDF
What's Next - General Data Protection Regulation (GDPR) Changes
Ogilvy Consulting
 
PDF
Iso 27001 whitepaper
Syzygal
 
PDF
Critical Update Needed: Cybersecurity Expertise in the Boardroom
Stanford GSB Corporate Governance Research Initiative
 
PDF
Quick Start Guide to IT Security for Businesses
CompTIA
 
PDF
2015 cost of data breach study global analysis
xband
 
DOCX
Do You Have a Roadmap for EU GDPR Compliance? Article
Ulf Mattsson
 
PPTX
Do You Have a Roadmap for EU GDPR Compliance?
Ulf Mattsson
 
PDF
Sharing the blame: How companies are collaborating on data security breaches
The Economist Media Businesses
 
PDF
GDPR: Threat or Opportunity?
Samuel Pouyt
 
PDF
Why is gdpr essential for small businesses with links
VISTA InfoSec
 
PPTX
Your Top 10 TCPA Questions Answered
Experian
 
2014 Data Breach Industry Forecast
- Mark - Fullbright
 
ManagingRiskWithVDR
jokeung
 
Solving the Encryption Conundrum in Financial Services
Echoworx
 
The growing mandatory requirements to protect data- secure PostgreSQL
Rajni Baliyan
 
sc_can0315_28373
Katherine Thompson
 
Top 10 GDPR solution providers 2020
TheCEOViews
 
Top gdpr assessment tools
Rajivarnan R
 
INFOGRAPHIC: The Evolution of Data Privacy
Symantec
 
What's Next - General Data Protection Regulation (GDPR) Changes
Ogilvy Consulting
 
Iso 27001 whitepaper
Syzygal
 
Critical Update Needed: Cybersecurity Expertise in the Boardroom
Stanford GSB Corporate Governance Research Initiative
 
Quick Start Guide to IT Security for Businesses
CompTIA
 
2015 cost of data breach study global analysis
xband
 
Do You Have a Roadmap for EU GDPR Compliance? Article
Ulf Mattsson
 
Do You Have a Roadmap for EU GDPR Compliance?
Ulf Mattsson
 
Sharing the blame: How companies are collaborating on data security breaches
The Economist Media Businesses
 
GDPR: Threat or Opportunity?
Samuel Pouyt
 
Why is gdpr essential for small businesses with links
VISTA InfoSec
 
Your Top 10 TCPA Questions Answered
Experian
 
Ad

Viewers also liked (20)

PPT
Delphix for DBAs by Jonathan Lewis
Kyle Hailey
 
PDF
delphix-wp-gdpr-for-data-masking
Jes Breslaw
 
PPTX
Virtual Data : Eliminating the data constraint in Application Development
Kyle Hailey
 
PPTX
Jump start EU Data Privacy Compliance with Data Classification
Watchful Software
 
PPT
Jonathan Lewis explains Delphix
Kyle Hailey
 
PDF
GDPR Implementation Basics_Igor Mate_2016 CEE GC Summit_Istanbul
Igor
 
PDF
The Essential Guide to GDPR
Tim Hyman LLB
 
PPTX
EU GDPR - 12 Steps To Compliance
Tom Haynes
 
PPTX
Preparing for general data protection regulations (gdpr) within the hous...
Stephanie Vasey
 
PPTX
DevOps vs GDPR: How to Comply and Stay Agile
Ben Saunders
 
PPTX
GDPRR: The Key Changes
Craig Clark ITIL, CIS LI,EU GDPR P
 
PDF
Infographic: EU General Data Protection Regulation (GDPR) Cybersecurity Compl...
CheapSSLsecurity
 
