UK Financial Services Practice

Risk and the Digital Banking RevolutionKeeping pace with the new world of Banking

The shift from physical to electronic distribution has major implications for how banks need to

approach risk management

Regulators have little experience of regulating a digital market. Their response will be a key

factor in making the digital bank a success

The use of big data will be a key enabler in the future of digital banking and the successful

application of risk frameworks

The digital journey for the risk function needs to start now if the banks are not to be left behind.

The complexity of solution will be determined by the products and services offered

PARKER FITZGERALD is an award winning professional services firm specialising in the delivery

of risk and regulatory transformation within the financial services sector

We partner with the world’s leading financial institutions to manage the strategic impacts of new

financial regulation across the enterprise and deliver market leading capabilities for the risk function

“Shaping the future of finance…

combining critical thinking with world class delivery”

3

Contents| The Digital Revolution

01 The Digital Revolution and a Return to Profitability

02 Credit Decisioning and Big Data Solutions

03 Data Privacy and the Risks of Knowing More

04 The Changing Face of Fraud

05 Cyber Security: Protecting the Digital Assets

06 Conduct Risk and Digital Business

07 Digital Regulatory Considerations

08 How Parker Fitzgerald can Help

© Parker Fitzgerald Limited 2014

4

UK Banking Actual and Forecast Return on Equity.

0%

5%

10%

15%

20%

2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020

2007: Credit CrunchBNP Paribas freeze $2.2bn of

funds resulting in panic and a

seizure in the financial

markets

2009: BCBS Basel II Reform

Changes aimed at improving

market risk for incremental risk

in the trading book place

increasing strain on RoE 2016: SmartphonesSmartphone penetration

is likely to be the only

limiting factor in the

digital revolution. This is

forecast to reach 75% in

2016 up from 44% in

2012**

2014: Interest RatesAs interest rates begin to

improve so do the banks

funding margins

2020: Mobile Usage33% of all consumers will be

using smartphones for all their

banking needs whilst mobile will

make up more than 50% of all

payment transactions*

Upward Pressure

Downward Pressure

2012: LLP RecoveryBanks begin to see an

improvements in RoE

attributed to improvements

in the necessary Loan Loss

Provisions

RecoveryCollapse

* Telecoms.com **Portio Research

The Digital Revolution and a Return to Profitability

Banks must rethink their

business models if they wish

to generate acceptable

return on equity (RoE) in the

face of increased capital

requirements and the

ongoing costs of regulatory

change.

Poor performance and increased

liquidity costs resulted in a collapse

of RoE during the financial crisis.

The regulatory response to the crisis

further drove up capital and funding

costs – an area of continuing focus

from the PRA – and coupled with the

operational costs of implementing

new regulation this is an established

board agenda item.

Even with forecast rises in interest

rates, banks must now

fundamentally re-evaluate their

business models if they are to

recover levels of RoE.

| The Digital Revolution │ Section One

Digital provides both greater distribution and operational efficiencies that

will improve the ability of the banking sector to generate return on equity

© Parker Fitzgerald Limited 2014

5

Electronic Distribution Channels Need Electronic Risk Frameworks| The Digital Revolution │ Section One

The challenge for the risk function is the growing disparity

between the new product channels and the means of

communication required to support risk processes

• Banks were founded upon physical distribution and as a consequence

risk frameworks have evolved to rely on human interaction. As the

level of direct human interaction has diminished so too has the

appropriateness of manual risk processes

• The tipping point has now been reached where risk frameworks are no

longer capable of meeting operational or regulatory expectations in a

digital banking world

The shift towards digital banking strikes at the heart of the

banking distribution model that has served the industry for

more than 250 years

• There were 17,637 branches in the UK in 1990; today there are just

9,500. Research by the Campaign for Community Banking Services

estimates this will shrink by a further 27% to just 7,500 by 2018

• Consumers are increasingly using online and mobile to meet their

banking needs. The latest generations of banking users lead

predominantly digital lifestyles and many have never even entered a

branch

High

Time

ACustomer

Interaction

Required

Level of

Interaction

B

Current State

Current distribution model provides the

necessary level of human interaction to

ensure risk management is effective

Digital Migration

As distribution shifts to

digital so the levels of

human interaction drops

below the level

necessary to meet

regulatory expectations

Reduce Manual

Reliance

Banks must reengineer

risk management

processes to meet the

digital distribution model

Low

Digital Banking Impact on Direct Customer Interaction and Risk ManagementDistribution Channel Penetration*

