Success Factors for Ensuring Regulatory Compliance with CCAR/DFAST Programs

By Rich Brownstein, Director of Risk and Compliance, Perficient

Those who have earned their modern-day regulatory reporting stripes on a Comprehensive Capital Analysis and Review (CCAR) or Dodd-Frank Act Stress Testing (DFAST) project know there is a broad range of activities, deliverables, and risks to coordinate throughout the delivery phases and even more so once the projection and capital planning processes start.  At a recent industry summit, a panel unanimously answered that there were many “lessons” learned around the project management office (PMO) when it comes to CCAR and DFAST.

The panel and attendees agreed that every aspect of the project phase and build must be retained and explained, from business requirements to model and data governance.  Throughout the projection and capital planning processes, all assumptions and methods throughout the effective challenge process must be documented to the extent they allow reconstruction.  With this standard of performance in place, the group agreed there were many project participants keeping notes and producing a lot of paper.  The smaller institutions performing DFAST were leveraging internal staff and concluded that manual processes were undoubtedly inefficient.

In my experience with assisting both large and small financial institutions with CCAR and DFAST filings there are efficiency opportunities in how the project is organized and how technology can be leveraged. Furthermore, documentation and established, repeatable processes remain as critical success factors for CCAR/DFAST submissions.

PerficientEffective Program Delivery

First, regarding the organizational model, we are seeing a beneficial shift toward a more federated project office model where the CCAR/DFAST filing is centrally coordinated.  The advantages include unified project plans, decision-making processes and coordinated risks and action management.  Further, the golden source documentation is more easily located and centralized.

The enterprise program delivery office (PDO) has been created to align with the “hub and spoke” model. The shift from a PMO to a delivery-driven PDO helps align the program with a financial institution’s goals, facilitates a culture of change, manages risk and demonstrates ROI.  The typical mandate for an organization is to develop and ensure standards are maintained in the documentation, serve as the clearing house or escalation point for decisions or issues, and drive governance generally resulting in a competitive advantage for a financial institution.

Another role of the PDO is to organize all aspects of the project artifacts.  As we have seen, sufficiently passing the quantitative review does not always translate into passing the qualitative review.  Having clear and easy to understand artifacts in model management, end-to-end project implementation, expert judgment and an effective challenge process can significantly enhance the results of a regulatory review.

Technology Integration

That brings me to a second opportunity that leverages technology.  We know there is no easy way of amassing the massive amounts of documents and paper needed for this project.  However, smarter techniques in filing and efficient workflows can help.  Enterprise content management tools are ubiquitous in project artifact storage.  However, with upfront standards, folder and file taxonomies and policies for compliance, the institution’s final submission will be more robust, dynamic, forward-looking and transparent in nature. The regulatory guidance ensures there are established and repeatable processes, and this has become a critical point of the qualitative assessment.  A standard, centralized knowledge management repository for meeting minutes and committee papers, requirements, data governance work papers, test strategies and scripts, system environment build and run book specs is needed. And as we all realize, this is just the beginning as this structure would be used to replicate all risk areas: liquidity, treasury, tax and other finance areas.

With a little preparation and configuration, integrating technology into your CCAR/DFAST program helps better manage workflows, challenge rounds and sign-off of the capital plan.  In speaking with recent filers, I have heard extreme ranges of the iterations and challenge rounds.  In one case, the institution ran out of time and submitted with one review of the capital. Conversely, another institution underwent more than 50 iterations and rounds of challenge.  Leveraging content management and workflow tools will aid in essential reviews and virtual committees with all iterations, comments and voting retained and time-stamped to please your auditors.

Lessons Learned for Compliance Success

Improving the efficiency and effectiveness of your compliance program, specifically CCAR and DFAST regulatory reporting, comes down to three key components:  people, process and technology. The role of project management for risk and compliance is transforming into a more delivery-focused approach, or PDO, that involves a cross-functional approach with collaboration between business and IT stakeholders. As institutions assess gaps in their risk, regulatory and compliance programs and identify improvements, it is highly likely that technology will be integral to elevating success. Whether it’s simply an integrated knowledge management platform or a more complex analytics solution, regulators look to see that technology is integrated to demonstrate a robust culture of compliance.

Rich Brownstein, Director of Risk and Compliance, Perficient:, 973-432-6671. Rich Brownstein leads Risk and Compliance in Perficient’s Financial Services national practice. Rich has more than 20 years of experience working for and with large financial institutions in the areas of operational risk management, legal and compliance, IT governance, and project portfolio management. He has a deep understanding of industry challenges and best practices. Rich has a proven track record leading strategic business, product and technology initiatives to minimize risk and maximize effectiveness and efficiency for organizations.

About Perficient

Perficient is a leading management and technology consulting firm specializing in creating client value through solutions focused on the key drivers of global finance – revenue growth opportunities, new operating models, operational efficiency, compliance and cost control.


Follow Us:

Sitemap | Privacy | Copyright © © 2017, WSTA®, All Rights Reserved.