AI Under Scrutiny

Why AI risk & governance should be a focus area for financial services firms



As financial services firms increasingly integrate artificial intelligence (AI) into their operations, the imperative to focus on AI risk & governance becomes paramount. AI offers transformative potential, driving innovation, enhancing customer experiences, and streamlining operations. However, with this potential comes significant risks that can undermine the stability, integrity, and reputation of financial institutions. This article delves into the critical importance of AI risk & governance for financial services firms, providing a detailed exploration of the associated risks, regulatory landscape, and practical steps for effective implementation. Our goal is to persuade financial services firms to prioritise AI governance to safeguard their operations and ensure regulatory compliance.


The Growing Role of AI in Financial Services

AI adoption in the financial services industry is accelerating, driven by its ability to analyse vast amounts of data, automate complex processes, and provide actionable insights. Financial institutions leverage AI for various applications, including fraud detection, credit scoring, risk management, customer service, and algorithmic trading. According to a report by McKinsey & Company, AI could potentially generate up to $1 trillion of additional value annually for the global banking sector.


Applications of AI in Financial Services

1 Fraud Detection and Prevention: AI algorithms analyse transaction patterns to identify and prevent fraudulent activities, reducing losses and enhancing security.

2 Credit Scoring and Risk Assessment: AI models evaluate creditworthiness by analysing non-traditional data sources, improving accuracy and inclusivity in lending decisions.

3 Customer Service and Chatbots: AI-powered chatbots and virtual assistants provide 24/7 customer support, while machine learning algorithms offer personalised product recommendations.

4 Personalised Financial Planning: AI-driven platforms offer tailored financial advice and investment strategies based on individual customer profiles, goals, and preferences, enhancing client engagement and satisfaction.


Potential Benefits of AI

The benefits of AI in financial services are manifold, including increased efficiency, cost savings, enhanced decision-making, and improved customer satisfaction. AI-driven automation reduces manual workloads, enabling employees to focus on higher-value tasks. Additionally, AI's ability to uncover hidden patterns in data leads to more informed and timely decisions, driving competitive advantage.


The Importance of AI Governance

AI governance encompasses the frameworks, policies, and practices that ensure the ethical, transparent, and accountable use of AI technologies. It is crucial for managing AI risks and maintaining stakeholder trust. Without robust governance, financial services firms risk facing adverse outcomes such as biased decision-making, regulatory penalties, reputational damage, and operational disruptions.


Key Components of AI Governance

1 Ethical Guidelines: Establishing ethical principles to guide AI development and deployment, ensuring fairness, accountability, and transparency.

2 Risk Management: Implementing processes to identify, assess, and mitigate AI-related risks, including bias, security vulnerabilities, and operational failures.

3 Regulatory Compliance: Ensuring adherence to relevant laws and regulations governing AI usage, such as data protection and automated decision-making.

4 Transparency and Accountability: Promoting transparency in AI decision-making processes and holding individuals and teams accountable for AI outcomes.


Risks of Neglecting AI Governance

Neglecting AI governance can lead to several significant risks:

1 Embedded bias: AI algorithms can unintentionally perpetuate biases if trained on biased data or if developers inadvertently incorporate them. This can lead to unfair treatment of certain groups and potential violations of fair lending laws.

2 Explainability and complexity: AI models can be highly complex, making it challenging to understand how they arrive at decisions. This lack of explainability raises concerns about transparency, accountability, and regulatory compliance

3 Cybersecurity: Increased reliance on AI systems raises cybersecurity concerns, as hackers may exploit vulnerabilities in AI algorithms or systems to gain unauthorised access to sensitive financial data

4 Data privacy: AI systems rely on vast amounts of data, raising privacy concerns related to the collection, storage, and use of personal information

5 Robustness: AI systems may not perform optimally in certain situations and are susceptible to errors. Adversarial attacks can compromise their reliability and trustworthiness

6 Impact on financial stability: Widespread adoption of AI in the financial sector can have implications for financial stability, potentially amplifying market dynamics and leading to increased volatility or systemic risks

7 Underlying data risks: AI models are only as good as the data that supports them. Incorrect or biased data can lead to inaccurate outputs and decisions

8 Ethical considerations: The potential displacement of certain roles due to AI automation raises ethical concerns about societal implications and firms' responsibilities to their employees

9 Regulatory compliance: As AI becomes more integral to financial services, there is an increasing need for transparency and regulatory explainability in AI decisions to maintain compliance with evolving standards

10 Model risk: The complexity and evolving nature of AI technologies mean that their strengths and weaknesses are not yet fully understood, potentially leading to unforeseen pitfalls in the future


To address these risks, financial institutions need to implement robust risk management frameworks, enhance data governance, develop AI-ready infrastructure, increase transparency, and stay updated on evolving regulations specific to AI in financial services.

The consequences of inadequate AI governance can be severe. Financial institutions that fail to implement proper risk management and governance frameworks may face significant financial penalties, reputational damage, and regulatory scrutiny. The proposed EU AI Act, for instance, outlines fines of up to €30 million or 6% of global annual turnover for non-compliance. Beyond regulatory consequences, poor AI governance can lead to biased decision-making, privacy breaches, and erosion of customer trust, all of which can have long-lasting impacts on a firm's operations and market position.


Regulatory Requirements

The regulatory landscape for AI in financial services is evolving rapidly, with regulators worldwide introducing guidelines and standards to ensure the responsible use of AI. Compliance with these regulations is not only a legal obligation but also a critical component of building a sustainable and trustworthy AI strategy.


Key Regulatory Frameworks

1 General Data Protection Regulation (GDPR): The European Union's GDPR imposes strict requirements on data processing and the use of automated decision-making systems, ensuring transparency and accountability.

2 Financial Conduct Authority (FCA): The FCA in the UK has issued guidance on AI and machine learning, emphasising the need for transparency, accountability, and risk management in AI applications.

3 Federal Reserve: The Federal Reserve in the US has provided supervisory guidance on model risk management, highlighting the importance of robust governance and oversight for AI models.

4 Monetary Authority of Singapore (MAS): MAS has introduced guidelines for the ethical use of AI and data analytics in financial services, promoting fairness, ethics, accountability, and transparency (FEAT).

5 EU AI Act: This new act aims to protect fundamental rights, democracy, the rule of law and environmental sustainability from high-risk AI, while boosting innovation and establishing Europe as a leader in the field. The regulation establishes obligations for AI based on its potential risks and level of impact.


Importance of Compliance

Compliance with regulatory requirements is essential for several reasons:

1 Legal Obligation: Financial services firms must adhere to laws and regulations governing AI usage to avoid legal penalties and fines.

2 Reputational Risk: Non-compliance can damage a firm's reputation, eroding trust with customers, investors, and regulators.

3 Operational Efficiency: Regulatory compliance ensures that AI systems are designed and operated according to best practices, enhancing efficiency and effectiveness.

4 Stakeholder Trust: Adhering to regulatory standards builds trust with stakeholders, demonstrating a commitment to responsible and ethical AI use.


Identifying AI Risks

AI technologies pose several specific risks to financial services firms that must be identified and mitigated through effective governance frameworks.


Bias and Discrimination

AI systems can reflect and reinforce biases present in training data, leading to discriminatory outcomes. For instance, biased credit scoring models may disadvantage certain demographic groups, resulting in unequal access to financial services. Addressing bias requires rigorous data governance practices, including diverse and representative training data, regular bias audits, and transparent decision-making processes.


Security Risks

AI systems are vulnerable to various security threats, including cyberattacks, data breaches, and adversarial manipulations. Cybercriminals can exploit vulnerabilities in AI models to manipulate outcomes or gain unauthorised access to sensitive financial data. Ensuring the security and integrity of AI systems involves implementing robust cybersecurity measures, regular security assessments, and incident response plans.


Operational Risks

AI-driven processes can fail or behave unpredictably under certain conditions, potentially disrupting critical financial services. For example, algorithmic trading systems can trigger market instability if not responsibly managed. Effective governance frameworks include comprehensive testing, continuous monitoring, and contingency planning to mitigate operational risks and ensure reliable AI performance.


Compliance Risks

Failure to adhere to regulatory requirements can result in significant fines, legal consequences, and reputational damage. AI systems must be designed and operated in compliance with relevant laws and regulations, such as data protection and automated decision-making guidelines. Regular compliance audits and updates to governance frameworks are essential to ensure ongoing regulatory adherence.


Benefits of Effective AI Governance

Implementing robust AI governance frameworks offers numerous benefits for financial services firms, enhancing risk management, trust, and operational efficiency.


Risk Mitigation

Effective AI governance helps identify, assess, and mitigate AI-related risks, reducing the likelihood of adverse outcomes. By implementing comprehensive risk management processes, firms can proactively address potential issues and ensure the safe and responsible use of AI technologies.


Enhanced Trust and Transparency

Transparent and accountable AI practices build trust with customers, regulators, and other stakeholders. Clear communication about AI decision-making processes, ethical guidelines, and risk management practices demonstrates a commitment to responsible AI use, fostering confidence and credibility.


Regulatory Compliance

Adhering to governance frameworks ensures compliance with current and future regulatory requirements, minimising legal and financial repercussions. Robust governance practices align AI development and deployment with regulatory standards, reducing the risk of non-compliance and associated penalties.


Operational Efficiency

Governance frameworks streamline the development and deployment of AI systems, promoting efficiency and consistency in AI-driven operations. Standardised processes, clear roles and responsibilities, and ongoing monitoring enhance the effectiveness and reliability of AI applications, driving operational excellence.


Case Studies

Several financial services firms have successfully implemented AI governance frameworks, demonstrating the tangible benefits of proactive risk management and responsible AI use.


JP Morgan Chase

JP Morgan Chase has established a comprehensive AI governance structure that includes an AI Ethics Board, regular audits, and robust risk assessment processes. The AI Ethics Board oversees the ethical implications of AI applications, ensuring alignment with the bank's values and regulatory requirements. Regular audits and risk assessments help identify and mitigate AI-related risks, enhancing the reliability and transparency of AI systems.


ING Group

ING Group has developed an AI governance framework that emphasises transparency, accountability, and ethical considerations. The framework includes guidelines for data usage, model validation, and ongoing monitoring, ensuring that AI applications align with the bank's values and regulatory requirements. By prioritising responsible AI use, ING has built trust with stakeholders and demonstrated a commitment to ethical and transparent AI practices.



HSBC has implemented a robust AI governance framework that focuses on ethical AI development, risk management, and regulatory compliance. The bank's AI governance framework includes a dedicated AI Ethics Committee, comprehensive risk management processes, and regular compliance audits. These measures ensure that AI applications are developed and deployed responsibly, aligning with regulatory standards and ethical guidelines.


Practical Steps for Implementation

To develop and implement effective AI governance frameworks, financial services firms should consider the following actionable steps:


Establish a Governance Framework

Develop a comprehensive AI governance framework that includes policies, procedures, and roles and responsibilities for AI oversight. The framework should outline ethical guidelines, risk management processes, and compliance requirements, providing a clear roadmap for responsible AI use.


Create an AI Ethics Board

Form an AI Ethics Board or committee to oversee the ethical implications of AI applications and ensure alignment with organisational values and regulatory requirements. The board should include representatives from diverse departments, including legal, compliance, risk management, and technology.


Implement Specific AI Risk Management Processes

Conduct regular risk assessments to identify and mitigate AI-related risks. Implement robust monitoring and auditing processes to ensure ongoing compliance and performance. Risk management processes should include bias audits, security assessments, and contingency planning to address potential operational failures.


Ensure Data Quality and Integrity

Establish data governance practices to ensure the quality, accuracy, and integrity of data used in AI systems. Address potential biases in data collection and processing, and implement measures to maintain data security and privacy. Regular data audits and validation processes are essential to ensure reliable and unbiased AI outcomes.


Invest in Training and Awareness

Provide training and resources for employees to understand AI technologies, governance practices, and their roles in ensuring ethical and responsible AI use. Ongoing education and awareness programs help build a culture of responsible AI use, promoting adherence to governance frameworks and ethical guidelines.


Engage with Regulators and Industry Bodies

Stay informed about regulatory developments and industry best practices. Engage with regulators and industry bodies to contribute to the development of AI governance standards and ensure alignment with evolving regulatory requirements. Active participation in industry forums and collaborations helps stay ahead of regulatory changes and promotes responsible AI use.



As financial services firms continue to embrace AI, the importance of robust AI risk & governance frameworks cannot be overstated. By proactively addressing the risks associated with AI and implementing effective governance practices, firms can unlock the full potential of AI technologies while safeguarding their operations, maintaining regulatory compliance, and building trust with stakeholders. Prioritising AI risk & governance is not just a regulatory requirement but a strategic imperative for the sustainable and ethical use of AI in financial services.


References and Further Reading

  1. McKinsey & Company. (2020). The AI Bank of the Future: Can Banks Meet the AI Challenge?
  2. European Union. (2018). General Data Protection Regulation (GDPR).
  3. Financial Conduct Authority (FCA). (2019). Guidance on the Use of AI and Machine Learning in Financial Services.
  4. Federal Reserve. (2020). Supervisory Guidance on Model Risk Management.
  5. JP Morgan Chase. (2021). AI Ethics and Governance Framework.
  6. ING Group. (2021). Responsible AI: Our Approach to AI Governance.
  7. Monetary Authority of Singapore (MAS). (2019). FEAT Principles for the Use of AI and Data Analytics in Financial Services.


For further reading on AI governance and risk management in financial services, consider the following resources:

- "Artificial Intelligence: A Guide for Financial Services Firms" by Deloitte

- "Managing AI Risk in Financial Services" by PwC

- "AI Ethics and Governance: A Global Perspective" by the World Economic Forum

Improving data access controls at a global insurer

"We approached Leading Point to support the enhancement of strategic data lake fine grained access controls capabilities. Their partnership approach working transversally across business and IT functions quickly surfaced root causes to be addressed as part of the improvement plan. Leading Point's approach to consulting services was particularly refreshing from a quality and cost stand point compared to some of the traditional players that we had consulted with before."

Head of Data Controls at Global Corporate Insurer

Helping Adjoint, a DLT FinTech, with agile delivery management services to increase sales at pace

Adjoint required an experienced delivery partner to run technical delivery and build and manage client relationships, as well as create a scalable delivery model. They lacked a scalable platform and struggled to educate prospects and clients on the misconceptions between the benefits of DLT versus the noise created by other solutions.

We were asked to be the client and delivery partner, to deliver DLT solutions to fortune 50 clients, including tier 1 banks, insurers, and multinational corporations. The client wanted a scalable platform to manage internal and external work-streams, as well as internal and client resource prioritisation, to ensure better alignment of the product delivery team.

Our approach:

  1. Structured approach; using an Agile framework to deliver successful client PoCs and projects, whilst balancing PM, BA, Testing and DevOps deliverables
  2.  Collaborative style; seamlessly adding capabilities and bringing delivery assets to the fore, through a low-risk delivery model, with a focus on outcomes
  3. Hands-on attitude; unravelling DLT, whilst enabling concrete application in treasury, captive insurance, inter-company lending, and securitisation, ensuring common messaging across clients

Our deliverables:
- Business requirements documents (BRDs)
- Testing artefacts
- Quick reference guides (QRGs)
- Support model
- Security policy
- Project plans
- Issue tracker
- Task management

Business benefits:
- Scalable, commercially attractive, and low-risk delivery model
- Optimisation of internal and external resource
- Market-ready DLT solutions with short term delivery timelines
- Recognised as an industry partner to work on value-add business use cases for DLT
- Senior stakeholder management (internal and external)

Helping a leading investment bank improve its client on-boarding processes into a single unified operating model

Our client, like many banks, were facing multiple challenges in their onboarding and account opening processes. Scalability and efficiency were two important metrics we were asked to improve. Our senior experts interviewed the onboarding teams to document the current process and recommended a new unified process covering front, middle and back office teams.

We identified and removed key-person dependencies and documented the new process into a key operating manual for global use.

Helping a global investment bank design & execute a client data governance target operating model

Our client had a challenge to evidence control of their 2000+ client data elements. We were asked to implement a new target operating model for client data governance in six months. Our approach was to identify the core, essential data elements used by the most critical business processes and start governance for these, including data ownership and data quality.

We delivered business capability models, data governance processes, data quality rules & reporting, global support coverage for 100+ critical data elements supporting regulatory reporting and risk.

Helping a global investment bank reduce its residual risk with a target operating model

Our client asked us to provide operating model design & governance expertise for its anti-financial crime (AFC) controls. We reviewed and approved the bank’s AFC target operating model using our structured approach, ensuring designs were compliant with regulations, aligned to strategy, and delivered measurable outcomes.

We delivered clear designs with capability impact maps, process models, and system & data architecture diagrams, enabling change teams to execute the AFC strategy.

Helping ARX, a cyber-security FinTech with interim COO services to scale-up their delivery

We were engaged by ARX to provide an interim COO as they gaining traction in the market and needed to scale their operations to support their new clients. We used our financial services delivery experience to take on UX/UI design, redesign their operational processes for scale, and be a delivery partner for their supply chain resilience solution.

Due to our efforts, ARX were able to meet their client demand with an improved product and more efficient sales & go-to-market approach.

Helping a Japanese investment bank to develop & execute their trading front-to-bank operating model

Our client wanted to increase their trading efficiency by improving their data sourcing processes and resource efficiency in a multi-year programme. We analysed over 3,500 data feeds from 50 front office systems and over 100 reconciliations to determine how best to optimise their data.

Streamlining their data usage and operational processes is estimated to save them 20-30% costs over the next five years.

Improving a DLT FinTech's operations enabling rapid scaling in target markets

"Leading Point brings a top-flight management team, a reputation for quality and professionalism, and will heighten the value of [our] applications through its extensive knowledge of operations in the financial services sector."