0%

50%

100%

75%

25%

1996 1998

Mobile Banking

Internet Banking

Branch Banking

2000 2002 2004 2006 2008 2010 2012 2014 2016 2018 2020

*1996 to 2012 data – Bank of America Merrill Lynch Banking & Financial Services Conference 2012

The shift from physical to electronic distribution

has major implications for risk processes

© Parker Fitzgerald Limited 2014

6

The Digital Risk Journey| The Digital Revolution │ Section One

HARMONISATION

Becoming one ‘Digital Bank’

SIMPLIFICATION

Becoming ‘Digital Inside’

DISTRIBUTION

Becoming ‘Digital Outside’

TRANSLATION

Understanding the Implications

• Harmonisation of risk operating

models across legacy and digital

architectures to support an omni-

channel banking infrastructure

• Design of re-engineered of risk

processes to support the digital

banking product set

• Implementation of re-engineered

digital risk processes alongside

legacy manual processes

• Definition of the process changes

required to underpin the strategy

• Key regulatory assumption must be

factored in to solution design.

• Mandatory adaptation of existing risk

business processes and systems

• Translation of organisations digital

strategy in to a digital risk journey

• Determine the scope of the risk and

regulatory engagement

• Definition of digital risk strategy and

mobilisation of Risk Programme

High

Low

Dig

ital M

atu

rity

Market pressures demand

a rapid transition to digital

banking products.

To achieve this pace of

change, it is key that the

risk function gears up to

define effective,

sustainable risk

frameworks that will

support digital customer

interaction.

The concluding phase of the journey is

where the risk strategy, supported by a

target operating model that efficiently

supports both legacy and digital product

channels, is implemented.

This will typically involve migration activities

to remove any duplicated processes.

The investment continues at pace as

the re-engineered (and increasingly

automated) risk processes move

through design and into production .

The digital journey for the risk function needs to start now

if the bank is to realise its digital banking vision at the speed required

Risk

EffortA

Digital Risk Strategy Alignment Risk Solution Design Implementation Platform Integration

The Components of the Digital Banking Journey – and the Implications for Risk.

In order to ensure that the bank’s risk

controls are not compromised by the

pace of digital product delivery.

Significant investment from risk will

be required for the definition of the

digital risk strategy and the

determination of the underlying risk

processes.

© Parker Fitzgerald Limited 2014

7

Fraud

Prevention

Conduct

Risk

Cyber

Security

Data

Privacy

The Pillars of Digital Risk and Regulation| The Digital Revolution │ Section One

At Parker Fitzgerald we provide specialist expertise

in those risk areas most significantly impacted by the digital banking revolution

Credit

Decisioning

1 3 4 52• Decisioning strategies will need

to draw upon far wider data

sources, including social media

to improve operational

performance and marginal risk

assessment

• Frequent revision of customer

segmentation models will be

necessary to reflect the new

social demographics flowing

through the digital channel

• Significant re-engineering/

automation of the manual

processes for checking of loan

security will be needed in order

to offer a fast, seamless digital

customer experience

• Electronic distribution provides

the opportunity for organisations

to use big data to great effect.

