UK Financial Services Practice Risk and the Digital ...€¦ · marginal risk decisioning • New...
Transcript of UK Financial Services Practice Risk and the Digital ...€¦ · marginal risk decisioning • New...
UK Financial Services Practice
Risk and the Digital Banking RevolutionKeeping pace with the new world of Banking
The shift from physical to electronic distribution has major implications for how banks need to
approach risk management
Regulators have little experience of regulating a digital market. Their response will be a key
factor in making the digital bank a success
The use of big data will be a key enabler in the future of digital banking and the successful
application of risk frameworks
The digital journey for the risk function needs to start now if the banks are not to be left behind.
The complexity of solution will be determined by the products and services offered
PARKER FITZGERALD is an award winning professional services firm specialising in the delivery
of risk and regulatory transformation within the financial services sector
We partner with the world’s leading financial institutions to manage the strategic impacts of new
financial regulation across the enterprise and deliver market leading capabilities for the risk function
“Shaping the future of finance…
combining critical thinking with world class delivery”
3
Contents| The Digital Revolution
01 The Digital Revolution and a Return to Profitability
02 Credit Decisioning and Big Data Solutions
03 Data Privacy and the Risks of Knowing More
04 The Changing Face of Fraud
05 Cyber Security: Protecting the Digital Assets
06 Conduct Risk and Digital Business
07 Digital Regulatory Considerations
08 How Parker Fitzgerald can Help
© Parker Fitzgerald Limited 2014
4
UK Banking Actual and Forecast Return on Equity.
0%
5%
10%
15%
20%
2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020
2007: Credit CrunchBNP Paribas freeze $2.2bn of
funds resulting in panic and a
seizure in the financial
markets
2009: BCBS Basel II Reform
Changes aimed at improving
market risk for incremental risk
in the trading book place
increasing strain on RoE 2016: SmartphonesSmartphone penetration
is likely to be the only
limiting factor in the
digital revolution. This is
forecast to reach 75% in
2016 up from 44% in
2012**
2014: Interest RatesAs interest rates begin to
improve so do the banks
funding margins
2020: Mobile Usage33% of all consumers will be
using smartphones for all their
banking needs whilst mobile will
make up more than 50% of all
payment transactions*
Upward Pressure
Downward Pressure
2012: LLP RecoveryBanks begin to see an
improvements in RoE
attributed to improvements
in the necessary Loan Loss
Provisions
RecoveryCollapse
* Telecoms.com **Portio Research
The Digital Revolution and a Return to Profitability
Banks must rethink their
business models if they wish
to generate acceptable
return on equity (RoE) in the
face of increased capital
requirements and the
ongoing costs of regulatory
change.
Poor performance and increased
liquidity costs resulted in a collapse
of RoE during the financial crisis.
The regulatory response to the crisis
further drove up capital and funding
costs – an area of continuing focus
from the PRA – and coupled with the
operational costs of implementing
new regulation this is an established
board agenda item.
Even with forecast rises in interest
rates, banks must now
fundamentally re-evaluate their
business models if they are to
recover levels of RoE.
