5 Must-haves for Your Proactive Vigilance Center
Part 1 of this series described a new concept in compliance “Proactive Vigilance,” a role that determines the overall health of how your organization is functioning and ultimately takes the compliance officer out of the role of big brother, and into the role of chief medical officer.
We identified four steps you need to take:
- Measure everything
- Identify Key Performance Indices (KPIs)
- Determine baselines
- Set alerts for when things are awry
In this blog we will look at the criteria needed for a data center that supports Proactive Vigilance.
1. Real-time Data
Proactive vigilance requires having all the data — as the data is being collected. With traditional workflows and rigid systems, data is often stale and incomplete requiring compliance professionals to spend hours collecting additional data or going without.
To illustrate, I chose to look at an activity like commodity trade compliance because it presents challenges beyond the normal compliance functions, like the need to access real-time data. Commodities are traded on exchanges like the Chicago Mercantile Exchange and the Intercontinental Exchange (ICE). Data from these exchanges flows in real-time as trades are offered, executed and settled.
There are several types of regulations around trading commodities, but one in particular, has to do with manipulating the market using what traders call a “spoof.” Spoofing involves making an initial sell-offer, and then a short time later also making a substantial buy offer. This spike in demand makes others think that the market is on the way up and may cause them to jump in. The unscrupulous trader then executes his or her sell against the new demand and cancels the buy, profiting on the market movement caused by the ersatz buy order.
In order for firms to catch a spoof, the compliance team first needs to understand the baseline behaviors of the individual employees, the team or the entire company to know what is considered “normal” behavior. This requires a series of KPIs by individual, and, as part of your Proactive Vigilance, business rules to alert you when baseline behavior is N standard deviations beyond normal.
The challenge to all of this, of course, is bringing in all the data that tells the story. You need all the communications between traders and customers, real-time transactions and middle office responses.
Besides tracking trades as they are executed, compliance officers need to be able to store the trades and track them against each other. Settlement reports that come out days later would not necessarily catch spoofing because the buy order was canceled in the future. It is essential to look at the trades as they come across in order to quickly identify any suspicious activity around a trade. Storing trade activity data in a relational database, while relatively easy, can be prohibitively expensive.
Relational databases are designed to track activities that look exactly the same. But cataloging human behavior is not routine. There is no one-size-fits-all data model for compliance because every investigation takes its own path.
You need a system flexible enough to store e-mails, instant messages and video alongside trade data so that everything may be considered in context. And, when new data sources are discovered that aid in the investigation, data from these sources need to be easily ingested and stored as well.
You also need to track data by time.
2. Bitemporal Analysis
In my own battle against time, I track my diet and fitness using my Fitness Tracker (aka FitBit). It syncs with my phone and gathers input from a number of data sources, one of which is the calorie tracking site myfitnesspal.com. If I plan my meals out, the FitBit will compare the calories I have burned to the calories I have eaten, and project a path toward my goal. But if what I actually eat is different than what I had planned to eat (I know this has ever happened to you), then suddenly my fitness plan looks out of whack. It looks like my diet plan and my fitness plan are working against each other.
Similarly, when a compliance professional is trying to determine whether or not a commodities trade is a spoof, they need to see all captured activities surrounding the trade at various points in time. Decoding this transaction is difficult because the original state of the data has changed and you need to go back in time and look at the way the data was at each point in the process.
Bitemporal analysis captures the state of the data at any point in time. So even if the data is altered at some point in the future, you can see the current state and all prior states of the data, allowing the compliance professional to capture what the data looked like at all points along the way and identify the changes. Bitemporal technology enables you to capture data throughout its lifecycle. As updates are added, old data is expired but stored for future use. Only the latest current version is returned unless the query also asks about points in time prior to the latest version.
3. Unstructured Alongside Structured Data
Capturing the event is easy, but it tells a small part of the story. To understand the details behind the event, compliance professionals need access to all of the surrounding data including e-mails, instant messages, phone logs, security data and other information to round out the picture.
Is the offending trade collusion between two traders? Looking at e-mails or instant messages might reveal that. Was the offending trader even in the building when the trade was made or have his credentials been compromised? ID badge entry data would show if they were there or not.
By capturing the data that surrounds the event, you can then analyze and present that data alongside the trade. This is very difficult to do using standard relational or even non-XML based NoSQL databases. The FitBit doesn’t provide any new capabilities, it merely provides a platform for the integration of the data. I have an awesome app that compares my steps to my heart rate. And now that all the data is in one place, I can make inferences about the quality of my sleep and my overall fitness. Proactive Vigilance does the same thing for compliance. By easily collecting and aggregating the individual data streams that flow through the business, compliance professionals are able to gain insight that previously was prohibitively complex to compile – ultimately reinforcing its role as the Chief Medical Officer for the overall health of the business.
4. 360° Real-time Alerting Completes the Feedback Cycle
Excluding institutional corruption, the number of “bad actors” in an organization is traditionally quite small. But even well-intentioned traders make trades that may look suspect. In order to have an effective compliance program, folks need metrics that show them where they stand. Traders need to see more than the quantity of the units they have traded or the profit/loss. They need feedback on the quality of those trades and whether or not they are potentially breaking the rules.
Efficient and timely notification of a suspect trade give the trader time to either explain and justify the trade while the details are still fresh, or perhaps correct the offense before the trades have settled. Using real-time alerts to analyze trades as they come across and discover suspect activity as it happens.
Even if a non-compliant trade does go through, organizations that self-report violations get what amounts to a speeding ticket, versus serious fines and penalties for those who get caught.
5. Data Presentation
Collecting and analyzing data is part of the solution, but ultimately not very valuable if the presentation can’t be incorporated into the normal flow of the business. MarkLogic uses standard web interfaces and technology to create informative reports and graphic, as well as pop-up alerts and feeds to other systems.
There’s A New Sheriff In Town
Problems typically get solved in proportion to the cost versus benefit. Although fines for non-compliance are steep, creating comprehensive compliance management applications using traditional relational technology has been too costly and cumbersome.
But not with MarkLogic.
New technology now enables the compliance function to run in-line with business operations by providing regulated functions with the real-time feedback they need to make sure they are operating inbounds. This, combined with our “360-degree view” of every action taken, enables compliance to be cost-effective, agile and ultimately more proactive than ever before.
Or in the simplest of terms, Proactive Vigilance puts you ahead of any compliance issues, allowing you to identify and self-report any problems sooner, thus saving you from hefty regulatory fines.
MarkLogic excels at solving problems too complex and costly for traditional relational technology. We provide trade surveillance technology to some of the world’s largest derivatives and commodity trading organizations. These organizations typically struggle with ever-evolving source systems (which complicates access to the data) and changing requirements from regulators, complicates the database design. MarkLogic relieves both those burdens by ingesting the data as-is, eliminating the need for complex ETL upfront and then offering schema-on-read, allowing the data request to define the data design – after ingest.
After all, the health of your business should be monitored as closely as your own personal health.