Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
PRESENTATION FOR CONSOLIDATED AUDIT TRAIL (CAT) BIDDER SUMMIT JULY 29, SIFMA Copyright 2014. EPAM Systems, Inc. & Broadridge Financial Solutions, Inc. All rights reserved. All trademarks and service marks are the properties of their respective owners. The presentation contains proprietary content belonging to EPAM Systems, Inc. & Broadridge Financial Solutions, Inc. AGENDA • Team Introductions • EPAM & Broadridge Overview • CAT Processor Organizational Structure • Highlights from our approach for CAT product definition, design and implementation strategy • Overview of Technology Solution • Security and privacy issues, handling of customer information • Linking trade data information • Data collection • Approach to Project Management and the Build of the Solution • Q&A Copyright 2014. EPAM Systems, Inc. TEAM INTRODUCTIONS Mark Bisker SVP, Head of Capital Markets Competency Center, EPAM Systems Mr. Bisker joined EPAM in 2007. Mark has been in the financial service industry for over 20 years, he has expert level knowledge in market structure and Capital Markets front office technologies. Prior to EPAM, Mark served on ISO 15022 committee, SRO technical advisory board, director of board of brokerage company, and previously held leadership positions at Charles Schwab, Lava trading, Hudson Securities, B2BITS. Sam Rehman Chief Technology Officer EPAM Systems Mr. Rehman joined EPAM in May 2013 as CTO. Prior to EPAM, Mr. Rehman held positions as CTO and SVP for Grid Dynamics, a professional services company specializing in E-commerce and high performance computing. He has also spent close to 10 years with Oracle Corporation, where he led development groups as Director and VP of Engineering. Niten Jaiswal Vice President, Cloud and Datacenter Services Broadridge Mr. Jaiswal joined Broadridge/ADP in 2006 as a Technical Consultant, and has 10 years experience in Enterprise and Infrastructure Architecture and 15 years of experience as a systems administrator Prior to Broadridge, Mr. Jaiswal has held technical and leadership positions at Big Foot Interactive (now Epsilon), Cendant, and IBM. Bob Urbanik Vice President, Product Management – BPS Core Growth Broadridge Mr. Urbanik joined Broadridge in 2014 as a product manager responsible for the regulatory and strategy for the BPS-Core product. He has nearly 25 years experience in software product management and client service serving the front-middle-back office for institutional and retail financial service firms. Prior to Broadridge, Mr. Urbanik worked at SunGard, Bessemer Trust, and Merrill Lynch. Copyright 2014. EPAM Systems, Inc. EPAM/BROADRIDGE OVERVIEW Copyright 2014. EPAM Systems, Inc. ABOUT EPAM A LEADING GLOBAL END-TO-END SOLUTIONS COMPANY COMPANY HEADCOUNT INDUSTRY FOCUS 1993 founded, US HQ in 10,500+ technical staff dispersed Banking & Finance 30% Newtown, PA across NA, Europe, and APAC. ISVs & Technology 22% Public (NYSE: EPAM) 50+ employees hold PhD degree. Travel & Consumer 22% Information & Media 13% FINANCIALS SECURITY EXPERTISE $555m revenues in FY 2013 ISAE 3402, SAS Type II Order Management, FIX, OATS, ACT, $175m cash, debt-free ISO 27001:2005 TRACE, OCC, Exchanges, Big Data, No client > 15% of revenue CMMI Level 5 High Performance Computing Copyright 2014. EPAM Systems, Inc. ABOUT BROADRIDGE Broadridge with over $2.4 billion in revenues, is a leading global provider of technology-driven solutions to banks, broker-dealers, mutual funds, and corporations globally. • Investor communication solutions, securities processing and operations outsourcing. • Clearance and settlement in over 70 markets for domestic and international equities, options, fixed income, ETF and mutual funds. • Management of core books and records, tax reporting, multicurrency, cost basis, OATS, EBS, Large Trader reporting. • Securities processing technology scale supports over 40 million customers and over 2 million compressed equities trades per day. #1 in Delivery Excellence #1 in Scale #1 in Customization #1 in Best of Breed Technology #1 in Data Security #1 in Customer Care Leading Securities Processor • 6,400 associates operating in 14 countries, smart-shoring 20% of its associates in India. • Established connectivity with majority of US broker-dealers. Copyright 2014. Broadridge