Chief Risk Officer at DLT FinTech

Increasing data product offerings by profiling 80k terms at a global data provider

“Through domain & technical expertise Leading Point have been instrumental in the success of this project to analyse and remediate 80k industry terms. LP have developed a sustainable process, backed up by technical tools, allowing the client to continue making progress well into the future. I would have no hesitation recommending LP as a delivery partner to any firm who needs help untangling their data.”

PM at Global Market Data Provider

Catch the Multi-Cloud Wave

Charting Your Course

The digital realm is a constant current, pulling businesses towards new horizons. Today, one of the most significant tides shaping the landscape is the surge of multi-cloud adoption. But what exactly is driving this trend, and is your organisation prepared to ride the wave?

At its core, multi-cloud empowers businesses to break free from the constraints of a single cloud provider. Imagine cherry-picking the best services from different cloud vendors, like selecting the perfect teammates for a sailing crew. In 2022, 92% of firms either had or were considering a multi-cloud strategy (1). Having a strategy is one thing. Implementing it is a very different story. It takes meticulous planning and preparation. The potential of migrating from a single cloud provider to a multi-cloud environment can be huge if you are dealing with vast volumes of data. This flexibility unlocks a treasure trove of benefits.
1 Faction - The Continued Growth of Multi-Cloud and Hybrid Infrastructure


Top 4 Benefits

1 Unmatched Agility

Respond to ever-changing demands with ease by scaling resources up or down. Multi-cloud lets you ditch the "one-size-fits-all" approach and tailor your cloud strategy to your specific needs, fostering innovation and efficiency

2 Resilience in the Face of the Storm

Don't let cloud downtime disrupt your operations. By distributing your workload across multiple providers, you create a safety net that ensures uninterrupted service even when one encounters an issue.

3 A World of Choice at Your Fingertips

No single cloud provider can be all things to all businesses. Multi-cloud empowers you to leverage the unique strengths of different vendors, giving you access to a diverse array of services and optimising your overall offering.

4 Future-Proofing Your Digital Journey

The tech landscape is a whirlwind of innovation. With multi-cloud, you're not tethered to a single provider's roadmap. Instead, you have the freedom to seamlessly adapt to emerging technologies and trends, ensuring you stay ahead of the curve.


Cost Meets the Cloud

Perhaps the most exciting development propelling multi-cloud adoption is the shrinking cost barrier. As cloud providers engage in fierce competition, prices are driving down, making multi-cloud solutions more accessible for businesses of all sizes. This cost optimisation, coupled with the strategic advantages mentioned earlier, makes multi-cloud an increasingly attractive proposition. However, a word of caution: While the overall trend is towards affordability, navigating the multi-cloud landscape still requires meticulous planning and cost management. Without proper controls and precise resource allocation, you risk increased expenses and potential setbacks. With increased distribution of data, comes the increased risk of data leakage. Not only must data be protected within each cloud environment, it needs to be protected across the multi-cloud. Data monitoring increases in complexity. As data needs to move between cloud solutions, there may be additional latency risks. These can be mitigated with good risk controls and monitoring.


Kicking Off Your Journey

Ditch single-provider limitations and enjoy flexibility, resilience, and a wider range of services to boost your digital transformation but remember…

Multi-cloud environments can heighten security risks.

Navigate cautiously with proper controls and expert guidance to avoid hidden expenses.

Fierce competition is lowering multi-cloud barriers.

Let Leading Point be your guide, helping you set sail on the multi-cloud journey with confidence and unlock its full potential.

The multi-cloud path isn't without its challenges, but the rewards are undeniable. At Leading Point, we're experts in helping businesses navigate the multi-cloud wave with confidence. Let us help you unlock the full potential of multi-cloud for a more resilient, flexible, and innovative future. So, is your organisation ready to catch the wave? Contact Leading Point today and start your multi-cloud journey!

AI in Insurance - Article 1 - A Catalyst for Innovation

How insurance companies can use the latest AI developments to innovate their operations

The emergence of AI

The insurance industry is undergoing a profound transformation driven by the relentless advance of artificial intelligence (AI) and other disruptive technologies. A significant change in business thinking is gaining pace and Applied AI is being recognised for its potential in driving top-line growth and not merely a cost-cutting tool.

The adoption of AI is poised to reshape the insurance industry, enhancing operational efficiencies, improving decision-making, anticipating challenges, delivering innovative solutions, and transforming customer experiences.

This shift from data-driven to AI-driven operations is bringing about a paradigm shift in how insurance companies collect, analyse, and utilise data to make informed decisions and enhance customer experiences. By analysing vast amounts of data, including historical claims records, market forces, and external factors (global events like hurricanes, and regional conflicts), AI can assess risk with speed and accuracy to provide insurance companies a view of their state of play in the market.

Data vs AI approaches

This data-driven approach has enabled insurance companies to improve their underwriting accuracy, optimise pricing models, and tailor products to specific customer needs. However, the limitations of traditional data analytics methods have become increasingly apparent in recent years.

These methods often struggle to capture the complex relationships and hidden patterns within large datasets. They are also slow to adapt to rapidly-changing market conditions and emerging risks. As a result, insurance companies are increasingly turning to AI to unlock the full potential of their data and drive innovation across the industry.

AI algorithms, powered by machine learning and deep learning techniques, can process vast amounts of data far more efficiently and accurately than traditional methods. They can connect disparate datasets, identify subtle patterns, correlations & anomalies that would be difficult or impossible to detect with human analysis.

By leveraging AI, insurance companies can gain deeper insights into customer behaviour, risk factors, and market trends. This enables them to make more informed decisions about underwriting, pricing, product development, and customer service and gain a competitive edge in the ever-evolving marketplace.

Top 5 opportunities

1. Enhanced Risk Assessment

AI algorithms can analyse a broader range of data sources, including social media posts and weather patterns, to provide more accurate risk assessments. This can lead to better pricing and reduced losses.

2. Personalised Customer Experiences

AI can create personalised customer experiences, from tailored product recommendations to proactive risk mitigation guidance. This can boost customer satisfaction and loyalty.

3. Automated Claims Processing

AI can automate routine claims processing tasks, for example, by reviewing claims documentation and providing investigation recommendations, thus reducing manual efforts and improving efficiency. This can lead to faster claims settlements and lower operating costs.

4. Fraud Detection and Prevention

AI algorithms can identify anomalies and patterns in claims data to detect and prevent fraudulent activities. This can protect insurance companies from financial losses and reputational damage.

5. Predictive Analytics

AI can be used to anticipate future events, such as customer churn or potential fraud. This enables insurance companies to take proactive measures to prevent negative outcomes.


Adopting AI in Insurance

The adoption of AI in the insurance industry is not without its challenges. Insurance companies must address concerns about data quality, data privacy, transparency, and potential biases in AI algorithms. They must also ensure that AI is integrated seamlessly into their existing systems and processes.

Despite these challenges, AI presents immense opportunities. Insurance companies that embrace AI-driven operations will be well-positioned to gain a competitive edge, enhance customer experiences, and navigate the ever-changing risk landscape.

The shift from data-driven to AI-driven operations is a transformative force in the insurance industry. AI is not just a tool for analysing data; it is a catalyst for innovation and a driver of change. Insurance companies that harness the power of AI will be at the forefront of this transformation, shaping the future of insurance and delivering exceptional value to their customers.


Download the PDF article here.

Unlocking the opportunity of vLEIs

Streamlining financial services workflows with Verifiable Legal Entity Identifiers (vLEIs)

Source: GLIEF

Trust is hard to come by

How do you trust people you have never met in businesses you have never dealt with before? It was difficult 20 years ago and even more so today. Many checks are needed to verify if the person you are talking to is the person you think it is. Do they even work for the business they claim to represent? Failures of these checks manifest themselves every day with spear phishing incidents hitting the headlines, where an unsuspecting clerk is badgered into making a payment to a criminal’s account by a person claiming to be a senior manager.

With businesses increasing their cross-border business and more remote working, it is getting harder and harder to trust what you see in front of you. How do financial services firms reduce the risk of cybercrime attacks? At a corporate level, there are Legal Entity Identifiers (LEIs) which have been a requirement for regulated financial services businesses to operate in capital markets, OTC derivatives, fund administration or debt issuance.

LEIs are issued by Local Operating Units (LOUs). These are bodies that are accredited by GLEIF (Global Legal Entity Identifier Foundation) to issue LEIs. Examples of LOUs are the London Stock Exchange Group (LSEG) and Bloomberg. However, LEIs only work at a legal entity level for an organisation. LEIs are not used for individuals within organisations.

Establishing trust at this individual level is critical to reducing risk and establishing digital trust is key to streamlining workflows in financial services, like onboarding, trade finance, and anti-financial crime.

This is where Verifiable Legal Entity Identifiers (vLEIs) come into the picture.


What is the new vLEI initiative and how will it be used?

Put simply, vLEIs combine the organisation’s identity (the existing LEI), a person, and the role they play in the organisation into a cryptographically-signed package.

GLEIF has been working to create a fully digitised LEI service enabling instant and automated identity verification between counterparties across the globe. This drive for instant automation has been made possible by developments in blockchain technology, self-sovereign identity (SSI) and other decentralised key management platforms (Introducing the verifiable LEI (vLEI), GLEIF website).

vLEIs are secure digitally-signed credentials and a counterpart of the LEI, which is a unique 20-digit alphanumeric ISO-standardised code used to represent a single legal organisation. The vLEI cryptographically encompasses three key elements; the LEI code, the person identification string, and the role string, to form a digital credential of a vLEI. The GLEIF database and repository provides a breakdown of key information on each registered legal entity, from the registered location, the legal entity name, as well as any other key information pertaining to the registered entity or its subsidiaries, as GLEIF states this is of “principally ‘who is who’ and ‘who owns whom’”(GLEIF eBook: The vLEI: Introducing Digital I.D. for Legal Entities Everywhere, GLEIF Website).

In December 2022, GLEIF launched their first vLEI services through proof-of-concept (POC) trials, offering instant digitally verifiable credentials containing the LEI. This is to meet GLEIF’s goal to create a standardised, digitised service capable of enabling instant, automated trust between legal entities and their authorised representatives, and the counterparty legal entities and representatives with which they interact” (GLEIF eBook: The vLEI: Introducing Digital I.D. for Legal Entities Everywhere, page 2).


“The vLEI has the potential to become one of the most valuable digital credentials in the world because it is the hallmark of authenticity for a legal entity of any kind. The digital credentials created by GLEIF and documented in the vLEI Ecosystem Governance Framework can serve as a chain of trust for anyone needing to verify the legal identity of an organisation or a person officially acting on that organisation’s behalf. Using the vLEI, organisations can rely upon a digital trust infrastructure that can benefit every country, company, and consumers worldwide”,

Karla McKenna, Managing Director GLEIF Americas


This new approach for the automated verification of registered entities will benefit many organisations and businesses. It will enhance and speed up regulatory reports and filings, due diligence, e-signatures, client onboarding/KYC, business registration, as well as other wider business scenarios.

Imagine the spear phishing example in the introduction. A spoofed email will not have a valid vLEI cryptographic signature, so can be rejected (even automatically), saving potentially thousands of £.


How do I get a vLEI?

Registered financial entities can obtain a vLEI from a Qualified vLEI Issuer (QVI) organisation to benefit from instant verification, when dealing with other industries or businesses (Get a vLEI: List of Qualified vLEI Issuing Organisations, GLEIF Website).

A QVI organisation is authorised under GLEIF to register, renew or revoke vLEI credentials belonging to any financial entity. GLEIF offers a Qualification Program where organisations can apply to operate as a QVI. GLEIF maintain a list of QVIs on their website.

Source: GLIEF

What is the new ISO 5009:2022 and why is it relevant?

The International Organisation of Standards (ISO) published the ISO 5009 standard in 2022, which was initially proposed by GLEIF, for the financial services sector. This is a new scheme to address “the official organisation roles in a structured way in order to specify the roles of persons acting officially on behalf of an organisation or legal entity” (ISO 5009:2022,

Both ISO and GLEIF have created and developed this new scheme of combining organisation roles with the LEI, to enable digital identity management of credentials. This is because the ISO 5009 scheme offers a standard way to specify organisational roles in two types of LEI-based digital assets, being the public key certificates with embedded LEIs, as per X.509 (ISO/IEC 9594-8), also outlined in ISO 17442-2, or for digital verifiable credentials such as vLEIs to be specified, to help confirm the authenticity of a person’s role, who acts on behalf of an organisation (ISO 5009:2022, ISO Website). This will help speed up the validation of person(s) acting on behalf of an organisation, for regulatory requirements and reporting, as well as for ID verification, across various business use cases.

Leading Point have been supporting GLEIF in the analysis and implementation of the new ISO 5009 standard, for which GLEIF acts as the operating entity to maintain the ISO 5009 standard on behalf of ISO.  Identifying and defining OORs was dependent on accurate assessments of hundreds of legal documents by Leading Point.

“We have seen first-hand the challenges of establishing identity in financial services and were proud to be asked to contribute to establishing a new standard aimed at solving this common problem. As data specialists, we continuously advocate the benefits of adopting standards. Fragmentation and trying to solve the same problem multiple times in different ways in the same organisation hurts the bottom line. Fundamentally, implementing vLEIs using ISO 5009 roles improves the customer experience, with quicker onboarding, reduced fraud risk, faster approvals, and most importantly, a higher level of trust in the business.”

Rajen Madan (Founder and CEO, Leading Point)

Thushan Kumaraswamy (Founding Partner & CTO, Leading Point)

How can Leading Point assist?

Our team of expert practitioners can assist financial entities to implement the ISO 5009 standard in their workflows for trade finance, anti-financial crime, KYC and regulatory reporting. We are fully-equipped to help any organisation that is looking to get vLEIs for their senior team and to incorporate vLEIs into their business processes, reducing costs, accelerating new business growth, and preventing anti-financial crime.


Glossary of Terms and Additional Information on GLEIF


Who is GLEIF?

The Global Legal Entity Identifier Foundation (GLEIF) was established by the Financial Stability Board (FSB) in June 2014 and as part of the G20 agenda to endorse a global LEI. The GLEIF organisation helps to implement the use of the Legal Entity Identifier (LEI) and is headquartered in Basel, Switzerland.


What is an LEI?

A Legal Entity Identifier (LEI) is a unique 20 alphanumeric character code based on the ISO-17442 standard. This is a unique identification code for legal financial entities that are involved in financial transactions. The role of the structure of how an LEI is concatenated, principally answers ‘who is who’ and ‘who owns whom’, as per ISO and GLEIF standards, for entity verification purposes and to improve data quality in financial regulatory reports.


How does GLEIF help?

GLEIF not only helps to implement the use of LEI, but it also offers a global reference data and central repository on LEI information via the Global LEI Index on, which is an online, public, open, standardised, and a high-quality searchable tool for LEIs, which includes both historical and current LEI records.


What is GLEIF’S Vision?

GLEIF believe that each business involved in financial transactions should be identifiable with a unique single digital global identifier. GLEIF look to increase the rate of LEI adoption globally so that the Global LEI Index can include all global financial entities that engage in financial trading activities. GLEIF believes this will encourage market participants to reduce operational costs and burdens and will offer better insight into the global financial markets (Our Vision: One Global Identity Behind Every Business, GLEIF Website).

Séverine Raymond Soulier's Interview with Leading Point

Séverine Raymond Soulier’s Interview with Leading Point



Séverine Raymond Soulier is the recently appointed Head of EMEA at – the secure, cloud-based, communication and content sharing platform. Séverine has over a decade of experience within the Investment Banking sector and following 9 years with Thomson Reuters (now Refinitiv) where she was heading the Investment and Advisory division for EMEA leading a team of senior market development managers in charge of the Investing and Advisory revenue across the region. Séverine brings a wealth of experience and expertise to Leading Point, helping expand its product portfolio and its reach across international markets.

John Macpherson's Interview with Leading Point

John Macpherson’s Interview with Leading Point 2022



John Macpherson was the former CEO of BMLL Technologies; and is a veteran of the city, holding several MD roles at CITI, Nomura and Goldman Sachs. In recent years John has used his extensive expertise to advise start-ups and FinTech in challenges ranging from compliance to business growth strategy. John is Deputy Chair of the Investment Association Engine which is the trade body and industry voice for over 200+ UK investment managers and insurance companies. 

Leading Point and P9 Form Collaboration to Accelerate Trade and Transaction Reporting

Leading Point and P9 Form Collaboration to Accelerate Trade and Transaction Reporting



Leading Point and Point Nine (P9) will collaborate to streamline and accelerate the delivery of trade and transaction reporting. Together, they will streamline the delivery of trade and transaction reporting using P9’s scalable regulatory solution, and Leading Point's data management expertise. This new collaboration will help both firms better serve their clients and provide faster, more efficient reporting. 

London, UK, July 22nd, 2022 


P9’s in-house proprietary technology is a scalable regulatory solution. It provides best-in-class reporting solutions to both buy- and sell-side financial firms, service providers, and corporations, such as ED&F Man, FxPro and Schnigge. P9 helps them ensure high-quality and accurate trade/transaction reporting, and to remain compliant under the following regimes: EMIR, MiFIR, SFTR, FinfraG, ASIC, CFTC and Canadian. 


Leading Point, a highly regarded digital transformation company headquartered in London, are specialists in intelligent data solutions. They serve a global client base of capital market institutions, market data providers and technology vendors.  


Leading Point are data specialists, who have helped some of the Financial Services industry’s biggest players organise and link their data, as well as design and deliver data-led transformations in global front-to-back trading. Leading Point are experts in getting into the detail of what data is critical to businesses. They deliver automation and re-engineered processes at scale, leveraging their significant financial services domain expertise. 