However, whilst big data can

solve many digital issues it also

presents many of its own

• Different customer

demographics have different

privacy expectations. These

must be accommodated and

policies adapted accordingly

• Banks must sell the benefit of

big data analysis to their

customers; explain how their

data can be used to provide a

better service. Customers must

then be given the opportunity to

opt in or opt out

• Increased business flow through

the digital channel will result in

the attraction of new customer

segments with a higher fraud

risk profile and also a potential

behavioural shift within the

existing customer base

• The physical anonymity provided

by remote electronic data

capture relative to having to

answer directly to a bank’s sales

agent can encourage this

behaviour – which includes

adopting a false identity or

knowingly providing invalid

information.

• Increasing the range of banking

services offered via a

technology interface raises the

number

of potential entry points – and

opportunities – for security

breaches

• Data security is an area of

heightened media scrutiny – and

banks simply cannot afford the

risk of losing control over any of

their customer’s personal or

financial data

• As the bank invests in its digital

channels, it is critical that it

protects its business through a

commensurate investment in

information security

• Product sales currently benefit

from extensive human

intervention which will not exist

in a digital environment

• The conduct risk challenges

faced by the legacy channels

apply as much, if not more, to

the digital business. Where and

how customers are advised of

the implications of a banking

product sold digitally has to be

considered

• Similarly, ensuring that digital

and legacy customers are

treated fairly will require

continuous oversight as the

digital business is typically set

up as a separate business entity

to the rest of the bank

Technology

Resilience

6• Migration of banking services to a digital service provision places still wider reliance on technology solutions

• The levels of technology resilience and availability will need to be maintained across the full value chain of the bank, from mobile banking apps through to core accounting platforms and

payments systems

• Any service outages in the digital world have direct reputational impact (such as Blackberry) - similar to payment systems downtime problems witnessed recently in the UK banking sector

© Parker Fitzgerald Limited 2014

8

Central to all lending is the

assessment of credit risk.

The effectiveness of which

is at present reliant on

human interpretation.

• Based around a physical

distribution model, credit risk is

reliant on human interpretation.

Colleagues are required to advise

as well as assess, extract and

capture the relevant data

• Electronic distribution changes

this landscape. Credit Risk

management and regulatory

compliance will no longer benefit

from human involvement

• Credit Risk will need digitally

compatible risk policies and

procedures

• As the digital journey continues,

so risk functions will need to

embrace new decisioning

paradigms to remain competitive

• Limited to no integration with risk

• Only bureau (often single source) and

internal data used to determine the

credit decision

• Digital risk is managed using existing

frameworks, typically requiring the

rekeying of data into legacy systems

• Risk management is heavily reliant on

human intervention and validation

• Multi-bureau credit data sources

• Risk framework, policy and procedure

translated for digital

• Risk processes optimised and

automated to support an electronic

distribution paradigm

• Big Data analysis used to leverage

additional data sources and improve

marginal risk decisioning

• New lending models – such as pro-

active mortgage offers - will result in

targeted, location based sales

distribution

• New behavioural paradigms will be

utilised such as trust based

decisioning, taking into account

customer online behaviour across

multiple digital sources

Credit Decisioning and Big Data Solutions| The Digital Revolution │ Section Two

Digital Evolution of

Credit Decisioning

Data Sources

Physical Legacy

Based on physical

provisioning of

documentation and use

of credit history

Big Data Profiling

Utilisation of numerous

digital sources of data

to determine credit

worthinessTrust Based

New behavioural

philosophies applied

such as trust based

decisioning

Decisioning Paradigm

Risk functions will need to embrace the use of new decisioning paradigms

if they are to remain competitive in a digital environment

© Parker Fitzgerald Limited 2014

9

Data Privacy and the Risks of Knowing More| The Digital Revolution │ Section Three

01010101001010101101

0101010101010101010

0101001010101

0101010101010101

010101010101010101

10101 0 1 0 1 0

1 0 1 0 1 0 1 0 1

0 1 0 1 0 1 0 1 0 1

0 1 0 1 0 1 0 1 0

1 0 1 0 1 0 1 0

“The Enigma”“The Sharer”

1

“The Pragmatist”

• Opposed to sharing any information

with companies unless there is a

compelling justification to do so

• Monitors data given to organizations

and how it is used within the services

provided

• Freely shares data through desire for

improved experience as a result of

being unconcerned about data use

Customer Characteristics

• Does not consent to data usage.

