Sign in to Knowledge Genes®
E-Mail Address: 
Password: 
Forgotten your password?
Suggestions:
No suggestions found, please refine your search
Not found what you're looking for?  Click here for more results
... Text Only
Hidden Members/GroupsVisible Members/Groups
UserIDGroupIDAvailable to Add
UserIDGroupIDCurrent Members
Governance, Risk Management & Compliance
Knowledge Genes® Case Study:

Customer

The top international bank headquartered in New York with offices in upwards of 90 countries.

Situation

Our customer had recently been mandated by several regulatory bodies, including the New York Federal Reserve Board (FRB) and the Office of the Comptroller of the Currency (OCC), to improve its control environment.  In particular, the Bank was asked to provide greater clarity and transparency of its control environment to demonstrate that all relevant and applicable regulatory requirements are known and that the Bank is compliant.  Further, the bank had to prove that the proper controls were both, in place, and working effectively to mitigate any potential regulatory risk stemming from these regulatory requirements.  The Bank was given 5 months to achieve these goals.

Customer Problem

The bank relies heavily on Control Self Assessments that are filled out by each Department Manager and are documented in Microsoft Excel quarterly.  These spreadsheets are the main vehicle for documenting the Bank’s risk and control information and include processes, risks, controls, self-assessments and control tests.  However, there was no consistency in the risk and control information and it was unclear if each Department knew the regulatory requirements to which it had to adhere.  Therefore, the Bank could not attest that its controls were effective in mitigating the applicable regulatory risks.  To further complicate things, there were over 2,000 Excel spreadsheets covering the corporate and investment bank alone.

As a means to document the regulatory requirements, the Bank began to develop a list commonly referred to as the RRI (Regulatory Risk Inventory).  The RRI consisted of statutes, regulations, pieces of guidance and the Bank’s policies.  

However, it soon became clear to the Bank that, in order to prove compliance with the FRB and OCC demands, they needed to link the business processes from the Control Self Assessments to the applicable requirements on the RRI.  It also became clear that without an automated approach, the volume of data would be too great to maintain and they would never hit their October deadline.

Solution

After an extensive evaluation period, the Bank selected Knowledge Genes® to enable the mapping of regulatory requirements to processes, risks and controls, and to provide the required reporting via these mappings. The customer had to quickly deploy a solution that would clearly define their business practices and all of the regulations to which it had to comply. Then they had to associate the risks that could prevent compliance and demonstrate that they had adequate controls in place to mitigate the risks. Knowledge Genes’® What-How-Why structure forms the ideal knowledge layer to index all information, including risks, controls and regulatory requirements.

Primary Users Bank wide

Implementation

Knowledge Genes® developed an application that allowed for the automatic upload of all 2,000 Control Self Assessments spreadsheets into the Knowledge Genes® Risk & Control application.  This enabled the Bank to instantly view and report on inherent and residual risk, as well as test results for a specific process, a control, an entire department or business unit.

The Knowledge Genes® Legal & Compliance application was used to capture the Banks exhaustive RRI.  This application not only allows for the name of the requirement, but all of its underlying attributes, including a description and the issuing agency.  The Knowledge Genes® upload application automatically linked the processes to their related regulatory requirements completing the full integration of a process to its associated:

  • Regulatory requirements.
  • Risks, controls, self-assessments and control tests.

All of this information is in the context of:

  • WHAT – the Bank does.
  • HOW – it does it.
  • WHY – it is important.

Implications

The Knowledge Genes® solution has been embraced by the bank, as well as the FRB and OCC.  All of the bank’s Control Self Assessment and regulatory information is accessible from one easily maintainable database through a very user-friendly web based user interface. 

Results and Returns

The Bank relies on the Knowledge Genes® solution for all scheduled and ad-hoc reporting necessary to comply with its frequent FRB and OCC audits. All regulatory reporting, including regulatory risk exposure, can be accessed easily and quickly from anywhere in the world through the Knowledge Genes® solution.


The Knowledge Genes® approach and technology are protected by international patents.
Knowledge Genes®, Knowde®, Knowledge Compass® and Knowledge Compass® logo are registered trademarks of Hyperknowledge AG. Knowledge Matrixand WHAT-HOW-WHY are trademarks of Hyperknowledge AG.
1
Knowledge Genes