Posts Tagged ‘Financial Services’

Taking Care of Business

Tuesday, January 24th, 2012

By Mark P. Dangelo

Innovative Relevance

http://www.mortgagebankers.org/tools/FullStory.aspx?ArticleId=28527#full

Four years after the Great Financial Crisis of 2008, senior
banking officials are continually thrown under the bus as the new Robber Barons—just
as industry captains of old (e.g., Andrew Carnegie, John D. Rockefeller, and
Cornelius Vanderbilt).  History is once
again repeating itself.

The formerly revered and sometimes feared names of Lewis
(BofA), Mozilo (CWF), and Cayne (Bear Stearns) have been ushered out with scorn
and replaced by new leaders seeking vision, directions, and regulators approval—and
a way out of billions in litigation, claw backs, and fervent attorney generals.  Whichever side you take on the financial
collapse debate, constantly shifting politics within a presidential election
year continues to make it a very unpleasant time to be a banker, let alone a
financial institution with nervous investors.  Perhaps by 2015, we can find that elusive “next
curve”.

Moving forward and with increased certainty, financial
institutions, driven by a new patchwork of thorny, disjointed global regulations
including mandated annual stress tests, are turning historically venerated institutions
into ordinary public utilities with commodity offerings.  It is under the guise of safety, soundness,
and deep liquidity where hundreds of billions of investments will be spent on
new infrastructure (i.e., hardware, software, services, security, and networks),
policies, and processes to satisfy the next five to seven years of regulations.  Reminiscent of the go-go mid-1980’s
investments, the war on profit and loss will be waged with diverse technologies
and data efficiencies—not lending and trading. 

As a result of the games being played and the livelihoods
being lost, I for one am growing exceedingly tired of waiting for the next shoe
to drop and the pundits to finally get it right.  How many housing recovery plans have come and
gone in the last 48 months from every constituency—the Administration, Congress,
the Federal Reserve, industry associations, and consumer groups?  Whether some like it or not, it is past time
to get back to finance and banking business. 
Dialogue doesn’t pay the bills—discretely focused and measurable actions
will.  Let’s look at two key actions for
2012-2013.


Loan Origination System Excellence

In an extensive interview with industry mortgage veteran Keith
Kemph, Managing Partner, Shadow Point Consulting LLC, he highlights his 2012 strategy
and operational initiatives for profitable originators and their tightly-coupled
LOS needs.

Regarding the current state of the industry and an ability
to adapt, “One word that has become synonymous with the mortgage industry is
change.  Whether it’s a) change for the
good, b) change for the worse, c) change that helps move the industry forward,
or d) the recent changes we’ve seen that move our industry ‘backward’, today to
survive the new mortgage millennium mortgage bankers must be more ‘agile’.  Bottom line, a mortgage banker’s agility (or
lack thereof) will directly impact their bottom line (cost per loan / net
revenue per loan) and subsequent survival.  Agility is required at both the philosophical
and IT infrastructure level.”

To support changing requirements and industry paradigms, Mr.
Kemph states, “Before we can address how the pending regulatory and compliance
changes will need to be supported by technology providers in 2012 and 2013, we
first need to look inwardly and be certain our ‘business philosophy’ has
successfully made the transition from the traditional mortgage banker thought
process of ‘that’s how we’ve always done
it’ to ‘what do we need to do?’  Once mortgage bankers have successfully
adopted this new philosophical framework for evaluating their business
processes, policies and procedures they will be in a better position to
articulate what exactly they need from a process or technology standpoint.  Then the mortgage banker can then start asking
their respective technology providers and personnel to assist them
accordingly.”

