Post on 12-Oct-2020
UK Financial Services Practice
Engaging Risk in Agile DevelopmentKeeping pace with the new world of digital banking
We help risk functions mobilise for
rapid change as well as provide risk
and regulatory expertise directly into
the scrum team
Parker Fitzgerald connects Risk
Change to an Agile Scrum
methodology
Ensure risk and regulatory obligations are met
Improve scrum team and testing efficiency
Remove the critical dependency on the risk function
Continue to deliver digital change at pace
2
01The Digital Opportunity
Grasping it requires products and services to be brought to market at speed
02Challenges of Rapid Development
Banks must find a way to effectively include risk in agile development
03Mobilising Risk for Rapid Iterative Development
Ensuring the risk function are able support an agile scrum development
04Introducing Risk in to Agile Scrum
A regulatory expert in the scrum team ensures speed to market is maintained
05How Parker Fitzgerald Can Help
We provide expert risk and regulatory knowledge directly into the scrum
Contents
| Engaging Risk in Agile Development
3
UK Banking Actual and Forecast Return on Equity.
0%
5%
10%
15%
20%
2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020
2007: Credit CrunchBNP Paribas freeze $2.2bn of
funds resulting in panic and a
seizure in the financial
markets
2009: BCBS Basel II Reform
Changes aimed at improving
market risk for incremental risk
in the trading book place
increasing strain on RoE 2016: SmartphonesSmartphone penetration
is likely to be the only
limiting factor in the
digital revolution. This is
forecast to reach 75% in
2016 up from 44% in
2012**
2014: Interest RatesAs interest rates begin to
improve so do the banks
funding margins
2020: Mobile Usage33% of all consumers will be
using smartphones for all their
banking needs whilst mobile will
make up more than 50% of all
payment transactions*
Upward Pressure
Downward Pressure
2012: LLP RecoveryBanks begin to see an
improvements in RoE
attributed to improvements
in the necessary Loan Loss
Provisions
RecoveryCollapse
* Telecoms.com **Portio Research
Banks must rethink their
business models if they wish
to generate acceptable
return on equity (RoE) in the
face of increased capital
requirements and the
ongoing costs of regulatory
change.
Poor performance and increased
liquidity costs resulted in a collapse
of RoE during the financial crisis.
The regulatory response to the crisis
further drove up capital and funding
costs, an area of continuing focus
from the PRA. Coupled with the cost
of implementing new regulation,
recovery of RoE has become a key
board focus.
Given rises in interest rates on the
horizon, banks are looking to re-
evaluate business models, with
digital promising to provide both
greater distribution and operational
efficiencies.
| Engaging Risk in Agile Development│ Section One
Banks must continue to bring products and services to market at speed
to support consumer demand and capitalise on the digital opportunity
The Digital Opportunity
4
Challenges of Rapid Development
Through rapid development
approaches such as agile,
banks have been able to bring
their digital offerings to market at
speed - creating products that
are “live” throughout
development
At the same time, risk change adopts a
linear sequential lifecycle; waterfall. This
requires all requirements to be thoroughly
defined at the outset so the final product
can be deployed in full.
Waterfall does not allow for previous
phases to easily be revised or revisited.
As a result design and testing are
extensive and time consuming. By
contrast, customer and stakeholder input
is used to refine and iterate throughout
agile development.
The expectation of risk to deliver change
using waterfall, has meant they are often
excluded from agile development so that
speed to market can be maintained.
However, as banks seeks to offer ever
more complex digital offerings it will no
longer be possible to simply ignore the
concerns of the risk function.