| The Digital Revolution │ Section One
Digital provides both greater distribution and operational efficiencies that
will improve the ability of the banking sector to generate return on equity
© Parker Fitzgerald Limited 2014
5
Electronic Distribution Channels Need Electronic Risk Frameworks| The Digital Revolution │ Section One
The challenge for the risk function is the growing disparity
between the new product channels and the means of
communication required to support risk processes
• Banks were founded upon physical distribution and as a consequence
risk frameworks have evolved to rely on human interaction. As the
level of direct human interaction has diminished so too has the
appropriateness of manual risk processes
• The tipping point has now been reached where risk frameworks are no
longer capable of meeting operational or regulatory expectations in a
digital banking world
The shift towards digital banking strikes at the heart of the
banking distribution model that has served the industry for
more than 250 years
• There were 17,637 branches in the UK in 1990; today there are just
9,500. Research by the Campaign for Community Banking Services
estimates this will shrink by a further 27% to just 7,500 by 2018
• Consumers are increasingly using online and mobile to meet their
banking needs. The latest generations of banking users lead
predominantly digital lifestyles and many have never even entered a
branch
High
Time
ACustomer
Interaction
Required
Level of
Interaction
B
Current State
Current distribution model provides the
necessary level of human interaction to
ensure risk management is effective
Digital Migration
As distribution shifts to
digital so the levels of
human interaction drops
below the level
necessary to meet
regulatory expectations
Reduce Manual
Reliance
Banks must reengineer
risk management
processes to meet the
digital distribution model
Low
Digital Banking Impact on Direct Customer Interaction and Risk ManagementDistribution Channel Penetration*
0%
50%
100%
75%
25%
1996 1998
Mobile Banking
Internet Banking
Branch Banking
2000 2002 2004 2006 2008 2010 2012 2014 2016 2018 2020
*1996 to 2012 data – Bank of America Merrill Lynch Banking & Financial Services Conference 2012
The shift from physical to electronic distribution
has major implications for risk processes
© Parker Fitzgerald Limited 2014
6
The Digital Risk Journey| The Digital Revolution │ Section One
HARMONISATION
Becoming one ‘Digital Bank’
SIMPLIFICATION
Becoming ‘Digital Inside’
DISTRIBUTION
Becoming ‘Digital Outside’
TRANSLATION
Understanding the Implications
• Harmonisation of risk operating
models across legacy and digital
architectures to support an omni-
channel banking infrastructure
• Design of re-engineered of risk
processes to support the digital
banking product set
• Implementation of re-engineered
digital risk processes alongside
legacy manual processes
• Definition of the process changes
required to underpin the strategy
• Key regulatory assumption must be
factored in to solution design.
• Mandatory adaptation of existing risk
business processes and systems
• Translation of organisations digital
strategy in to a digital risk journey
• Determine the scope of the risk and
regulatory engagement
• Definition of digital risk strategy and
mobilisation of Risk Programme
High
Low
Dig
ital M
atu
rity
Market pressures demand
a rapid transition to digital
banking products.
To achieve this pace of
change, it is key that the
risk function gears up to
define effective,
sustainable risk
frameworks that will
support digital customer
interaction.
The concluding phase of the journey is
where the risk strategy, supported by a
target operating model that efficiently
supports both legacy and digital product
channels, is implemented.
This will typically involve migration activities
to remove any duplicated processes.
The investment continues at pace as
the re-engineered (and increasingly
automated) risk processes move
through design and into production .
The digital journey for the risk function needs to start now
if the bank is to realise its digital banking vision at the speed required
Risk
EffortA
Digital Risk Strategy Alignment Risk Solution Design Implementation Platform Integration
The Components of the Digital Banking Journey – and the Implications for Risk.
In order to ensure that the bank’s risk
controls are not compromised by the
pace of digital product delivery.
Significant investment from risk will
be required for the definition of the
digital risk strategy and the
determination of the underlying risk
processes.
© Parker Fitzgerald Limited 2014
7
Fraud
Prevention
Conduct
Risk
Cyber
Security
Data
Privacy
The Pillars of Digital Risk and Regulation| The Digital Revolution │ Section One
At Parker Fitzgerald we provide specialist expertise
in those risk areas most significantly impacted by the digital banking revolution
Credit
Decisioning
1 3 4 52• Decisioning strategies will need
to draw upon far wider data
sources, including social media
to improve operational
performance and marginal risk
assessment
• Frequent revision of customer
segmentation models will be
necessary to reflect the new
social demographics flowing
through the digital channel
• Significant re-engineering/
automation of the manual
processes for checking of loan
security will be needed in order
to offer a fast, seamless digital
customer experience
• Electronic distribution provides
the opportunity for organisations
to use big data to great effect.