Financial Solutions, Inc. OUR PARTNERSHIP EPAM has identified Broadridge to be ideally positioned as the premier operational provider for the CAT system • EPAM will comply with the SROs requirements and will work with SROs on formal contract to mutually agree on all aspects of third-party relationship governance. • EPAM and Broadridge teams will jointly develop and set clear responsibilities and authorities in the Subcontract agreement. • EPAM will assign Senior Vice President of CAT Processor to lead the design, build, and enhancements of the CAT platform. • Broadridge will assign SVP of CAT Business and Operations and Chief Compliance Officer (CCO). Broadridge Responsibilities • Product management – working with EPAM • Compliance, audit and security • Finance and administration • Operations • Client & reporter relationship services • Infrastructure support • We are flexible to adapt the organizational structure based on further discovery and recommendations from SROs and the SEC. Copyright 2014. EPAM Systems, Inc. RELEVANT EXPERIENCE Global Investment Bank SWIFT confirmation matching engine: • Distributed calculation platform on a private cloud • 30,000+ rules; 3M+ messages / day, 200+ messages / sec by a thread • Efficient matching algorithm for SWIFT messages • Configurable rules (per location/product) Financial Research Aggregation Platform: • End-to-end management of virtualized network, storage, computing resources • Private cloud across 2 datacentres with 500 compute instances, 100 application components • 50 TB of storage, 10+ million documents repository Securities and investor data processing: • 4 PB data warehouse • 7,000 servers across 10 data centers globally • 350,000 jobs executed daily • 10,000 data feeds World’s Leading Travel Company Global Oil & Gas Company Global Investment Bank Analytical Data Warehouse Solution: • Processing ~10 TB daily booking data in 1 PB Hadoop warehouse • Spooling & archiving booking data in Cassandra • Near real-time monitoring of metrics and KPIs associated with online bookings via Hadoop / Hue Warehouse for operational parameters: • Transaction volume is 200+ GB daily • Data warehouse structure modelled in Hive / HDFS • Hadoop API Integration • Data sync / ETL via distributed process in Hadoop 800+ FTEs provide build and run the bank • Focus on FX, Equities, Prime Services, Fixed Income & Commodities • Development and support of trading platform • Solution to support Basel III SRA • Full revaluation of the banks trading books via Monte Carlo simulation Copyright 2014. EPAM Systems, Inc. CAT PROCESSOR ORG STRUCTURE Copyright 2014. EPAM Systems, Inc. HIGH-LEVEL ORGANIZATION STRUCTURE Steering Committee (EPAM, Broadridge, and SROs Representatives) Product Management office Project Management Office Compliance Legal Architecture Software Engineering QA HR Tech Services Governance Accounting Operations Delivery Group Administrative Group Copyright 2014. EPAM Systems, Inc. BROADRIDGE GOVERNANCE AND OPERATING MODEL Copyright 2014. Broadridge Financial Solutions, Inc. CAT PROCESSOR OPERATED BY BROADRIDGE (HIGHLIGHTS) Help Desk (HD) Client Service (CS) • Provides support infrastructure 24 X 7 via direct client call or BR-Track • Monitors processing through automated applications and tools • Monitors key intraday and nightly SLAs • Provides day to day support for report loads and data transmission setup and Support Model testing • Monitors CAT inbound and outbound • 24 X 7 technical & functional support transmissions • Monitors client exception indicators • Four areas of support with streamlined call • Day to day primary point of contact • Receive calls directly or through BR-Track • Work with AM for business requirements Provide status updates to clients on projects and requests • Work with the PM to resolve product specific issues • Alert clients of impacting production issues • Introduce to the technical areas all client initiated enhancement requests workflow • Single point of contact and ownership Account Management (AM) • Direct contract with SMEs or correct targeted service support group Product Management (PM) • Responsible for CAT Client • Subject matter experts with specific • Client self-help BR-Track utilizes same workflow Relationship Management (CRM) brokerage operations experience • Workflow enabled escalation • Handle new business initiatives and • Provide client support during regular project management business hours • Prioritize open issues aligned with • Provide 24X7 support via the client requirements and business Broadridge Help Desk escalation needs • Client Enhancement Process • Responsible for setting up strategic/technical update • Review, approve, and introduce to the technical areas all sessions client initiated enhancement requests • Execution of bi-annual client satisfaction survey Copyright 2014. Broadridge Financial Solutions, Inc. HIGHLIGHTS FROM OUR APPROACH FOR CAT PRODUCT DEFINITION, DESIGN AND IMPLEMENTATION STRATEGY Copyright 2014. EPAM Systems, Inc. KEY TENETS FOR OUR APPROACH TO CAT • Open data repository • Minimize increase of compliance staff • Minimize changes to collection mechanisms • Lower CAT Reporters overhead for data submission • Improve quality of data submissions • SMEs to support the CAT users with integration • OATS operations to CAT processor in year 2 Copyright 2014. EPAM Systems, Inc. KEY SOLUTION FEATURES • Central repository for orders and quotes life cycle events • Built from scratch to avoid inefficiency in the existing legacy data models • Scalable and reliable • Designed to last • Designed to accommodate technology advances and for efficient maintenance • Architected with highest availability and security standards • Combines proven security and control standards with architecture for performance • Provides personal, fast, and secure storage Copyright 2014. EPAM Systems, Inc. KEY SOLUTION FEATURES • Meets security requirements • Offers Personal Hosting Provides built-in preview data analytics, collaboration, and provisioning tools • Enables easy integration • Supports multiple transmission protocols, accepts raw FIX logs • Provides means to minimize submission errors Copyright 2014. EPAM Systems, Inc. TECHNOLOGY SOLUTION OVERVIEW Copyright 2014. EPAM Systems, Inc. HIGH-LEVEL SOLUTION ARCHITECTURE Copyright 2014. EPAM Systems, Inc. B2B INGESTION LAYER (B2BIL) • Manages original submissions and re-submissions (data processing stage errors or trade-level data modifications) • Ingests data via secure FTP (SFTP/FTPS), SSH/SCP, PeSIT and NDM connections using SSL or TLS. Ordinary FTP and HTTP only in private networks after security validations • Supports REST, SOAP via SSL, HTTP(S) and FIX protocol clients • Allows extension of existing data formats with additional fields if required by CAT • Utilizes the uniform format that will be developed by EPAM for SRO’s and large CAT reporters with possibility to continue with existing data formats • Allows data consumption from SIPs in real-time and in batch modes Copyright 2014. EPAM Systems, Inc. OPERATIONAL DATA STORE LAYER (ODSL) • Accepts data from B2BIL and verifies accuracy • Identified errors stored as exceptions and communicated back to reporters • ETL subsystem for normalization, anonymity and load to topical databases • Order ID’s generation and data enrichment, including linking of order events • Time data element to resolve time sync anomalies between the CAT reporters • Keeps order- and quote-related data until processed to final state and moved to the Central Repository for long-term storage and immediate regulator use Copyright 2014. EPAM Systems, Inc. CENTRAL REPOSITORY – FUNCTIONAL DECOMPOSITION • Provides data storage for 5 years • Progressive data compression to scale the solution beyond 20 PB • Accommodates the need to modify data structures and onboard new data types • Provides fast response time for interactive requests with highperformance design and data partitioning • Automated replication and data archiving for two years in a disaster recovery data center fully complied with industry standards • PII Data stored and managed separately Copyright 2014. EPAM Systems, Inc. DATA DELIVERY LAYER (DDL) • Secure delivery of CAT data and hosting of all client applications • Supports bulk and interactive queries from SROs, regulators and the SEC • 3 ways to deliver results based on user settings and other factors: o Sending via direct communication o Uploading to client infrastructure o Storing in a CAT-hosted, user-specific sandbox as a data mart Data marts and analytics software for data access and administration Data transfer technologies to ensure query results delivery