PDF
Preparing for EU GDPR
IT Governance Ltd
 
PPT
Ash masters : advanced ash analytics on Oracle
Kyle Hailey
 
PDF
SureSkills GDPR - Discover the Smart Solution
Google
 
PPTX
GDPR: A Step-By-Step Guide To Compliance
MarkLogic
 
PDF
Appointing a Data Protection Officer under the GDPR
IT Governance Ltd
 
PPT
History of database monitoring
Kyle Hailey
 
PPTX
Gdpr compliance. Presentation for Consulegis Lawyers network
Bart Van Den Brande
 
PDF
How to Become a Thought Leader in Your Niche
Leslie Samuel
 
Delphix for DBAs by Jonathan Lewis
Kyle Hailey
 
delphix-wp-gdpr-for-data-masking
Jes Breslaw
 
Virtual Data : Eliminating the data constraint in Application Development
Kyle Hailey
 
Jump start EU Data Privacy Compliance with Data Classification
Watchful Software
 
Jonathan Lewis explains Delphix
Kyle Hailey
 
GDPR Implementation Basics_Igor Mate_2016 CEE GC Summit_Istanbul
Igor
 
The Essential Guide to GDPR
Tim Hyman LLB
 
EU GDPR - 12 Steps To Compliance
Tom Haynes
 
Preparing for general data protection regulations (gdpr) within the hous...
Stephanie Vasey
 
DevOps vs GDPR: How to Comply and Stay Agile
Ben Saunders
 
GDPRR: The Key Changes
Craig Clark ITIL, CIS LI,EU GDPR P
 
Infographic: EU General Data Protection Regulation (GDPR) Cybersecurity Compl...
CheapSSLsecurity
 
Preparing for EU GDPR
IT Governance Ltd
 
Ash masters : advanced ash analytics on Oracle
Kyle Hailey
 
SureSkills GDPR - Discover the Smart Solution
Google
 
GDPR: A Step-By-Step Guide To Compliance
MarkLogic
 
Appointing a Data Protection Officer under the GDPR
IT Governance Ltd
 
History of database monitoring
Kyle Hailey
 
Gdpr compliance. Presentation for Consulegis Lawyers network
Bart Van Den Brande
 
How to Become a Thought Leader in Your Niche
Leslie Samuel
 
Ad

Similar to delphix-ebook-using-data-effectively-compliance-banking-1 (20)

PDF
Master Data in the Cloud: 5 Security Fundamentals
Sarah Fane
 
PPTX
Global Threats| Cybersecurity|
paul young cpa, cga
 
PDF
GDPR: A Threat or Opportunity? www.normanbroadbent.
Steven Salter
 
PPTX
Legal issues in technology
EzraGray1
 
PDF
IE_ERS_CyberAnalysisReport
Camilo do Carmo Pinto
 
PDF
Big_data_analytics_for_life_insurers_published
Shradha Verma
 
PDF
Big data analytics for life insurers
dipak sahoo
 
PDF
Managing Consumer Data Privacy
Gigya
 
PDF
Five strategies for gdpr compliance
Peter Goldbrunner
 
PDF
An Overview and Competitive Analysis of the One-Time Password (OTP) Market
EMC
 
PPTX
UK Financial Services: Digital Trends Report 2020
Let's Learn Digital
 
PDF
Omlis Data Breaches Report - An Inside Perspective
Omlis
 
PDF
EveryCloud_GDPR_Whitepaper_v2
Keith Purves
 
PDF
EveryCloud_GDPR_Whitepaper_v2
Paul Richards
 
PDF
Companies, digital transformation and information privacy: the next steps
The Economist Media Businesses
 
PPTX
Apt 510 slideshare
ShondaRobinson2
 
PDF
GDPR (En) JM Tyszka
Jean-Michel Tyszka
 
PDF
BDVe Webinar Series - Making GDPR for SMEs
Big Data Value Association
 
PPTX
GDPR How ready are you? The What, Why and How.
James Seville
 
PPTX
Industry and Regulatory Insights Using Applied Science
Sven Von Dem Knesebeck
 