Customer subject to less efficient

process and longer customer

experience

• Customer is able to engage in simple

digital services. Complex transactions

subject to antiquated means of

evaluation

• Highly personalised experience.

Optimised end to end process

resulting in straight through

processing

Resultant Experience

• EU Reform of the 1995 data protection rules will strengthen online privacy rights whilst standardising policy across Europe. However

firms operating outside the EU must be cognisant of the data privacy regulation of other jurisdictions. To support this platforms will need

to manage conflicting national requirements simultaneously

Jurisdictional Considerations

Different customer segments have different privacy needs – which the bank should accommodate.

The resulting customer experience may also need to be adapted accordingly

Electronic distribution

provides the opportunity for

organisations to use big

data to great effect.

However, whilst big data is

a powerful digital business

tool, it presents a number

of important challenges.

Traditional data privacy practice

argues that data should not be used

other than for the purpose which it

was collected. This is potentially at

odds with the benefits that big data

provides.

Big data analysis involves identifying

emergent patterns from large

disparate sets of data.

Correlations and patterns are

therefore usually secondary to the

initial reason behind why the data

was collected. Traditional means of

addressing privacy, however, may

well stifle the opportunities and

insight that big data can provide.

Banks will have to sell the benefit of big data analysis to their customers,

explaining how their data will be used to provide a better service

Customers will then expect a level of control over how and where their data is used

© Parker Fitzgerald Limited 2014

10

DigitalCurrent State

The Changing Face of Fraud| The Digital Revolution │ Section Four

Prevention: The implementation of defences aimed at stopping fraud from occurring

• Reliance on advisor to pick up on possible fraud

• ID&V utilises personally Identifiable Information

• Physical provision on income evidence

• Automation limited through use of internal data

• Manually intensive back office processing

• Fraud prevention controls at point of sale

• ID&V process uses multiple sources of information

• Fraud controls reflect digital environment utilising

information such as device ID and IP address

• Auto income verification utilising 3rd party data

Monitoring: Processes and controls to identify fraud when it has occurred

• Risk ranking uses limited number of sources

• Investigation of cases is manual

• Significant lag between application and investigation

• Monitoring based on risks of physical distribution

• Risk ranking utilises big data solutions involving

many different sources of information

• Case detection and investigation is automated

• Integrated analytics for real time fraud management

Change in the Fraud Loss Profile

Digital Banking will change the

profile of fraud. The average

loss will increase as manual

intervention and validation is

replaced in favour of automation

and straight through processing.

• The increasing uptake of digital service

will raise the level of fraudulent activity

witnessed. This will be through the

attraction of the digital channel to new

customer segments coupled with

behavioural shifts amongst the bank’s

existing customer base

• Fraud prevention is about establishing the

defences to stop fraud from occurring;

fraud monitoring is about detecting fraud

when these defences have been breached

• At the same time the drive for digital,

straight through processing increases the

need to automate fraud processes

• These two forces combine to generate a

strong case for investment in modern

technology solutions to replace current

outdated systems or manually intensive

processes

Integrated technology solutions will drive a convergence of risk process. As a

result analytics will be able to take into account the credit decision and usage

statistics to enable real-time fraud management

Size of Fraud Loss

High

Low

Fra

ud

Fre

qu

en

cy

High

Current

State

DigitalCurrently fraud detection is largely performed post application. Fraud

cases are risk ranked with only the high risk cases manually

investigated. As a consequence a high frequency of lower risk fraud

cases are not identified

Fraud defences will become point of sale to support straight through

processing. As all applications will be screened the number of fraud

cases will reduce. However when defences are breached the

opportunity to commit more significant fraud is increased

© Parker Fitzgerald Limited 2014

11

Internet and mobile banking

create multiple new entry points

for cyber attacks on Financial

Institutions.