to enduser environment: o Zip compression supported (but not required) o SFTP, FTTPS, HTTPS, FIX and PeSIT over the public internet o FTP, HTTP in private networks after proper security validations Common portal technology for the major user groups: 1. Secure Portal and Reporting for CAT Reporters 2. Secure Portal to access data for Regulators, Auditors, and Reporters 3. Public Portal Backs up and archives all operations occurring in the DL Active/passive replication process within the DR environment • • • • • Copyright 2014. EPAM Systems, Inc. LINKING TRADE DATA INFORMATION Implement the daisy chain concept Algorithm for efficient linking of orders Parent/child approach for aggregation and splitting of orders Order events - Attribute account number. - Account number linked with Customer ID in CAT. Summary of executed trades by Customer ID or account number Trades and allocations are not defining topology of order events Query CAT Reporter ID and original order ID to quickly link to the ultimate execution, allocation or cancellation Copyright 2014. EPAM Systems, Inc. DATA COLLECTION Data types include: - Account information - Market data - Order & Quotes life time related events Different data path for each data type Support of multiple submission protocols Considering expanding use of FIX messages Potential to accept raw FIX/binary feeds logs Considering leveraging existing data formats Considering consumption from SIPs in real-time and in batch modes Support proposal of collecting quotes for options trading from exchanges only Copyright 2014. EPAM Systems, Inc. CUSTOMER AND ACCOUNT INFORMATION, CUSTOMER ID Customer definition per SEC Rule 613 - The account holder(s) of the account at the broker-dealer originating the order - Any person from whom the broker-dealer is authorized to accept trading instructions for such account, if different from the account holder(s). We support approach suggested by SRO’s which relies on account number and customer associations stored by the CAT Account Id is defined by the broker internally and must be unique (account, sub-account) We expect that initial submission to CAT will include all existing accounts and then incremental information submitted when new accounts opened, removed or modified. Based on the information provided by reporters, CAT will generate unique through CAT System CAT Customer ID and store it in dedicated CAT Customer database using this id as a key. This key will be used to associate Customer’s data with order data as well as to perform queries against customer’s database. Copyright 2014. EPAM Systems, Inc. BROADRIDGE DATA CENTERS BFSNET Copyright 2014. Broadridge Financial Solutions, Inc. PRINCIPLE NETWORK INFRASTRUCTURE Copyright 2014. Broadridge Financial Solutions, Inc. SECURITY & COMPLIANCE BROADRIDGE EPAM • • ISAE 3000/3402 Type 2 (SAS 70 II), CMMI Level 5, ISO 27001 • EPAM Security Framework Certifications including ISO 27001 and SSAE16 Audits – there are only 11 financial services companies in the U.S. that carry the ISO 27001 certification • Physical and Environmental Controls • Disaster Recovery audited by FFIEC and ISO • Network, Application and Third-party Vulnerability Scanning • Global Data Loss Prevention program, providing strict governance to protect confidential Client Data ensures high security across all locations combines effective measures to protect client’s intellectual property and assure productivity • NDA and Contracts ensure information protection and legal liability of every staff member in accordance with local laws Copyright 2014. EPAM Systems, Inc. ENCRYPTION & PII PROTECTION We plan to leverage Broadridge policies and technologies to control and track PII data. BROADRIDGE POLICY SECURITY FACILITY • • State-of-the-art, C2* compliant facility • Main system components: Top Secret from Computer Associates, Enterprise Security Server from Blockade Systems and BTS, Data Loss Prevention product • Data Categories being monitored and protected: Data at Rest, Data in Use, Data in Transit • Customer data submitted to CAT will be sent using secure encrypted communication channels • PII will be stored in separate Database • PII information columns will be encrypted • Order events records will carry token only (AccountID, CustomerID), none of PII data will be exposed in CAT system