| Engaging Risk in Agile Development │ Section Two
VERSION 1 – LIVE
VERSION 2 - LIVE
LVERSION 3 - LIVE
Inspect &
Adapt
Inspect &
Adapt
Agile Scrum
Waterfall
LIVE PRODUCT
Banks must find a way to effectively include risk in agile development
if they hope to continue their digital journey at the pace required
DESIGNBUILD
TESTDEPLOY
5
Mobilising Risk for Rapid Iterative Development
| Engaging Risk in Agile Development │ Section Three
01
02
03
04
05
Work will be required upfront to understand the needs and concerns of key
risk stakeholders to gain their buy in to support a rapid development approach
Engagement & Sign Off
Requirements Fulfilment
Resourcing & Prioritisation
Compliance Approach
Risk Policy & Standards
ENSURING APPROPRIATE RISK POLICIES AND STANDARDS
• Review the completeness and appropriateness of existing policy
• Confirm the high level digital risk design principles
• Identify the policy and risk appetite decisions required
ADDRESSING SPECIFIC FUNCTIONAL REQUIREMENTS
• Ensure high priority risk objectives are identified up front
• Establish the means of communication between the risk function and delivery team
• Agree the acceptance criteria
PRIORISTISING DELIVERY WITHIN EXISTING WORKLOAD
• Align and prioritise digital strategy within the risk operating plan
• Define risk resourcing requirements through each delivery cycle
• Clarify and agree funding
CONFIRMING THE APPROACH TO COMPLIANCE
• Determine roles and responsibilities for compliance
• Route and ownership for the engagement with regulator to be defined
• Agree governance and sign off for compliance
ENSURING RISK REMAIN ENGAGED THROUGH DELIVERY
• Existing risk engagement process and governance needs to be reviewed
• Governance process should be aligned to support rapid decision making
• Build key sign off process in to the product delivery plan
6
Introducing Risk into Agile Scrum
| Engaging Risk in Agile Development │ Section Four
The key components of agile scrum delivery and where input how risk is can add value
In heavily regulated banking environments the inclusion of a
risk and regulatory expert in the scrum team ensures rapid delivery
• Products are broken down in to
a list of deliverables
• These are prioritised based on
complexity and business value
• Each includes a description of
functionality, reason it is
required, estimate for work and
acceptance criteria
SPRINT DEMO
Reviewing the product
THE SPRINT
Doing the work
SPRINT PLANNING
Breakdown of tasks
RELEASE PLANNING
Minimum Viable Product
PRODUCT BACKLOG
Prioritised list of functionality
• Deliverables and acceptance
criteria are reviewed to ensure
a common understanding of
what is being asked
• The team agrees on what
deliverables it can commit to in
that release (iteration)
• The backlog defines all the
tasks required in order to
achieve the deliverables
committed to for that sprint
• This sprint backlog is
essentially the team’s to do list
for the sprint cycle
• The sprint is the development
cycle through which each of the
tasks are ‘done’
• ‘Done’ includes any necessary
testing or ratification
• Daily ‘stand up’ meetings are
used to inspect the progress to
date and adapt if required
• This is the public end of each
sprint, in which all stakeholders
are invited to demo and inspect
what has been achieved
• If necessary, feedback can
then be used to inform the
product backlog for the next
sprint cycle
ABCDE
DAEBC
DAE
DAEBC
Business
Value
Complexity
Prioritisation
based on….
Minimum viable
product defined
D
A
E
Task 1
Task 2
Task 3
Task 1
Task 2
Task 3
Task 1
Task 2
Task 3
Each sprint is decomposed in to its
associated tasks…
2 Week
1 day
D A E
Product InspectionTask Delivery
• Key compliance issues such
as fraud, conduct and credit
risk directly impact complexity
and business value
• The regulatory environment in
which the product will operate
is a key consideration in
prioritisation
• Understanding risk
acceptance criteria is required
to ensuring product can go live
• An appreciation of key risk
governance processes
supports the prioritisation
process and ensures accurate
sprint planning
• Defining a comprehensive
account of the risk needs in
the task list is crucial to ensure
the product will meet
stakeholder expectations
• Risk testing is part of the
acceptance criteria for each
task
• Inclusion of risk in the
development phase ensures
that compliance issues are
identified early
• Risk are able to sign off
requirement in situ without
slowing down the delivery
process
• Risk stakeholders are invited
to demo the product at the end
of each sprint before go-live
• The session helps build
confidence with the risk
stakeholders as to the efficacy
of the agile to deliver risk
requirements
SPRINT 1
SPRINT 2
SPRINT 3
DEMO 1 DEMO 2 DEMO 3
7
How Parker Fitzgerald can Help| Engaging Risk in Agile Development │ Section Five
Parker Fitzgerald
understand the digital risk
and regulatory challenges
better than anyone else.