However, whilst big data can
solve many digital issues it also
presents many of its own
• Different customer
demographics have different
privacy expectations. These
must be accommodated and
policies adapted accordingly
• Banks must sell the benefit of
big data analysis to their
customers; explain how their
data can be used to provide a
better service. Customers must
then be given the opportunity to
opt in or opt out
• Increased business flow through
the digital channel will result in
the attraction of new customer
segments with a higher fraud
risk profile and also a potential
behavioural shift within the
existing customer base
• The physical anonymity provided
by remote electronic data
capture relative to having to
answer directly to a bank’s sales
agent can encourage this
behaviour – which includes
adopting a false identity or
knowingly providing invalid
information.
• Increasing the range of banking
services offered via a
technology interface raises the
number
of potential entry points – and
opportunities – for security
breaches
• Data security is an area of
heightened media scrutiny – and
banks simply cannot afford the
risk of losing control over any of
their customer’s personal or
financial data
• As the bank invests in its digital
channels, it is critical that it
protects its business through a
commensurate investment in
information security
• Product sales currently benefit
from extensive human
intervention which will not exist
in a digital environment
• The conduct risk challenges
faced by the legacy channels
apply as much, if not more, to
the digital business. Where and
how customers are advised of
the implications of a banking
product sold digitally has to be
considered
• Similarly, ensuring that digital
and legacy customers are
treated fairly will require
continuous oversight as the
digital business is typically set
up as a separate business entity
to the rest of the bank
Technology
Resilience
6• Migration of banking services to a digital service provision places still wider reliance on technology solutions
• The levels of technology resilience and availability will need to be maintained across the full value chain of the bank, from mobile banking apps through to core accounting platforms and
payments systems
• Any service outages in the digital world have direct reputational impact (such as Blackberry) - similar to payment systems downtime problems witnessed recently in the UK banking sector
© Parker Fitzgerald Limited 2014
8
Central to all lending is the
assessment of credit risk.
The effectiveness of which
is at present reliant on
human interpretation.
• Based around a physical
distribution model, credit risk is
reliant on human interpretation.
Colleagues are required to advise
as well as assess, extract and
capture the relevant data
• Electronic distribution changes
this landscape. Credit Risk
management and regulatory
compliance will no longer benefit
from human involvement
• Credit Risk will need digitally
compatible risk policies and
procedures
• As the digital journey continues,
so risk functions will need to
embrace new decisioning
paradigms to remain competitive
• Limited to no integration with risk
• Only bureau (often single source) and
internal data used to determine the
credit decision
• Digital risk is managed using existing
frameworks, typically requiring the
rekeying of data into legacy systems
• Risk management is heavily reliant on
human intervention and validation
• Multi-bureau credit data sources
• Risk framework, policy and procedure
translated for digital
• Risk processes optimised and
automated to support an electronic
distribution paradigm
• Big Data analysis used to leverage
additional data sources and improve
marginal risk decisioning
• New lending models – such as pro-
active mortgage offers - will result in
targeted, location based sales
distribution
• New behavioural paradigms will be
utilised such as trust based
decisioning, taking into account
customer online behaviour across
multiple digital sources
Credit Decisioning and Big Data Solutions| The Digital Revolution │ Section Two
Digital Evolution of
Credit Decisioning
Data Sources
Physical Legacy
Based on physical
provisioning of
documentation and use
of credit history
Big Data Profiling
Utilisation of numerous
digital sources of data
to determine credit
worthinessTrust Based
New behavioural
philosophies applied
such as trust based
decisioning
Decisioning Paradigm
Risk functions will need to embrace the use of new decisioning paradigms
if they are to remain competitive in a digital environment
© Parker Fitzgerald Limited 2014
9
Data Privacy and the Risks of Knowing More| The Digital Revolution │ Section Three
01010101001010101101
0101010101010101010
0101001010101
0101010101010101
010101010101010101
10101 0 1 0 1 0
1 0 1 0 1 0 1 0 1
0 1 0 1 0 1 0 1 0 1
0 1 0 1 0 1 0 1 0
1 0 1 0 1 0 1 0
“The Enigma”“The Sharer”
1
“The Pragmatist”
• Opposed to sharing any information
with companies unless there is a
compelling justification to do so
• Monitors data given to organizations
and how it is used within the services
provided
• Freely shares data through desire for
improved experience as a result of
being unconcerned about data use
Customer Characteristics
• Does not consent to data usage.
