What’s so special about regulatory reporting projects?
To help oversee their national economies effectively, governments develop governance models for all transactions, whether over the counter (OTC) or in financial markets (e.g., the United States implemented the Dodd-Frank Act around 2008, which mandated that all OTC trades must be reported to the regulators).
Typically, reporting rules are based on the laws of the land; hence, regulatory projects are called “rule-based reporting.” And as laws are continually evolving, financial services organizations are obliged to make a special effort to keep up with developments.
So, the primary aim of this article is to explore the special nature of regulatory projects and apply lessons learned so we can tell clients:
Their project will require several business analysts, developers, technical architects, project managers and quality assurance personnel
Which high-level requirements are the most important
The least amount of work needed to follow the regulatory requirements within a given period
Principal elements of regulatory projects
Inclusion/exclusion criteria. These criteria define whether you should report a transaction. For instance, if your product is an interest-rate swap and your counterparty is in the United States, you must report it to a regulator (e.g., DTCC).
Reporting criteria. Reporting criteria show who informs a regulator about a transaction. If Citi and Standard Chartered make a swap deal, one of them must disclose it. If both reported the transaction, the redundant report would be guilty of “over-reporting.”
Over-reporting. Over-reporting creates extra work for operations teams, diverting them from genuine issues. Therefore, reporting systems and applications must provide a way of filtering transactions.
Weightage-based reporting rules. In my experience, regulatory reporting is based on the weightage in the system. For instance, when a transaction is reportable by both parties, the party with the higher weightage reports the transaction. To estimate the development and testing effort, consider testing around these weightages.
Unique transaction reporting. Ensure you report transactions using a unique transaction number. In Dodd-Frank reporting, each transaction and amendment gets a unique reference. Trade amendments (notional amendments are “transactional amendments”) must be reported, too. Regulators also check novation (counterparty amendments).
Reporting frequency. With timebound reporting requirements, most parties report transactions immediately using real-time reports, while others report by the end of the day. Applications should support all reporting types because a delay in reporting breaches regulatory requirements.
Reporting quality. Timing is critical for reporting, as is quality. So, make sure you’re getting acknowledgments (ACKs) and negative acknowledgments (NACKs) from regulators that you can understand. Receiving NACKs for all messages is not a good sign.
Often, IT companies install stubs (pseudo apps) for testing ACKs and NACKs because they have no connectivity with the regulators in a user acceptance testing (UAT) environment. This is also a significant limitation because once you get a real system, you must investigate what’s failing.
User interface. Another aspect of regulatory projects is user-interface testing. It shows the transactions passing through your system to regulators — how many are ACKed/NACKed and how many have technical issues.
The technical exception queue is often kept for transactions that fail due to technical reasons. A failure could be because a tag is missing, it’s empty, or the XML you have in the reporting application doesn’t meet regulatory requirements.
The business exception queue lists trades that are correct and valid. They’re held in a queue because something else is not working. Hence, factoring in the development and testing of these queues is imperative.
Types of transactions to report. To ensure we evaluate the system with all combinations, we should get operations to book the various types of transactions through all systems affected by the change. Therefore, if Murex is used for booking an IRS trade, we might also be able to book an IRS trade through Sophis. If these applications are unavailable during testing or development, use applications like Hermes to publish the relevant messages so you can continue testing.
Project implementation team
For a workable regulatory project, you need two or three developers, one business analyst, one technical analyst and two or three good QAs. One of the QAs should have a sound background in automation so you can book trades automatically. You can use Unified Functional Testing (UFT) to book all required trades automatically and perform actions on them, so you’re free to focus on testing regulatory reports
Because regulatory projects are sensitive to change, project managers need to focus on the smallest workable product rather than implementing everything at once
When financial authorities first mandated derivatives reporting, several councils and advisers followed Dodd-Frank’s path, including HKMA, MAS and EMIR. Once you get an initial list of requirements for a regulatory project, you can implement the minimum viable product (MVP) reasonably quickly. However, MVP enhancements can take longer, depending on the requirement complexity. It took my team a short time to develop and test basic functionalities, and the UI needed trade reporting. Then, the team focused on trade amendments, novations and reporting modules. At a high level, 3-6 months should prove reasonable for delivering basic application functionalities.
You need to consider the following testing activities for any regulatory project:
Integration testing — make sure you can integrate well with regulatory applications
UAT is important but can be intense depending on the project
Negative testing — very important
Security testing will confirm any likelihood of security threats
Here are the initial regulatory project user stories to help you develop T-shirt side estimates.
Ops should be able to:
View a trade in the application
View trades booked today and the total number of trades
View trades that are ACKed and NACKed by regulators
Have a unique system-generated tracking number for every transaction
See a booked trade into the applications when the product is OTC (any OTC), or a counterparty domiciled in a particular country (inclusion criteria)
Replay trades from technical- and business-exception queues
View reports sent to regulators
If you’re feeling overwhelmed, focus on reporting your transactions regardless of whether they’re getting ACKed or NACKed. Over time, you can work with regulators to correct any reporting problems.
Armed with this invaluable information, you’ll be able to visualize any RFP or deliverable of a regulatory project and win client confidence. If you’d like to find out how Luxoft can help you add extra business value, visit luxoft.com/capital-markets or contact us. We’ll be glad to share even more insights into achieving exceptional success with regulatory reporting.
Principal Consultant, Banking and Capital Markets
Yogesh has 19 years of IT experience in banking and finance. Before joining Luxoft, he held leadership positions across the UK, United States, Singapore, Malaysia, and India, working with clients like Standard Chartered, Credit Suisse, American Express, CLSA, Natixis, Bank of Ireland and MUFG Securities. He specializes in regulatory reporting, anti-money laundering, client lifecycle management and investment banking. Yogesh also writes and speaks about these topics. Any spare time is spent with his daughter, jogging, reading or experimenting with new ideas.