• The cyber threat has ever more access points to the bank’s technical assets –both into the bank directly and also via the bank’s supply chain

• A significant number of attacks appear not directly linked to financial gain – more than 25% of all security breaches are simply with the aim of service disruption

• Banks must understand the enemies they face and their new sophistication – these are frequently talented organisations rather than individuals

• The impact of a major services failure will have reputational impact and is likely give rise to financial loss

56%of all data breaches are

intentional and targetted

specifically through

digital channels

856Security incidents at

Financial Institutions

during 2013

*Verizon 2014 Data Breach Investigations Report

Respond to the attackSpot the attack1

Prevent the attack 2• Determine the most likely forms of attack

• Undertake cyber security diagnostics

• Plot the existing capability maturity

• Prioritise the areas of highest risk

• Define roadmap and strategy

• Establish the right relationship with the enterprise risk

framework

• Invest in the continuous monitoring of end-end

systems and transactions

• Assess the level of security resilience of your full

supply chain

• Intelligent threat detection and monitoring

• Determine continuity and crisis plans

• Implement incident response forensic tools

• Define and implement cyber incident containment

methodology and technologies

Card Skimming

Insider Misuse

Error

Crimeware

Theft / Loss

POS Intrusion

Cyber Espionage

Other

5%10%15%20%25% 0%

Web Attack

Service Disruption

27%

26%

22%

7%

6%

5%

4%

3%

<1%

<1%

Types of Security Breach in the Finance Industry*

3

Cyber Security: Protecting the Digital Assets| The Digital Revolution │ Section Five

The future of cyber risk management will be the continuous monitoring of the end-to-end systems and transactions

at a level that it not generally done today

© Parker Fitzgerald Limited 2014

12

The digital risk strategy should include a plan for

identification and measurement of the key digital conduct

risks – and also for implementing and embedding the risk

control structures within the organisation.

Conduct Risk and Digital Business| The Digital Revolution │ Section Six

A traditionally manual process

Conduct risk is concerned with the delivery of fair

customer outcomes and treatments. In traditional

physically based banking, this risk is typically

managed manually through direct human

interaction – however the amount of human

interaction that is possible within a digital service

offering is by definition minimised.

This creates challenges for the process of

advising on product sales, lengthy terms and

conditions descriptions and also for ensuring that

customers working through the digital and legacy

channels are not relatively disadvantaged.

1 2 3Disruption

The digital channel will dramatically change

how products are sold.

Digitally distributed services are at material risk of

allowing customers to make ill informed or impulsive

decisions. The risk is that banks are deemed to be

misselling or not acting in the customers’ best

interests. To avoid this banks must be aware of those

key instances where the customer is not fully

informed of the consequences of a decision.

Convention

Conduct managed by extensive human

intervention.

Conduct risk management is

concerned with the delivery of

fair customer outcomes and

treatments.

Vision

A clearly defined framework through which digital

conduct risks are managed and controlled.

SegmentationProfile and then group

customers based on

common customer traits

and servicing needs

AvailabilityOnly make available

services necessary for

each segment

AwarenessProvide information and

tools to support customer

decision making process

Digital banking need not be at the expense of

everyone else…

Misselling is not the only consideration; banks must

ensure fair and equal access. The FCA is clear that

banks must consider “online preferences and

capabilities across consumer segments” as

consumers may find the services they receive are

inferior to those of customers who choose to

interact online. Banks cannot simply forget about

specific demographics such as the elderly.

One of the biggest threats to

the digital revolution is another

misselling scandal.

© Parker Fitzgerald Limited 2014

13

RegulatoryConcerns

Product

Transition

Data

Security

Consumer

Protection

Outsourcing

Disintermediation

Technology

Resilience

Regulators will expect banks to

ensure that appropriate migration

paths are in place when replacing

legacy with electronic products.