Customer subject to less efficient
process and longer customer
experience
• Customer is able to engage in simple
digital services. Complex transactions
subject to antiquated means of
evaluation
• Highly personalised experience.
Optimised end to end process
resulting in straight through
processing
Resultant Experience
• EU Reform of the 1995 data protection rules will strengthen online privacy rights whilst standardising policy across Europe. However
firms operating outside the EU must be cognisant of the data privacy regulation of other jurisdictions. To support this platforms will need
to manage conflicting national requirements simultaneously
Jurisdictional Considerations
Different customer segments have different privacy needs – which the bank should accommodate.
The resulting customer experience may also need to be adapted accordingly
Electronic distribution
provides the opportunity for
organisations to use big
data to great effect.
However, whilst big data is
a powerful digital business
tool, it presents a number
of important challenges.
Traditional data privacy practice
argues that data should not be used
other than for the purpose which it
was collected. This is potentially at
odds with the benefits that big data
provides.
Big data analysis involves identifying
emergent patterns from large
disparate sets of data.
Correlations and patterns are
therefore usually secondary to the
initial reason behind why the data
was collected. Traditional means of
addressing privacy, however, may
well stifle the opportunities and
insight that big data can provide.
Banks will have to sell the benefit of big data analysis to their customers,
explaining how their data will be used to provide a better service
Customers will then expect a level of control over how and where their data is used
© Parker Fitzgerald Limited 2014
10
DigitalCurrent State
The Changing Face of Fraud| The Digital Revolution │ Section Four
Prevention: The implementation of defences aimed at stopping fraud from occurring
• Reliance on advisor to pick up on possible fraud
• ID&V utilises personally Identifiable Information
• Physical provision on income evidence
• Automation limited through use of internal data
• Manually intensive back office processing
• Fraud prevention controls at point of sale
• ID&V process uses multiple sources of information
• Fraud controls reflect digital environment utilising
information such as device ID and IP address
• Auto income verification utilising 3rd party data
Monitoring: Processes and controls to identify fraud when it has occurred
• Risk ranking uses limited number of sources
• Investigation of cases is manual
• Significant lag between application and investigation
• Monitoring based on risks of physical distribution
• Risk ranking utilises big data solutions involving
many different sources of information
• Case detection and investigation is automated
• Integrated analytics for real time fraud management
Change in the Fraud Loss Profile
Digital Banking will change the
profile of fraud. The average
loss will increase as manual
intervention and validation is
replaced in favour of automation
and straight through processing.
• The increasing uptake of digital service
will raise the level of fraudulent activity
witnessed. This will be through the
attraction of the digital channel to new
customer segments coupled with
behavioural shifts amongst the bank’s
existing customer base
• Fraud prevention is about establishing the
defences to stop fraud from occurring;
fraud monitoring is about detecting fraud
when these defences have been breached
• At the same time the drive for digital,
straight through processing increases the
need to automate fraud processes
• These two forces combine to generate a
strong case for investment in modern
technology solutions to replace current
outdated systems or manually intensive
processes
Integrated technology solutions will drive a convergence of risk process. As a
result analytics will be able to take into account the credit decision and usage
statistics to enable real-time fraud management
Size of Fraud Loss
High
Low
Fra
ud
Fre
qu
en
cy
High
Current
State
DigitalCurrently fraud detection is largely performed post application. Fraud
cases are risk ranked with only the high risk cases manually
investigated. As a consequence a high frequency of lower risk fraud
cases are not identified
Fraud defences will become point of sale to support straight through
processing. As all applications will be screened the number of fraud
cases will reduce. However when defences are breached the
opportunity to commit more significant fraud is increased
© Parker Fitzgerald Limited 2014
11
Internet and mobile banking
create multiple new entry points
for cyber attacks on Financial
Institutions.