When discussing existing operations and investments, “As it
stands today, a majority of mortgage bankers have already gone out and
purchased a new LOS at some point in the last three or four years.  Still other tech savvy mortgage bankers have
successfully patched together a fairly efficient set of processes that deliver
compliance.  Considering this and how
mortgage bankers will continue to operate on razor thin margins for the
foreseeable future, they will not be able to afford an initiative of uprooting
their existing technology and starting from scratch in order to meet changing
regulatory requirements.  Furthermore, mortgage
bankers are keenly aware that while each vendor offers various bells and
whistles, after all the hard work, time, money, and effort the mortgage banker
still holds the bag.  Loosely translated
this means that the mortgage banker still assumes 100% responsibility for their
‘loan decision’ on each and every loan regardless if the technology provider is
compliant, or not.  As a result, it’s no
wonder mortgage bankers are carefully evaluating risks versus costs when making
decisions surrounding technology investments.”

Mr. Kemph emphasizes, moving into the definition of and deployment
for business and consumer mandates, that “There will be growing demands within
the industry for LOS providers to offer more cost effective access for clients
to self manage their own LOS environments and platforms.  This will require technology providers to
become more organized and efficient in managing professional services, while
delivering technology in an agile architectural envelope which is both client
and vendor integration friendly.  Otherwise,
outsourced professional services, consulting firms, and 3rd party
vendor software services will see THE increased demand, as they help
organizations deliver maximum productivity and revenue using compliance as the
wrapper.  It’s my opinion that either by sheer
luck or a true strategic approach, firms and partnerships similar to Optimal
Blue, Secondary Interactive and Motivity Solutions, are fine examples of
organizations that may be ahead of the curve in this regard.“

So what should be done to guarantee investment returns?  Mr. Kemph concludes, “While technology
providers have historically played an important and significant role in helping
mortgage bankers to operate more efficiently, for the next two years they are
going to need to align themselves with vendor partners.  They must seek out best-in-class customer
service and low cost and high efficiency firms, who also provide easy access to
framework architectures at a reduced cost surrounding platform management.  Five years ago, the CEO of a leading mortgage
technology service provider privately stated, ‘It’s ok for our clients to put
pressure on us and dictate what they need – the pressure to reinvent ourselves
is a good thing for the industry.’”

As Mr. Kemph touched on above, the demand for technology to
business process integration will become a cornerstone and key competency of
any future banking strategy—that is they must be proactively linked to promote
the best fit at the least cost.


Transforming Business Process Management (BPM)

In transforming organizations using BPM, Pedro Fong,
Managing Principal, Innovative Relevance® directs his expertise against the
extensive adjustments and development of business processes needed to
efficiently orchetrates technology investments, data reuse, and operational
integrations.

For Mr. Fong, the remedies of prescriptive solutions are not
a panacea due to the complexity of legacy environments.  “Constant change seems to be the ‘new normal’
in our post mortgage meltdown economy. 
Yet, exactly what does that mean for BPM folks?  This new equilibrium can refer to a variety
of new business processes that have to be either reengineered or created from
scratch for a business to profitably operate. 
If you are lucky your business partners should have standard business
processes that were documented and instantiated within the organization well
before your arrival—or not.  Either way
businesses are going to need BPM expertise that can step up and help
organizations navigate through the different methods and techniques available
today to achieve their business needs. 
Unfortunately the answer of whether to BPM or not is ‘it depends’.  Moreover, BPM is not going to be a ‘silver
bullet’, but it can be a way for an organization to capture its thought
leadership and map out a strategy.  This
is an approach that can be communicated out on what the new normal means to the
organization and how it’s going to impact its operations and profitability.”

By selecting the right instrument for the task at hand, “Everyone
understands that simply deciding that you are going to ‘do’ BPM and purchasing
a tool, does not mean that your BPM approach will help you achieve your
business goals.  BPM at its core is
really a way for IT and the business partners to communicate through the use of
a ‘process tool’ or common language that will help their organizations become
better aligned to achieve their goals. 
Once aligned, IT and the business can focus on the people, process, and
technology changes required.  The
implementation of any new business process (will be read by the organization as
‘change’) whether it’s a small tweak, a process redesign, or the creation
processes to support a new business; they all have to be approached
methodically.”