Master Data in the Cloud: 5 Security Fundamentals
Sarah Fane
 
Global Threats| Cybersecurity|
paul young cpa, cga
 
GDPR: A Threat or Opportunity? www.normanbroadbent.
Steven Salter
 
Legal issues in technology
EzraGray1
 
IE_ERS_CyberAnalysisReport
Camilo do Carmo Pinto
 
Big_data_analytics_for_life_insurers_published
Shradha Verma
 
Big data analytics for life insurers
dipak sahoo
 
Managing Consumer Data Privacy
Gigya
 
Five strategies for gdpr compliance
Peter Goldbrunner
 
An Overview and Competitive Analysis of the One-Time Password (OTP) Market
EMC
 
UK Financial Services: Digital Trends Report 2020
Let's Learn Digital
 
Omlis Data Breaches Report - An Inside Perspective
Omlis
 
EveryCloud_GDPR_Whitepaper_v2
Keith Purves
 
EveryCloud_GDPR_Whitepaper_v2
Paul Richards
 
Companies, digital transformation and information privacy: the next steps
The Economist Media Businesses
 
Apt 510 slideshare
ShondaRobinson2
 
GDPR (En) JM Tyszka
Jean-Michel Tyszka
 
BDVe Webinar Series - Making GDPR for SMEs
Big Data Value Association
 
GDPR How ready are you? The What, Why and How.
James Seville
 
Industry and Regulatory Insights Using Applied Science
Sven Von Dem Knesebeck
 

delphix-ebook-using-data-effectively-compliance-banking-1

  • 1. Other Compliance Journeys MIFID PCI PCI AML AML GDPR GDPR REGULATORY COMPLIANCE FOR BANKS USING DATA TO UNBLOCK THE ROAD AHEAD
  • 2. REGULATORY COMPLIANCE FOR BANKS2 To make matters worse, FinTech challengers are driving the international banking agenda, disrupting business models with service innovations which established banks are finding expensive to replicate. It’s a zero sum game, more money spent on innovations means less available for compliance and vice versa. This makes compliance the most serious roadblock for banks today. It’s a multi-billion dollar and industry-defining challenge1 with no let up on the horizon. In our survey of top European banking executives, their biggest fears of non-compliance are financially driven as some 53 percent say they will face fines and 51 percent say they will lose customers to rivals. It is all about the money. For their very existence, banks across the world depend on following banking regulators’ licensing rules. The road to compliance runs on data, but data is also needed for day-to-day operations and to test out innovations. Using first-time accurate data for compliance frees up funds to speed up innovative products and services. Compliance delays or even failure though means operations, as well as innovation, are stuck in a jam. Compliance comes at some cost. Since the global financial crisis of 2008, increased regulations have BANKING COMPLIANCE The Financial Services industry is on a testing journey. Interest rates are stuck in the slow lane, mobile apps are overtaking branches, and most banks cannot outpace the regulatory changes affecting multiple areas; from knowing their local customers, to the global challenges facing their FX, Credit and Risk lines of business. MIFID PCI AML
  • 3. USING DATA TO UNBLOCK THE ROAD AHEAD 3 meant higher costs of compliance for banks. In Europe alone, more than 40 legislative and non-legislative measures have been proposed by the European Commission2 . And there’s more to come. The top 20 biggest global banks have paid more than €211bn in fines3 . Meanwhile regulatory compliance experts who can help banks steer clear of failure have seen their remuneration packages swell by 50%4 . The way your data moves around your IT systems matters. This eBook highlights the most pressing regulatory concerns of European institutions. It sets out the route to tackling the data challenges caused by the recent and prolonged spike in regulations and suggests how to contain the cost of complying. We hope it will unblock your journey to compliance. GDPR
