Financial Control Solutions
It’s not about avoiding risk – it’s about managing risk. Shedding some light on the newest technology that incorporates required controls by leveraging web-browser based technologies. It’s all about connecting the business. Interview with Andy Mellor, Manager, Product Management, Risk and Compliance Solutions, Fiserv
BH: Andy, could you provide an overview of Fiserv and your products?
Andy Mellor: Of course, I’d be happy to. Fiserv is the leading provider of solutions to the financial services industry. We’ve been around for just over 25 years, since 1984. We’ve grown to a Fortune 500 company, revenues of $4.1 billion and now over 20,000 employees, so we are quite a large force in the financial services software solution provider market.
In terms of external recognition, we have achieved the number one ranking for the FinTech 100 ranking of top technology providers to the financial services industry. And that’s an award that we’ve won six out of the last seven years, so we’re very pleased about that.
My particular area is what we call financial control solutions – traditionally, that might be labelled as reconciliation and exception management, but our view of financial control goes beyond just simply matching transactions and investigating mismatches. We look at full financial control around transactional processes, so performance management, reporting, and the downstream activities relating to account certification and also moving onto the financial close.
Financial control solutions falls within a group that we call Risk and Compliance, which covers areas including money laundering and fraud detection, Asset Liability Management, risk analytics, and de-risking the whole transactional flow, and that’s where the financial control area fits.
BH: In this day and age, risk management is of enormous importance. Is that where you see most of the interest from your clients?
AM: Risk and Compliance is certainly an area that has seen a lot of focus in recent years. And if I were to look at what customers are actually demanding of our group, the optimisation of risk – so not risk avoidance, but assessment of risk and management of risk to match the risk appetite of the client organisation – would be one of the three core ‘pillars of value’ we supply.
The other two pillars would be, first, ‘increasing compliance and control’ – so obviously very dear to every CFO’s heart is making sure that they’ve got full visibility of the financial operations within their organisation and ensuring that those financial operations are fully controlled in line with their internal procedures.
And second, is the ever traditional area of increasing operational efficiency – looking for optimal levels of efficiency that will deliver efficient best practice operations within budget whilst also meeting the objectives of external stakeholders to the organisation.
BH: These three areas – optimisation of risk, increasing compliance and control, and increasing operational efficiency – do they all fall within financial control solutions?
AM: Yes. Those are the three areas of value that our solutions deliver to our clients. We hold regular executive briefings and discussion sessions through our user community and in talking to those executives, it’s clear that there isn’t just one objective, for example, an exclusive focus on increasing operational efficiency. In fact, what we found was that the three objectives of improving operational efficiency, optimising operational risk, and increasing compliance control, had almost equal weighting for our clients.
BH: Apart from the financial services industry, what about the financial functions in large corporations, across other industries? Are you increasingly seeing interest from this second group?
AM: Yes, we are seeing interest across other industries too. Not only do we have a very strong customer base in financial services, but we also have a very strong tier one corporate customer base, as well. A lot of the financial operations processes that you’ll find in a financial services organisation are common, or certainly similar, to those same operations processes within a large corporate. So, yes, our solutions are a good fit for both corporates and financial services institutions.
I think the other thing that’s worth mentioning is a lot of financial services institutions have actually been learning from corporate best practice, or what might be seen as corporate best practice, in terms of setting up shared services centres or centres of excellence within the financial institution to provide services to their internal clients.
So, in terms of organisational structures of those shared service centres and of the underlying processes around financial operations, there’s a lot of commonality. And we do find that we’re able to deliver value to the large corporates, such as the retailers and manufacturing industry, just as well as we do in the financial services industry.
BH: Would you actually say that’s a growing field for you, Andy? Are you yourselves developing more into the non-financial services world? Is that where your growth is?
AM: If we look at this from a market perspective, we are certainly seeing challenges for corporates as well as for financial institutions. And, yes, that is driving an increase in the number of corporate institutions looking for best practice process implementations within shared services. And we’re obviously able to provide that.
So, if we look at what our customers are receiving from our solutions, it’s the standardisation and centralisation of the reconciliation and exception management processes across the entire enterprise. And through standardisation they’re improving efficiency and driving down the overall cost of processing towards industry best practice benchmarks.
In terms of increasing operational efficiency, it’s also about the ever-increasing demands to do more with the same, or even fewer, resources. And if we look to the sorts of benefits that our customers are actually able to achieve through deploying our control solutions … I’ll take a financial institution as a starting point: One of our clients, a North American bank, implemented our solution across a large proportion of their account base. They got savings of up to 100 FTE over two years and have ongoing savings in the region of $3 million a year – a pretty significant return. But the level of return you’re going to get will vary according to the scale of the organisation.
Now, the other way to look at this is via the non-financial benefits that these organisations are receiving. For example, I was talking about increasing compliance and control as being one of the values that organisations look for. Virgin Media (an FCS customer) were able to accelerate their payment investigations, and that meant that they were able to improve their service response levels from 72 hours down to 24 hours. In terms of improving customer service, and here we’re talking about customers being internal customers within the organisation, the move from 72 hours to 24 hours was obviously a significant improvement of customer service. However, the other way to look at it is if you’ve got a payment error of some sort, the faster you can identify that payment error, the lower a risk it represents to the business and the faster you’re likely to address it. So, if we look at the benefits, while they may not be as easy to calculate, the improved control and compliance benefits will deliver financial benefits to an organisation, as well.