If organizations reuse the same tactics and principles of
operation, they will fail.  So what
should be done?  “The ‘new normal’ is
challenging the FSI in ways that cannot be addressed with the same old
approaches and tools that banks have used in the past.  The banks that choose to dust off their old
approaches to meet these new challenges will at best continue to struggle or
worse fall by the wayside.  The new
normal requires FSI organizations to look at everything and rethink how they
will meet the challenges (e.g., new regulations, risk management, increase
profitability, consumer perception, and ever changing technologies) that are
being thrown at them at a high rate of speed and still run the bank as a for-profit-business.  Changes will continue to be lobbed at FSI for
the foreseeable future and banks will not have the luxury of implementing them
at the same slow and steady pace that they have been operating in the past—as
new regulations now number in the dozens per week.”

By internalizing nimble, compartmentalized building block business
processes, “Only the process savvy, agile organizations will be able to keep
pace with changes as they sweep across their FMBO’s (i.e., front, middle and
back office).  These organizations will
not only know their business but they will know how all the processes are
wired, what processes are shared across business units, the data that is being
passed through each point in the process, how that data is used, how fresh or
accurate the data is—where else should they be leveraging that data to support
other business processes?  Banks will
need expertise to identify how to interconnect their current vertical stove
pipe business units to create a more efficient and profitable
organization.  Understanding how to
maximize existing business processes is going to be a key starting point for
all of the banks.  Nonetheless,
understanding how to successfully implement those new business processes will
determine which ones will be the leaders and which will just be running with
the pack—or not at all.”

* * * * * * * *

The need for solid directions cannot be underestimated for
this coming year.  With a projected
recession for the second half of 2012 spurred by EU crisis after crisis, and underpinned
by the realization of why a $1 trillion IMF fund is needed to deal with lending
demands, it is clear that business as usual or a return to normal is a
mirage.  The deployment of new structured
products (e.g., US covered bonds, non-GSE MBS’s) and robust secondary markets
(for liquidity, risks and pricing transparency) are also a critical aspect that
many domestic corporations have yet to appreciate, let alone create plans for
implementation.

Moreover with foreclosures now projected to be greater than
1.5 million in addition to the hidden REO stealth inventories for 2012, the
downward pricing on housing even without the prospect of rising energy
pressures (e.g., gasoline > $5 gallon) will not allow the market to find a
new equilibrium.  With consumers once
again diving into savings to support the recovery, the market’s ability to
reach origination and refinancing volumes equal to just two short years ago may
take another five or seven years to reach.

The need to get back to business has never been greater.  Very little of the past is a guide for the
future as the forecasts continue to be wrong. 
To deal with the vast uncertainty of consumers, markets, and
politicians, technology and data must be the cornerstones for critical
transformational actions.  Taking care of
business has to start with LOS excellence, BPM, and the downstream needs that
are tightly-coupled with every new, non-government backed structured
product.  The realization of lead,
follow, or get out-of-the-way has never had great resonance.

 

Tags: , , , , , , , , , , ,
Posted in Analytics | Comments Off

Outsourcing – The Right Way

Tuesday, June 21st, 2011

By Mark P. Dangelo

Since 2008, non-manufacturing outsourcing, both offshore and
onshore, has undergone remarkable changes – forced M&A’s, fraud, declining
margins, vanishing customer bases, and market consolidations.  The economic downturn caught outsourced firms
off-guard and unprepared for political and domestic purchasing shifts coupled
with a lack of skilled, locally based, non-sales resources. 

Additionally, competitive upstarts using cloud technologies
are sprouting up biting into traditional outsourcing profits often booked during
years 2 through 4 of contract terms.  Factor
in a domestic unemployment rate estimated to linger at 8% to 9% until at least 2013,
indirectly creating protectionist sentiments, and the operating and usage
models for outsourcing are generating unique opportunities for buyers and
providers of services.

As traditional offshore firms struggle to regain direction,
it has been the domestically based and globally integrated outsourced providers
that have risen to leadership status during the financial and consumer crisis. 


A Changing Industry

The Great Financial Depression of 2008-2010 has changed the
outlook and the realities of how corporations select and engage with
outsourcing service providers both in the information technology (IT) and
business process (BP) space. 