  • 4. REGULATORY COMPLIANCE FOR BANKS4 Reporting, internally and externally, is core to compliance. In addition to quarterly financial reporting, banks need to report datasets across a long list of liquidity and anti-market abuse regulations while steering a course to prepare for new ones. Efficient reporting allows the reallocation of resources for revenue growth. Poor reporting sends a signal to the regulators to widen their investigations. The risk of penalties ties up significant amounts in contingency funds – up to €8.6 billion for one global, high-street bank. This figure is nearly a sixth of the international banking centre, Luxembourg’s, GDP at €51.86 billion5 . Banks are routinely taking major risks with sensitive data. The risk of losing sensitive data along the reporting journey increases when real datasets are copied and moved to a testing environment or a reporting application. Future regulations like GDPR may also require proof of the data integrity of personal information. Achieving this is not possible for many banks today using their existing processes. In an industry where financial penalties are highly probable and jail time scarily realistic, it’s time for you to embark on a safer route. Imagine compliance processes driven by full, fresh and secure data sets available within minutes, not months or years down the road. Grab your keys. KNOWING YOUR REGULATIONS According to our survey of banking professionals, the most troublesome current regulations to comply with are; Anti-Money Laundering Directive (59 percent), Market Abuse Regulation (48 percent) and the EU-US Privacy Shield (41 percent). Looking ahead, the industry is worried about getting its reporting structure in place for EU Directive on Security of Network and Information Systems (NIS Directive) at 62 percent, the EU General Data Protection Regulation (GDPR) at 54 percent and Money Market Reform at 53 percent. Failing GDPR alone could result in fines of 4% of global turnover up to some €20 million.
  • 5. USING DATA TO UNBLOCK THE ROAD AHEAD 5
  • 6. COMPLIANCE BLIND SPOTS The volume of data submitted to regulators is accelerating. In the US, the length of the mandatory quarterly call reports has grown to 84 pages, up from 30 pages in the 1980s6 . IT teams are in overdrive, unable to keep up with demands. Many have reached their speed limit. Today’s Compliance Officers have to command a wide range of skills, spending 61% of their time on basic tasks from monitoring to interacting with regulators7 . Three core data issues, security, delivery and testing are faced by IT teams daily and applying the right technology can add velocity to each. 6 REGULATORY COMPLIANCE FOR BANKS
  • 7. BUCKLE UP Cyber hacks and data leaks have dented consumer trust and damaged revenues in many industries8 . Banks are an obvious target. UK financial firms alone suffer at least 800 data breaches per year9 . Your data should be secured from the start to the end of your journey. Bad habits mean it may not be and four out of five European Bankers (81 percent) tell us they face data security challenges in the compliance journey. Data masking is often swerved because it used to add days to IT processes. Next-generation data masking delivers security and the responsiveness you need. SPEED UP When regulators come knocking, your team better be ready to report. Data delivery is the biggest reporting barrier faced by European Banks as almost all (92 percent) say they face this problem. Our survey proves 36 percent of financial services professionals are at high risk of missing reporting deadlines10 . Complex production environments and multiple copies of the same data can make reporting slow and cumbersome, while manual data delivery risks being less reliable, due to human error. Automation is the only way to go. CHANGE UP Roadworthy reporting applications require rigorous and continuous testing. Poor, stale data and limited environments risk missing compliance deadlines. Although seen as a lesser challenge than security and delivery, two out of five European Banks have data testing issues. It’s time to kick things up a gear or two. A little simulation, or more accurately, data virtualisation, goes a long way. SECURITY DELIVERY TESTING 7USING DATA TO UNBLOCK THE ROAD AHEAD
  • 8. BUCKLE UP For every change to a reporting application, real data has to be copied and refreshed numerous times throughout its development and test cycle. Much of this data is highly sensitive. Yet, for adequate reporting, regulators do not always require sensitive data such as credit card details, personal addresses and phone numbers. Data provisioning is already a highly manual process, but protecting the data adds even more complexity and cost. However, there is a shortcut. Data masking helps shield sensitive business and personal information, so even in the event of a data breach, hackers gain nothing of value. Some 59 percent of your peers in Europe find data masking troublesome and prevents