• The cyber threat has ever more access points to the bank’s technical assets –both into the bank directly and also via the bank’s supply chain
• A significant number of attacks appear not directly linked to financial gain – more than 25% of all security breaches are simply with the aim of service disruption
• Banks must understand the enemies they face and their new sophistication – these are frequently talented organisations rather than individuals
• The impact of a major services failure will have reputational impact and is likely give rise to financial loss
56%of all data breaches are
intentional and targetted
specifically through
digital channels
856Security incidents at
Financial Institutions
during 2013
*Verizon 2014 Data Breach Investigations Report
Respond to the attackSpot the attack1
Prevent the attack 2• Determine the most likely forms of attack
• Undertake cyber security diagnostics
• Plot the existing capability maturity
• Prioritise the areas of highest risk
• Define roadmap and strategy
• Establish the right relationship with the enterprise risk
framework
• Invest in the continuous monitoring of end-end
systems and transactions
• Assess the level of security resilience of your full
supply chain
• Intelligent threat detection and monitoring
• Determine continuity and crisis plans
• Implement incident response forensic tools
• Define and implement cyber incident containment
methodology and technologies
Card Skimming
Insider Misuse
Error
Crimeware
Theft / Loss
POS Intrusion
Cyber Espionage
Other
5%10%15%20%25% 0%
Web Attack
Service Disruption
27%
26%
22%
7%
6%
5%
4%
3%
<1%
<1%
Types of Security Breach in the Finance Industry*
3
Cyber Security: Protecting the Digital Assets| The Digital Revolution │ Section Five
The future of cyber risk management will be the continuous monitoring of the end-to-end systems and transactions
at a level that it not generally done today
© Parker Fitzgerald Limited 2014
12
The digital risk strategy should include a plan for
identification and measurement of the key digital conduct
risks – and also for implementing and embedding the risk
control structures within the organisation.
Conduct Risk and Digital Business| The Digital Revolution │ Section Six
A traditionally manual process
Conduct risk is concerned with the delivery of fair
customer outcomes and treatments. In traditional
physically based banking, this risk is typically
managed manually through direct human
interaction – however the amount of human
interaction that is possible within a digital service
offering is by definition minimised.
This creates challenges for the process of
advising on product sales, lengthy terms and
conditions descriptions and also for ensuring that
customers working through the digital and legacy
channels are not relatively disadvantaged.
1 2 3Disruption
The digital channel will dramatically change
how products are sold.
Digitally distributed services are at material risk of
allowing customers to make ill informed or impulsive
decisions. The risk is that banks are deemed to be
misselling or not acting in the customers’ best
interests. To avoid this banks must be aware of those
key instances where the customer is not fully
informed of the consequences of a decision.
Convention
Conduct managed by extensive human
intervention.
Conduct risk management is
concerned with the delivery of
fair customer outcomes and
treatments.
Vision
A clearly defined framework through which digital
conduct risks are managed and controlled.
SegmentationProfile and then group
customers based on
common customer traits
and servicing needs
AvailabilityOnly make available
services necessary for
each segment
AwarenessProvide information and
tools to support customer
decision making process
Digital banking need not be at the expense of
everyone else…
Misselling is not the only consideration; banks must
ensure fair and equal access. The FCA is clear that
banks must consider “online preferences and
capabilities across consumer segments” as
consumers may find the services they receive are
inferior to those of customers who choose to
interact online. Banks cannot simply forget about
specific demographics such as the elderly.
One of the biggest threats to
the digital revolution is another
misselling scandal.