With the U.S. economy languishing and housing officially in
a double-dip decline, the engagement parameters, governance, and corporate
drivers also continue to be transformed, moving from siloed offerings into
integrated capabilities selected in clusters or individually. 

Once driven by labor arbitrage fueled by educated remote
workforces, the outsourcing industry ran up meteoric growth of 25% to 35%
annually from humble beginnings in the early 1990’s to reach an industry top
line revenue rate exceeding $50 billion. 
In 2011, market growth has been reduced to just 5% to 15% CAGR.  

Historically, outsourcing was viewed as a path to
cost-efficiency and scale of operation, and it flourished under an order taking
model for nearly 15 years giving rise to numerous billion dollar
multi-nationals entrusted with front and back office processes.  However, outsourcing as an industry has now
matured and reached a conventional familiarity with buyers.  It is no longer a panacea for CFO’s and COO’s
to fix operational inefficiencies. 

With financial services becoming increasingly homogeneous
and utility defined, outsourcing buyers are seeking out true partners who can flexibly
assist with differentiation, customer retention, individualized service, and of
course, all with an acceptable ROI and risk. 

It is this change of positioning (e.g., historically, measure
everything, adversarial vendor relationships, and distrust of the outsourcer)
coupled with market and economic realities which are opening up new contractual
dealings beyond SLA’s and dashboard reporting.

The old “lift-and-shift
model has yielded to consumer needs of variability and knowledge
expertise.  The result is a bespoke
approach of metrics, compliance, and governance underpinned by robust industry
expertise. 


Questioning a Right-Sourced Outsourcing Provider

As panicked financial outsourcing consumers sought out
right-sized solutions to alleviate their operational burdens and risks, domestic
outsourcers rapidly adjusted their delivery models as the crisis’s unfolded.  After all, they had local experts who
understood the domestic cultures and changing national sentiments.

To achieve an outsourcer provider perspective for this
article, I reached out Keane, an NTT Data company, to provide their
insights and lessons learned.  Ken Miller, Director at Keane in the Securities and Capital Markets group,
provides the answers to a few of the critical questions regarding on-going
market changes (see Mr. Miller’s responses in italics). 

1.    What
new approaches or methods for outsourcing have been introduced since 2008?

KM: The outsourcing horizon is changing dramatically.  Labor arbitrage is now a commodity and
sourcing decisions are increasingly based on specific value added rather than
pure cost savings.  At Keane, we have
seen this manifest itself in the success of our Halifax based operation, where
clients have turned to a near shore alternative that brings many of the
benefits of traditional outsourcing, while eliminating the inconveniences of
time zone differences.  The outsourcing
business in general is in a natural state of evolution, and firms in financial
markets are looking to find “right sourcing” rather than “outsourcing”
solutions.  This will involve a mix of
traditional outsourcing including India,
China, Eastern Europe, South
America as well as innovative
sourcing, including sharing of processes on a business to business basis,
even between traditional competitors. 
This mixture is becoming the norm, and I expect this to be a dominant
theme in times to come. Value, rather than cost savings, is the deciding
factor.

2.    What
are the lessons learned moving into the remainder of 2011 that every
organization engaged in an outsourced relationship should be internalizing?

KM: First, make sure you can articulate a cultural alignment between the traditions
and values of your firm and the outsourcing provider; your outsourcer is an
extension of your firm.  Second, identify
and institutionalize key success factors; not just service levels but the real
items which determine success as measured by the outside world.  Third, do not make an outsourcing decision
based on cost savings. Cost reduction is only a part of operational efficiency,
and focus on this is a recipe for reduced client service.  Finally, do not focus entirely on utility
services; if you look introspectively, you may find that there are better
sourcing alternatives for processes you might regard as core competencies.

 

3.    Has
outsourcing become increasingly about technology ubiquity?  What are the key points organizations need to
consider when evaluating or renegotiating outsourcing relationships?