real-time data from being used. Data Masking has always been a painful task adding days to the provisioning process meaning banks often opt out and risk using sensitive data. However, with the forthcoming GDPR, the legal requirement to masking sensitive data is a lot more explicit and the fines for failure astronomical. Now, you can mask all your sensitive data without the cost and delay using new technology that combines data masking with data virtualization. This allows you to mask data just once and then deliver over and over again. Masking only once allows data to be delivered on demand where it is needed, without human intervention. Fail-safe protection means banks can deliver this data anywhere, across departments, third parties and cloud providers, to save IT costs whilst reducing compliance risk. This might be useful for nearly half of you (49 percent) who believe data masking will improve your organisation’s compliance journey. 8 REGULATORY COMPLIANCE FOR BANKS
  • 9. USING DATA TO UNBLOCK THE ROAD AHEAD 9 GDPR AT EUROPEAN BANK A large Northern Europe bank had a six month project to mask all sensitive data in preparation for the new EU General Data Protection Regulations (GDPR). Masking 9,500+ data sources used by 128 applications would have taken over two years using current technology and process. Using Delphix the bank automated much of the data masking and delivery process meeting the timeline requirements and saving significant service and storage costs. Now GDPR compliant the bank can provide masked data anywhere in the business in hours, rather than days driving increased agility and innovation.
  • 10. REGULATORY COMPLIANCE FOR BANKS10 This new route to compliance, known as a data virtualization engine, also lets you control your data by knowing where it is, access data from any point in time, bookmark and retrieve it to meet audit requests. Data Virtualization, as part of data delivery, puts you in the driving seat. Vroom vroom. SPEED UP So security is sorted. Over one-third of your peers (36 percent) find reporting deadlines hard to overcome. Copying and refreshing data is highly manual and creates process bottlenecks which can take multiple administrators several weeks to work through. In our survey, speeding up data delivery (46 percent) is the top capability banks crave to improve their compliance reporting. Next-generation data delivery smoothes out bumps in the road by automating the process and removing physical constraints. ANTI-MONEY LAUNDERING AT GLOBAL BANK In 2012, one of the world’s largest high-street banks was caught facilitating money laundering and requested by a regulator to present a report to show how this large-scale crime happened. Failure to do so meant their operating license was under threat. They had to act fast. Creating a report of this kind used to take 17 days and the bank contemplated telling the regulator it could not be done in time. With next-generation data delivery, time of reporting was reduced to just 25 hours – a reduction of 94%. By instantly creating virtual databases mirroring physical ones, the bank was able to make and distribute data swiftly to reporting teams.
  • 11. 11USING DATA TO UNBLOCK THE ROAD AHEAD
  • 12. REGULATORY COMPLIANCE FOR BANKS12 Creating multiple testing environments boosts efficiency but rapidly increases storage costs. Budgets are tight and doing more testing with less resources is the second biggest capability (34 percent) banks want today during the compliance journey. That demand was closely followed by the need to use real-time copies of data for testing, nearly one-third (31 percent) of European Banks agree in our survey. Testing with subsets or stale data bypasses this problem but sacrifices quality. This is not the strategic solution to compliance your team needs. Robust testing requires non-production environments to be set up exactly the same way as the production environment they test. This means all the different data sets need to be synchronised and rigorously version-controlled. This is not straightforward. Data virtualization empowers you to test more, without taxing production systems so your team can go faster and maintain quality. Testers and analysts have their own copies of real-time and archive data and work in parallel only on their own subset relevant to the immediate reporting task. This speeds up the detection of errors and ultimately speeds up the journey to compliance. CHANGE UP In a recent European Banking Authority stress test across 51 banks, some 82 percent of European banks failed. The results showed a three-year economic shock would set banks back €226 billion of capital11 . Such compliance failure can have serious consequences. Today regulators can even restrict banks’ share buybacks and payouts to shareholders12 . A new route to compliance beckons.