The collaboration will combine the power of P9's knowledge of regulatory reporting, and Leading Point’s expertise in data management and data optimisation. The integration of Leading Point’s services and P9's regulatory technology will enable clients to seamlessly integrate improved regulatory reporting and efficient business processes. 


Leading Point will organise and optimise P9’s client’s data sets, making it feasible for P9's regulatory software to integrate with client regulatory workflows and reporting. In a statement made by Christina Barbash, Business Development Manager at Point Nine, she claims that, “creating a network of best-in-breed partners will enable Point Nine to better serve its existing and potential clients in the trade and transaction reporting market.” 


Andreas Roussos, Partner at Point Nine adds:

“Partnering with Leading Point is a pivotal strategic move for our organization. Engaging with consulting firms will not only give us a unique position in the market, but also allow us to provide more comprehensive service to our clients, making it a game-changer for our organization, our clients, and the industry as a whole.”


Dishang Patel, COO and Founding Partner at Leading Point, speaks on the collaboration: 

“We are thrilled to announce that we are collaborating with Point Nine. Their technology and knowledge of regulatory reporting can assist the wider European market. The new collaboration will unlock doors to entirely new transformation possibilities for organisations within the Financial Sector across EMEA.”   


The collaboration reflects the growing complexity of financial trading and businesses’ need for more automation for compliance with regulations, whilst ensuring data management is front and centre of the approach for optimum client success. Considering this, the two firms have declared to support organisations to improve the quality and accuracy of their regulatory reporting for all regimes. 


About Leading Point 

Leading Point is a digital transformation company with offices in London and Dubai. They are revolutionising the way change is done through their blend of expert services and their proprietary technology, modellr™. 

Find out more at:   

Contact Dishang Patel, Founding Partner & COO at Leading Point -  


About Point Nine 

Point Nine (Limassol, Cyprus), is a dedicated regulatory reporting firm, focusing on the provision of trade and transaction reporting services to legal entities across the globe. Point Nine uses its in-house cutting-edge proprietary technology to provide a best-in-class solution to all customers and regulatory reporting requirements. 

Find out more at:    

Contact Head office, Point Nine Data Trust Limited -

ESG Operating models hold the key to ESG compliance

John Macpherson on ESG Risk

In my last article, I wrote about the need for an effective operating model in the handling and optimisation of data for Financial Services firms. But data is only one of several key trends amongst these firms that would benefit from a digital operating model. ESG has risen the ranks in importance, and the reporting of this has become imperative.  


The Investment Association Engine Program, which I Chair, is designed to identify the most relevant pain points and key themes amongst Asset and Investment Management clients. We do this by searching out FinTech businesses that are already working on solutions to these issues. By partnering with these businesses, we can help our clients overcome their challenges and improve their operations. 


While data has been an ever-present issue, ESG has risen to an equal standing of importance over the last couple of years. Different regulatory jurisdictions and expectations worldwide has left SME firms struggling to comply and implement in a new paradigm of environmental, sustainable and governance protocols. 


ESG risk is different to anything we have experienced before and does not fit into neat categories such as areas like operational risk. The depth and breadth of data and models required for firms to make informed strategic decisions varies widely based on the specific issue at hand (e.g., supply chain, reputation, climate change goals, etc.). Firms need to carefully consider their own position and objectives when determining how much analysis is needed. 

According to S&P Global, sustainable debt issuance reached a record level in 2021, and is only expected to increase further in the coming years. With this growth comes increased scrutiny and a heightened concern of so-called ‘greenwashing’, where companies falsely claim to be environmentally friendly. To combat this, participants need to manage that growth in a way that combats rising concerns about ‘greenwashing’. 


Investors, regulators and the public, in general, are keen to challenge large companies’ ESG goals and results. These challenges vary wildly, but the biggest seen on a regular basis range from human rights to social unrest and climate change. As organisations begin to decarbonise their operations, they face the initially overlooked challenge of creating a credible near-term plan that will enable them to reach their long-term sustainability goals.  


Investor pressure on climate change has historically focussed on the Energy sector. Now central banks are trying to incorporate climate risk as a stress testing feature for all Financial Services firms. 

Source: S&P Global 

Operating models hold the key to ESG transition and compliance. Having an operating model for how each of the firm’s functions intersect with ESG, requires new processes, new data, and new reporting techniques. This needs to be pulled across the enterprise, so firms have a process that is substantiated. 


Before firms worry about ESG scores from their market data providers, they would do well to look closely at their own operating model and framework. In this way, they can then pull in the data required from the marketplace and use it in anger. 


Leading Point is a FinTech business I am proud to be supporting. Their operating model system, modellr describes how financial services businesses work, from the products and services offered, to the key processes, people, data, and technology used to deliver value to their customers. This digital representation of how the business works is crucial to show what areas ESG will impact and how the firm can adapt in the most effective way.  


Rajen Madan, CEO at Leading Point: 

“In many ways, the transition to ESG is exposing the acute gap in firms of not being able to have meaningful dialogue with the plethora of data they already have, and need, to further add to for ESG”.  


modellrharvests a company’s existing data to create a living dashboard, whilst also digitising the change process and enabling quicker and smarter decision-making. Access to all the information, from internal and external sources, in real time is proving transformative for SME size businesses. 


Thushan Kumaraswamy, Chief Solutions Officer at Leading Point:  

“ESG is already one of the biggest drivers of transformation in financial services and is only going to get bigger. Firms need to identify the impact on their business, choose the right change option, execute the strategy, and measure the improvements. The mass of ESG frameworks adds to the confusion of what to report and how. Tools such as modellr bring clarity and purpose to the ESG imperative.” 


While most firms will look to sustainability officers for guidance on matters around ESG, Leading Point are providing these officers, and less qualified team members, with the tools to make informed decisions now, and in the future. We have established exactly what these firms need to succeed – a digital operating model. 


Words by John Macpherson — Board advisor at Leading Point and Chair of the Investment Association Engine 


The Challenges of Data Management

John Macpherson on The Challenges of Data Management



I often get asked, what are the biggest trends impacting the Financial Services industry? Through my position as Chair of the Investment Association Engine, I have unprecedented access to the key decision-makers in the industry, as well as constant connectivity with the ever-expanding Fintech ecosystem, which has helped me stay at the cutting edge of the latest trends.

So, when I get asked, ‘what is the biggest trend that financial services will face’, for the past few years my answer has remained the same, data.

During my time as CEO of BMLL, big data rose to prominence and developed into a multi-billion-dollar problem across financial services. I remember well an early morning interview I gave to CNBC around 5 years ago, where the facts were starkly presented. Back then, data was doubling every three years globally, but at an even faster pace in financial markets.

Firms are struggling under the weight of this data

The use of data is fundamental to a company's operations, but they are finding it difficult to get a handle on this problem. The pace of this increase has left many smaller and mid-sized IM/ AM firms in a quandary. Their ability to access, manage and use multiple data sources alongside their own data, market data, and any alternative data sources, is sub-optimal at best. Most core data systems are not architected to address the volume and pace of change required, with manual reviews and inputs creating unnecessary bottlenecks. These issues, among a host of others, mean risk management systems cannot cope as a result. Modernised data core systems are imperative to solve where real-time insights are currently lost, with fragmented and slow-moving information.

Around half of all financial service data goes unmentioned and ungoverned, this “dark data” poses a security and regulatory risk, as well as a huge opportunity.

While data analytics, big data, AI, and data science are historically the key sub-trends, these have been joined by data fabric (as an industry standard), analytical ops, data democratisation, and a shift from big data to smaller and wider data.

Operating models hold the key to data management

modellr™ dashboard

Governance is paramount to using this data in an effective, timely, accurate and meaningful way. Operating models are the true gauge as to whether you are succeeding.

Much can be achieved with the relatively modest budget and resources firms have, provided they invest in the best operating models around their data.

Leading Point is a firm I have been getting to know over several years now. Their data intelligence platform modellr™, is the first truly digital operating model. modellr™ harvests a company’s existing data to create a living operating model, digitising the change process, and enabling quicker, smarter, decision making. By digitising the process, they’re removing the historically slow and laborious consultative approach. Access to all the information in real-time is proving transformative for smaller and medium-sized businesses.

True transparency around your data, understanding it and its consumption, and then enabling data products to support internal and external use cases, is very much available.

Different firms are at very different places on their maturity curve. Longer-term investment in data architecture, be it data fabric or data mesh, will provide the technical backbone to harvest ML/ AI and analytics.

Taking control of your data

Recently I was talking to a large investment bank for whom Leading Point had been brought in to help. The bank was looking to transform its client data management and associated regulatory processes such as KYC, and Anti-financial crime.

They were investing heavily in sourcing, validating, normalising, remediating, and distributing over 2,000 data attributes. This was costing the bank a huge amount of time, money, and resources. But, despite the changes, their environment and change processes had become too complicated to have any chance of success. The process results were haphazard, with poor controls and no understanding of the results missing.

Leading Point was brought in to help and decided on a data minimisation approach. They profiled and analysed the data, despite working across regions and divisions. Quickly, 2,000 data attributes were narrowed to less than 200 critical ones for the consuming functions. This allowed the financial institutions, regulatory, and reporting processes to come to life, with clear data quality measurement and ownership processes. It allowed the financial institutions to significantly reduce the complexity of their data and its usability, meaning that multiple business owners were able to produce rapid and tangible results

I was speaking to Rajen Madan, the CEO of Leading Point, and we agreed that in a world of ever-growing data, data minimisation is often key to maximising success with data!

Elsewhere, Leading Point has seen benefits unlocked from unifying data models, and working on ontologies, standards, and taxonomies. Their platform, modellr™is enabling many firms to link their data, define common aggregations, and support knowledge graph initiatives allowing firms to deliver more timely, accurate and complete reporting, as well as insights on their business processes.

The need for agile, scalable, secure, and resilient tech infrastructure is more imperative than ever. Firms’ own legacy ways of handling this data are singularly the biggest barrier to their growth and technological innovation.

If you see a digital operating model as anything other than a must-have, then you are missing out. It’s time for a serious re-think.

Words by John Macpherson — Board advisor at Leading Point, Chair of the Investment Association Engine


John was recently interviewed about his role at Leading Point, and the key trends he sees affecting the financial services industry. Watch his interview here

Leading Point Shortlisted For Data Management Insight Awards

Leading Point has been shortlisted for the A-Teams Data Management Insight Awards.

Data Management Insight Awards, now in their seventh year, are designed to recognise leading providers of data management solutions, services and consultancy within capital markets.

Leading Point has been nominated for four categories:

  1. Most Innovative Data Management Provider
  2. Best Data Analytics Solution Provider
  3. Best Proposition for AI, Machine Learning, Data Science
  4. Best Consultancy in Data Management


Areas of Outstanding Service & Innovation

Leading Form Index: Data readiness assessment, created by Leading Point FM, which measures firms data capabilities and their capacity to transform across 24 unique areas. This allows participating firms to understand the maturity of their information assets, the potential to apply new tech (AI, DLT) and benchmark with peers.

Chief Risk Officer Dashboard: Management Information Dashboard that specifies, quantifies, and visualises risks arising from firms’ non-financial, operational, fraud, financial crime, and cyber risks.

Leading Point FM ‘Think Fast’ Application: The application provides the ability to input use cases and solution journeys and helps visualise process, systems and data flows, as well as target state definition & KPI’s. This allows business change and technology teams to quickly define and initiate change management.

Anti-Financial Crime Solution: Data centric approach combined with Artificial Intelligence technology reimagines and optimises AML processes to reduce volumes of client due diligence, reduce overall risk exposure, and provide the roadmap to AI-assisted automation.

Treasury Optimisation Solution: Data content expertise leveraging cutting edge DLT & Smart Contract technology to bridge intracompany data silos and enable global corporates to access liquidity and efficiently manage finance operations.

Digital Repapering Solution: Data centric approach to sourcing, management and distribution of unstructured data combined with NLP technology to provide roadmap towards AI assisted repapering and automated contract storage and distribution.

Leading Form Practical Business Design Canvas: A practical business design method to describe your business goals & objectives, change projects, capabilities, operating model, and KPI’s to enable a true business-on-a-page view that is captured within hours.

ISO 27001 Certification – Delivery of Information Security Management System (ISMS) & Cyber risk mitigation with a Risk Analysis Tool

Leading Point's Guide to Change Terms

Leading Point's Guide to Change Terms



We at Leading Point know all too well that the business world is full of jargon. So here's our handy guide to the eight most common terms used in change management.

Op model (AKA Operating model)
A representation of how a business works. It is not an org chart or a process map. This is traditionally done in PowerPoint and Excel.

Digital op model
This often means, how your business works in a digital world.
However, at Leading Point we believe that operating models can be done differently. To us, a digital op model is a digital representation of your operating model. This means that the op model remains live, and can be updated in real time; rather than living in a rarely opened PowerPoint.

Digital transformation
Making the business work better using digital tools and processes. 

Business transformation
Any kind of significant change to how the business works.

Turning paper documents into structured data.

Business capability
What the business does.
Capabilities are stable and rarely change.

Business process
How the business operates.
Unlike ‘business capability’, this is variable and changes frequently.

Either used as another word for capability, or another word for organisation. (This is confusing, which is why we at Leading Point don't use it.)

We hope this has helped to translate some of the jargon!
If you would like to learn more about Leading Point and how we help businesses manage change, you can reach us here

GDFM & Leading Point Partnering for Smarter Regulatory Health Management

GDFM and Leading Point collaborate to deliver innovative and efficient regulatory risk management to our clients and through the SMART_Dash product; enabling consistent, centralised, accessible regulatory health data to assist responsible and accountable individuals with ensuring adequate transparency, for risk mitigation decision making and action taking.  This is complemented by a SMART_Board suite for Board level leadership and a more detailed SMART_Support suite for regulatory reporting teams.

We are delighted that SMART_Dash has been shortlisted in 3 categories in this year's prestigious RegTech Insight Awards in Europe, which recognises both established solution providers and innovative newcomers, seeking to herald and highlight innovative RegTech solutions across the global financial services industry.

GD Financial Markets Head of Regulatory Compliance Practice and SMART_Dash Co-creator Sarah Peaston "Centralised, consolidated, consistent regulatory health transparency and tracking is key to identifying and managing regulatory and operating risk.  I am delighted that SMART_Dash has been recognised as a new breed of solution that practically assists Managers, Senior Managers and Leadership with managing their regulatory health through the provision of the right information, at the right level to the right seniority”.

Leading Point CEO Rajen Madan "Our vision with SMART_Dash is to accelerate better regulatory risk management approaches and vastly more efficient RegOps. As financial services practitioners we are acutely aware of the time managers spend trying to make sense of their regulatory and operating risk areas from a multitude of inconsistent reports. SMART_Dash enables the shift to an enhanced way of risk management, which creates standardisation and makes reg data work for your business. We are very grateful to the COO, CRO and CFOs whom have contributed to its development and help the industry move forward”.

GDFM and Leading Point are rolling out the SMART_Dash suite to the first set of industry consortium partners progressively in H1 2021, and thereafter open to a wider set of institutions.

The Composable Enterprise: Improving the Front-Office User Experience

[et_pb_section fb_built="1" _builder_version="4.4.8" min_height="1084px" custom_margin="16px||-12px|||" custom_padding="0px||0px|||"][et_pb_row column_structure="2_3,1_3" _builder_version="3.25" custom_margin="-2px|auto||auto||" custom_padding="1px||3px|||"][et_pb_column type="2_3" _builder_version="3.25" custom_padding="|||" custom_padding__hover="|||"][et_pb_social_media_follow url_new_window="off" follow_button="on" _builder_version="4.4.8" text_orientation="left" module_alignment="left" min_height="14px" custom_margin="1px||5px|0px|false|false" custom_padding="0px|0px|0px|0px|false|false" border_radii="on|1px|1px|1px|1px"][et_pb_social_media_follow_network social_network="linkedin" url="" _builder_version="4.4.8" background_color="#007bb6" follow_button="on" url_new_window="off"]linkedin[/et_pb_social_media_follow_network][/et_pb_social_media_follow][et_pb_image src="" title_text="cloud-based-services" align_tablet="center" align_phone="" align_last_edited="on|desktop" admin_label="Image" _builder_version="4.4.8" locked="off"][/et_pb_image][/et_pb_column][et_pb_column type="1_3" _builder_version="3.25" custom_padding="|||" custom_padding__hover="|||"][/et_pb_column][/et_pb_row][et_pb_row column_structure="1_2,1_2" _builder_version="4.4.8"][et_pb_column type="1_2" _builder_version="4.4.8"][et_pb_text _builder_version="4.4.8" text_font="||||||||" text_font_size="14px" text_line_height="1.6em" header_font="||||||||" header_font_size="25px" width="100%" custom_margin="10px|-34px|-5px|||" custom_padding="16px|0px|5px|8px||" content__hover_enabled="off|desktop"]

By Dishang Patel, Fintech & Growth Delivery Partner, Leading Point Financial Markets.

The past six months have by no means been a time of status quo. During this period of uncertainty, standards have been questioned and new ‘norms’ have been formed.

A standout development has been the intensified focus on cloud-based services. Levels of adoption have varied, from those moving to cloud for the first time, to others making cloud their only form of storage and access, and with numerous ‘others’ in between.

One area affected adversely (for those who weren’t ready) but positively (for those who were) is software. ‘Old-school’ software vendors – whose multi-million-pound solutions were traditionally implemented on premise at financial institutions, whether as part of a pure ‘buy’ or broader ‘build’ approach – have worked hard to offer cloud-based services.

The broad shift to working from home (WFH) as a result of the Covid-19 pandemic has tested the end-user experience all the way from front to back offices in financial institutions. Security, ease of access and speed are all high on the agenda in the new world in which we find ourselves.