About ten years ago there was a large rush to outsourcing, We’re now approaching a second wave of outsourcing, where people are looking to re-evaluate outsource providers, and also looking at ways in which they can make further improvements. And here, they’re looking at ways in which they can enhance customer service to their internal customers. I think that’s one of the areas where we’re seeing interest and we’re certainly view this as a market with strong growth potential.
BH: So, what are your clients asking of Fiserv and how is Fiserv developing its products and services to help its clients provide better service to their clients?
AM: Let’s look at what organisations are asking for, first. What are large corporates or financial institutions looking for? The key thing that we hear again and again is that they’re looking to improve their operational processes and transparency around theseby developing a group that will focus on that process as its core competency. But they’re also looking to deliver value to the greater organisation. Now, that might be purely financial but, really, it’s more about refining this model. It’s not purely about moving a function to a different organisation. It’s about how shared services can deliver better value to its clients within the organisation.
Now, if we look at how we’ve developed our products so that they support this type of delivery, one of the areas is the communication between the shared service and the clients within the business. The shared service has to be an integrated part of the business process. It’s not as simple as outsourcing a departmental function. Those financial operations functions touch every department in the business, and managing those interactions in a way that fits the needs of the greater organisation, is critical in terms of how you are perceived as adding value.
Now, obviously, if you’re outsourcing the processing of these transactions, that’s one thing; but you’re not outsourcing the risk. So the CFO of the larger organisation needs to understand that those risks are being properly managed. One area where we’ve enhanced our product, and this applies whether or not you’re in a shared service environment, is in the account certification process. Now, if I take a step back … reconciliation is a critical financial control, essentially assuring that what you expect to happen actually does happen. And it’s a fundamental tenet of financial operations that you will be performing some form of reconciliation.
If you look at various SOX declarations and you do an analysis of the reasons why organisations will cite a material weakness in their internal control procedures, you’ll probably find that somewhere in the region of 20% of them will cite a failing of some sort around the reconciliation process. Either it’s not being performed in a timely fashion, it’s not being performed with enough accuracy, or the review and approval processes aren’t tight enough. So, there is insufficient visibility that those processes are being carried out, through the organisation up to senior management level.
Our account certification solutions allow for a managed review and approval process so that the people performing the reconciliation can submit the reconciliation and associated proof information, assuring that all the transactions line up, and making sure that any additional evidence that needs to be submitted for that period’s reports, is fed into a managed review and approval process. And this can be circulated through the various hierarchies of the organisation to get that full visibility of the control being applied, and also to get the full traceability that the control was reviewed. So that when the CFO comes to talk to the shareholders and says, "Yes, our financial controls are good, they’re in line with best practice … yes, we don’t believe we’ve got any material weaknesses," he or she can draw upon this evidence from the account certification process.
So in the design of that solution, we made it easy for organisations to deploy this in a distributed manner. We use thin client web browser-based technology … so for organisations that have deployed a shared service centre, for example, in a different region, the reconciliation team can work on the day-to-day reconciliation and processing, but when they submit the reconciliation for review and approval, it gets routed via e-mail alerts through to managers in the client organisation, who can review that information online. They can see all the relevant information provided by the reconciler right there, and they’re not dealing with e-mails going back and forth, to a shared service centre. They can immediately interact with the data, they can see the electronic dossier that the reconciliation team have prepared … it’s got full traceability, full visibility. And, again, when we’re looking at audit activities further down the line, the audit team can clearly see that all these controls were carried out in line with best practice. So this leads to a reduction in the audit costs, as well.
The goal behind the thin clients and lightweight deployment is that you have a server-based infrastructure and you access those functions through a web browser, wherever you are, without the need to install anything. The upshot of that is, obviously, that you are connecting the business, better serving a disparate areas of the organisation, including offshore centres. It also means that reduce the overall cost of ownership, by removing expensive local workstation installations..
If you’ve got a distributed organisation, you want to optimise the way in which you interact with them. And by delivering these solutions, using up to date technology, you’re able to ensure that everyone from managers to CFO has access to the information, and promoting self-sufficiency and delivering better service.
BH: Changing tack for a moment, I’d like to ask you about data. A lot of people I speak to talk about data integrity being a concern. How is Fiserv approaching this challenge on the part of the client?
AM: I think when we talk about data integrity, there are issues which might revolve around the security of data, or accuracy and completeness of the data, but your fundamental goal is, generally, not to talk about the integrity of the data, but the integrity of the entire financial process. The data is a manifestation of that; it’s an underlying technical detail, in a way. You need to ensure transactional integrity from the moment the transaction’s initiated through to the point where the transaction is fully resolved.