As was seen with cheques, banks

cannot simply remove a product

and expect a solution to develop.

Regulators have no experience

of regulating a digital market.

As a result they will expect

banks’ to illustrate digital as a

core competency. This may

well manifest itself in an initial

period of intense regulation of

digital banking operations.

The FCA’s recent paper on

mobile banking (TR13/6) is

indicative of the concerns in

maintaining G20 legislature

focused on consumer

protection and banking

conduct.

The FCA can also be

expected to maintain its recent

focus on responsible lending

EU reform of the 1995 data

protection rules and the FCA’s

study Waking Shark II are

illustrative of the unease with

data security and privacy

regulation for digital banking.

The pervasive nature of electronic

distribution will increase banks’

reliance on 3rd parties. Regulators

will expect banks to understand

and ensure these organisations

are dealing with this information

appropriately.

Key Regulatory Challenges.

Regulators will aim to facilitate the

markets through increased

competition. This will enable non

financial providers to enter the market.

The disintermediation of banks is a

significant risk to market share.

Digital Regulatory Considerations| The Digital Revolution │ Section Seven

As the regulators come to terms

with the challenge of

supervising the post crisis

industry, digital banking is set to

change the landscape again.

• The uptake of digital banking has been

more rapid than the regulatory response

• As a consequence regulation is yet to

reflect the implications of the digital

banking environment

• Regulators have yet to build significant

experience of regulating a digital market

and will need a period of familiarisation

• Regulators are, however, now focusing

extensively on this area and are likely to

expect banks to illustrate that digital is a

core competency

• This may well manifest itself in an initial

period of over regulation of digital

technology and infrastructure to

demonstrate operational integrity and

resilience

The way we bank has moved on however the regulatory frameworks

needed to support digital banking have yet to catch up

© Parker Fitzgerald Limited 2014

14

Digital Banking programmes are typically set up as an

independent management structure to enable rapid

execution without the delivery constraints of the legacy

bank.

The Digital Risk Programme will report into the overall Digital Programme in

order to meet the rapid execution schedule required by the bank.

Risk also typically operates as an independent function within the post-crisis

bank. The risk programme will, therefore, require extensive content knowledge

and SME engagement from the existing risk function to ensure service quality

and control is maintained as the digital product set is rolled-out.

The Digital Risk Programme will require specialist content knowledge and

an understanding of the key controls - and should have extensive staffing from key

members of the existing risk functions if it is to achieve a high quality outcome.

Working Groups (per workstream)

Review of work stream progress and

forum for project issue resolution

Chair: Risk Function Lead

Attendees: Digital project delivery

team and Risk SMEs as required

Design Authority

Reviews and approves key digital risk

design decisions

Chair: Digital Risk Architect

Attendees: Digital SME’s

2

3

Steering Committee

Sets and controls the overall direction of

the programme

Chair: Head of Risk Change

Attendees: Digital Risk Director and

Heads of Risk Functions

1

Organising the Programme for Speed and Success| The Digital Revolution │ Section Eight © Parker Fitzgerald Limited 2014

15

Parker Fitzgerald

understand the digital

risk and regulatory

challenges better

than anyone else.

Our Digital Risk Solutions

practice is one of the

leading consulting teams

available in the industry -

combining critical thinking

with world class delivery.

Our service areas

underpin each aspect of

your Digital Risk journey

that combines thought

leadership with a proven

approach and high impact

deliverables – to enable

you to move at the speed

your organisation

requires.

How Parker Fitzgerald can Help| The Digital Revolution │ Section Eight

Service Focus

• Review of in-flight digital

change initiatives,

governance and delivery

plans with respect to risk

• Analysis of existing

frameworks with regulatory

expectations and firm wide

digital strategy

Service Focus

• Engagement with the in-

house digital programme

• Identification of the digital

programme’s dependencies

on risk

• Definition of the programme

governance structure

.