The digitisation journey

With workforces operating globally, it is difficult to guarantee uniform user experiences and be able to cater for a multitude of needs. To achieve success in this area and to ensure a seamless WFH experience, financial institutions have moved things up a level and worked as hard as software providers to offer cloud-based solutions.

All manner of financial institutions (trading firms, brokerages, asset managers, challenger banks) have been on a digitisation journey to make the online user experience more consistent and reliable.

Composable Enterprise is an approach that those who have worked in a front office environment within financial services may have come across and for many could be the way forward.


Composable Enterprise: the way forward

Digitisation can come in many forms: from robotic process automation (RPA), operational excellence, implementation of application-based solution, interoperability and electronification. Interoperability and electronification are two key components of this Composable Enterprise approach.

Interoperability – whether in terms of web services, applications, or both –  is an approach that can create efficiencies on the desktop and deliver improved user experience. It has the potential to deliver business performance benefits, in terms of faster and better decision making with the ultimate potential to uncover previously untapped alpha. It also has two important environmental benefits:

1) Reducing energy spend;

2) Less need for old hardware to be disposed of, delivering the reduced environmental footprint that organisations desire.

Electronification, for most industry players, may represent the final step on the full digitisation journey. According to the Oxford English Dictionary, electronification is the “conversion to or adoption of an electronic mode of operation,” which translates to the front office having all the tools they need to do their jobs to the best of their ability.

The beauty of both interoperability and electronification is that they work just as well in a remote set up as they do in an office environment. This is because a good implementation of both results in maximising an organisation’s ability to use all the tools (trading platforms, market data feeds, CRMs, and so on) at their disposal without needing masses of physical infrastructure.

Because of the lower barriers (such as time and cost) of interoperability, financial institutions should start their digitisation journeys from this component and then embark on a larger and more complicated move to electronification.

Composable Enterprise is about firms being able to choose the best component needed for their business, allowing them to be more flexible and more open in order to adapt to new potential revenue opportunities. In these challenging times, it is no surprise that more and more financial institutions are adding Composable Enterprise as a key item on their spending agenda.





[/et_pb_text][/et_pb_column][et_pb_column type="1_2" _builder_version="4.4.8"][et_pb_text disabled_on="on|on|off" _builder_version="4.4.8" min_height="15px" custom_margin="452px||133px|||" custom_padding="8px||0px|||"]

"The broad shift to working from home as a result of the Covid-19 pandemic has tested the end-user experience all the way from front to back offices in financial institutions."

[/et_pb_text][et_pb_text disabled_on="on|on|off" _builder_version="4.4.8" min_height="15px" custom_margin="452px||133px|||" custom_padding="8px|||||"]

"It has the potential to deliver business performance benefits, in terms of faster and better decision making with the ultimate potential to uncover previously untapped alpha."

[/et_pb_text][et_pb_text disabled_on="on|on|off" _builder_version="4.4.8" min_height="15px" custom_margin="427px|||||" custom_padding="1px|||||"]

"The beauty of both interoperability and electronification is that they work just as well in a remote set up as they do in an office environment."

[/et_pb_text][/et_pb_column][/et_pb_row][/et_pb_section][et_pb_section fb_built="1" _builder_version="3.22.3" animation_style="fade" locked="off"][et_pb_row _builder_version="3.25"][et_pb_column type="4_4" _builder_version="3.25" custom_padding="|||" custom_padding__hover="|||"][et_pb_team_member name="Dishang Patel" position="Fintech & Growth Delivery Partner" image_url="" _builder_version="4.4.8" link_option_url="" hover_enabled="0" admin_label="Person" title_text="dishang.2e16d0ba.fill-400x400"]

Responsible for delivering digital FS businesses.

Transforming delivery models for the scale up market.

[/et_pb_team_member][et_pb_text admin_label="Contact Us" module_class="txtblue" _builder_version="3.27.4" text_font="||||||||" link_font="||||||||" ul_font="||||||||" text_orientation="center"]

Contact Us

[/et_pb_text][et_pb_text admin_label="Form" _builder_version="3.27.4"][formidable id=2][/et_pb_text][et_pb_code admin_label="Social media icons" module_class="form" _builder_version="3.19.4" custom_margin="0px||0px" custom_padding="0px||0px"]


Riding the ESG Regulatory Wave

[et_pb_section fb_built="1" _builder_version="4.4.8" min_height="1084px" custom_margin="16px||-12px|||" custom_padding="0px||0px|||"][et_pb_row column_structure="2_3,1_3" _builder_version="3.25" custom_margin="-2px|auto||auto||" custom_padding="1px||3px|||"][et_pb_column type="2_3" _builder_version="3.25" custom_padding="|||" custom_padding__hover="|||"][et_pb_social_media_follow url_new_window="off" follow_button="on" _builder_version="4.4.8" text_orientation="left" module_alignment="left" min_height="14px" custom_margin="1px||5px|0px|false|false" custom_padding="0px|0px|0px|0px|false|false" border_radii="on|1px|1px|1px|1px"][et_pb_social_media_follow_network social_network="linkedin" url="" _builder_version="4.4.8" background_color="#007bb6" follow_button="on" url_new_window="off"]linkedin[/et_pb_social_media_follow_network][/et_pb_social_media_follow][et_pb_image src="" title_text="wave again" align_tablet="center" align_phone="" align_last_edited="on|desktop" admin_label="Image" _builder_version="4.4.8" locked="off"][/et_pb_image][/et_pb_column][et_pb_column type="1_3" _builder_version="3.25" custom_padding="|||" custom_padding__hover="|||"][/et_pb_column][/et_pb_row][et_pb_row column_structure="1_2,1_2" _builder_version="4.4.8"][et_pb_column type="1_2" _builder_version="4.4.8"][et_pb_text _builder_version="4.4.8" text_font="||||||||" text_font_size="14px" text_line_height="1.6em" header_font="||||||||" header_font_size="25px" width="100%" custom_margin="10px|-34px|-5px|||" custom_padding="16px|0px|5px|8px||" content__hover_enabled="off|desktop"]

Riding the ESG Regulatory Wave 

In the third part of our Environmental, Social and Governance (ESG) blog series, Alejandra explores the implementation challenges of ESG regulations hitting EU Asset Managers and Financial Institutions.

A new brand of Regulation

Whilst the world is still recovering from the effects of COVID-19, and adapting to the issues uncovered as a result of the Black Lives Matter movement, adopting sustainable practices and timely adherence to ESG regulations is pivotal in safeguarding a company’s long-term success.

Widely recognised as being more than a fad or a feel-good exercise, it is clear that creating stronger ESG alignment correlates with higher equity returns.* Compliance with ESG regulations will create monumental changes to the financial services industry and it will take well-rounded experience in regulatory transition to ensure seamless adherence and minimal disruption to operations.

Similar to the Know Your Client (KYC) and Anti Financial Crime (AFC) regulation landscape of five years ago, ESG regulation implementation will require heavy lifting from the advisory and consulting sectors. Compounded with this, firms need a commitment to transition and adjust investment principles and processes in order to achieve these ambitious goals.

This influx of new rules reflects the regulators attempts to catch up with longstanding investor demand.** As a result of these optional and mandatory principles, businesses are understanding the importance of having well-governed and socially-responsible practices in place, making it the optimal time for financial institutions to start planning for ESG rules implementation.


Upcoming EU ESG Regulation Examples

  1. MiFID II Amendments (in force Q1 2020) Advisers will need to be more proactive with customers in relation to ESG considerations by asking them about their preferences
  2. The Taxonomy Regulation (in force July 2020) Sets out a common classification system to determine which  economic activities and investments can be treated as “environmentally sustainable”
  3. Benchmarks Regulation Has been amended to include two new benchmarks to help increase transparency and avoid greenwashing 
    4. Stress Testing Rules for Banks Tools and mechanisms to integrate ESG factors into the EU prudential framework, banks’ business strategies, investment policies and risk management processes 

    In the last three years, ESG regulations grew by 158% in the UK, and by 145% in the US and Canada.***

The most regulated topics are business ethics and climate change in financial services, energy use and consumer rights in the US utilities, and product and service safety in healthcare and pharmaceuticals.

These regulations will affect many areas significant to asset managers, from corporate governance to process and product considerations. Implementing these changes effectively in order to gain a competitive advantage over their peers and avoiding the burden of non-compliance will mean drawing up consistent definitions, identifying the data points needed to set comparable targets, monitoring investments and reporting to regulators. Additionally, they will have to consider their role in the design, delivery and sale of financial services and products. 

Data, Benchmarking and Disclosure

When it comes to benchmarking and disclosing data it is important to highlight the difference between ‘sustainability’ and ‘ESG’. Specifically with ESG information, the devil is in the detail. Asset managers must perform this in-depth data collection to satisfy their own corporate reporting requirements, to conduct appropriate investment and risk management decisions, and to make disclosures to clients and fund investors.

Because asset managers produce, distribute and ingest financial and non-financial ESG data, these regulations can bring competitive advantage and clarity to those who implement them effectively.

A typical asset manager will have to ingest endless subsets of relevant ESG considerations from various asset classes, industries and geographies all of which depend on differing underlying data in order to reach informed and accurate decisions. The major challenge is being able to determine the data points required to set comparable targets, monitor investments, and measure and compare performance across sectors, industries, and national or regional borders.

Implementation Insights

A proactive approach is essential as it enables firms to gain an early understanding of the changes needed to their operations and position them as credible, trusted partners with regulators.

Once an organisation has established its guiding vision and strategy for implementing investment principles, the real work begins. Updates to compliance, risk management, product development, data management, sales and reporting processes all need to take place and have to be coordinated across business units and functions to ensure consistency and traceability. 

Analysis and assembly of regulations, standards and good practices, clear and up-to -date management views and evaluation of peer approaches all have to be part of a holistic regulatory implementation approach.

Whilst trying to predict the future and see the outcomes of implementing these future-facing requirements, it is important to remember the importance of flexibility and adaptability. The transition has to be well-managed and sustainable to be maintained. It is also important to incorporate lessons learnt from previous regulatory implementations. The organisations who will come out the strongest will be those who take the time to invest and begin with a good understanding of the changes in the operational environment and internal capabilities required.





[/et_pb_text][/et_pb_column][et_pb_column type="1_2" _builder_version="4.4.8"][et_pb_text disabled_on="on|on|off" _builder_version="4.4.8" min_height="15px" custom_margin="452px||133px|||" custom_padding="8px|||||"]

"Compliance with ESG regulations will create monumental changes to the financial services industry and it will take well-rounded experience in regulatory transition to ensure seamless adherence and minimal disruption to operations."

[/et_pb_text][et_pb_text disabled_on="on|on|off" _builder_version="4.4.8" min_height="15px" custom_margin="452px||133px|||" custom_padding="8px|||||"]

"Because asset managers produce, distribute and ingest financial and non-financial ESG data, these regulations can bring competitive advantage and clarity to those who implement them effectively."

[/et_pb_text][et_pb_text disabled_on="on|on|off" _builder_version="4.4.8" min_height="15px" custom_margin="427px|||||" custom_padding="1px|||||"]

"Similar to the Know Your Client and Anti Financial Crime regulation landscape of five years ago, ESG regulation implementation will require heavy lifting from the advisory and consulting sectors."

[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row column_structure="1_4,1_4,1_2" _builder_version="3.25"][et_pb_column type="1_4" _builder_version="3.25" custom_padding="|||" custom_padding__hover="|||"][et_pb_team_member name="Alejandra Curtis " position="Leading Point" image_url="" linkedin_url="" _builder_version="4.4.8" inline_fonts="Sarabun"]

Environmental Social & Governance (ESG) and Sustainable Investment

Client propositions and products in data-driven transformation in ESG and Sustainable Investing.

[/et_pb_team_member][/et_pb_column][et_pb_column type="1_4" _builder_version="4.4.8"][et_pb_team_member name="Rajen Madan" position="Founder and CEO" image_url="" _builder_version="4.4.8" link_option_url=""]

Responsible for delivering digital FS businesses.
Change leader with over 20 years’ experience in helping financial markets with their toughest business challenges.

[/et_pb_team_member][/et_pb_column][et_pb_column type="1_2" _builder_version="4.4.8"][et_pb_text _builder_version="4.4.8" text_font_size="15px" width="100%" link_option_url=""]

Upcoming blogs:

This is the third in a series of blogs that will explore the ESG world: its growth, its potential opportunities and the constraints that are holding it back. We will explore the increasing importance of ESG and how it affects business leaders, investors, asset managers, regulatory actors and more.

Artificial Intelligence: the Solution to the ESG Data Gap? In the second part of our Environmental, Social and Governance (ESG) blog series, Anya explores the potential opportunities surrounding Artificial Intelligence and responsible investing.

Is it time for VCs to take ESG seriously? In the fourth part of our  Environmental, Social and Governance (ESG) blog series, Ben explores the current research on why startups should start implementing and communicating ESG policies into their business.

[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row column_structure="1_3,1_3,1_3" _builder_version="4.4.8"][et_pb_column type="1_3" _builder_version="4.4.8"][/et_pb_column][et_pb_column type="1_3" _builder_version="4.4.8"][et_pb_button button_url="" button_text="Download our guide" button_alignment="center" _builder_version="4.4.8" custom_button="on" button_text_size="20px" button_text_color="#ffffff" button_bg_color="#0c71c3" button_font="|700||||on|||" button_icon="%%30%%" button_icon_color="#0c71c3" background_layout="dark" button_text_shadow_style="preset3"][/et_pb_button][/et_pb_column][et_pb_column type="1_3" _builder_version="4.4.8"][/et_pb_column][/et_pb_row][/et_pb_section][et_pb_section fb_built="1" module_class="txtwhite" _builder_version="3.22.3" background_color="#23408f" custom_padding="||62px|||" locked="off"][et_pb_row _builder_version="4.4.8"][et_pb_column type="4_4" _builder_version="4.4.8"][et_pb_text _builder_version="4.4.8" text_text_color="#ffffff" text_font_size="15px" header_text_color="#ffffff"]

How Leading Point can help

[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row column_structure="1_3,1_3,1_3" _builder_version="4.4.8"][et_pb_column type="1_3" _builder_version="4.4.8"][et_pb_blurb_extended title="Bringing clarity to your company’s ESG data" use_icon="on" font_icon="%%384%%" icon_color="#ffffff" use_icon_font_size="on" icon_font_size="39px" icon_hover_color="#17a826" style_icon="on" icon_shape="use_circle" use_shape_border="on" shape_border_color="#ffffff" shape_border_hover_color="#17a826" title_hover_color="#17a826" _builder_version="4.4.8" header_text_align="left" header_text_color="#ffffff" header_font_size="17px" read_more_icon="%%20%%" text_orientation="center" custom_margin="5px|1px|5px|1px|false|false" custom_padding="0px|0px|0px|0px|false|false" animation_style="fade" locked="off"]

By using our cloud-based data visualisation platform to bring together relevant metrics, we help organisations gain a standardised view and improve your ESG reporting and portfolio performance.  Our live ESG dashboard can be used to scenario plan, map out ESG strategy and tell the ESG story to stakeholders.

[/et_pb_blurb_extended][/et_pb_column][et_pb_column type="1_3" _builder_version="4.4.8"][et_pb_blurb_extended title="Accelerating the collection of ESG metrics using AI" use_icon="on" font_icon="%%389%%" icon_color="#ffffff" use_icon_font_size="on" icon_font_size="39px" icon_hover_color="#17a826" style_icon="on" icon_shape="use_circle" use_shape_border="on" shape_border_color="#ffffff" shape_border_hover_color="#17a826" title_hover_color="#17a826" _builder_version="4.4.8" header_text_align="left" header_text_color="#ffffff" header_font_size="17px" read_more_icon="%%20%%" text_orientation="center" custom_margin="5px|1px|5px|1px|false|false" custom_padding="0px|0px|0px|0px|false|false" animation_style="fade" locked="off"]

AI helps with the process of ingesting, analysing and distributing data as well as offering predictive abilities and assessing trends in the ESG space.  Leading Point is helping our AI startup partnerships adapt their technology to pursue this new opportunity, implementing these solutions into investment firms and supporting them with the use of the technology and data management.

[/et_pb_blurb_extended][/et_pb_column][et_pb_column type="1_3" _builder_version="4.4.8"][et_pb_blurb_extended title="Assisting companies to implement upcoming EU ESG regulations" use_icon="on" font_icon="%%392%%" icon_color="#ffffff" use_icon_font_size="on" icon_font_size="39px" icon_hover_color="#17a826" style_icon="on" icon_shape="use_circle" use_shape_border="on" shape_border_color="#ffffff" shape_border_hover_color="#17a826" title_hover_color="#17a826" _builder_version="4.4.8" header_text_align="left" header_text_color="#ffffff" header_font_size="17px" read_more_icon="%%20%%" text_orientation="center" custom_margin="5px|1px|5px|1px|false|false" custom_padding="0px|0px|0px|0px|false|false" animation_style="fade" locked="off"]

Implementing ESG regulations and providing operational support to improve ESG metrics for banks and other financial institutions. Ensuring compliance by benchmarking and disclosing ESG information, in-depth data collection to satisfy corporate reporting requirements, conducting appropriate investment and risk management decisions, and to make disclosures to clients and fund investors.

[/et_pb_blurb_extended][/et_pb_column][/et_pb_row][/et_pb_section][et_pb_section fb_built="1" _builder_version="3.22.3" animation_style="fade" locked="off"][et_pb_row _builder_version="3.25"][et_pb_column type="4_4" _builder_version="3.25" custom_padding="|||" custom_padding__hover="|||"][et_pb_text admin_label="Contact Us" module_class="txtblue" _builder_version="3.27.4" text_font="||||||||" link_font="||||||||" ul_font="||||||||" text_orientation="center"]

Contact Us

[/et_pb_text][et_pb_text admin_label="Form" _builder_version="3.27.4"][formidable id=2][/et_pb_text][et_pb_code admin_label="Social media icons" module_class="form" _builder_version="3.19.4" custom_margin="0px||0px" custom_padding="0px||0px"]

  • Connect






What if business operations could be more like Lego?