Automation assists in that process and through our financial control solutions we’re able to deliver levels of automation where we can support very high numbers of transactions. And through the matching process we can de-risk those transactions by confirming, at each step of the process, that what we expect to happen actually has happened. So, in that sense, we’re providing the preventative controls to prevent any transactional error passing from step one of the process through to the end of the process. Errors, including those relating to the integrity of the underlying data, won’t propagate through that process. You can also view this as a detective control, in that you’re likely to be identifying any errors faster in an automated environment than you would manually.
BH: If a client wants to get the best result out of a Fiserv implementation, what could they be doing on their end to really get the greatest return? Where are the biggest stumbling blocks in implementation?
AM: I think the key thing here is if you’re looking to automate financial controls, don’t simply look at your existing process and try to automate it. Because, in doing that, you’ll also be automating any manual inefficiencies that have established themselves within the process. My suggestion would be to look at the actual business requirements and look at how an automated solution can transform that process – make it more efficient and more streamlined. So, rather than simply automating the existing process, take a step back and look at the real business objectives.
A typical implementation of a Fiserv solution would involve some assistance from our professional services group as well as delivery of our software solutions. The know-how and experience of our services team, who are able to tease out the original objective of various steps in the process, and who will advise on alternative ways of achieving the same end objectives – but maybe in a more efficient, more best practice manner, that exploits the technology to its full potential –makes the difference.
BH: This services group – do they act as quasi-consultants on a project?
AM: Yes. We very much partner with our customers and we would generally have our subject matter experts working alongside the customer experts to identify the best way of working with our solutions.
BH: So would many of your implementations involve some aspect of in-house transformation as part of that?
AM: I think so, yes. The implementations that deliver the biggest value are the ones where you can look at the larger process. If you currently have a paper-based process, very manual – and we certainly still do find completely greenfield sites where that is the case – then it’s likely that this solution will be brought in place as part of a broader process re-engineering exercise, so they will be looking for tools that will deliver that additional value.
If they already have a certain level of automation in place, then they’ll be looking for optimisation of additional functions. If you have an automated matching tool today, it’s likely that your biggest cost will be through the investigation of exceptions – meaning, areas where you’ve got suspect transactions because the data doesn’t match up with what you’re expecting. In that scenario, you want to automate as much of the investigation process as possible. If today they are sending out e-mails to third parties to query information, it could be that you carry on using e-mail communications but you get the system to generate the e-mail. There might also be a more efficient way of communicating with that third party, which doesn’t require manual intervention at either end, and you can automate that whole process.
BH: In light of what your clients are looking for these days and the interest in risk management, which of your products are the most exciting for your customers, going forward? How are you developing your product range to better support your customers going forward?
AM: There are a number of things here that I can focus on, and I’d just like to pull out a couple of examples. One, which is not a new product, but which is finding increased purpose within the corporate market, is connectivity to the SWIFT network. The SWIFT network is the international standard network for financial institutions to talk to one another and also to talk to their clients. The standard information sources are provided and defined as part of the SWIFT-messaging standard. For example, if you were to receive a statement from your bank, you could get that in a SWIFT format. Large corporates with shared service centres are likely to have relationships with a large number of banks. Each individual bank may have proprietary information standards and formats that they would expect the client organisation to support.
Now, if you can standardise all those interfaces through consolidating those banking relationships onto the SWIFT network, so all the banks provide you with information in the SWIFT format, as a shared service centre you can implement a single best practice process with a single set of procedures, disaster recovery mechanisms, and internal infrastructure, etc. You can implement a standard of best practice processing once that will apply to all the financial institutions in one go. That delivers benefits across your organisation and further cost savings.
Another example relates to Account Certification, which is about providing more control around the review and approval process. This is a relatively new product for organisations that are looking not only at how they’re implementing financial control, but also given all the focus on regulations, they’re looking to prove that the financial control has been implemented in accordance with appropriate processes and procedures. That proof is what the Account Certification control solution will deliver, by having that managed review and approval process run through senior management.
I think this is an area that is of interest to a lot of our clients. It would be one of the areas in which we expect to see a lot of growth over the coming year, simply because of tightening of audit controls and tightening regulatory controls. The ease with which an organisation can prove that those controls are in place is key.
BH: Andy, thanks so much for speaking with us today. Best of luck to you going forward.
About Andy Mellor
Andy Mellor, Manager, Product Management, Risk and Compliance Solutions, Fiserv
As product manager, Andy Mellor is responsible for the evolution of the Fiserv reconciliation and control solution, Accurate™. He also provides specific expertise in the areas of business process management, application integration, business intelligence and enterprise solution architecture. Mellor has gained over 20 years experience across a range of industry sectors including financial services, telecommunications and retail. He successfully delivered business intelligence solutions to many big companies such as Abbey National, Virgin Airlines, Royal Bank of Scotland and Marks & Spencer. Mellor was formerly principal consultant with RCMS Computing Services prior to joining Fiserv where he was a founding member of the Business Intelligence consultancy division, Accurate Business Solutions. Mellor holds a Bachelor of Science degree in Physics and Electronics from University of Reading, England. Contact Andy Mellor at: Andy.Mellor@Fiserv.com