Tag Archive for: RegTech

We recently posted a link to a news article about the rate of IT project failures. There have been some very high profile, and some less high profile, IT project failures and outages in the past couple of years.

IT projects and programmes, large and small, are often both complex and complicated. Particularly when they involve the migration of data from existing systems to new systems. If you have worked on this type of project, then we aren’t telling you anything new.

We thought it might be useful to talk about why these projects can be difficult and how you might increase the likelihood of success.

The Challenges

The level of difficulty in these projects is driven by the:

  • Number of existing systems, the connectivity between systems, and external interfaces;
  • Functionality of the new system(s), any customisation, and the regulatory requirements;
  • Amount of data to be migrated, the structure of the data (clients, accounts, funds, stocks, etc.), and the data quality;
  • Number of system users, internal subject matter expertise, and internal project experience.

And that is only part of the delivery challenge. There will usually be an overlay of cost constraints, time constraints, and, sometimes, political constraints. It may be a multi-national project, it may span different divisions or businesses, and it can be across time zones. All of which increase the time, cost, and complexity.

Changes to any one of the things in the list above can, and will, affect everything else.

So, what can you do about it?

The core aspects of project management – governance, plans, risk logs, dependency tracking, etc. – are all important for a successful project but we would like to be more specific than that. These are our top tips based on experience:

  • Look before you leap. Everyone wants to get in to the action, but you must not skip detailed planning. We know it is laborious, uses lots of resources, and it can feel as if you are getting nowhere, but if you look at every component in detail you are much less likely to come a cropper later.
  • Mobilise properly. If you start the project with the wrong mix of skills and experience, it is difficult to recover, and you will lose both time and momentum. In your planning, make sure you understand who you need and when.
  • Map it out. Whether it is the system components, interfaces, or data migration, map it out. The more you understand about how everything is connected, the easier it will be to manage the project, keep it joined up, and assess the impact of any changes.
  • Never stop testing. It can be the easiest corner to cut, often backed by the implicit assumptions that “everything will be fine” or “we can fix it afterwards”. As recent press coverage shows, these assumptions are not necessarily correct. Test the functionality, interfaces, migrated data, systems access, volume, overnight processes, and everything else. You need to be confident.
  • Reconcile everything. It is one of the hardest things to do but it is critical. Reconcile your existing systems before your start, reconcile at every stage of the project, reconcile when you are testing migration, reconcile when you go live, reconcile across new systems and interfaces. Reconcile clients and accounts, reconcile financial amounts, reconcile static data. You need to know that everything is right.
  • Make good decisions. At each stage of the project making good decisions is key. Everyone will have worked hard to determine scope, timescales, and budgets. There may be good reason to change something but don’t do it without considering the evidence and expertise available to you. Quick decisions, sometimes forced by political pressure, almost always cause future problems.

This is a wide-ranging and multi-faceted subject to cover in a very short article. Every one of these projects have complexities and nuances that you could never conceive of at the outset but will be expected to manage when they arise, against a backdrop of time, cost and political pressure.

There is no magic solution but if you focus on detailing and mapping everything up front, making sure you test and reconcile everything as thoroughly as you can, and making open and honest decisions as you go through, you will increase your chances of success.

You can probably tell that we enjoy this stuff. If we can help, or you just want to pick our brains, feel free to get in touch.

Those of you trawling through Waterstones best sellers and bargain books (other book shops are available) may not have stumbled on the FCA Business Plan 2018-19.

You may be under the impression that after the excitement of MiFID II and GDPR, there is a lull. Indeed, there appears to be a period of grace but this, unfortunately, is a false dawn. The business plan outlines some 12 reviews, 8 publications and numerous other activities across all financial services.

Some of the “highlights” include the proposed Suitability Review 2019. A follow-up version of the highly successful 2017 review.  (Is it me or do we seem to be following the same naming convention as the FIFA video game?)

The thematic priorities, which will have diverse methods of addressing and review, are:

  • Culture and governance
  • Financial crime and AML
  • Data security, resilience and outsourcing
  • Big data and fintech
  • Treatment of existing customers
  • Pensions
  • High cost credit

Key priorities within these themes are finalising the rules of the Senior Managers and Certification Regime and monitoring the roll out of technology and resilience as part of the Open Banking and the second Payment Services Directive (PSD2) (with the ability for third party providers to access a client’s data and make payments, this will be an important test of the security of this directive).

Introspectively, the FCA are also testing and applying RegTech and advanced analytics to the approach to regulation which may open the door for firms to move to similar schemes. Also, the FCA will be creating a Memorandum of Understanding with the Information Commissioner’s Office. This may lead to a focus in certain reviews and questionnaires on data security.

We have not heard the last of MiFID II either and, although to date, a collaborative approach has been taken, we may see considerable more depth to the monitoring, particularly transaction reporting and the inconsistent approach to research costs.

So, enjoy the summer’s fine weather, holidays and sport and look forward to the next year or two’s regulation with a spring in your step and a passport in your hand (Brexit allowing of course).

As more details become available on each of the areas, we will publish a short pragmatic guide on what they mean and what you will actually need to do.