© Parker Fitzgerald Limited 2014
13
RegulatoryConcerns
Product
Transition
Data
Security
Consumer
Protection
Outsourcing
Disintermediation
Technology
Resilience
Regulators will expect banks to
ensure that appropriate migration
paths are in place when replacing
legacy with electronic products.
As was seen with cheques, banks
cannot simply remove a product
and expect a solution to develop.
Regulators have no experience
of regulating a digital market.
As a result they will expect
banks’ to illustrate digital as a
core competency. This may
well manifest itself in an initial
period of intense regulation of
digital banking operations.
The FCA’s recent paper on
mobile banking (TR13/6) is
indicative of the concerns in
maintaining G20 legislature
focused on consumer
protection and banking
conduct.
The FCA can also be
expected to maintain its recent
focus on responsible lending
EU reform of the 1995 data
protection rules and the FCA’s
study Waking Shark II are
illustrative of the unease with
data security and privacy
regulation for digital banking.
The pervasive nature of electronic
distribution will increase banks’
reliance on 3rd parties. Regulators
will expect banks to understand
and ensure these organisations
are dealing with this information
appropriately.
Key Regulatory Challenges.
Regulators will aim to facilitate the
markets through increased
competition. This will enable non
financial providers to enter the market.
The disintermediation of banks is a
significant risk to market share.
Digital Regulatory Considerations| The Digital Revolution │ Section Seven
As the regulators come to terms
with the challenge of
supervising the post crisis
industry, digital banking is set to
change the landscape again.
• The uptake of digital banking has been
more rapid than the regulatory response
• As a consequence regulation is yet to
reflect the implications of the digital
banking environment
• Regulators have yet to build significant
experience of regulating a digital market
and will need a period of familiarisation
• Regulators are, however, now focusing
extensively on this area and are likely to
expect banks to illustrate that digital is a
core competency
• This may well manifest itself in an initial
period of over regulation of digital
technology and infrastructure to
demonstrate operational integrity and
resilience
The way we bank has moved on however the regulatory frameworks
needed to support digital banking have yet to catch up
© Parker Fitzgerald Limited 2014
14
Digital Banking programmes are typically set up as an
independent management structure to enable rapid
execution without the delivery constraints of the legacy
bank.
The Digital Risk Programme will report into the overall Digital Programme in
order to meet the rapid execution schedule required by the bank.
Risk also typically operates as an independent function within the post-crisis
bank. The risk programme will, therefore, require extensive content knowledge
and SME engagement from the existing risk function to ensure service quality
and control is maintained as the digital product set is rolled-out.
The Digital Risk Programme will require specialist content knowledge and
an understanding of the key controls - and should have extensive staffing from key
members of the existing risk functions if it is to achieve a high quality outcome.
Working Groups (per workstream)
Review of work stream progress and
forum for project issue resolution
Chair: Risk Function Lead
Attendees: Digital project delivery
team and Risk SMEs as required
Design Authority
Reviews and approves key digital risk
design decisions
Chair: Digital Risk Architect
Attendees: Digital SME’s
2
3
Steering Committee
Sets and controls the overall direction of
the programme
Chair: Head of Risk Change
Attendees: Digital Risk Director and
Heads of Risk Functions
1
Organising the Programme for Speed and Success| The Digital Revolution │ Section Eight © Parker Fitzgerald Limited 2014
15
Parker Fitzgerald
understand the digital
risk and regulatory
challenges better
than anyone else.
Our Digital Risk Solutions
practice is one of the
leading consulting teams
available in the industry -
combining critical thinking
with world class delivery.
Our service areas
underpin each aspect of
your Digital Risk journey
that combines thought
leadership with a proven
approach and high impact
deliverables – to enable
you to move at the speed
your organisation
requires.
How Parker Fitzgerald can Help| The Digital Revolution │ Section Eight
Service Focus
• Review of in-flight digital
change initiatives,
governance and delivery
plans with respect to risk
• Analysis of existing
frameworks with regulatory
expectations and firm wide
digital strategy
Service Focus
• Engagement with the in-
house digital programme
• Identification of the digital
programme’s dependencies
on risk
• Definition of the programme
governance structure
.
