Monthly Archives: June 2013

Reading note on TRM guideline 2013

Reader of  the new TRM guideline from Singapore Monetary Authority will be surprised by the changes it made. It is not an simple update but a major rewrite of some of the sections. Also it incorporated key and fundamental changes in financial technology.

At the introduction section, the author set the tune for the whole document by stating that IT is no a cost center only and should be integrated with business strategies. This type of statement is advocated by vendors for a long time but I believe it is the first time a banking regulator making the same statement in a TRM guideline. From here, the reader could expect TRM function is not only about  system vulnerability or malware, project risk, governance and outsourcing are also important.

Para 1.0.1 “IT is no longer a support function within a financial institution (“FI”) but a key enabler for business strategies” 

The author also states user are more IT-savvy. from my experiences, the more accurate adjective would are user are getting more IT-demanding and require more features. Usability of non-financial internet and mobile applications has revolutionized by the uses of HTML5, AJAX and even 3D graphic. Users are demanding the old html only Internet banking to follow. MAS also sense these changes and urge banks to fully understand the risk before bending over backwards to please users.

Para 1.0.3 “FIs are also faced with the challenge of keeping pace with the needs and preferences of consumers who are getting more IT-savvy and switching to internet and mobile devices for financial services, given their speed, convenience and ease of use.”

Singapore MAS new TRM guideline

Singapore Monetary Authority after one year consultation released a Technology Risk Management Guideline. It is a major overhaul of the last version which was published in 2008. For sure, the banking industry and banking technology changed a lot with the omnipresence of 3G network and mobile devices.

As part of my job is to implement TRM in FI, I will write out my comments and observations in the coming posts. But first let us take a 3000 feet view of this document. A few text analysis tool and visualization graphic will do the job.

The first graph is a word cloud which shows high frequency keywords. FI means Financial Institutions. Most of the words are general IT terms like data and systems. But should notice that “ensure” appears in a relative big size !!

The left graph show the three selected keywords: Ensure, Access and Recovery. The peaks of access and recovery show that although they are used often, this keyword mainly used in one particular chapter.

FI

FI

TRM key work chart

The traditionals fight back

In my last post, I wrote about an equity research report stated traditional outsourcing companies are losing. However, the big giants are not retreating without a fight. This war is real and happening. 

“IBM charged that the CIA improperly awarded the deal to Amazon Web Services  by failing to evaluate all the pricing scenarios.”URL http://gigaom.com/2013/06/07/gao-says-not-so-fast-on-proposed-secret-amazon-cia-cloud/

The $600Mil is now re-opened. For sure, the earth loses a few trees as a direct consequences. But if looking at the big picture, it seems the transition to cloud computing is going to be nasty! With new technology, both the buyer and seller are new to the possibility created by innovative ways in managing computing resources. However, bureaucracy kicks in and The Government Accountability Office found that the CIA failed to evaluate prices comparably under one of the solicitation’s pricing scenarios, and that it had waived a requirement in the Request For Proposal only for Amazon.