Financial services (FS) professionals from 30+ organisations tuned in to our inaugural webinar last week “What if business operations could be more like Lego?” to hear the challenges that COO and Heads of Change face in changing their business operating models and how we might break through the barriers. A summary of key takeaways from the discussion are presented below. See the webinar recording here


The importance of ‘Know Your Operating Model’

FS firms are under renewed pressure to rethink their operating models; competitive pressure, raised consumer expectations, and continuous regulatory requirements mean constant operating model re-think and change. Yet most firms are stuck with theoretical target operating models that lack a plan, a way to measure performance and progress, or a business case. As a result, only 25% of investors are confident strategic digital transformation will be effective.**

Innovation is hindered as firms struggle to overcome significant technical debt to implement new technology (e.g. automation, AI, cloud etc.) while effectively using budget tied up in high operating costs. Indeed, 80% of technology spend in organisations is focused on legacy systems and processes, while only 20% of analytics insights deliver business outcomes and 80% of AI projects “remain alchemy, run by wizards”***

Insufficient business understanding means lost opportunities, wasteful spends & risk – if you don’t understand your business well enough, you will be exposing yourself to risks and lost opportunities.


The barriers to business understanding

Firms current approaches to business operations and change are not fit for purpose.

Insight Gap in the Boardroom: Experts with specialist toolkits are needed to structure and interpret most business information. Management’s understanding of the business is often directly related to the ability of their analytical teams to explain it to them. Most firms are still stuck with an overload of information without insights, without the right questions being asked.

Cultural Challenge: Many execs still think in terms of headcount and empire building rather than outcomes, capabilities, and clients.

Misaligned metrics: Metrics are too focused on P&L, costs and bonuses! Less on holistic organisation metrics, proof points and stories.

Complexity makes it difficult to act… Most enterprises suffer from excessively complicated operating models where the complexity of systems, policies, processes, controls, data and their accompanying activities make it difficult to act.

…and difficult to explain: Substantiating decisions to stakeholders, regulators or investors is an ongoing struggle, for both new and historic decisions.

If you can't measure it, you can't manage it: Inconsistent change initiatives without performance metrics compound errors of the past and mean opportunities for efficiency gains go unseen.
How can we break through these barriers?

Business insight comes from context, data and measurement: How the building blocks of the business fit together and interact is essential to the ‘what’ and ‘how’ of change, and measurement is key to drive transparency and improved behaviours.

Operating model dashboards are essential: Effective executives either have extremely strong dashboards underpinning their decisions or have long standing experience at the firm across multiple functions and get to “know” their operating mode innately. This is a key gap in most firms. 50% of attendees chose improved metrics & accessibility of operating model perspectives as priority areas to invest in.

Less is more: Senior managers should not be looking at more than 200 data points to run and change their business. Focusing on the core and essential metrics is necessary to cut through the noise.

The operating model data exists, it should now be harvested: The data you need probably already exists in PowerPoint presentations, Excel spreadsheets and workflow tools. Firms have struggled to harvest this data historically and automate the gathering process. We demonstrated how operating model data can be collected and used to create insights for improved decision-making using the modellr platform.

Culture change is central: Culture was voted by attendees as the #1 area to invest in, in order to improve business decision-making. Organisational culture is a key barrier to operating model change. A culture that incentivises crossing business silos and transparency will create benefits across the enterprise.

Client-driven: Clients are driving firms to more real-time processing along with the capability to understand much more information. Approaches that combine human intelligence with machine intelligence are already feasible and moving into the mainstream.

Get comfortable with making decisions with near perfect information: Increasingly executives and firms need to get comfortable with “near perfect” information to make decisions, act and deliver rapid business benefits.


Future Topics of Interest

Regulatory Reassurance: Regulators continue to expect comprehensive, responsible and tangible governance and control from Senior Managers. How can firms keep up with their regulatory obligations in a clear and simple way?

Environmental, Social & Governance (ESG): An increasingly-popular subject, ESG considers  the impact of businesses on the environment and society. ESG metrics are becoming more important for investors & regulators and firms are looking for consistent ways to measure performance and progress in ESG metrics.

Operating Model-as-a-Service: As well as managing business operations themselves, firms need to monitor the models that describe those operations; their current state, their target state and the roadmap between the two. Currently, this is often done with expensive PowerPoint presentations that are usually left in cupboards and ignored because they are not “live” documents. Metrics around the operating model can be captured and tracked in a dashboard.

Anti-Financial Crime (AFC): Money laundering, terrorist financing, fraud, sanctions, bribery & corruption; the list of ways to commit financial crime through FS firms grows by the day. How can firms track their AFC risk levels and control effectiveness to see where they need to strengthen?

Information Security: With the huge volume of data that firms now collect, process & store, there are more and more risks to keep that data secure and private. Regulations like GDPR can impose very large fines on firms that break those regulations. Industry standards, such ISO 27001, help improve standards around information security.

*,**  Oliver Wyman, 2020, The State Of The Financial Services Industry

*** Gartner, 2019, Our Top Data and Analytics Predicts for 2019


Operational Resilience: data infrastructure and a consolidated risk view is pivotal to the new rules on operational risk

What have we learnt about Operational Resilience in the last three months?  

The last three months has taken the world – and Financial Services completely by surprise and further highlighted some major weaknesses in firms’ approaches to operational risk.

In January 2020, infectious diseases or Pandemic Risk, was not in the top 20 operational risks in Financial Services – at the time dominated by Cybercrime, data breaches and financial crime.[1] While many firms’ will have run pandemic scenarios at some point as part of their operational risk scenario analysis programme (probably based on SARs, or Ebola) – it’s becoming increasingly clear that many firms’ business continuity plans were being updated ‘on the fly’ as they moved to crisis management as the pandemic situation evolved. 70% of Operational Risk professionals say that their priorities and focus have changed as a result of Covid 19.[2]

This is understandable. No-one anticipated a situation of near total remote working that the pandemic has called for – even in extreme scenarios.

Many banks and insurance companies now have up to 90% of their staff working from home and are attempting to manage the plethora of associated impacts and increased risks resulting from this new environment.

Risks such as internal fraud or engaging in unauthorised activities are increasing as a direct consequence of the reduced monitoring capabilities caused by distance working as well as simple operational errors, mistakes, and omissions. While many other indirect risks are increasing, such as cyber criminals taking advantage of new vulnerabilities revealed by remote working.


Regulators are re-writing the rulebook on how to manage operational risk

The ability of Financial Services to cope in situations such as this has been an area of regulatory focus for some years now, in great part driven by the parliamentary response to high profile IT failures such as with TSB or RBS[3]. Named ‘Operational Resilience’, regulators are looking at the “ability of firms and the financial sector as a whole to prevent, adapt, respond to, recover, and learn from operational disruptions.”

The Bank of England & FCA released a discussion paper in 2018 on this topic, stating:

“The financial sector needs an approach to operational risk management that includes preventative measures and the capabilities – in terms of people, processes and organisational culture – to adapt and recover when things go wrong.”[4]

Covid 19 is a prime example of things ‘going wrong’.

As a result, regulators are closely monitoring this situation as Covid 19 replaces Brexit as the test case for UK financial services’ ‘Operational Resilience’ rules. How firms manage Covid 19 now, will shape the final form of the imminent legislation as firms’ successes and failures are factored into the final rules due in 2021.

A joint PRA/FCA consultation paper ‘CP29/19 Operational resilience: Impact tolerances for important business services’ released in December 2019[5] breaks down their proposed policy and regulatory requirements to reform operational risk management. Namely:

  1. Identification of Important Business services – A firm or Financial Market Infrastructure (FMI) must identify and document the necessary people, processes, technology, facilities, and information (referred to as resources) required to deliver each of its important business services.
  2. Set impact tolerances for those business services – firms should articulate specific maximum levels of disruption, including time limits within which they will be able to resume the delivery of important business services following severe but plausible disruptions
  3. Remain within those impact tolerances – Scenario testing: is the testing of a firm or FMI’s ability to remain within its impact tolerance for each of its important business services in the event of a severe (or in the case of FMIs, extreme) but plausible disruption of its operations.

The shift in focus means moving away from tracking individual risks to individual systems and resources towards considering the chain of activities which make up a business service and its delivery. This includes outsourcing and third party risk management, as made clear in a separate consultation paper. [6] As a result, operational risk management will become significantly more data intensive.

To understand business services’ impact tolerances in ongoing testing requires a significant level of infrastructure and data sophistication. Identifying and assessing the criticality of the ‘chain’ of activities involved is a project in itself, but defining, collecting, and reporting on the right metrics on an ongoing basis would require purpose built infrastructure.

As they stand, the rules under consultation require firms to produce a detailed end-to-end mapping of processes, applications, and people, new and updated policies, standards and procedures. Testing of operational resilience programs will require significant effort from firms depending on the scale and complexity of operations, testing frequency, or level of integration required.

Alongside these operational changes, the regulators expect Boards and senior management to consider operational resilience when making strategic decisions. As a result, robust information tools are needed that incorporate metrics such as KRIs, KCIs or KPIs into informed strategic decision making.[7]


How firms currently manage their operational risks is undergoing a paradigm shift

Firms’ existing operational risk management is primarily informed by the Basel II’s capital requirements legislation[8]. Firms are required to hold Operational Risk Capital (ORC) against aggregate operational risks calculated largely against quantifiable, historical ‘loss events’ (i.e. how much money was lost, and for what reason) and the RCSA[9] scores based on the adequacy of the controls designed to prevent those losses.

Basel II’s more sophisticated, model-based, advanced measurement approach (AMA) has been widely criticised as being difficult to implement and ineffective – leading many firms to default to the simpler Basic Indicator Approach (BIA) rather than invest in the infrastructure to support the AMA and eat the increased capital charges the BIA entails.

As a result, most operational risk scenarios have been largely event-driven e.g. what happens if the trade reconciliation system goes down. Firms largely don’t attempt to track what would happen if that system deteriorated by 20% for example.

This is the key difference in approach between the proposed operational resilience rules and existing frameworks. Where traditional operational risk management is much more siloed and vertical, operational resilience requires a much more holistic, and horizontal, approach internally.

Taking an end-to-end view of the ‘chain’ of activities that make up a service and its associated controls, means tracking the entirety of the inputs and outputs from front to back across business lines, middle and back offices, and 3rd party suppliers and outsourcing (e.g. from sales to execution to settlement).

As a result, analysing the impact of a deterioration in control effectiveness requires data infrastructure and risk management software designed for the purpose that can incorporate the relevant metrics (e.g. volume, uptime, etc.) and track the impact of changes across downstream processes.

Given many firms have challenges managing end-to-end business flows on a BAU basis without significant manual manipulation of data as they are so complex and fractured, there will likely be significant challenges around defining and delivering resilience thresholds which meet the regulatory requirements as the data sets underpinning such thresholds will also be complex and fractured.

Basel II’s system is now being overhauled with the new Standardized Measurement Approach (SMA) under Basel III regulations, now[10] due 2023. As a result, banks will need to ensure their internal loss data is as accurate and robust as possible to substantiate their calculated ORC.

How this system meshes with the operational resilience rules is an open question for the industry. Can they be aligned? or will firms be doomed to operate multiple and potentially conflicting risk frameworks?


Movement to the cloud needs purposeful development of operational resilience capabilities

The regulators are clear about how they see the future of Financial Institutions – they should be deeply interconnected with the regulators and be able to provide the data they need ‘on tap’. The move towards more granular, end-to-end views of operational resilience needs to be seen as a continuation of this objective.

According to ORX, the international operational risk management association:

“Risks are becoming more interconnected and traditional operational risk management is not suited to manage them … we have tools, we have tactics, we have value, but that we lack a strategy. We need a strategy to deal with the changing risk horizon, new business models, changing technology and, most of all, new expectations from senior management.”[11]

These are issues the UK regulators understand deeply, however, the Operational Resilience proposals need to be seen in the broader regulatory context. In the UK, the industry spends £4.5 billion in regulatory reporting, but the BoE wants to move towards a more integrated system.

“supervisors now receive more than 1 billion rows of data each month… the amount of data available in regulatory and management reports now exceeds our ability to analyse it using traditional methods.”[12]

As a result, the BoE has tabled proposals to pull data directly from firms’ systems or use APIs to ‘skip the middleman’ and go directly to source[13].

The drive towards innovation and digital transformation means the industry is aggressively moving towards wholescale cloud adoption. As firms such as a Blackrock, Lloyds, sign strategic partnership deals with Google, Microsoft or other cloud providers, in 2020, cloud technology is seen as a real, scalable and safe option for Financial Services.

While cloud security is a well-known concern, firms need to ensure that their cloud-based operating models are not only safe and secure, but address the capabilities required for operational resilience testing. Investment in frameworks and data analytics that can support these capabilities are essential – but should not be limited to purely operational resilience objectives.

Cloud adoption is a huge opportunity for firms to build ‘green field’ infrastructure that can not only support digitisation and business transformation objectives but also support ever increasing data requirements – regulatory or otherwise. The ability to handle and trace iterative regulatory requirements for new data sets need to be built into the fabric of firms’ operating models not just for compliance purposes but to track the impact of that compliance.


How many firms have today a consolidated view of their anti-financial crime, information security, or other non-financial or compliance risks, the resources devoted to their management, or the management information on tap to support decision making? It is clear firms need the right infrastructure and tools to support the granularity, and traceability of these data sets.

Real investment in operational risk data capabilities can yield significant business benefits – not just in the reduction of material risk and future spend on compliance, but as an invaluable source of internal intelligence for resource and business optimisation.

Top-of-the-line risk data positions Financial Institutions to further build out capabilities such as big data analytics, correlation and root cause analysis, and predictive risk intelligence.

However, in the face of the current pandemic, competing challenger institutions, market disruption, and the uncertainties of the future – the ability for firms to provide evidence they are robust and resilient organisations will give them a real competitive advantage as clients seek resiliency as core requirement in their banking/FMI partners.

Ultimately, the most important benefit a robust operational resilience framework can give firms is trust – from both customers and regulators.


[1] Risk.Net, March 2020, ‘Top 10 operational risks for 2020’

[2] Elena Pykhova, 2020, ‘Operational Risk Management during Covid-19: Have priorities changed?’

[3] House of Commons & Treasury Committee, October 2019, ‘IT failures in the Financial Services Sector’

[4] Bank of England & FCA, 2018, ‘Building the UK financial sector’s operational resilience’

[5] Bank of England/PRA, December 2019, ‘CP29/19 Operational resilience: Impact tolerances for important business services’

[6] Bank of England/PRA, December 2019, ‘CP30/19 Outsourcing and third party risk management’

[7] Key Risk Indicators, Key Control Indicators, and Key Performance Indicators respectively.

[8] There are a whole host of regulations that impact operational risk management in a variety of ways such as CPMI-IOSCO Principles for Financial Market Infrastructures, the G7 Fundamental Elements of Cybersecurity for the Financial Sector, the NIST Cybersecurity Framework, ISO 22301, the Business Continuity Institute (BCI) Good Practices Guidelines 2018.

[9] (Risk Control Self Assessment)

[10] Delayed by a year as a result of Covid 19

[11] ORX, September 2019, The ORX Annual Report,

[12] Bank of England, June 2019, ‘New Economy, New Finance, New Bank: The Bank of England’s response to the van Steenis review on the Future of Finance’

[13]  Ibid


“Risks are becoming more interconnected and traditional operational risk management is not suited to manage them” –

ORX, The operational risk management association



Taking an end-to-end view of the ‘chain’ of activities that make up a service and its associated controls, means tracking the entirety of the inputs and outputs from front to back across business lines, middle and back offices, and 3rd party suppliers and outsourcing (e.g. from sales to execution to settlement).


Given many firms have challenges managing end-to-end business flows on a BAU basis without significant manual manipulation of data as they are so complex and fractured, there will likely be significant challenges around defining and delivering resilience thresholds which meet the regulatory requirements as the data sets underpinning such thresholds will also be complex and fractured.


“firms need to ensure that their cloud-based operating models are not only safe and secure, but address the capabilities required for operational resilience testing. Investment in frameworks and data analytics that can support these capabilities are essential”


No-one anticipated a situation of near total remote working that the pandemic has called for – even in extreme scenarios.


Real investment in operational risk data capabilities can yield significant business benefits – not just in the reduction of material risk and future spend on compliance, but as an invaluable source of internal intelligence for resource and business optimisation.


Nick Fry
Reg Change, Data SME, RegTech Propositions

Experienced financial services professional and consultant with 25 years’ experience in the industry. Extensive and varied business knowledge both as a senior manager in BAU and change roles within investment banking operations and as a project delivery lead, client account manager, practice lead and business developer for consulting firms



Alaric Gibson
Reg Change, Data SME, RegTech Propositions

Analyst with expertise in regulatory analysis and implementation, customer reference data management, and data driven transformation & delivery. Has worked for a number of RegTech start-ups within Capital Markets.



Scaling a cyber-security FinTech with our interim COO leadership

"Leading Point have been instrumental in helping us cover our COO needs at a critical stage for the business from a product readiness and a go-to-market perspective. They have developed our client implementation capability with fit-for-purpose processes, systems and methodologies, significantly improving our engagement with our target customers and our time to market. We look forward to our continued alliance with Leading Point as our implementation partner to help us grow in the right way."

CEO @ Information & Cyber Risk Startup

Time to Reset?

