Enabling traceability and transparency
with standards-based regulatory
reporting
Dr. Said Tabet
Senior Technologist and Industry Standards Strategist
Office of the CTO, EMC Corporation
Agenda
• EMC: a few words
• Regulatory reporting and the data issue
• Struggling with Ownership/Stewardship and their silos
• Regulatory reporting:
• more than just a compliance exercise
• Leveraging your reports for business performance and
insights
• Summary
• Key insights from what we are seeing with our
partners in the market
© Copyright 2013 EMC Corporation. All rights reserved.
2
Brands
EMC, VMware, RSA
Fortune 500 Rank
Barron’s 500 Rank
(2011 revenues)
(2011 performance)
Revenues
12
$21.7Bn
Cash and Investments
Market Value
139
(12/31/12)
(2/6/13)
Employees in 86 countries
Years in operation
$11.4Bn
$52.5Bn
60,000+
34
EMC Corporation is a global leader in enabling businesses and service providers to transform their operations
and deliver IT-as-a-Service. Fundamental to this transformation is cloud computing.
Through innovative products and services, EMC accelerates the journey to cloud computing, helping
organisations to store, manage, protect, and analyze their most valuable asset, information, in a more agile,
trusted, and cost-efficient way.
© Copyright 2013 EMC Corporation. All rights reserved.
3
Global Regulatory Reporting:
Problem Statement
• The Problem of multiple regulations and multiple
jurisdictions is complex and increasing
• Business and IT
– Struggling with ownership/stewardship and their Silos
• Data and XBRL’s Metadata Management
– Quality, Consistency, Integration, Common data model
– Efficiency and Timeliness of the collection process
• Compliance and Risk Taxonomy Absorption
– Consumption, rendering, and secure archiving needed
– Vocabulary, definitions and cross-enterprise alignment
© Copyright 2013 EMC Corporation. All rights reserved.
4
Regulatory Reporting – the challenge
SOURCE: OCEG Illustrated Series
© Copyright 2013 EMC Corporation. All rights reserved.
5
A transformational opportunity for stakeholders
SOURCE: OCEG Illustrated Series
Current State
SOURCE: OCEG Illustrated Series
Future State
•
Fragmented silos
•
Integrated management & performance
•
Mostly reactionary
•
Proactive planning & execution
•
Individual projects
•
Integrated capability
•
Separate from mainstream processes
and decision-making
•
Embedded within mainstream processes
and decision-making
•
Spreadsheets, spreadsheets, spreadsheets
•
Coordinated transactions & shared data
•
Limited and fragmented use of technology
•
Architected solutions
© Copyright 2013 EMC Corporation. All rights reserved.
6
What is going on in IT?
28%
Invest
72%
Maintain
Source: Forrester Research, Inc., IT Budgets and Priorities 2013, 25 April, 2013
© Copyright 2013 EMC Corporation. All rights reserved.
7
The Business Drivers
Increase
Revenue
Lower
Operational
Costs
© Copyright 2013 EMC Corporation. All rights reserved.
Reduce
Risk
8
Instead Of ‘Build Many - Report Many’
Discrete
Risks, Regulations
& Standards
Discrete
Requirements
Discrete
Controls
& Activities
Regulation A
Regulation B
Standard C
A1
A2
A3
B1
B2
B3
C1
C2
C3
C1 C2
C1 C2
C1 C2
C1 C2
C1 C2
C1 C2
C1 C2
C1 C2
C1 C2
C3 C4
C3 C4
C3 C4
C3 C4
C3 C4
C3 C4
C3 C4
C3 C4
C3 C4
C5 C6
C5 C6
C5 C6
C5 C6
C5 C6
C5 C6
C5 C6
C5 C6
C5 C6
Siloed
Functions
& Departments
IT
Business
IT
Integration
(c) OCEG Illustrated Series
© Copyright 2013 EMC Corporation. All rights reserved.
Business
IT
Integration
IT
Integration
IT
No
Linkage
Business
IT
Weak
Linkage
9
The Future is – ‘Build Once Report Many’
Discrete
Risks, Regulations
& Standards
Regulation A
Common
A1
A2
C1 C2
C1 C2
C1 C2C1 C2C1 C2
C1 C2
C3 C4
C3 C4
C3 C4C3 C4C3 C4
C5 C6
C5 C6
C5 C6C5 C6C5 C6
Requirements
Common
Controls
& Activities
Integrated
Functions
& Departments
IT
A3
Regulation B
AB1
B1
Business
IT
Integration
(c) OCEG Illustrated Series
© Copyright 2013 EMC Corporation. All rights reserved.
B2
B3
Standard C
C1
C2
C3
C1 C2C1 C2C1 C2
C1 C2
C1 C2
C3 C4
C3 C4C3 C4C3 C4
C3 C4
C3 C4
C5 C6
C5 C6C5 C6C5 C6
C5 C6
C5 C6
Business
IT
Integration
IT
Integration
IT
Full
Linkage
Business
IT
Strong
Linkage
10
Managing the prudential data supply chain
National Service
Agency
Line of business
National Service
Agency
Line of business
HQ
Top
Management
Supervisor
of supervisors
Supervisor
Syndicate
A need to
ensure
consistency?
Internal Reporting - ERM
Full set of data
© Copyright 2013 EMC Corporation. All rights reserved.
External Reporting / Prudential - National
Aggregated/summarized
data
Prudential – European Level
Further aggregated/
Summarized data
11
What could this look like for you?
Build once, report many; provenance of data is key
REGULATORS
XBRL
DATA
DATA
Quantitative
Analyse
data
Analytical
Models
© Copyright 2013 EMC Corporation. All rights reserved.
Format,
validate
DATA
DATA
Disclosure
Qualitative
MDM,
ERM,
eGRC
Workflow Tools
Review,
Approve,
Archive
Submission
and archiving
capabilities
12
Convergence of key standards . . .
Including:
 XBRL Taxonomies and Extensions
 Legal Entity Identifiers (LEIs)
 Open Data Initiatives, Linked Data
 GRC-XML, as an XBRL Taxonomy for GRC
 Financial Industry Business Ontology (FIBO)
© Copyright 2013 EMC Corporation. All rights reserved.
13
Summary
• Benefits of adopting XBRL
– Regulatory reporting costs significantly lower for future periods
– Data mapping for any given regulator effectively done
– Enhanced accuracy and quality of data
• Enhanced Transparency with:
– Visibility
• Easy to capture errors, violations & problems
– Simplicity
• Reduce regulatory burden/cost
– Provenance/Traceability
• Easy to drill down to the source(s) of data
– Consistency
• Trust your Regulatory Reports when you have a trusted supervision
framework
© Copyright 2013 EMC Corporation. All rights reserved.
14
Thank
You
© Copyright 2013 EMC Corporation. All rights reserved.
15