KM: The key to this question is to understand the interplay between
people, process, and technology.  Outsourcing
is not about technology ubiquity and we are increasingly seeing Business
Process Outsourcing become the norm.  Typically,
outsourcing firms will offer guaranteed cost savings over a period.  They are able to achieve this by adopting
methodologies such as Lean and Six Sigma that allow them to adapt and evolve
people, process, and technology deployment to drive operational efficiency.  The key is to recognize that these three sides
of the triangle are inextricably linked.  When negotiating an outsourcing agreement, an
organization needs to comfort itself that the potential provider is taking
adequate heed of this.  Otherwise,
desired benefits will not be achieved.

4.    With
financial volumes being consolidated, due to client M&A efforts, what
happens to the outsourcing relationship in these situations? 

KM: Often time an incumbent outsourcing agreement can be a significant
benefit in an M&A scenario.  Similarly,
outsourcing, especially BPO can be an effective transitional methodology and
can greatly assist migration efforts by depoliticizing integration activities.  This can be particularly effective when a
captive organization previously existed; there are many instances of such
captives being sold off to major providers to assist in cost optimization.  In addition, a pre-existing outsourcing
arrangement can often be a ready source of further cost savings by extending
scope, bearing in mind the need to focus on value.  In such scenarios’, innovative leverage of
outsourcing arrangements (e.g., taking advantage of follow the sun scenarios
can greatly facilitate integration).  I
have recent experience of a client being able to eliminate costly over night
reconciliation by shifting the activities to a different time zone.  It is in such scenarios that the true value of
outsourcing, particularly BPO, can be unlocked.

5.    Information
is progressively more mobile, how can outsourcing help mitigate the security,
privacy, and regulatory concerns many enterprises are facing? 

KM: Outsourcing is now an accepted way of dealing with cross enterprise
regulatory concerns.  AML and compliance is
core outsourcing competencies these days, and often times these issues are more
easily dealt with by alternative sourcing rather than cross divisional internal
utilities.  Also, regulatory bodies are
beginning to embracing this.  Regarding
mobile devices, these are not going away, but should be regarded as portal
technologies.  No different than the 3270
technology of yore.  Key considerations
of security, privacy and the like need to be addressed at the data source, and
this is not going to change in the near future.

6.    With
global disruptions prevalent in the headlines, disrupting service supply
chains, what contingencies should be made or included in contractual
relationships moving forward?

KM: Easy answer.  Do not adopt a
sole sourcing approach.  Diversify your
risk.  The best example of this in recent
times is Apple.  The Japanese crisis disrupted most hi tech
supply chains, but not Apple.  The iPad 2
rolled out on time.  Apple had its
sourcing options in the right place at the right time.  Contractual negotiations in this arena should
never be exclusive and should always allow for multiple sourcing.

In conclusion, the future of outsourcing will remain an
organizational decision to find the right balance of cost, value, and risk to
meet the changing needs and behaviors of consumers.  The “right” model takes into consideration
domestic needs, core competencies, and local workforce leverage. 

While there will be offshore outsourcing organizations that
continue to prosper, their lure of cost efficiencies driven by arbitrage are no
longer THE compelling business
case.  Perhaps this is why most are now
rushing to have 25% to 40% of their enterprises labor forces onshore as they
fight to comprehend the local cultural shifts?

Tags: , , , , , , , ,
Posted in Analytics | No Comments »

Data Integrity – The “Movable” Pillar of Discovery and Substantiation

Wednesday, April 21st, 2010

By Mark P. Dangelo

www.Innovative-Relevance.com

Integrity.  A character defining word that ranks with ethics, morals, and principles.  Its denotation affirms exceptional personal conduct, while its business implications suggest repeat customers, market status, and brand durability. 

More to the point, who can argue with the need for integrity, authentication, and chain of custody when it comes to financial and personal data that must be examined under scrutiny, forensics (e.g., fraud, transactional), or penalty of law? 