Service Focus

• Translation of existing risk

frameworks, policy and

procedure for a digital

environment

• Prioritisation of digital risk

deliverables aligned to the

in-house digital programme

• Conduct risk assessment

and measurement

approach

Service Focus

• End to end design of

streamlined risk processes

to support electronic

distribution

• Provision of new risk

capabilities and services to

support digital banking

Service Focus

• Implementation of end-state

business processes

• Provision of best in breed

digital products and

technology

• Harmonisation of legacy

and digital infrastructures

• Digital cost reduction and

optimisation

• Current state and digital

suitability assessment

• Regulatory weakness heat

map for Digital

• Definition of digital risk

governance structure

• Key digital risk inter-

dependencies map

• Integrated project delivery

plans

• Target operating model

definition

• Digital risk capability

delivery roadmap

• Risk governance

• Business process re-

engineering and

automation design and roll-

out plan

• Digital risk technology

package selection

• Target state digital

processes and governance

• Big data and digital risk

technology integration

• Vendor management

• Service benchmarking

Digital Risk

Service Excellence

Digital Risk

Diagnosis

Digital Risk

Mobilisation

Digital Risk

Strategy

Digital Risk

Solution Design

Planning the journey Designing the solution Delivering digital excellencePreparing for changeCurrent state assessment

Digital Risk Programme

Review and Assurance

Aligning your risk journey

• Digital risk strategy assessment

• Digital risk delivery programme

assessment

• Digital risk industry benchmarking

• Digital regulatory assessment and

tailored recommendations

Service Focus

• Review of your digital risk strategy and how effectively this aligns to your digital banking objectives

• Assessment of the structure, content and integrity of your digital risk delivery plans

• Audit of existing and proposed risk processes, system and policy against current and anticipated regulatory

expectations

• Benchmarking of your digital risk strategy and delivery plans against banking and non-banking competition

Service

Offering

© Parker Fitzgerald Limited 2014

16

• David oversees the firms Digital Risk Solutions practice focussing on the

design and implementation of market leading capabilities to support

clients throughout each stage of their digital transformation journey

• A former partner at the world’s largest technology consultancy,

throughout his career David has assisted many of Europe’s leading retail

and commercial banking groups evolve their digital channel distribution

and technology strategies. This has included the identification of major

risk management and regulatory considerations in the UK, France,

Germany and Netherlands

• He is a recognised expert in all areas of data virtualisation and social

data integration and has developed the firms approach in relation to data

privacy, cyber security, credit decisioning, fraud detection and

digital risk conduct

• David holds a MA in Engineering from Cambridge University

The Digital Risk Team

David

Northen

Partner

• Alastair was Global Managing Partner of the Security Practice in

Accenture’s global technology consulting business and for 11 years

worked with business and government leaders around the globe

• Alastair’s has presented on security and technology at the World

Economic Forum, the UN Security Council, the Council of Ministers in the

European Commission, the US Congressional Special Committee on

Critical Infrastructure Protection, the Science and Technology Committee

in the House of Lords, the Gulf Cooperation Council and the European

Central Bank

• Among Alastair’s featured speeches are Unlocking the Value of Identity

Management at the ID World International Congress 2007 and The

Future is Here: Technology Trends that are Shaping the Security Agenda

at the CISO Summit 2008

• Alastair has a B.Sc. in Physics, Postgraduate Diplomas in Computer

Science and Digital Imaging, a Ph.D. in Theoretical Physics and a D.Phil.