We see the varnish from the old oil painting of government, enterprise, business and leadership fade a bit every day. 2020 has already shown us how interconnected our world has become - a true Butterfly Effect. Interconnectivity is not a bad thing. It is the fragility, the brittleness of modern economies that is cause for concern. I believe this is a result of critical imbalances we have allowed to build up, without questioning. Now as the varnish from the old oil painting comes off, we have a once in a decade opportunity to reset and tackle these imbalances. To make bold brush strokes.

Where can we start?

Big Government or Small?

Do we need a Big Government or Small? The term ‘Big Government’ here is not intended to be derogatory. We see national priorities and decisions that don’t match that of the city, the village, or the council. Great plans and budgets that don’t translate into change on the ground. Equally, in the face of this crisis, we see barriers breaking down. A C-19 COVID Symptom tracker app, which each of us can use, allows a judicious allocation of scarce testing and treatment resources at a national and grassroot level. The opportunity is to examine the flow from the national to the level of council. Provide transparency and allow engagement. If it doesn't exist it should be created. Direct channels for us citizens to highlight problems, propose solutions, be data-driven and monitor implementation. It is not a question of a big government versus small. It is one that works transparently that matters.

Public or Private Sector Enterprise?

A key debate going into 2020 was about which sector provides a better service, is more efficient with resources - private or public sector enterprise? Think about the NHS, Transport, Energy, Manufacturing, Financial Services, Agriculture, Technology and Utilities. Healthy arguments and examples are cited to show the merits of both public and private sector. I believe the public-private argument completely misses the point. Whether an enterprise provides a good service or poor, spends judiciously or not is not down to public or private sector. It is down to some key principles - how it is governed, how accountable is its team and partners, does it know what good service looks like and is it equipped to provide these services. Enterprises can be funded by either public or private sector resources. The opportunity ahead is in data and tech enabled service delivery models, going digital. And public-private collaboration funding models can ignite innovation and value added services. The key to provide good service is not public or private sector, it is to provide a good service!


Role of Business

Businesses are standing out in two ways in these times. Those that care about their employees and partners and are doing their bit to help their communities and those that pretend to. People will remember businesses that care. Those that don't, will fall out of favour. That most of our essential "front line" staff in the face of a pandemic are paid low/ minimum wages is cowardly. It shows the scale of imbalances we have allowed to build up and seem to be comfortable with. Colleagues in maintenance, cleaning, nursing, restaurant, retail, agriculture, driving, security, manufacturing and teaching professions amongst others need to be compensated fairly. The opportunity here is to go after skewed compensation models, unviable business models and poor productivity with vigour. The tax structures reportedly exploited by big tech and conglomerates are ripe for reform and become principle driven. Likewise business owners having billions and calling for government bailouts or larger profitable companies using furlough schemes to offload their responsibilities to the public should face the consequence. This is a failure of law and the will of successive governments. Let us get it right this time. Bashing businesses and entrepreneurs is not the answer. They are born from the risk-reward equation and are the lifeblood of any economy.

Lessons in Leadership

As much as it is tempting to draw leadership lessons from the current pandemic, they are unique to the situation and not a one size fits all. But I find the war analogy somewhat flawed. The chancellor of the exchequer, Rishi Sunak said “we will be judged by our capacity for compassion and individual acts of kindness” – does that sound like a war? If anything, the lesson for future leaders is to be that much more focused on ensuring their team’s wellbeing, ensuring they are equipped with relevant resources. Good leaders will understand the importance of the informal and the invisible stuff – collaboration, unconventional thinking, meaningful conversations and problem solving over formal organisation structures. The world we have to navigate in is increasingly unpredictable and non-linear, command and control team structures and top-down change will not work.

Everyday we are seeing concrete examples of what is working in business, government and leadership and what is not. We can allow 2020 to be one mired in tragedy, lost lives, lost livelihoods and failed businesses or we can seize the once in a decade opportunity to reset and create the government, the enterprise, the business and leaders that we want and have lacked for some time. This is within reach.

What steps do you think will help create better business, government and leaders?

Please feel free to comment and share. Keep well!

Change leader with over 20 years’ experience in helping financial markets with their toughest business challenges in data, operating model transformation in sales, CRM, Ops, Data, Finance & MI functions, and delivery of complex compliance, front-to-back technology implementations. Significant line experience. Former partner in management consulting leading client solution development, delivery and P&L incl. Accenture. Specialities – Operating Models, Data Assets, Compliance, Technology Partnerships & Solutions in Capital Markets, Market Infrastructure, Buy-Side, Banking & Insurance.

"2020 has already shown us how interconnected our world has become - a true Butterfly Effect."

"It is not a question of a big government versus small. It is one that works transparently that matters."

"Businesses are standing out in two ways in these times. Those that care about their employees and partners and are doing their bit to help their communities and those that pretend to."


"We can allow 2020 to be one mired in tragedy, lost lives, lost livelihoods and failed businesses or we can seize the once in a decade opportunity to reset and create the government, the enterprise, the business and leaders that we want and have lacked for some time"


Reimagining trading platform support: Who's supporting you through turbulent times?

Trading platform support is, and has been, going through some heavy changes. It’s a changing world we live in and even putting the current situation to one side (we know it’s difficult but let’s try) it’s worth noting how cost reduction, market consolidations, and changes in approach, etc. have changed the landscape for how trading platforms are supported.

Good front line support for trading platform functionality is now more difficult to access and slower to respond resulting in fewer issues actually being resolved.

Changes in focus from vendors has meant the trading industry has had to come up with, let’s face it, a compromise, to ensure their businesses can continue to operate ‘as normal’. There are many new normals across all industries and sectors at present, but the trading world is highly arcane in nature and therefore any change is difficult for traders and salespeople alike. This has translated into moves towards other models like ‘Live Chat’ style support, which some find impersonal, with fewer experienced people showing up regularly at client sites.

At the sharp end this can mean less voice support and a reduction in face to face support resulting in declining reassurance for users from regular contact with the ‘floorwalkers’. Some trading platform users have found that trading support has been neglected and their experience has suffered as a consequence.

For instance, a Waters Technology article, published last year, reported one Fidessa user citing difficulties with issue resolution:

“It seems like they’ve lost the ability to distinguish between a general issue and an urgent issue that needs to be resolved because it’s putting our clients at risk. We’ve had some issues that have been sitting with them for months.”

Obviously this is a sub-optimal ongoing predicament to be in. Whether due to cost savings, staff attrition rates or other reasons – the provision of first line support has deteriorated.

Even so, the cost of support to a trading firm remains constant in real terms. But in terms of what they get in return, it effectively becomes an added overhead translating to something with a diminishing return.

Added to these ongoing, and somewhat reluctantly accepted concerns, new uncertainties are pushing themselves to the forefront of users minds. The big one currently of course are the changes companies and staff are having to make now to their working arrangements in relation to the current climate and the need to maintain a distributed workforce.

Uncertainties around this mean that some in this space now acknowledge a real need for flexibility and better business continuity planning and scalability options (there have been significant spikes in volumes and volatility) in the approach to providing support for users. One just needs to look at the increasing number of LinkedIn or Facebook posts of people attempting to replicate their office desk at home to see the level of impact.

All of the above factors appear to be leading to a dawning realisation for many trading platform users for two necessary changes:

  • A higher degree of self-sufficiency for navigating a platform and making full use of its features.
  • Fast and reliable turnaround for resolving complex issues and being trained in new functionality without the necessity to call upon a fixed cost resource pool.

So what is the obstacle here?

Think about applications like Word or Excel. How many people who regularly use applications such as these are proficient in just enough to enable them to carry out their daily job? Many of these people are probably utilising less than ten percent of what the application offers and therefore unable to identify avoidable bottlenecks and efficiency gains no matter how simple to implement – 90% of the potential benefits remain unused, an ‘unknown unknown’.

With such a wealth of functionality offered, knowing what *really* matters requires an understanding of both the application and your specific needs.

The same can be said for trading functionality; untapped opportunities for improved workflows are lying undiscovered and unutilised before users’ eyes. Comprehensive support and training in existing and new functionality can pave the way for users to discover that potential including, dare we say, the opportunity of alpha generation due to the possibility of speed of use through innate familiarity.

Communication and tailored collaboration with knowledgeable and experienced support teams is essential. Targeted, independent and focused front line support available from experienced outsourced providers presents a viable support proposition for platform users, wherever you sit in the organisation.

At Leading Point we are not only able to react to issues quickly but also know the information you are looking for (often before you need it) that will make a real difference to your daily trading platform experiences. With an innate ability to speak your ‘language’ we can provide seamless communication. All of this underpinned by an always available service when you and your users need it most.

  • Imagine an innovative trading support experience comprising an equally innovative commercial model enhancing an entire trading platform experience.
  • Imagine the knowledge your users can benefit from through such a collaboration and the degree to which that benefit is passed on to clients
  • Imagine, through the unlocking of that untapped potential, your regular users becoming super users

The time for change is NOW. If you’d like to get in touch, we would be delighted to tell you more about the potential benefits to you and your firm.


Untapped opportunities for improved workflows are lying undiscovered and unutilised before users’ eyes.


Good front line support for trading platform functionality is now more difficult to access and slower to respond resulting in fewer issues actually being resolved.


“It seems like they’ve lost the ability to distinguish between a general issue and an urgent issue that needs to be resolved because it’s putting our clients at risk.”

Legal Technology in FS – The need for a new legal services operating model

Law, data, machines – these are not words that historically have had much to do with one another.

However, as the number of laws increases, communications traffic increases, and, as the fabric of the law can be read by machines, the interaction between these words will become ever more important.

90% of data in the world has been created in the last two years – and it’s not slowing down. [1]  As regulation increases, the ability of financial institutions to manage the legal risk flowing from that regulation becomes ever more challenged.  The resources being devoted to this increase every year and lawyers are starting to turn to technology to assist.

Recent research[2] found 82% of General Counsel have introduced various forms of technology into their department but 60% of lawyers don’t understand how that technology could help them.  This, at a time where the pressure on resources (both human and financial) means that there is a real need for technological assistance.

The regulatory environment has imposed an unprecedented burden on firms.  Legal risk has become increasingly complex and difficult to manage but is under-examined and often poorly understood.  Due to the massive technological, political, regulatory and cultural shift over the past 30 years, the model by which we manage legal risk is outdated. This has led to increased fines, customer loss and higher operational costs at the least.

Poor management of data results in missed opportunities and increased costs as businesses rerun regulatory change and other projects.  Effective management and exploitation of legal data could provide new business opportunities in addition to saving costs for business as usual (BAU).  There needs to be a more formalised data flow between Business and Legal, leading to an effective and efficient end-to-end framework.

The in-house legal model needs to change.  Technology can help.

But while the market is saturated with ‘RegTech’ and other legal solutions, these are disparate point solutions that do not address the underlying issues.  Lawyers are reluctant to spend time training machines unless results are proven.  This reluctance has resulted in suboptimal take up of the various solutions.

Machines are best at repetitious, low level tasks.  Much of the law is to do with context, relationships between ideas and situations and nuance at which humans are better.  While the race is on for machines to solve the problem of unstructured data, a tool pointed currently at the unstructured data lake that is ‘legal data’ results in unhelpful returns.

A new legal services operating model is needed to diminish the disjointed nature of legal and business issues.  This new operating model needs to take into account not only new technology, but also the underlying data efficiencies to appropriately assemble and deploy solutions seamlessly across legal and business units.

Firms can gain most value by structuring data to best deploy legal technology.  If firms do not make decisions about these issues now they will find themselves trapped in a never-ending loop of manually adjusting data to achieve the required results.

The hardest part of adoption of an “in the round” solution is implementing a framework within the firm which allows the various legal software tools to work optimally. A clear pathway needs to be created to reduce silos, create standards, appoint golden sources and create an enterprise architecture.

Law, data and machines can all work together successfully but it will take vision and hard work.


[This is part 1 of a 10 part series where we will consider the role of Legal Technology within Financial Services, how it can and should be applied, and what a ‘utopian’ target operating model for in-house legal departments looks like in FS]


[1] Presentation by Dr Joanna Batstone, VP IBM Watson & Cloud Platform, Legal and Technology Procurement 2018 – Thomson Reuters conference 8 November 2018

[2] Legal Technology: Looking past the hype, LexisNexis UK, Autumn 2018


There needs to be a more formalised data flow between Business and Legal, leading to an effective and efficient end-to-end framework.


A new legal services operating model is needed that takes into account not only new technology, but also the underlying data efficiencies to appropriately assemble and deploy solutions seamlessly across legal and business units.


the market is saturated with ‘RegTech’ and other legal solutions, these are disparate point solutions that do not address the underlying issues.


LIBOR: Manual Approaches are no Longer Enough to Manage FS Legal Data

The transition away from LIBOR is the biggest contract remediation exercise in Financial Services history – and firms are under prepared.

As the Bank of England and FCA lays out in bold font, in their January 2020 letter to CEOs, “LIBOR will cease to exist after the end of 2021. No firm should plan otherwise.”[1] As a result, Financial Institutions have very little time to reduce their “stock of legacy LIBOR contracts to an absolute minimum before end-2021”.

The challenge is this:

1. Firms have to find every reference to IBORs embedded in every contract they hold.

2. Update each contract with fallback provisions or to reflect the terms of the alternative reference rate they are migrating to.

3. Communicate the results with clients


This is much easier said than done due to the sheer scale of the task.

LIBOR’s retirement has the potential to impact over US$ 350 trillion of contracts and will require all LIBOR transactions (estimated at over 100 million documents) to be examined and most likely repapered. LIBOR is embedded in far more than just derivative contracts. Every asset class is affected; from mortgages and retail loans, to commodities, bonds or securities. The resolution of Lehman Brothers after 2008 gives some idea of the scale of the repapering effort for each firm – Lehman was party to more than 900,000 derivatives contracts alone.

The scope of the problem is part of the problem. Hard numbers are difficult to come by as no-one really knows exactly what their exposure is, or how many contracts they need to change.

Current estimates say large banks’ may be exposed to more than 250,000 contracts directly referencing LIBOR maturing after 2021, and indirectly exposed to many thousands more embedded in servicing activities, supplier agreements or more.

Only 15% of Financial Institutions are ready to deal with this volume of contract remediation, deal restructuring, and repapering activities required for the scale of their legacy contract back-book.[2] Fourteen of the world’s top banks expect to spend more than $1.2 billion on the LIBOR transition[3].


To approach the LIBOR transition manually will likely require years of man-hours and cost millions of dollars, with significant potential for human error


There are a wide variety of risks to consider.

But it’s not as straightforward as a ‘Find and Replace’ on legal terminology referencing LIBOR. Firms face huge operational, conduct, legal and regulatory risk arising from both the difficulties in managing the vast volumes of complex client contractual documentation but also the downstream impacts of that documentation having been changed.

Conduct Risk: In the UK, the Treating Customers Fairly (TCF) regime is particularly concerned with how customers are affected by firms’ LIBOR transition plans. Before contracts can be updated, firms will need to ensure that LIBOR linked products and services have ‘fair’ replacement rates that operate effectively.[1] Firms will also need to ensure that any changes made are applied across the entire customer ‘class’ to comply with TCF rules and avoid preferential treatment issues.

Legal Risk: There is a huge amount of legal risk arising from disputes in what interest rates should be paid out in amended agreements referencing alternative reference rates.[2] The ISDA protocol expected to be published in Q2 2020 should help with, but not solve, these problems.[3]

This is not to mention the legacy contracts that cannot legally be converted or amended with fallbacks – named by Andrew Bailey at the FCA as the ‘tough legacy’.[4] The UK Working Group on Sterling Risk Free Reference Rates (RFRWG) is due to publish a paper on ‘tough’ legacy contracts in the second half of Q1 2020.[5]

The realism of firms’ assessments of the number of contracts requiring renegotiation should be considered a legal risk in itself – a realised 10% increase in this number would likely incur serious, additional legal fees.

Prudential Risk: When the underlying contracts change, firms may find themselves in a position where suddenly the instruments they rely on for capital adequacy purposes may no longer be eligible - “This could result in a sudden drop in a bank’s capital position.” [6] For similar reasons, there are a number of Counterparty Credit, Market, Liquidity, and Interest Rate Risks that will need to be reflected in firms’ approaches.

Regulatory Risk: Regulators are closely monitoring firms’ transition progress – and they are not happy with what they are seeing. Financial Policy Committee (FPC) stated in January, 2020, has made clear that they are ‘considering’ the supervisory tools that authorities could use to “encourage the reduction in the stock of legacy LIBOR contracts to an absolute minimum before end-2021.”[7] This is regulatory code for ‘we will either fine or increase the capital requirements for firms we judge to be dropping the ball’. The PRA and FCA laid out their expectations for the transition in June 2019 – this is required reading for any LIBOR transition project manager.[8]


It’s not as straightforward as a ‘Find and Replace’ on legal terminology referencing LIBOR


What this means for firms is that they need:

1. The capability to quantify their LIBOR exposure – Firms need a good understanding of their LIBOR contractual exposure that can quantify a) firms’ contractual population (i.e. which documents are affected) b) the legal, conduct and financial risk posed by the amendment of those documents

2. The ability to dynamically manage and track this exposure over time – As strategies evolve, the regulatory environment changes, and new scenarios develop, so will firms’ exposure to LIBOR change. Without good quality analytics that can track this effectively, in the context of this massive change project, firms will be strategically and tactically ‘flying blind’ in the face of the massive market shifts LIBOR will bring about.

3. The capability to manage documentation - Jurisdictional, product, or institutional differences will necessitate large client outreach efforts to renegotiate large populations of contracts, manage approvals & conflict resolution, while tracking interim fall-back provisions and front office novation of new products to new benchmarks.

Accomplishing the above will require enterprise-wide contract discovery, digitisation, term extraction, repapering, client outreach and communication capabilities – and the ability to tie them all together in a joined-up way.

To approach the LIBOR transition manually will likely require years of person-hours and cost millions of dollars, with significant potential for human error.