  • 13. USING DATA TO UNBLOCK THE ROAD AHEAD 13 DODD-FRANK AT LARGE EUROPEAN BANK Data virtualization has helped several global banks respond to the data testing demands of regulations such as Dodd-Frank and European Market Infrastructure Regulation (EMIR). One large European bank used data virtualization to meet its Dodd-Frank reporting requirements. By maintaining a complete up-to-date transaction repository, reporting environments are available on-demand. This allows reporting within 15 minutes of a trade execution, while also clearing messaging backlogs and eliminating reporting failures.
  • 14. Compliance REGULATORY COMPLIANCE FOR BANKS14 THE JOURNEY AHEAD The journey to compliance has many roadblocks. Copying and moving ever-increasing amounts of data for regulatory reporting has become riskier and more difficult. At the same time, banks are under immense pressure to innovate faster against the disruptive influence of new challenger banks. All are competing for the same IT resource. Compliance reporting can take some of the world’s biggest and resource- rich organisations months to complete. These timeframes are disappearing in the back mirror. It’s time to speed up. Data virtualization has helped some of the world’s biggest banks report faster and more accurately. Data masking has evolved too and no longer needs to be manually repeated over and over again. This leaves your team the time to focus on value-added work such as data interpretation and analysis. It also means data breaches are less of a concern. Banks should embrace future regulatory demands because they lead to higher customer satisfaction and profitability. If your data security, delivery and testing are done right you are nearly on the home stretch. Great compliance needs great data. This can be achieved even if your budget is limited. To find out more about how the Financial Services industry benefit from Delphix’s data expertise, there are two routes you can take:
  • 15. All other routes 15USING DATA TO UNBLOCK THE ROAD AHEAD DELPHIX DATA VIRTUALIZATION Delphix specializes in data delivery. Our suite of next-generation data masking and data virtualization offerings put banks in the driving seat of regulation. Securely delivering data where and when it is needed for testing, reporting and compliance, frees up IT resources. With Delphix on-board, banks can drive innovation and overtake Challengers even as the regulatory burden rises to meet customer and market expectations.
  • 16. Fancy a test drive? Try our virtualization engine for free here https://www.delphix.com/products/ free-trial-request Ready to go? Master compliance reporting by arranging a consultation with our experts. https://www.delphix.com/contact-us REGULATORY COMPLIANCE FOR BANKS16 WANT TO KNOW MORE?
  • 17. 1. http://www.ft.com/cms/s/0/e1323e18-0478-11e5-95ad-00144feabdc0.html#axzz4GkeYoKWj 2. http://ec.europa.eu/finance/general-policy/policy/map-reform/index_en.htm#row1 3. http://www.ibtimes.co.uk/20-global-banks-have-paid-235bn-fines-since-2008-financial-crisis-1502794 4. https://next.ft.com/content/8c9bdac4-8281-11e2-843e-00144feabdc0 5. http://data.worldbank.org/indicator/NY.GDP.MKTP.CD?year_high_desc=false 6. http://www.housingwire.com/articles/35929-why-are-there-almost-no-new-banks-since-the-crisis 7. https://risk.thomsonreuters.com/content/dam/openweb/documents/pdf/risk/report/cost-compliance-2016.pdf 8. http://www.belfasttelegraph.co.uk/business/news/talktalk-halts-customer-exodus-after-cyber-attack-but- broadband-base-9000-lower-34898411.html 9. http://www.thisismoney.co.uk/money/saving/article-3108908/Data-breaches-banks-financial-firms-double-two- years.html 10. Delphix Vanson Bourne Survey 2016 11. http://www.reuters.com/article/us-eu-banks-tests-idUSKCN1092EA 12. http://www.ft.com/cms/s/0/9a018afe-3e37-11e6-9f2c-36b487ebd80a.html#axzz4GB56rYkA USING DATA TO UNBLOCK THE ROAD AHEAD 17
  • 18. 68 King William St, London UK EC4N 7DZ delphix.com