Whereas integrity principles are accepted as beneficial, it is in the achievement of these goals where money is lost and legal cases won – or lost.  There are cascading and hidden risks within, which are only surfaced when misfortune (e.g., delinquencies, foreclosures, class-actions, securitization failures) is internally recognized. 

Yet, for many individuals and organizations, the realization of integrity for data is something more mysterious.  It is commonly pushed deep into the enterprise — to the technologists in the back office.  Data integrity has little relevancy or correlation with today’s corporate strategies, operations, quality conformance, and profits.  Right? 

Fallacy and Reality

It seems every five to seven years, industry specialists and business leaders declare victory over the “hydra” of data integrity – classically defined as having three components of entity, referential, and domain.  With “victory” achieved, the organization and its focus shifts to the next problem or market challenge vexing its bottom line.  The data integrity requirements and regulatory mandates (e.g., business rules, data life-cycle, fail-safe controls) fade into the realm of IT myth and folklore.

However, with the steady advancement of technologies and practices (e.g., guaranteeing of data integrity in public cloud computing environments), the acceptance of demise for data integrity requirements creates false security – and lurking liabilities.  Like the hydra of mythology, the requirements compound and grow back (like the heads of the legendary beast gaining ferocity), becoming a menace to operational sustainability and business viability. 

With litigation and due diligence surrounding the data elementals of handling, storage, authenticity, durability, touchpoints, and isolation on the rise, it appears that hydra of integrity has found new life.  Some common data integrity misconceptions are frequently voiced as:

·         “Since our organization has structured application systems for our FMG (finance and mortgage group) operations, isn’t it a given that we  have the data integrity we are required to have for regulatory compliance?”

·         “We have standards for data entry fields, so why should we be concerned about the elements within the data repositories, marts, applications, and storage farms?  Isn’t data integrity really just about standards and field capture?”

·         “Data integrity is only about old application systems and approaches (e.g., flat files, VSAM, spreadsheets, point-based systems).  We have a commercial database and have spent years creating robust functionality in our origination and servicing systems.  Data integrity was taken care of years ago in our organization.  Sounds like much to do about nothing– like the IT department looking for a budget increase.”

Some of you reading this are probably just about ready to find another article that is more “edgy” or “important” to your organization.  Some would argue, this topic is old and stale and has very little to do with 3-years of housing’s turmoil and the current challenges facing FMG survival?  Let’s take a quick look at just a few of the realities documented by various organizations.

·         Annual price tag for bad loan data in the U.S. financial markets was as high as 7.3% of revenue – QAS Research, a unit of Experian,

·         FDIC reported that over 83% of the mortgages they audited contained violations,

·         Over 50% of the data corruption and integrity issues reside outside of technology – IBM, “Transforming Enterprise Information Integrity,” and

·         With over 90% of all records stored electronically (or scanned into electronic formats), the ability to maintain integrity over the life of the financial product (and for compliance) is material.

Moreover, with existing and pending legislation, additional concerns arise for the integrity of historical data stores and for future databases.  A very small snippet of these include (depending upon your business and model):

·         Consumer protection agency and its proposed charter,

·         Rule 803(6), U.S. Federal Rules of Evidence (see Info Law Group, “Privacy, Security, and Intellectual Property Law,” January 29, 2010),

·         “Skin-in-the-game” implications of Congressional financial bills (i.e., consequences of “cradle to grave” data life-cycle demands for definition, discovery, and defense), and

·         Existing and proposed state sponsored “breech” legislation – and consequences.

To believe that the guarantee of data integrity has been “met” across financial markets that are redefining rules of operation and conduct is fraught with peril.

A Principle-Driven Data Integrity Approach

For experienced enterprise architects, the utilization of principle-driven approaches is familiar – and represents stability and consistency for ever-increasing technological options.  Made famous in the “IT Paradigm Shift” by Don Tapscott and Art Caston, the use of the PRI (i.e., principle, rationale, and implication) architectural framework has gained global acceptance especially with the deployment of specialized technologies, layered outsourcing arrangements, and application compartmentalization. 