Accomplishing the above will require enterprise-wide contract discovery, digitisation, term extraction, repapering, client outreach and communication capabilities – and the ability to tie them all together in a joined-up way


LIBOR cannot be treated as ‘just one more’ repapering exercise.

Firms are continually hit with new requirements which require the update, negotiation and amendment of client contracts.

The reaction is always the same: Scramble to identify the documents impacted, outsource the thornier problems to external legal, and hire huge teams of consultants, remediation armies and legal operations to handle the contract updates and communications with counterparties.

Once complete - often months past the deadline - everyone stands down and goes home. Only to do the same thing again next year in response to the next crisis. While this gets the job done, there are number of problems with this project by project approach:

1. It’s inefficient: Vast amounts of time (and money) is spent just finding the documents distributed around the business, often in hard copy, or locked away in filing cabinets.

2. It’s expensive: External legal, consultants and remediation shops don’t come cheap – especially when the scope of the project inevitably expands past the initial parameters.

3. It’s ineffective: Little to no institutional knowledge is retained of the project, no new processes are put in place, and documents continue to get locked away in filing cabinets - meaning when the time comes to do it again firms have to start from scratch.

When you look at the number of major repapering initiatives over the past 10 years the amount of money spent on repapering projects is monumental. In the EU alone, regulations such as MiFID II, EMIR, GDPR, PPI, FATCA, Brexit and AIFMD have each required a huge repapering project. In 2020, LIBOR, Initial Margin Rules and SFTR will each require contract remediation programmes.

Doing ‘just another’ repapering exercise for LIBOR is a risky mistake. There is a better way.

Smarter data management and enabling tech solutions can help identify, classify and extract metadata from the huge volumes of LIBOR impacted documents at speed. The ability to extract and store contractual information as structured information at this scale allows firms’ the essential capabilities to understand and track their LIBOR exposure, assign priorities and maintain flexibility in a changing situation.

Firms that have fuller visibility of their legal contract information, retained as structured data, can avoid 80% of the typical repapering process, and focus their efforts on the remaining, critical, 20%.[1] The time spent manually identifying contractual needs, can be reallocated to the areas that matter, freeing up legal resource, budget, and project timelines – while simultaneously improving client relationships.

This should not be seen just as a repapering enabler, but a strategic capability. The opportunities afforded through data mining firms’ contractual estate for analytics are vast.


Doing ‘just another’ repapering exercise for LIBOR is a risky mistake. There is a better way


One possibility is the ability to connect contracts directly to trades. To accurately model the financial risk firms’ portfolios are exposed to via LIBOR when transitioning to a new rate, they will need a way to directly link, for example, multiple cash and derivative contracts to a single client. Firms are still a long way from this capability – but there are a growing number of sophisticated artificial intelligence solutions that can begin to address these types of use-cases.

Firms that build these capabilities now will materially reduce their risk exposures, improve liquidity and funding, build trust with their clients and be much better equipped to meet other pressing regulatory requirements such as Brexit, SFTR, CRD 5/6, Initial Margin (IM) rules, QFC and more.


[1] ‘Next steps on LIBOR transition’, January 2020, FCA & PRA
[2] 2019 LIBOR Survey: Are you ready to transition?, September 2019, Accenture.
[3] ‘The end of Libor: the biggest banking challenge you've never heard of’, October 2019, Reuters.
[4] Firms will also need to consider whether any contract term they may rely on to amend a LIBOR-related product is fair under the Consumer Rights Act 2015 (the CRA) in respect of consumer contracts. FG18/7: Fairness of variation terms in financial services consumer contracts under the Consumer Rights Act 2015 contains factors that firms should consider when thinking about fairness issues under the CRA when they draft and review unilateral variation terms in their consumer contracts.
[5] Litigation risks associated with Libor transition:
[6] UK Working Group on Sterling Risk-Free Reference Rates (RFR WG) 2020 Top Level Priorities.
[7] LIBOR: preparing for the end,
[8]  UK Working Group on Sterling Risk-Free Reference Rates (RFR WG) 2020 Top Level Priorities.
[9] Letter from Sam Woods: The prudential regulatory framework and Libor transition, Bank of England,
[10] ‘Next steps on LIBOR transition’, January 2020, FCA & PRA
[11] ‘Firms’ preparations for transition from London InterBank Offered Rate (LIBOR) to risk-free rates (RFRs): Key themes, good practice, and next steps.’, June 2019, FCA & PRA
[12] MiFID II – the long tail of legal documentation repapering,


Intersecting the Old World with the New

It has always been a challenge for large corporations to adopt change.  There is constant change being experienced at all institutions but, despite the appetite for change, the size of an organisation often hamstrings its ability to execute on innovative initiatives.

So, what differentiates those who can deliver successful change versus those who cannot?  In one word: Execution!

Execution is the biggest differentiator between small, agile and nimble businesses and their much larger counterparts.  Even if you put to one side the classic large corporate roadblocks (such as organisational complexity and bureaucracy), it’s clear that those who decide to take the leap of faith and try to change the world by starting their own businesses seem to be able to avoid and, often, ignore convention to deliver significant change.

Innovation in large organisations must pass through many layers of change management and control which frequently ties the hands of those who are the agents of change. Equally frequently, organisational politics have an adverse impact.  This is not true of ‘Upstarts’.

‘Upstarts’ break the glass ceiling of ‘the norm’ to create change by significantly improving an existing system or reinventing a process, convention, etc.  But one must question why it is easier for Upstarts to achieve significant change where larger organisations struggle and fail to achieve the same success.

Is it because Upstarts have more skills or able people to execute change?  Probably not, although one must believe Upstart people form a more focused collective.  It’s much simpler than that – it’s a matter of having the time and inclination to apply that collective focus to the achievement of a single objective.  Having, as a sole objective, creating and delivering industry augmenting technology will result in an executable product roadmap and realistic delivery timelines.

Execution is the biggest differentiator between small, agile and nimble businesses and their much larger counterparts

However, there is one area in which large corporates have the upper hand: domain expertise.  Upstarts, by virtue of their size, generally do not have the breadth of expertise of larger organisations.  There are many Upstarts who are capable and indeed do produce top of the line tech solutions.  However, often these same single solutions providers (focus!) struggle to appreciate and navigate the vast array of problems large FS organisations are looking to address. Due to these information gaps, solutions can often result in not being fully fit for purpose and therefore hinder an Upstarts ability to precisely satisfy the needs of large FS corporates.

In addition, large organisations have deep pockets.  This allows them to research and develop solutions internally or to attract external innovation by setting up Innovation Labs, or both.  The main objective of these Labs is to experiment with and identify the kind of innovation that will create competitive advantage.  Upstarts may find themselves part of the Innovation Lab or even acquired in the process.

While Innovation Labs may ensure large players don’t get left behind, there is a big opportunity being missed.  This is the integration of external innovation with internal processes and capabilities.  Acquisitions should be aligned with internal use cases i.e. known (or guessed at) issues with existing business workflows such as efficiency gains.  The main reason seems to be that each is located in its own silo.

Having, as a sole objective, creating and delivering industry augmenting technology will result in an executable product roadmap and realistic delivery timelines

So internal use cases (areas in need of improvement and change) are not connected to potential external innovative solutions.  And this is not to speak of the bigger challenge which is to identify those use cases in the first place.  This raises a number of questions:

  • Does the right type of resource exist?
  • Can available internal staff ask the right questions?
  • Is an independent party better placed to conduct such an exercise?
  • Will this be prevented by internal politics?
  • Who’s going to pay for the work?
  • Who’s going to take ownership?
  • … and the list goes on.

Successful organisations engage the right people at the right level internally as well as identify and breakdown the ability of Upstarts to address wide ranging and often long-standing issues.  This takes a certain type of skill set including

  • The ability to face off across the corporate spectrum
  • Applying the correct level of domain expertise and insight, and
  • The ability and expertise to collaborate with Upstarts; to name but a few.

Entrepreneurs, especially the good ones, know that if failure is to happen, it happens fast.  This requires the ability to EXECUTE. 

The common thread: entrepreneurship. Why?

Entrepreneurs, especially the good ones, know that if failure is to happen, it happens fast.  This requires the ability to EXECUTE.  Getting the job done is very high on the agenda for any entrepreneur.  Lateral and cohesive thinking is also vital.  Steve Jobs once said, “creativity is just merging things” and entrepreneurs do this better than anyone and tend to find ways through means others don’t or won’t pursue through such approaches as marginal gains.

Entrepreneurs don’t have all the answers. Not at all.  But to bridge the gap between larger, more conventional-minded organisations and newer Upstarts, one must have the ability to “intersect the old world with the new”.  An excellent example of this was the event we ran Data Innovation Uncovered and the work we continue to do in the FinTech space including in Enterprise Blockchain and Client Lifecycle Management.

We love to talk about this intersection and encourage free and open conversation so please feel free to get in touch to share your thoughts or indeed to hear more of ours.

To bridge the gap between larger, more conventional-minded organisations and newer Upstarts, one must have the ability to “intersect the old world with the new”

LIBOR Transition - Preparation in the Face of Adversity


What is it?  FCA will no longer seek require banks to submit quotes to the London Interbank Offered Rate (LIBOR) – LIBOR will be unsupported by regulators come 2021, and therefore, unreliable

Requirement: Firms need to transition away from LIBOR to alternative overnight risk-free rates (RFRs)

Challenge: Updating the risk and valuation processes to reflect RFR benchmarks and then reviewing the millions of legacy contracts to remove references to IBOR

Implementation timeline: Expected in Q4 2021



Front office: New issuance and trading products to support capital, funding, liquidity, pricing, hedging

Finance & Treasury: Balance sheet valuation and accounting, asset, liability and liquidity management

Risk Management: New margin, exposure, counterparty risk models, VaR, time series, stress and sensitivities

Client outreach: Identification of in-scope contracts, client outreach and repapering to renegotiate current exposure

Change management: F2B data and platform changes to support all of the above



Plug in to the relevant RFR and trade association working groups, understand internal advocacy positions vs. discussion outcomes

Assess, quantify and report LIBOR exposure across jurisdictions, businesses and products

Remediate data quality and align product taxonomies to ensure integrity of LIBOR exposure reporting

Evaluate potential changes to risk and valuation models; differences in accounting treatment under an alternative RFR regime

Define list of in-scope contracts and their repapering approach; prepare for client outreach

“[Firms should be] moving to contracts which do not rely on LIBOR and will not switch references rates at an unpredictable time”

Andrew Bailey, CEO,
Financial Conduct Authority (FCA)

“Identification of areas of no-regret spending is critical in this initial phase of delivery so as to give a head start to implementation”

Rajen Madan, CEO,
Leading Point FM


  • Market Exposure - Total IBOR market exposure >$370TN 80% represented by USD LIBOR & EURIBOR
  • Tenor - The 3-month tenor by volume is the most widely referenced rate in all currencies (followed by the 6-month tenor)
  • Derivatives - OTC and exchange traded derivatives represent > $300TN (80%) of products referencing IBORs
  • Syndicated Loans - 97% of syndicated loans in the US market, with outstanding volume of approximately $3.4TN, reference USD LIBOR. 90% of syndicated loans in the euro market, with outstanding volume of approximately $535BN, reference EURIBOR
  • Floating Rate Notes (FRNs) - 84% of FRNs inthe US market, with outstanding volume of approximately $1.5TN, reference USD LIBOR. 70% of FRNs in the euro market,with outstanding volume of approximately $2.6TN, reference EURIBOR
  • Business Loans - 30%-50% of business loans in the US market, with outstanding volume of approximately $2.9TN, reference USD LIBOR. 60% of business loans in the euro market, with outstanding volume of approximately $5.8TN, reference EURIBOR

*(“IBOR Global Benchmark Survey 2018 Transition Roadmap”, ISDA, AFME, ICMA, SIFMA, SIFMA AM, February 2018)


Data Innovation, Uncovered


Leading Point Financial Markets recently partnered with selected tech companies to present innovative solutions to a panel of SMEs and an audience of FS senior execs and practitioners across 5 use-cases Leading Point is helping financial institutions with. The panel undertook a detailed discussion on the solutions’ feasibility within these use-cases, and their potential for firms, followed by a lively debate between Panellists and Attendees.


“There is an opportunity to connect multiple innovation solutions to solve different, but related, business problems”

  • 80% of data is relatively untapped in organisations. The more familiar the datasets, the better data can be used
  • On average, an estimated £84 million (expected to be a gross underestimation) is wasted each year from increasing risk and delivery from policies and regulations
  • Staying innovative, while staying true to privacy data is a fine line. Solutions exist in the marketplace to help
  • Is there effective alignment between business and IT? Panellists insisted there is a significantly big gap, but using business architecture can be a successful bridge between the business and IT, by driving the right kinds of change
  • There is a huge opportunity to blend these solutions to provide even more business benefits


  • Tamr uses machine learning to combine, consolidate and classify disparate data sources with potential to improve customer segmentation analytics
  • To achieve the objective of a 360-degree view of the customer requires merging external datasets with internal in a appropriate and efficient manner, for example integrating ‘Politically Exposed Persons’ lists or sanctions ‘blacklists’
  • Knowing what ‘good’ looks like is a key challenge. This requires defining your comfort level, in terms of precision and probability based approaches, versus the amount of resource required to achieve those levels
  • Another challenge is convincing Compliance that machines are more accurate than individuals
  • To convince the regulators, it is important to demonstrate that you are taking a ‘joined up’ approach across customers, transactions, etc. and the rationale behind that approach


  • iManage locates, categorises & creates value from all your contractual content
  • Firms hold a vast amount of legal information in unstructured formats - Classifying 30,000,000 litigation documents manually would take 27 years
  • However, analysing this unstructured data and converting it to structured digital data allows firms to conduct analysis and repapering exercises with much more efficiency
  • It is possible to a) codify regulations & obligations b) compare them as they change and c) link them to company policies & contracts – this enables complete traceability
  • For example, you can use AI to identify parties, dates, clauses & conclusions held within ISDA contract forms, reports, loan application contracts, accounts and opinion pieces


  • Io-Tahoe LLC is a provider of ‘smart’ data discovery solutions that go beyond traditional metadata and leverages machine learning and AI to look at implied critical and often unknown relationships within the data itself
  • Io-Tahoe interrogates any structured/semi-structured data (both schema and underlying data) and identifies and classifies related data elements to determine their business criticality
  • Pockets of previously-hidden sensitive data can be uncovered enabling better compliance to data protection regulations, such as GDPR
  • Any and all data analysis is performed on copies of the data held wherever the information security teams of the client firms deems it safe
  • Once data elements are understood, they can be defined & managed and used to drive data governance management processes


  • Ayasdi augments the AML process with intelligent segmentation, typologies and alert triage. Their topological data analysis capabilities provide a formalised and repeatable way of applying hundreds of combinations of different machine learning algorithms to a data set to find out the relationships within that data
  • For example, Ayasdi was used reason-based elements in predictive models to track, analyse and predict complaint patterns. over the next day, month and year.
  • As a result, the transaction and customer data provided by a call centre was used effectively to reduce future complaints and generate business value
  • Using Ayasdi, a major FS firm was able to achieve more than a 25% reduction in false positives and achieved savings of tens of millions of dollars - but there is still a lot more that can be done


  • Privitar’s software solution allows the safe use of sensitive information enabling organisations to extract maximum data utility and economic benefit
  • The sharp increase in data volume and usage in FS today has brought two competing dynamics: Data protection regulation aimed at protecting people from the misuse of their data and the absorption of data into tools/technologies such as machine learning
  • However, as more data is made available, the harder it is to protect the privacy of the individual through data linkage
  • Privitar’s tools are capable of removing a large amount of risk from this tricky area, and allow people to exchange data much more freely by anonymisation
  • Privitar allows for open data for innovation and collaboration, whilst also acting in the best interest of customers’ privacy


  • Encouragingly, over 97% of participants who responded confirmed the five use cases presented were relevant to their respective organisations
  • Nearly 50% of all participants who responded stated they would consider using the tech solutions presented
  • 70% of responders believe their firms would be likely to adopt one of the solutions
  • Only 10% of participants who responded believed the solutions were not relevant to their respective firms
  • Approximately 30% of responders thought they would face difficulties in taking on a new solution

Innovation is Not Perfect. Accept and Embrace It

ThushanThushan Kumaraswamy
Partner at Leading Point Financial Markets


It was my pleasure to attend Societe Generale's breakfast event on 9 November 2018 called "Implementing New Technologies" in Spitalfields, London on behalf of Leading Point Financial Markets. The event comprised of presentations about the FinTech innovation landscape and the use of Robotics Process Automation (RPA) in SocGen, followed by a panel discussion, hosted by Susanne Chishti, Founder of FinTech Circle.

Since there was so much good content and thinking at this event, I thought I would share my views on the event and how it ties to our propositions at Leading Point Financial Markets.

Do not ignore FinTech companies that are not 100% ready

There are thousands of FinTech (and RegTech, LegalTech, WealthTech, InsureTech, XYZTech!) companies just in the UK, let alone globally. Many of these are in different stages of their evolution.

Start-up Lifecycle

Source: The Startup Lifecycle

Financial services firms, especially larger firms, often resist adopting innovative technologies from companies who don't have a long record of existing clients. In such a fast-moving environment as FinTechs, this can mean losing out on the potential business benefits at a time when competition is squeezing margins and ever-increasing regulatory pressures are driving up costs.

Imagine being able to run a pilot or proof-of-concept for a small area of the business, with an identified strategy of goals and specific objectives, to demonstrate to the senior management team how such a new technology could be used to deliver real business benefits. This kind of pilot can be run in an agile fashion, but require business and IT teams are fully on-board and involved with the project. Since the scope is small, the resource commitment is also smaller than a normal implementation.

