Large Retail and Commercial Bank
Helping People and Businesses Prosper
Our client is one of the country’s largest retail and commercial banks, with close to $100 billion in assets and 10,000 employees. The bank continues to invest in its customers, people, and technology, including its digital capabilities. Our client is financially strong and known for treating each customer right.
Facing Business, Regulatory, and Risk Challenges
Our client was facing various business and regulatory challenges, such as having failed the Federal Reserve’s annual health check, more commonly referred to as the “stress test.”
Because of the need to address the serious deficiencies it faced, the bank established multiple programs, including a U.S. bank holding company (BHC) regulatory and a comprehensive capital analysis and review (CCAR) program.
Our client asked us to help build foundational capabilities that ensure smart, effective, and compliant business practices.
A Lasting Partnership to Strengthen Operations
Over the years, we have provided consultative services to our client in a variety of areas including program management, business analysis,data management, and risk and compliance. The following sections highlight some of this successful work.
Capital and Risk Transformation (CART) Program Management
We supported the CART change management team in building the governance structure for the program PMO activities. The team supported the program execution by partnering with project stakeholders, project managers, risk, finance and T&O to ensure PMO governance and oversight is executed effectively. We also developed and drove adoption of standardized templates and reporting.
Heightened Standards Program Management
We provided project management and plan development support in implementing the OCC Heightened Standards guidelines. The purpose of this initiative was to strengthen the bank’s governance and risk management practices. We also developed project plans based on OCCA lasting partnership to strengthen operations guidelines for three lines of defense, and participated in all aspects of project planning and execution, issue remediation, and executive reporting.
CCAR Project Management
To support CCAR, we provided program management and business analysis expertise to coordinate and support oversight of the CCAR process. We coordinated the CCAR review and challenge sessions for all processes and models, collected and reviewed risk and challenge materials, and coordinated sessions. Prior to the start of the CCAR process, we delivered process definition, process improvement and“dry-runs” to improve execution.
CCAR SAS Development
We were responsible for the creation of PPNR and loss forecasting models in SAS. Our team coded created models on the SAS platform,data acquisition routines, and tested SAS programs.
Consumer Practices Analysis
Our business analysis services helped to stand up our client's newly formed consumer practices organization. We provided an initial document review of all items that impact, intersect or address the consumer with respect to consumer practices, such as processes, procedures and scripts, with the goal of creating a consistent brand experience for the bank’s clients.
Fraud Risk Roadmap
A roadmap for enterprise fraud risk included a gap assessment across the enterprise, identified gaps in controls, processing systems, skills, training, and reporting and procedures. These gaps were then prioritized for remediation. The final deliverable was a detailed project plan that addressed the prioritized actions. We also managed implementation of this remediation plan.
Testing Center of Excellence
We assessed the software development life cycle and project management processes utilized by CART for its programs/projects and provided recommendations on improvements for the delivery of CART and in SBNA. The result of the TCOE was an organization to support a robust testing function, tools to support testing, and a defined testing methodology.
Hyperion Financial Management Analysis/Testing
We supported the Moody’s and Hyperion Financial Management (HFM) implementation team in providing hands-on test management and UAT execution support.Our team was responsible for documenting detailed business requirements, test cases, requirements traceability matrices and then assisting users in the execution of UAT. Our effort was a result of the Testing Center of Excellence recommendation to put in a more robust SDLC process.
HR Career Framework
The HR Career Framework project addressed several key strategic goals related to the structure of jobs, job families and job levels,in addition to associated regulatory requirements. We provided project management and planning and oversight including framework application across the enterprise LOBs and implementation on the Oracle Fusion HR platform and key supporting benefits, compensation,and talent management systems.
CART Financial Planning and Analysis
We provided end-to-end project management for the CART Financial Planning and Analysis (FP&A) work stream. We were responsible for coordination of all program activities, executive reporting, and ensuring that the immediate term solutions aligned with the strategic vision for FP&A.
We helped our client improve its ability to better measure and manage risk, and allocate capital for regulatory compliance.