Service Focus
• Translation of existing risk
frameworks, policy and
procedure for a digital
environment
• Prioritisation of digital risk
deliverables aligned to the
in-house digital programme
• Conduct risk assessment
and measurement
approach
Service Focus
• End to end design of
streamlined risk processes
to support electronic
distribution
• Provision of new risk
capabilities and services to
support digital banking
Service Focus
• Implementation of end-state
business processes
• Provision of best in breed
digital products and
technology
• Harmonisation of legacy
and digital infrastructures
• Digital cost reduction and
optimisation
• Current state and digital
suitability assessment
• Regulatory weakness heat
map for Digital
• Definition of digital risk
governance structure
• Key digital risk inter-
dependencies map
• Integrated project delivery
plans
• Target operating model
definition
• Digital risk capability
delivery roadmap
• Risk governance
• Business process re-
engineering and
automation design and roll-
out plan
• Digital risk technology
package selection
• Target state digital
processes and governance
• Big data and digital risk
technology integration
• Vendor management
• Service benchmarking
Digital Risk
Service Excellence
Digital Risk
Diagnosis
Digital Risk
Mobilisation
Digital Risk
Strategy
Digital Risk
Solution Design
Planning the journey Designing the solution Delivering digital excellencePreparing for changeCurrent state assessment
Digital Risk Programme
Review and Assurance
Aligning your risk journey
• Digital risk strategy assessment
• Digital risk delivery programme
assessment
• Digital risk industry benchmarking
• Digital regulatory assessment and
tailored recommendations
Service Focus
• Review of your digital risk strategy and how effectively this aligns to your digital banking objectives
• Assessment of the structure, content and integrity of your digital risk delivery plans
• Audit of existing and proposed risk processes, system and policy against current and anticipated regulatory
expectations
• Benchmarking of your digital risk strategy and delivery plans against banking and non-banking competition
Service
Offering
© Parker Fitzgerald Limited 2014
16
• David oversees the firms Digital Risk Solutions practice focussing on the
design and implementation of market leading capabilities to support
clients throughout each stage of their digital transformation journey
• A former partner at the world’s largest technology consultancy,
throughout his career David has assisted many of Europe’s leading retail
and commercial banking groups evolve their digital channel distribution
and technology strategies. This has included the identification of major
risk management and regulatory considerations in the UK, France,
Germany and Netherlands
• He is a recognised expert in all areas of data virtualisation and social
data integration and has developed the firms approach in relation to data
privacy, cyber security, credit decisioning, fraud detection and
digital risk conduct
• David holds a MA in Engineering from Cambridge University
The Digital Risk Team
David
Northen
Partner
• Alastair was Global Managing Partner of the Security Practice in
Accenture’s global technology consulting business and for 11 years
worked with business and government leaders around the globe
• Alastair’s has presented on security and technology at the World
Economic Forum, the UN Security Council, the Council of Ministers in the
European Commission, the US Congressional Special Committee on
Critical Infrastructure Protection, the Science and Technology Committee
in the House of Lords, the Gulf Cooperation Council and the European
Central Bank
• Among Alastair’s featured speeches are Unlocking the Value of Identity
Management at the ID World International Congress 2007 and The
Future is Here: Technology Trends that are Shaping the Security Agenda
at the CISO Summit 2008
• Alastair has a B.Sc. in Physics, Postgraduate Diplomas in Computer
Science and Digital Imaging, a Ph.D. in Theoretical Physics and a D.Phil.