Our Digital Risk Solutions
practice is one of the leading
consulting teams available in
the industry - combining critical
thinking with world class
delivery.
Our agile service offerings
reflect our understanding of
your need to continue move at
pace in the delivery of digital
service offerings.
We help organisations to
mobilise their risk team to
support a rapid delivery
mechanism.
We then provide risk and
regulatory experts directly into
the Scrum team to support
throughout delivery.
By doing so we improve
efficiency, remove risk from
the critical path and ensure risk
and regulatory needs are
fulfilled.
Service
Offerings
RISK MOBILISATION
Provide risk and regulatory expert in to the scrum to;
• Provide expert understanding of risk and regulation
• Facilitate issue expedition & stakeholder management
• Support the creation of the Product Back Log
• Define Risk user stories and support sprint planning
• Define risk acceptance criteria and carry out testing
• Ensure Risk attendance at Sprint review sessions
RISK EXPERTS IN THE SCRUM
• Reduce testing and improve scrum efficiency
• Ensure risk and regulatory needs are fulfilled
• Ensure risk are not on the critical delivery path
• Ensure risk are not on the critical delivery path
• Establish governance and design principles
• Empower digital to continue to move at pace
Ensure risk are set up to support a rapid delivery approach by;
• Reviewing current risk change engagement model
• Refining existing governance approach
• Validating appropriateness of existing policy
• Confirming high level digital risk design principles
• Identifying key policy decisions required to support digital
• Addressing stakeholders concerns in relation to agile scrum
8
Parker Fitzgerald Global Locations| Engaging Risk in Agile Development
NEW YORKThe Seagram Building
375 Park Avenue
New York,
NY 10152, US
+1 212 634 7478
LONDONHeron Tower
110 Bishopsgate
LONDON
EC2N 4AY, UK
+44 207 100 7575
AMSTERDAMWTC Amsterdam
H / Tower
Zuidplein 36
1077 VX, Netherlands
+31 20 799 7969
SINGAPORELevel 30
Six Battery Road
049909
Singapore
+65 6725 6376
PARKER FITZGERALD is an award winning professional services firm specialising in the delivery
of risk and regulatory transformation within the financial services sector
We partner with the world’s leading financial institutions to manage the strategic impacts of new
financial regulation across the enterprise and deliver market leading capabilities for the risk function
“Shaping the future of finance…
combining critical thinking with world class delivery”
www.parkerfitzgerald.comwww.parker-fitzgerald.com
Important Notice
This document has been prepared by Parker Fitzgerald Limited (as defined below) for the sole purpose of providing a
proposal to the parties to whom it is addressed in order that they may evaluate the capabilities of Parker Fitzgerald to
supply the proposed services.
The information contained in this document has been compiled by Parker Fitzgerald and includes material which may
have been obtained from information provided by various sources and discussions with management but has not been
verified or audited. This document also contains confidential material proprietary to Parker Fitzgerald.
Except in the general context of evaluating our capabilities, no reliance may be placed for any purposes whatsoever on
the contents of this document or on its completeness. No representation or warranty, express or implied, is given and no
responsibility or liability is or will be accepted by or on behalf of Parker Fitzgerald or by any of its partners, members,
employees, agents or any other person as to the accuracy, completeness or correctness of the information contained in
this document or any other oral information made available and any such liability is expressly disclaimed.
This document and its contents are confidential and may not be
reproduced, redistributed or passed on, directly or indirectly, to any other
person in whole or in part without our prior written consent.
This document is not an offer and is not intended to be contractually
binding. Should this proposal be acceptable to you, and following the
conclusion of our internal acceptance procedures, we would be pleased to
discuss terms and conditions with you prior to our appointment.
Parker Fitzgerald is a limited company registered in England and Wales.
Registration number: 06362018.
Registered office: 17th Floor, Heron Tower,
110 Bishopsgate, LONDON EC2N 4AY