CART Model Risk Project Management
We supported the CART model risk management and model development change management team in project plan execution and reporting and change management, including the alignment of model development plans to existing plans. We were also responsible for execution support of the CART work stream, including monitoring key focus areas, all the way through to completion.
CART Operational Risk
Operational risk change initiatives were put in place to enhance the US Bank Holding Company operational risk policies and processes across third-party risk, BCP/DR, information risk, RCSA, event management,issue management, and reporting. We supported the SAP GRC platform strategic planning and preparations for alignment with the global program for selection of an implementation partner.
Community Reinvestment Act Project Management
In an effort to ensure a satisfactory rating on the 2014-2016 CRA exam period, we implemented a project plan and management process across all CRA efforts. The effort resulted in an enhanced level of coordination and predictability for the CRA projects, an updated CRA dashboard to view CRA low- and moderate-income loans, project execution and executive reporting.
Retail Risk Compliance Governance, QA, Third-Party
We worked closely with first line of defense control teams to define, document, and operationalize document administration, new productand business activities (NPBA), strategic and reputational risk, QAframework and third-party risk, which included the span of vendor identification, onboarding, risk assessment, and termination. The team prepared an inventory of applicable regulatory requirements.
Risk Data Aggregation Analysis
Our program management and analyst support challenged and enhanced the work plan for risk data aggregation and risk reporting (RDARR) regulatory requirements for BCBS 239 (Basel Accord data governance). We delivered a recommended approach for BCBS 239 compliance and the creation of a robust data management environment.
Sales Practices Assessment
We developed, deployed, and executed the overall MRA 4 investigation program - a three-year look-back at customer sales practices within the SBNA CBB division. We developed a risk-based methodology and approach that efficiently and comprehensively reviewed and assessed more than four million accounts for sales practices employee misconduct. Our testing services included more than 30,000 accounts investigated for potential misconduct in a 22-day period.
MRA PMO Support
Program management and analyst support was given to coordinate and manage MRA-related work stream planning, staffing, status and milestone reporting. The role functioned within the change management organization to support key MRA stakeholders who reported to senior management via the existing PMO structure.
IT Information Security Support and Vulnerability Assessment
Our deep technical subject matter expertise supported the bank in the analysis and performance of security reviews of vulnerabilities. We prioritized remediation efforts based on vulnerabilities actively being targeted by malware, ransomware, exploit kits, and threat actors in the wild. We also performed vulnerability notification, triage, and remediation tracking and performed Q&A on vulnerability reports and remediation. We maintained metrics, reporting, and dashboards of vulnerabilities.
AML Quality Assurance Management
The QA testing manager role was part of an AML project, which involved redesigning application interfaces for onboarding systems. The manager worked with stakeholders to develop the program-wide testing scope, approach and testing strategy, as well as supervised the coordination within the SIT and UAT cycle for technology and the LOBs. The QA testing analyst role was also part of the AML project. The QA analyst oversaw day-to-day activities, as well as the creation of UAT plans, test case creation, test case review, and test execution activities.The analyst also contributed to the development of the program-wide test strategy, E2E UAT plan and pilot plan, and prepared daily test management reports and metrics.
Privacy Office
We provided senior subject matter experts to determine the implementation approach for an update of the privacy policies for SBNA and SC. The team had the overall responsibility of evaluating and creating the required policy updates, as well as formulating and overseeing the implementation and reporting approach, not to mention coordinating the rollout schedule.
IT Controls Audit
We provided deep technical subject matter experts to support the bank in analysis and performance of internal audit testing, and supply advice on how to improve information security management. Focus areas included:systems development and program change controls, network and firewall security, operating system security and backup, as well as restore and records retention.
Results
Better Risk Management Builds a Better Bank
As a result of many successful engagements, we have helped our client improve its ability to better measure and manage risk, and allocate capital for regulatory compliance. We also enabled a more effective response to portions of the CCAR.
The program oversight and subject matter expertise we provided throughout all of the projects has helped the bank effectively anticipate, evaluate, and mitigate risks.
