A large global Systemically Important Bank (G-SIB) had a regulatory driven requirement to replace its systems associated with the capture, management, and reporting of operational events. The new system needed to be compliant with BCBS 239 (principles-based regulations relating to risk data aggregation) and Basel’s Standardized Measurement Approach (SMA) for Operational Risk, as well as provide traceability of Risk Events to the bank’s financial systems.
The existing event tracking systems were described as local “cottage industries”, fragmented by region and business area, and built on legacy technology that made event aggregation (e.g. following significant disruption in financial markets) extremely difficult. In addition, policy and process varied by region.
We worked directly with the SVP responsible for Operational Risk (part of the Bank’s Enterprise Risk Management function) to provide leadership in the formulation, management, and delivery of the program. We collaborated with members of a cross-functional Steering Committee to analyze current systems and processes and envision future state design. Policy Formulation and Workflow Design were key elements for defining the future state solution.
We captured Business Requirements in a Business Requirements Document (BRD) that was then used for the creation of a Request for Proposal (RFP) that drove the subsequent technology evaluation and selection exercise.
The resulting deliverable set (BRD, RFP, output from the technology evaluation and selection exercise) provided the client with a recommended solution design and preferred supplier that could meet the objective of “one policy, one process, one system” and source a common utility for managing operational risk events, including complaints.
Our holistic approach to revise policy and redesign process in conjunction with requirements definition resulted in a solution design that fundamentally improved data quality and event aggregation & reporting, and provided traceability of Risk Events to financial systems.