in Cryptographic Science

• Michael is a Director within the firm’s Digital Risk Solutions practice with

responsibility for digital business models and data architectures. He has

over 10 years’ experience in financial services gained at leading Retail

and Commercial Banking groups

• Michael has been responsible for the definition of strategic business

architectures to support major regulatory initiatives including Basel II,

CRD IV, MMR and transformational change such as the impact of digital

banking on Credit Risk

• Michael is a recognised expert in Enterprise Architecture design and in

particular the analysis, design and development of logical and physical

data models to support credit risk business processes, organisational

design, and the appropriate control

• Michael holds an MSc in Human Centred Computer Systems and is a

published academic author in the field of Digital Research

Michael

SoppittDirector

• Ayaz is a senior audit and compliance practitioner with over 20 years’

experience advising and building audit teams within leading financial

institutions and consultancies including RBS, BNY Mellon, Prudential

Insurance, Deloitte and KPMG

• He has an in-depth understanding of conduct risk acquired on a

secondment to the Financial Conduct Authority (market conduct, market

abuse, financial crime and rogue trading controls) supplemented with

experience acquired from first hand experience at a number of

international financial services organisations

• Specialist in both buy-side and sell-side operations across Investment

Banking, Asset Management, Asset Servicing, Treasury, Capital Markets

and IT audit, as well as a detailed product knowledge covering Equities,

Fixed Income, Derivatives, Hedge Funds, Trackers and Quants

• Ayaz is a Chartered Accountant (ACA) having trained with KPMG

in Leeds

Ayaz

SiddiquiCredit & Conduct

| The Digital Revolution │ Section Eight

1 Practice Leadership 2Senior Advisors

Our leadership team is supported by specialists in the areas of credit, fraud, security and conduct risk.

Together they represent one of the predominant Digital Risk consulting teams available in the industry

Dr Alastair

MacWillsonCyber Security

© Parker Fitzgerald Limited 2014

17

Parker Fitzgerald Global Locations| The Digital Revolution │ Section Eight │ V 2.0

NEW YORKThe Seagram Building

375 Park Avenue

New York,

NY 10152, US

+1 212 634 7478

LONDONHeron Tower

110 Bishopsgate

LONDON

EC2N 4AY, UK

+44 207 100 7575

AMSTERDAMWTC Amsterdam

H / Tower

Zuidplein 36

1077 VX, Netherlands

+31 20 799 7969

SINGAPORELevel 30

Six Battery Road

049909

Singapore

+65 6725 6376

© Parker Fitzgerald Limited 2014

www.parkerfitzgerald.comwww.parker-fitzgerald.com

Important Notice

This document has been prepared by Parker Fitzgerald Limited (as defined below) for the sole purpose of providing a

proposal to the parties to whom it is addressed in order that they may evaluate the capabilities of Parker Fitzgerald to

supply the proposed services.

The information contained in this document has been compiled by Parker Fitzgerald and includes material which may

have been obtained from information provided by various sources and discussions with management but has not been

verified or audited. This document also contains confidential material proprietary to Parker Fitzgerald.

Except in the general context of evaluating our capabilities, no reliance may be placed for any purposes whatsoever on

the contents of this document or on its completeness. No representation or warranty, express or implied, is given and no

responsibility or liability is or will be accepted by or on behalf of Parker Fitzgerald or by any of its partners, members,

employees, agents or any other person as to the accuracy, completeness or correctness of the information contained in

this document or any other oral information made available and any such liability is expressly disclaimed.

This document and its contents are confidential and may not be

reproduced, redistributed or passed on, directly or indirectly, to any other

person in whole or in part without our prior written consent.

This document is not an offer and is not intended to be contractually

binding. Should this proposal be acceptable to you, and following the

conclusion of our internal acceptance procedures, we would be pleased to

discuss terms and conditions with you prior to our appointment.

Parker Fitzgerald is a limited company registered in England and Wales.

Registration number: 06362018.

Registered office: 17th Floor, Heron Tower,

110 Bishopsgate, LONDON EC2N 4AY

Contact Details

David Northen

Partner

T: +44 (0) 207 100 7575

M: +44 (0) 7778 661 608

E: dnorthen@pfg.uk.com

Contact Details

Michael Soppitt

Director

T: +44 (0) 207 100 7575

M: +44 (0) 7795 302 111

E: msoppitt@pfg.uk.com