in Cryptographic Science
• Michael is a Director within the firm’s Digital Risk Solutions practice with
responsibility for digital business models and data architectures. He has
over 10 years’ experience in financial services gained at leading Retail
and Commercial Banking groups
• Michael has been responsible for the definition of strategic business
architectures to support major regulatory initiatives including Basel II,
CRD IV, MMR and transformational change such as the impact of digital
banking on Credit Risk
• Michael is a recognised expert in Enterprise Architecture design and in
particular the analysis, design and development of logical and physical
data models to support credit risk business processes, organisational
design, and the appropriate control
• Michael holds an MSc in Human Centred Computer Systems and is a
published academic author in the field of Digital Research
Michael
SoppittDirector
• Ayaz is a senior audit and compliance practitioner with over 20 years’
experience advising and building audit teams within leading financial
institutions and consultancies including RBS, BNY Mellon, Prudential
Insurance, Deloitte and KPMG
• He has an in-depth understanding of conduct risk acquired on a
secondment to the Financial Conduct Authority (market conduct, market
abuse, financial crime and rogue trading controls) supplemented with
experience acquired from first hand experience at a number of
international financial services organisations
• Specialist in both buy-side and sell-side operations across Investment
Banking, Asset Management, Asset Servicing, Treasury, Capital Markets
and IT audit, as well as a detailed product knowledge covering Equities,
Fixed Income, Derivatives, Hedge Funds, Trackers and Quants
• Ayaz is a Chartered Accountant (ACA) having trained with KPMG
in Leeds
Ayaz
SiddiquiCredit & Conduct
| The Digital Revolution │ Section Eight
1 Practice Leadership 2Senior Advisors
Our leadership team is supported by specialists in the areas of credit, fraud, security and conduct risk.
Together they represent one of the predominant Digital Risk consulting teams available in the industry
Dr Alastair
MacWillsonCyber Security
© Parker Fitzgerald Limited 2014
17
Parker Fitzgerald Global Locations| The Digital Revolution │ Section Eight │ V 2.0
NEW YORKThe Seagram Building
375 Park Avenue
New York,
NY 10152, US
+1 212 634 7478
LONDONHeron Tower
110 Bishopsgate
LONDON
EC2N 4AY, UK
+44 207 100 7575
AMSTERDAMWTC Amsterdam
H / Tower
Zuidplein 36
1077 VX, Netherlands
+31 20 799 7969
SINGAPORELevel 30
Six Battery Road
049909
Singapore
+65 6725 6376
© Parker Fitzgerald Limited 2014
www.parkerfitzgerald.comwww.parker-fitzgerald.com
Important Notice
This document has been prepared by Parker Fitzgerald Limited (as defined below) for the sole purpose of providing a
proposal to the parties to whom it is addressed in order that they may evaluate the capabilities of Parker Fitzgerald to
supply the proposed services.
The information contained in this document has been compiled by Parker Fitzgerald and includes material which may
have been obtained from information provided by various sources and discussions with management but has not been
verified or audited. This document also contains confidential material proprietary to Parker Fitzgerald.
Except in the general context of evaluating our capabilities, no reliance may be placed for any purposes whatsoever on
the contents of this document or on its completeness. No representation or warranty, express or implied, is given and no
responsibility or liability is or will be accepted by or on behalf of Parker Fitzgerald or by any of its partners, members,
employees, agents or any other person as to the accuracy, completeness or correctness of the information contained in
this document or any other oral information made available and any such liability is expressly disclaimed.
This document and its contents are confidential and may not be
reproduced, redistributed or passed on, directly or indirectly, to any other
person in whole or in part without our prior written consent.
This document is not an offer and is not intended to be contractually
binding. Should this proposal be acceptable to you, and following the
conclusion of our internal acceptance procedures, we would be pleased to
discuss terms and conditions with you prior to our appointment.
Parker Fitzgerald is a limited company registered in England and Wales.
Registration number: 06362018.
Registered office: 17th Floor, Heron Tower,
110 Bishopsgate, LONDON EC2N 4AY
Contact Details
David Northen
Partner
T: +44 (0) 207 100 7575
M: +44 (0) 7778 661 608
Contact Details
Michael Soppitt
Director
T: +44 (0) 207 100 7575
M: +44 (0) 7795 302 111