Van: "Eddy Vanderlinden" Aan: Onderwerp: To the attention of Mr. Jean-Claude Trichet Datum: dinsdag 3 juni 2008 19:25 Dear sir, A french version follows per separate mail. Since I worked for years in the financial sector, insurances and credit institutions, I tried to make an analysis from my experiences from an unusual perspective. This analysis, from symptoms to causes, is followed by a proposal for solution. My request is to be able to work in the direction shown in this mail by: a.. A first project to start with can be a feasibility study. b.. The extension of the existing ISO standards used today in the industry can be the subject for a second project. Eventually this can be based on the results of the feasability study. At startup we will certainly find a sound business case for both projects. I would be glad to learn from you if this proposal can be taken into consideration. Thank you in advance Kind regards Eddy Vanderlinden Data modelling/documentation When the product is a car, one can remark often at once if the product functions or not. But even after years these cars can be called back due to shortcomings, which have to be corrected. When the production is immaterial: bank- and insurance products are examples by excellence, we often speak about sophisticated products too . but also about unmodelled products whereof the shortcomings are invisible to the customer and producer. The structure of what follows is: Þ Enumeration of the symptoms Þ Display of the causes Þ Propositions on possible solutions The symptoms The financial crisis is costing hundreds of billions of dollars/Euros. The correct amounts are unknown but sure is that the losses will exceed all previous crises. Financial institutions became worth the symbolic penny from one day to the other. They became a take-over target for an apple and an egg. Even the FED now is suggesting to inject tax payers money in the financial world. The crisis has spread worldwide with billions of losses for financial institutions in each developed country. The financial system shakes on his fundaments and the principal capital; the fiducia (trust) is reduced to his minimum level. In the same year the financial crises broke out a trader of the French "Société Générale" has managed to misuse the internal procedures, with a record loss of 5 billion Euros as consequence. This is again a temporary record in his sort. There where the misuse of rules is silently tolerated by the management when the possible rewards are benefiting the company, internal fraud on his turn is a widely spread phenomenon that is excluded nowhere. Yearly, the financial world has to reserve important provisions for losses incurred in the daily conduct of his business. The reason is shortcomings in procedures and production processes. More over, we have to state a year without "exceptional" costs is completely accidental and not the fruit of good management. Asset managers are concerned with the management of the portfolio of their customers. The actual payment of coupons for instance with all reporting, administration and tax issues around is outsourced. Mostly the service provider is a linked bank. It happened those service providers were unable to provide a data model, neither were they able to provide documentation on how business rules were enforced. Databases were fixed and unchanged, only extensions to other entities, with sometimes duplication of data was possible Impact analyses due to new developments or changes become a costly matter in that case. New services, concepts or developments within the business environment cannot be coped with. Example: marketing wants to offer special new services to particular professional customers. There are not enough requests for changes to the programs, or the questions of operational level are not coped with because the diagnoses of the felt pain cannot be expressed. An increasing inefficient IT-system is the result. A reconstruction of a situation in the past is nearly always impossible. Unnecessary tests are delaying the installation of new releases. On the other side, all necessary tests do not occur because the full impact was unclear. With other words: with the installation of new applications non-regression testing has to be executed with all systems impacted in and out of scope because the limits of the scope is unknown due to undocumented impact analysis. As an illustration the following lived anecdote whereby a new program is generating a list. The contents of the list is then introduced manually into another system !?! No one knew where changes had to occur so that an automated treatment could take place. Of course then non-regression time is nihil, which reduced the implementation time to near to nothing. Functional and technical analysts are facing easy tasks when future systems have to be described (the TO BE situation). But describing the actual situation (AS IS) with the necessary transformations seems to be a lot of trial and more errors. Scanning the programs is then the only alternative to get quickly a partial and summary description. IT becomes the only memory of the business. The causes Risk analysis has today nothing to do with production control. No model is requiring management that production is under control, luckily for the managers! If we are living frauds à la Société Générale or crises like the credit crisis in the US, which has spread worldwide, it is because despite all norms, standards and series of ratios put on the sector, the internal functioning is not justifiable under control. Hopefully the authorities will, under pressure of their renewed control sensibility, not again issue a series of ratio's so that at least their conscious is put at ease. The weak places in the procedures/production methods are not shown since no adequate data model is at disposal. The used data models are 3D i.s.o. 4D, thus without taking into account the time dimension. The split of functions, which is sought in each normal financial transaction environment, is only existing at a certain point in time. That split in functions should be maintained across time barriers. In that case a trader e.g. cannot exploit the weak points he discovered earlier in other functions. Reporting over processes with their linked risks does not occur. If a glimpse of reporting is given we found it inaccurate, non-standardised, not comparable nor by contents nor over time. There are, except imposed ratio's which can be reached in different ways, no benchmarks for processes nor products and the linked risks. The fast evolution and production of new services with their specific risks (derived financial products) is not coped with since the generic data models are lacking. Instead we use the existing models based on existing products in a creative way. Enormous risks can be hidden in non-adequate data models: disturbing ratios can be fooled with creative solutions, securisation of doubtful debts is one of them. The parts of funds containing those debts are sharefully placed with friendly institutions and one stays with the doubtful debts of the other. Solutions to consider The criteria, which should be satisfied by a solution, are listed here: Þ The data model should be generic to cope with new products/processes without re-engineering the existing data model. Þ The data model should contain a time dimension to contain a history of data and allow versioning Þ The data model should allow a standardized reporting with an adapted ontology (class structure) allowing a flexible usage Þ The data model should be universally applicable, at least in the production of services Þ The structure of the data model should point to shortcomings and errors at sight, through the shemes Under documentation I understand an updated version of: a.. The data model: functional and technical b.. The procedures c.. All information stream shemes / flowcharts d.. The documentation about the computer programs, particularly of the interfaces between the different databases, computer systems, the user and the programs, . The industry has with the solutions cited here more than 10 years of advance. The reason for the delays in services industry laying in: a.. The emphasis put on the connexion with customers: business to consumer b.. The abstract character of the services as product does not make the necessity of clear procedures, encapsulated in a generic data model obvious With ISO standard 15926 a generic data model has been introduced where off the ontology is sufficiently abstract to satisfy the service producers. More-over an exchange, sharing and management of information in a standardised form is possible so that e.g. risk assessment and reporting is uniform and comparable. One company, Shell, has with 2 persons contributed greatly to these developments: Þ Matthew West in the field of ISO standards, but he steered also greatly different European projects: EPISTLE with the development of STEP and the introduction of techniques for sharing information. Lots of useful documentation can be found on his website and is freely downloadable (of course with source reference) Þ Andries van Renssen with the development of Gellish: an understanble data structure, relations and object with comportments. Until now at disposal as open source for a limited number of industrial applications but extendible to other domains. Conclusion An updated documentation and suitable data model is not only a sign of sound governance, but also a condition for: a.. Risk management b.. Process control c.. Quality control d.. Efficiency in product development It certainly is worth to compare the needs of the service sector to the solutions founds in the industry, particularly for financial services. --------------------------------------------------------------------------------