Strategic Enterprise Risk and Data Architecture
- 1. Strategic Enterprise Risk Architecture Sandeep Maira October 19, 2017 Head, Enterprise Risk & Compliance Technology The Bank of New York Mellon
- 2. 2 Information Classification: General Enterprise Risk Architecture Objectives E2E Architecture for risk (and beyond) including data, processing and reporting Benefits include - • Satisfy regulatory as well as internal risk management objectives. Support CCAR but also internal risk analysis. • Reduce overall costs • Improve enterprise wide data consistency • Leverage advances in Big Data and computing power to provide advanced and predictive analysis
- 3. 3 Information Classification: General Regulatory Risk Ad-hoc Data Science Control Framework :Data Governance, System Monitoring Classification Model Development Data Sourcing & Staging Model Dev/ Management Aggregation Credit Risk Ops Risk Liquidity Risk Market Risk Model Management Scenario Management CCAR Calculators Model Parameters Reporting/ Analysis DataLake CommonStagingDB Reference Data Collateral Positions Transactions Credit Liquidity Basel Business Process Management: Reviews, Handoffs Target State Logical Architecture – Component View VaR
- 4. 4 Information Classification: General 3 1 4 5 Architecture Components Design Approach Benefits Challenges Data • Leverage shared position, transaction, collateral and reference data services across risk, finance, treasury • Provides data consistency and traceability. Reduces costs. • Helps satisfy BCBS 239 and SR14-1 • Provides the basis for advanced analysis • Organizational boundaries • Upfront expense Model development • Sandbox for model development purposes • Model registry for model definitions and approval • Scenario registry for regulatory & internal scenarios • Scalable infrastructure for model development • Improve controls and governance • Reduce costs through model re-use • Ownership model between business and technology • Multiple coding languages Calculators • Calculators as services • Consistent results for given inputs • Reusability and cost reduction • Integrating disparate technologies • Retrofitting can be difficult Risk Architecture Design Objectives and Approach
- 5. 5 Information Classification: General 1 Architecture Components Design Approach Benefits Challenges Aggregations • Configurable aggregations for risk measures • Flexibility to aggregate and drill down at all levels • Deep and accurate datasets Workflow • Integrated workflows for handoffs, approvals and validations • Single inbox for all tasks • Streamline and reduce operational overhead • Improved data validation • Enforce risk policies • Integration of different platforms Reporting • Support static and flexible ad-hoc capabilities • Ability to slice and dice on all major dimensions and support rich visualizations • Threshold capabilities on all required measures • In-depth analysis of all types of risk events • Early and easy identification of outliers • Helps satisfy BCBS 239 and SR 14-1 • Acquiring breadth and depth of data Control • Support data lineage, validations and glossaries • Data reconciliations • Robust exception handling and alerting • Satisfy BCBS 239 and ensure data consistency, accuracy and completeness • Monitor health of production infrastructure • Operational ownership across multiple business lines • Agreement on terms Risk Architecture Design Objectives and Approach
- 6. 6 Information Classification: General Use Case - CCAR • Acquire data from master data sources into common data staging • Handoffs are validated Models are developed • Model risk management approves models • Scenarios are updated • Models move to production and source data • Results are aggregated • Results are available for reporting • Data quality and system monitoring checks CCAR Process 1 1 2 6 3 4 5 7 8 9 2 3 4 5 6 7 8 9
- 7. 7 Information Classification: General What is my ‘exposure’ to Greece? What is my credit risk? What is my market risk? What potential exposure will I have with a further worsening? Do I have any compliance issues? What ‘Greek’ counterparties do I have? What is the current exposure and future potential exposure? What collateral do I have? What Greek instruments do I have? What hedges do I have in place? Are there any AML issues? For counterparty ABC with high credit exposure, what instruments do I hold? Do I have any AML concerns ? With further worsening of conditions what might happen? What is my exposure with a 30 percent drop in Greek bonds? More Interesting Q’s……..
- 8. 8 Information Classification: General Regulatory Risk/Finance/ Treasury/ Compliance Business Intelligence Reporting / Analysis Risk Treasury Finance ‘Big Data’ DB Regulatory • The data lake can provide ‘Business Intelligence’ within and across domains • The ‘Big Data’ DB has very wide depth and breadth of data, for advanced analysis. Data science analytics, including (for example) statistical analysis and machine learning, can be performed in this environment. This DB can also be used for model development. Compliance Target State Logical Architecture – Modeling and Data Science Historical Data
- 9. 9 Information Classification: General Appendix
- 10. 10 Information Classification: General Regulatory Risk/Finance/ Treasury/ Compliance Business Intelligence Reporting / Analysis Risk Treasury Finance ‘Big Data’ DB Regulatory Compliance Data Pathway Control Frame Work :Data Governance Tools • Data governance tools including data lineage, glossaries • The ‘Big Data’ environment can also be used for ad-hoc analysis Target State Logical Architecture – Data Lineage