There is a significant opportunity for financial services firms who are willing to start these small-scale projects with innovation companies who might not be 100% ready (in the Validating or Scaling phases above) alongside implementation partners who know the technology, have the domain knowledge and understand operating models.

Don't automate a bad process

Robotics Process Automation (RPA) as a concept is easy enough to understand; computer programs (the "robots" or "bots"), using a set of pre-defined rules replicate what humans would do using computer systems in a repetitive fashion. For example, daily copying of client names from an Excel sheet to a CRM (Customer Relationship Management) system. This basic automation can free up the human workers to do more valuable work.

Rapid evolution of robotics

Source: Robots Join The Team

This is all good stuff. However, before jumping straight to implementing RPA solutions, it is worth considering what the business process is actually doing. Is this Excel-to-CRM method the best way of getting client details into the CRM system? Is it possible to improve the process first? As part of an RPA implementation, you should be looking at process improvement strategies first, then automating what is left. This way, you save on the number of bots you would need and increase the efficiency of the process as a bonus. Process experts can document existing processes and identify opportunities for improvement prior to any RPA technology implementation.

How does a bot change a password when accessing a core system?

There are some potential gotchas when using bots, like the above question, which can cause problems during day-to-day running. If a bot uses a specific login to access a core system and that login has a password expiry, what happens then? Is the bot expected to define a new password? Should a human get involved? Also, consider licences on existing software platforms; are there any clauses that prevent the use of bots? There may not be right now, but it is not difficult to foresee software companies bringing in new clauses to control the potential uptick of system usage through bots.

Panel Discussion: Selecting and Implementing New Technologies

Panel discussion

  • Susanne Chishti, Founder of FinTech Circle (Host)
  • Anthony Woolley, Head of Innovation, Societe Generale
  • Vasu Vasudevan, Digital Enablement Capbility Lead, Schroders
  • Richard Archer, Director, EY
  • Keith Phillips, Executive Director, The Investment Association and Velocity

The first question was about trends in innovation. The guests talked about the bleed of innovation between FinTechs, RegTechs, LegalTechs, but also into manufacturing and other industry sectors. The biggest topics being:

  • Artifical Intelligence (AI) and Machine Learning (ML)
  • Big Data
  • Cloud
  • Distributed Ledger Technology (DLT) / Blockchain
  • Social & Mobile
  • Robotics & Automation

As mentioned above, the twin drivers of competition shrinking margins and regulatory compliance increasing costs are forcing companies to come up with new ways of thinking. This may not come naturally to the larger, older financial services firms. They may have pockets of innovation but sometimes struggle to create a company-wide innovation culture.


The importance of customer-centricity was raised to a question on technological advancements. Building a single view of client will enable improved service to clients and increased revenue growth using data analysis across large cross-referenced data sets to be more specific with marketing and cross-selling.

An interesting question about how to bridge the gap between legacy platforms and new innovations was put to the panel next. It was noted that capacity is required to do this. How do companies get that capacity? By using technologies like RPA to free up people to generate this real value for the business.

Another technique is to use APIs (Application Programming Interfaces) as wrappers around your legacy platforms to make them easier to connect to other, more modern, applications. Using APIs turns your legacy platforms into building blocks that be linked together. A COBOL API can let other systems use the data held in the COBOL system, without the need for expensive COBOL programmers.

Intro to APIs

Source: Intro to APIs

This brings additional data protection concerns though, as customer data held in these legacy platforms may not have up-to-date data security and data protection applied to them and exposing the data through APIs could potentially increase risk of data loss.

A concern raised by the panel was about the use of RPA as a concrete sticking plaster rather than as a purely temporary fix for the use of legacy technology. The temptation is there once an RPA solution is doing its work, to leave it there rather than address the legacy platform.

The panel were asked about their top three technologies. The answers covered:

  • Data aggregation, clustering & consolidation
  • AI and ML
  • Blockchain
  • Data analytics (behavioural analysis for active asset management)
  • Digital passports (recording clients' digital identities)
  • Intelligent automation (robotics)
  • Unstructured to structured data
  • Document intelligence (text mining)
  • RPA
  • Collaboration tools in investment operations
  • Natural language processing (voice recognition)
  • Cloud (along with data and APIs)
Emerging Techs

Source: Top 30 Emerging Technologies

One important factor for digital was considering how people interacted with their devices. Many people of a certain age feel comfortable using on-screen keyboards and touch gestures. Some younger people prefer voice interactions through assistants like Alexa, Siri or Google and that audience is only going to grow.

A vital question was put to the panel about how to implement new technologies. FinTechs often feel like they are in a zoo. Potential clients come to see what they can do, have some meetings, but then don't connect again. There are some activities that can improve the relationship-building on both sides for FinTechs trying to scale-up or break into financial services; along with the obvious (but not always followed) things like respecting each other and being collaborative, there is a need to not destroy the start-up's spirit. Go in to the relationship with the understanding that the technology partner is young and may need some support and guidance.

The idea of changing the culture of the financial services firms was discussed. It was believed that this needed both top-down leadership & funding and also bottom-up drive. An internal innovation fund was set up that enabled small teams working on-the-ground to prepare a business case and pitch over six months to present. Over 70 of these teams took up the challenge, with some generating real business benefits. But, it is more than those end success stories that matter; it is the change in mindset across the company that demonstrates that innovating is part of business-as-usual for everyone in the firm, not just a select few tucked away in an innovation lab.

Other key factors were having both business and IT teams engaged and willing to work together as partners, being able to run projects in an agile (or Agile) fashion and accepting projects that "fail fast", but test and learn quickly. It was interesting to see how business architecture could help in these situations by mapping commonalities across the business using capability models and describing roadmaps aligned to customer journeys.

Practical business design

Source: Practical Business Design

One of the major blockers to building an innovation culture was the procurement process in many large financial services firms. These bureaucratic processes can take over eight months to allow a start-up to being implementing a solution, which can destroy the innovation impetus. A fast-track procurement process, enabling implementation of new technologies, perhaps in some protected sandbox environment, taking eight weeks would be a massive enabler. It feels like there is work required to develop streamlined procurement processes, specifically for innovation technologies.

An audience member asked how many start-ups typically fail. In any typical innovation portfolio, an angel investor may have invested in ten start-up companies. Five of these will likely go bust. Three may remain as the "living dead", where they plod along, just existing as a private company, without any hope of getting a return on the investment. The other two may become "superstars", where they go public with a bang and these two pay off the investment in the other eight start-ups.

I believe that, with more help in providing a consistent analysis of these start-ups on behalf of private equity firms and venture capitalists, the ratio of failures:living dead:superstars could be improved.

This was a very interesting panel discussion and my thanks go to Societe Generale for running the event, the guest speakers on the panel & presenting and to Susanne Chishti for hosting. The themes of technological innovations and the challenges of implementing them in financial services were very familiar to what I have seen in my own experience, but these challenges are not insurmountable with the right support.

If you don't use these new innovations in your business, for example in the field of anti-financial crime, where do you think the criminals are going to go when your competitors
do use them?

Final thought: You cannot wait for the perfect innovation. By the time that happens, your competition may be far ahead of you. You would be better off using what innovation can offer now, but work together with the technology companies to complete that picture for your business.

The right partner can help intersect the old world with the new.

#innovation #event #socgen #data #technology #startup #scaleup #financialservices #ai #ml #rpa #robotics #blockchain #bigdata #cloud #fintech #regtech #legaltech #wealthtech #insuretech #implementingnewtechnologies #leadingpointfinancialmarkets #leadingpointfm #lpfm

Reducing anti-financial crime risk through op model transformation at a tier 1 investment bank

“Leading Point have proven to be valued partners providing subject matter expertise and transformation delivery with sustained and consistent performance whilst becoming central to the Financial Crime Risk Management Transformation. They have been effective in providing advisory and practical implementation skills with an integrated approach bringing expertise in financial services and GRC (Governance, Risk and Compliance) functional and Fintech/Regtech technology domains."

Head of Anti-Financial Crime Design Authority @ Tier 1 Investment Bank

Accelerating growth-at-scale at a treasury blockchain FinTech with our delivery leadership

“Leading Point has been invaluable in helping us deliver high quality client outcomes in the enterprise blockchain space and creating a scalable delivery model for us with increased productivity.”

COO @ FinTech

How will the FCA business plan impact organisations over the next two years?

Leading Point of View
How will the FCA business plan impact organisations over the next two years?


The FCA has recently issued its business plan (1) and focus for the upcoming four quarters. Kicking off with some stats – a mix of sobering and positive, the paper gives a clear outline of its proposed, cross-sector, regulatory oversight. One of the greatest challenges for the industry at present is the implementation of MiFID II provisions.
The FCA makes the point that this will facilitate the introduction of ‘major reforms to improve resilience and strengthen integrity and competition in wholesale markets’. Furthermore, work around market abuse will be enhanced. We highlight notable elements of the business plan and their implications for organisations, below.


Across all financial sectors lies the risk of cyber-attacks. With the impending implementation and governance of the General Data Protection Regulation, and potential fines of up to 4% of company revenue, organisations’ technological and operational resilience must be second to none. The FCA deems these qualities pivotal pieces of the cyber security jigsaw; it aims to police cyber capabilities and monitor financial crime and all major outages
during the upcoming year.

Senior Managers and Certification Regime

Whilst 2015/2016 saw banks and insurers bring about the operational changes borne out of SMCR, during 2017/2018, the FCA plans to oversee the resulting culture and governance of this significant shift in responsibility. Currently under consultation is the extension, to be implemented by 2018, of SMCR to all firms covered by FSMA. This would cement the prevailing accountability of senior managers’ individual areas of business within the industry.

Customer Engagement & Competition

The theme driving the most recent directives and regulations is placing the ball in the customers’ court. The dramatically changing financial landscape is being molded by the General Data Protection Regulation, the Payment Services Directive 2, to name but a few. The Open API world further allows the customer to have greater choice and engagement with their banking decisions. The FCA is likely to zero in on firms’ development in digitisation and automation and stewardship of customer data with a critical eye, to ensure there is no abuse.

Buy-side | Asset Management

MiFID II implications are beginning to take shape, however there is much to be done. The FCA recognises MiFID II as post-crisis regulation; it is driving reforms that will promote cross-sector market integrity and competition,
and consumer protection. Firms’ annual budgets will now, more than ever, be targeted towards improving IT systems and infrastructure, develop data capabilities, and ensure operational risk is kept at bay.


Leading Point Financial Markets brings compelling value at the intersection of Data, Governance & Compliance, and Digital and Operating Model Change initiatives. If you would like to further consider any of these impacts on your organisation, please contact or



Rules of Data

On 24 October, it was reported that the Financial Conduct Authority launched an investigation into the US credit checking company Equifax; almost 700,000 Britons had their personal data misappropriated between mid-May and July this year. The FCA gave evidence on this matter to the Treasury Select Committee on 31 October because of the significant public interest. The FCA has the power to fine Equifax, or strip it of its right to operate in the UK, if it is found to have been negligent with its customers’ data. With European Union governments formally stating that cyber-attacks can be an ‘act of war,’ data protection cannot be taken seriously enough. The Equifax data breach is by no means a solitary data breach – several large organisations such as Dun & Bradstreet, Verifone, Whole Foods, Deloitte, DocuSign, Yahoo! are already part of the mix.

The Government is aligning domestic data legislation with the European Union in an effort at continuity, despite our plans to leave the EU. The Data Protection Bill, is proof that the Government seeks to keep the UK au courant with the newest data law of EU provenance.

The number of internet users is now close to 4 billion. Businesses continue to move their products and services online in order to service their customers. Data continues to grow exponentially and will persist in its travel far and wide – enabled by technology proliferation. The EU’s General Data Protection Regulation (‘GDPR’) has been precipitated by acute necessity. Companies need to review and revise their approach to privacy, security and governance of their data. A holistic, data protection framework is needed that is centred on the customer and encompasses their interactions, experience, sentiment, along with those of advocacy groups, shareholders, and regulators. This is a non trivial exercise and requires interventions at the mindset, policy, information governance & security and process levels, along with enabling technology.

Businesses are heading in the right direction with GDPR, but there is still a long way to go. Implementing this change with the right spirit is fundamental to building trust with customers and partners. Leading Point’s experience helping organisations with these requirements suggests that while significant compliance hurdles exist, a risk-based approach that focuses on five core areas, will be instrumental to success.

1. Give your customers control over their data – a mindset change

Bearing in mind the territorial scope of the GDPR – across the current 28 EU member states, plus, anyone dealing with the EU, most teams within organisations will benefit from the ethos behind the Regulation. A mindset shift from owning your customers’ data to stewarding your customers’ data is required. Give your customers control over their data. Any legal or natural person processing data must believe in the spirit of this sea change – the need
to assume responsibility for stewarding your customers’ data and to provide them with confidence in your processes. GDPR expands on the list of ‘rights’ each data subject is afforded: the right to be informed, the right to
access data records, the right to data erasure, to name a few. Tone at the top matters immensely.

2. Achieve Data Protection by Design

Which department is leading your organisation’s GDPR compliance efforts? A cross-functional team will help in deploying a holistic data protection framework. To start with, the focus must be on classification of the data, its
supply chain and its governance. Therefore, leveraging existing data management initiatives to embed data privacy requirements can really help in ‘data protection by design’. In practical terms, companies need a clear picture on: ‘what types of data do they hold on their customers;’ ‘which types of data is sensitive and requires enhanced security levels;’ ‘who has access to customers’ sensitive data;’ ‘where is this data processed and distributed;’ ‘how does it flow;’ ‘what is its quality;’ and ‘are their checks and controls in place around its flow and access’? The rules are more stringent now, as companies establish the depth of customer data – their interactions, experiences, sentiments – what impressions are left in an organisation’s data stores. The definition of personal data and its inherent breadth has been redefined – ‘Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed.’ And so the notion of data minimisation is born. We believe that while there are increasing numbers of quick-fix GDPR solutions in the market, achieving data protection goals is less about technology, and more about energising the organisation into becoming 100% data aware.
Building trust in your data will allow for effective process and controls for data protection, security and governance.

3. The Art of the Process

Focus must be on the ‘process’ exercise – visibility of customer journeys – which processes interact with customer data and the ensuing data lifecycle. Knowing which functions have client-facing processes and ensuring these are
adapted is called for. Threading through specific processes for data collection, data storage, data sharing, access requests and breaches is the focus. Having a command of what happens to personal data, who is involved in gathering it, and responding to Subject Access Requests is important, not least because you will have only a month to respond and cannot routinely charge the current £10. What steps to take in the event of a data breach, how to manage contracts which hold personal data: these are all explicit in the Regulation. For all data processors, we must double down on education and training – on policies, on data governance, on processes and new rules of data. This means highlighting a consistent approach to the different scenarios. Surely the best protection is a body of staff that is wholly informed?

4. Integrating data protection with a risk-based approach

By taking an inventory of obligations to customers via existing contracts and business agreements, organisations can start to manage their stated responsibilities linked to customer data and its management and use. This is a

Data classification and governance exercises will highlight the sensitivity, breadth and depth of data, the access and use of the data held. Data flow will highlight the data processors and third-parties and internal functions involved. Data quality will highlight where data management controls are required to be shored up. In turn, this will flag up priority remediation exercises on customer data.

The aforementioned ‘process’ exercise will highlight key customer-facing process changes, or a requirement to deploy specific data processes referenced by GDPR. Organisations can road-test these processes against the required process turn-around times. For example, data breaches must be reported within 72 hours, and as mentioned above, data subject access requests – one month. Involve your customer services team actively with data protection and security breach scenarios – this will build memory and promote mindset change.

The overarching governance in an organisation will be a key cog in the data protection ecosystem; the Regulation has duly led to the genesis of the Data Protection Officer. Enabling these responsibilities with existing data management governance responsibilities, and appointing data champions, can be an effective approach. Data protection is indisputably everyone’s responsibility, so the emphasis must be on organisational cooperation.

5. Cascading to Third Parties & a Cloud

Third party contracts and the framework that dictates how these are established, must wholeheartedly reflect any changes to the requisite data protection and security obligations. A compliance policy which standardises how third party contracts are established can also be a useful instrument. Data transference should be shored up with model contractual clauses, which allow all parties to clearly realise their responsibilities. We are alive to the persistent risk of cyber attacks, so it is crucial to remember that your data on the cloud is a business issue, as well as an IT issue. Are you fully apprised of where your business stores its data; on the premises, in the cloud, or both? The increasing trend to shift data and infrastructure to a public or private cloud no doubt presents an economic benefit and technology road map for some organisations. But make no mistake, organisations are accountable for their customer data content, its usage, and their security policy for cloud-based storage. Measures such as encryption, pseudonymisation and anonymisation will help, and should be employed as a matter of course, as well as remaining open to select technologies that help underpin cyber defence.

To conclude

When implementing change, evidence-based decision making shouldn’t be the only strategy; knowing which cogs in an organisation interlink cohesively in practice will greatly assist in a robust framework that threads through to
a mindset shift, policy, data, process and third parties. To reinforce an earlier perspective, data is only growing. So are data breaches and cyberattacks. The garnering of our data to feed algorithms and ‘machine learning’, borne
out of the Silicon Valley revolution, is leading to inevitable change in our lives, but we must strive for a democratic jurisdiction for our data. Organisations must give customers control of their data and the confidence in their data
management processes. Rather than penalty-based scaremongering, think of this as an opportunity to build your brand, to send a robust message to your customers and partners, demonstrating care and respect of their data.

To close, a soundbite from the Information Commissioner’s Office: ‘Data protection challenges arise not only from the volume of the data but from the ways in which it is generated, the propensity to find new uses for it, the complexity of the processing and the possibility of unexpected consequences for individuals.’

Leading Point Financial Markets brings compelling value in the intersection of Data, Compliance, Governance and Operating Model Change initiatives.