With estimates currently ranging from 4% to 9% of an IT’s budget directly or indirectly being consumed by information discovery, due diligence, and defense, the life-cycle challenge of data integrity cannot be left to chance. 

Table 1 provides an illustrative example for IT and business leaders of the granular and interdependent PRI’s, which are needed for the next decade.  So before you purchase the next origination system, sign up with a servicer, or restart private securitization efforts, ask yourself, “How are we addressing these areas, at what cost, and with what exposure?”

Table 1 – Illustrative PRI for Data Integrity / Data Architectures

Principle

Rationale

Implication

To guarantee adherence to organizational values, data custody and authentication must be able to be verified and certified by an objective and qualified third-party.

·          With the rapid adoption of cloud computing solution sets, data routing and its transmission cannot be assumed to be tamper proof.

·          Sequencing of data segments, since they may come from multiple sources and technology platforms, must involve the full acceptance of the data record or demand a complete rollback of all elements.

·          More than ensuring data and time stamps.

·          Demands more than standard hashing algorithms.

·          All data transmitted across public networks and from layered applications will be subject to predetermined certification tests.

·          Best practices will be adopted / modified to ensure data integrity of the highest quality.

·          On-going / continuous monitoring.

The validity of data and its consistency of capture, storage, and usage must conform to all published enterprise standards and applicable in-country regulations (e.g., privacy, confidentiality, et al).

·          Enterprise data demands must recognize disparate requirements, laws, and compliance demands when crossing local, state, federal, and international borders.

·          Within pending regulations, new implications of handling, storage, and usage will be demanded, with the “old” practices requiring a different set of data integrity “release” parameters.

·          If data is shipped in a cloud, its route should not violate laws on its path to corporate systems (a current challenge for network data routing in a cloud).

·          Compartmentalization of data management elements, schemas, and logical representations (along with all the rules and validation edits), should be maintained and able to be reconstructed for the life of the data.

Unless explicitly exempted by data owner, all data, rules, and manipulation must be implemented utilizing “data isolation modules” (DIM’s).

·          Identify and ensure fail-safe controls.

·          Ability to reconstruct “versioning” of data evolution at a discrete or elemental level.

·          Minimize reoccurring expenses associated with development and application segmentation.

·          DIM’s will have been validated and certified by custodian of record.

·          Taxonomies of data must be developed and maintained.

·          Any exception must be documented and sanctioned by corporate officer.

·          Use of (n)XML standards for data interchange and portability.

·          Common data models.

Data must be classified by both durability and risk to uphold usage, archival, and retirement.

·          With changes in technology solutions (i.e., technology is the least stable part of an architectural solution), portability and availability of data must be guaranteed.

·          A comprehensive data life-cycle approach for ensuring data integrity goes beyond application and database systems.

·          Part of a robust master data management (MDM) approach.

·          Years after the original transaction, due diligence demands will require a comprehensive review of all touchpoints including the outside review of litigants.

·          Workflows must reflect data requirements.

·          Rules engines do not singularly satisfy data integrity demands.

Data, and the transactional streams used during their life-cycle, must adhere to / exceed all auditing, logging, and compliance requirements.

·          With litigation on the rise, the “states” of data, its manipulation, and its usage must be captured across all its forms / transition states.

·          To support processes and regulatory demands, the data underlying the organizational certifications must be managed according to generally accepted practices that have been proven trustworthy in a court of law (i.e., they should be accepted by corporate legal advisors and auditors).

·          Use of robust WORM solutions according to performance, regulatory, and cost constraints.

·          All DIM’s and associated API’s must be certified.

·          Off-the-shelf certified solutions that incorporate industry standards, will be given preference during system “ever-greening” (to reduce capital costs, custom tailoring, while ensuring repeatability across multiple locations).

·          Monitoring and benchmarking of adherence will be done every (xxx).

Data sourcing, sequencing, and trustworthiness (SST), must be identified and maintained over the life-cycle of the data in adherence to corporate data standards and practices.

·          A clear system of record must be defined and maintained to guarantee efficacy and integrity.