elsewhere • Storage devices use FIPS 140-2 level 2 self-encrypting drives Access to client data is restricted through Role Based Access Control • Systems storing client data reside within restricted areas • Access is controlled through logical (user credentials, firewall rules, ACL, etc.) and physical access methods (scan cards, biometric scanners, guards, CCTV, etc.) • System logs are activated to record all pertinent events • Sensitive Data is segmented through physical and logical architectures • Isolated VLAN segments are defined and are secured through perimeter Firewalls and Access Control Lists granting authorized access through Host Based / Network Based / Protocol Copyright 2014. Broadridge Financial Solutions, Inc. SECURITY AND PRIVACY ISSUES, HANDLING OF CUSTOMER INFORMATION, ENCRYPTION • Infrastructure has the ability to encrypt data in transit (SSL) and at rest (hardware disk based encryption) • Data repository software is able to encrypt data columns • File transmissions infrastructure is able to consume encrypted files sent from SROs and other data providers SECURITY TRAINING • Broadridge and EPAM both have security awareness programs that are given annually to ensure that employees understand current policies and processes DATA ACCESS • Broadridge and EPAM follow the least privileged access security principle to ensure that only necessary individuals have the ability to access confidential information • Integration with Broadridge’s SSO infrastructure will allow federated access to information to authorized 3rd party users DATA CLASSIFICATION • Broadridge BPO associates are trained to identify and properly classify data as it is introduced into the environment to ensure that it is protected with the appropriate controls Copyright 2014. Broadridge Financial Solutions, Inc. CAT COMPLIANCE REPORTING COMPARISON, ELIMINATION OF REDUNDANT SYSTEM CONSIDERATIONS Copyright 2014. Broadridge Financial Solutions, Inc. APPROACH TO PROJECT MANAGEMENT AND THE BUILD OF THE SOLUTION Copyright 2014. EPAM Systems, Inc. CAT PROJECT MANAGEMENT APPROACH STATE OF THE ART PROJECT MANAGEMENT PROCESSES AND TOOLS STEERING COMMITTEE & PROGRAM MANAGEMENT • Robust distributed development methodology based on mix of Waterfall and Agile approaches • Technical PMO and Operational PMO • Project planning & KPI management • Requirements management, prioritization, and traceability • Project artifact database & management • Change, risk, quality, resource, issue, incident management • Project audit • Transparency, communication, and socialization • Review Milestones & Checkpoints • Resolve project ambiguities and issues • Prioritization of all aspects of the project • Program management stitches together all individual sub-projects and tasks • PMO focus will change as project moves to production and steady state Copyright 2014. EPAM Systems, Inc. INDUSTRY ENGAGEMENT – PRODUCT DEVELOPMENT Gather High Level Requirements Publish for Comments SROs CAT Committee (SIFMA/FIF) • 24 X 7 technical & functional support • Four areas of support with streamlined • call workflow Modify and Gain Approval from SROs • Single point of contact and ownership • Direct contract with SMEs or correct targeted service support group • Client self-help BR-Track utilizes same workflow and Functional Specifications Write Technical • Workflow enabled escalation Publish for Comments SROs CAT committee (SIFMA/FIF) Modify and Gain Approval from SROs Copyright 2014. EPAM Systems, Inc. HIGH LEVEL TIMELINE Year 1 Year 2 Year 3 Year 4+ SROs Equities and Options Large SRO Members Remaining SRO Members Fixed Income Equity Swaps Credit Default Swaps Other Securitybased Swaps Copyright 2014. EPAM Systems, Inc. TIMELINE – YEAR 0 Copyright 2014. EPAM Systems, Inc. TIMELINE – YEAR 1 Copyright 2014. EPAM Systems, Inc. TIMELINE – YEAR 2 Copyright 2014. EPAM Systems, Inc. OUR VALUE PROPOSITION EXPERTISE Big data Capital Markets Managing large projects Operations • Data stewardship • Business continuity • Client/reporter services • Data service/self-service BREADTH AND DEPTH IN ENGINEERING CAPABILITIES Large repositories High volumes Distributed processing for comparable data volumes Highly qualified group of engineers with relevant expertise EXTENSIVE EXISTING NETWORK CONNECTING US BROKER-DEALERS Copyright 2014. EPAM Systems, Inc.