·          With the data sourcing chain now firmly linked across origination, servicing, and securitization, access to the original data source (and the guarantee of its integrity) will be a top 5 corporate responsibility (and potential expense) during the next decade.

·          The use of “ACID” properties should be part of the certification process.

·          Use of existing and evolving data standards will be favored over internal, one-off solutions (to reduce costs, risks, and ETL requirements).

·          Developing and delivering data intelligence (DI) as part of standard operating procedures.

·          Strong and enforceable (with consequences) data polices.

NOTE: Illustrative and abbreviated for presentation purposes

 

After reviewing this lengthy table, some will ask, “Where’s the technology?  Where are the explicit standards?”  How can you have a data integrity architecture without solutions?” 

If we could add additional columns to the right, we would then add in the technology and discrete solution sets needed to deliver the principle-driven architecture that has been rationalized with its interdependencies.  So far, we’ve aligned organizational need, identified processes, and touched on the need for personnel and skills.

Perhaps the questions that make more sense for business personnel using this approach include, “What technologies are required to satisfy the business needs and operational requirements (inherent in the business and operational needs of the first three columns)?  What solutions best fit our ‘As-Is,’ ‘To-Be,’ and gap implementation programs of work for minimal capital costs and maximum return ensuring data integrity rigor / discipline?”

So yes, data technology and standards are very important – but only after the operating parameters have been articulated and approved.  They will vary for nearly every FMG driven by their management team, markets, and current challenges.  The interesting aspect of this proven approach is that once defined and maintained, it works in concert with numerous development or provisioning methods, applications needed, or outsourcer selected. 

In summary, the data integrity principles outlast the technologies, promote non-linear decision making, and “hold up” under the scrutiny of review.  For business leaders signing the checks of new solutions, it gives tremendous business case justification to “why IT does matter.”  And, when it comes to legal and regulatory challenges, preparation and anticipation are always cheaper than intrusive discovery and evidence gathering.

Challenges within Cloud Computing and Virtual Data Provisioning

Last, but not least, are the data integrity challenges materializing within cloud solution sets.  Since cloud computing and associated data storage options are one of the fastest growing offerings (e.g., Amazon, IBM, Dell) we cannot neglect the evolving issues of data integrity within the clouds.  (For an extensive discussion of cloud computing challenges and deployments, see The Alchemy of Creating Intelligence in “The Cloud”, by Mark Dangelo, October 2009). 

Data routing and storage within the cloud is one of the leading concerns facing publically provisioned cloud computing environments.  As the data is routed via a host of third-party, and country controlled telecommunication services, it can be exposed to fraud, corruption, sequencing challenges, and of course, privacy constraints. 

Additionally, given the types of interfaces and security mechanisms deployed across disparate computing platforms, the ability to introduce error and fraud has also increased when the flexibility of “pay-as-you-go” cloud computing is added.  Bottom line, there are exceptional benefits and values with cloud computing – but for today, organizations must consider exposure, risks, and consequences before placing mission critical or financial transactions over them.

The good news is that there are standards and practices that are being developed, which should be mentioned.  These include multiple standards from Object Management Group (OMG), Storage Network Industry Association (SNIA), Organization for the Advancement of Structured Information Standards (OASIS), and many others (for a comprehensive list see http://cloud-standards.org/wiki/index.php?title=Main_Page).

 

* * * * * * * *

 

As you can see, data integrity is a complex discussion that incorporates many horizontal and vertical disciplines in FMG’s, within computer science, auditing, and legal professions.  The final question that has yet to be asked is “How do I know if my organization has a data integrity problem?”  Well, if this is the first time you have asked that question for your enterprise….

 

For additional information and discussion on data integrity, please attend the “How Much Is Data Integrity Costing You?” conference session on April 26, 2010, 3:00 p.m., at the MBA’s National Technology in Mortgage Banking Conference.  For a complete list of session panelists and topic discussions see www.mbaa.org.

 

Tags: , , , , , , ,
Posted in Analytics | No Comments »