putting risk, finance and compliance at the heart of business strategy

A Steria Capability Overview

Putting risk, finance and compliance at the heart of business strategy

Effective solutions for responding to a changing regulatory landscape

è www.steria.com

Did you know...

Steria has more than 40 years’ experience in the financial services sector, with extensive expertise in risk, finance and compliance (RFC)

We have been providing European regulatory reporting solutions for more than 20 years We manage the whole risk, finance and compliance value chain, from GAP analysis and

feasibility studies to cross-sector implementation projects We have supported major European banks and insurers with their regulatory and financial

and controlling programmes, such as Basel II, Solvency II, IFRS, MiFID and Financial Crime laws (e.g. EU AML Directives, UK Bribery Act, USA Patriot Act)

We offer customised services to smaller, local financial services organisations, helping them to implement governance, risk and compliance strategies and undertake process change

We are amongst the leading providers of software solutions for the financial services sector in Germany. In fact over 200 insurers in Europe have implemented our SOLVARA® software solution to fulfil Solvency II requirements

We partner with specialist technology and product vendors, including SAP, IBM, Oracle, Moody’s Analytics, Enableon and Greenplum, as well as EMC2

02 | Putting risk, finance and compliance at the heart of business strategy è www.steria.com

“ NORD/LB has acquired scope for significantly improved control and management and achieved considerable cost saving … consolidating both application operation and project development activities in the hands of a single provider – Steria.”

Andreas Fichelscher, Head of Organisation and IT Management, NORDLB

Every day our clients trust us to help them transform and operate their business and IT functions. We support them with knowledgeable business and IT consulting services and solutions. We manage their IT infrastructures and applications portfolios and provide them with efficient testing, quality assurance and business processes.

In today’s continually-changing and highly regulated banking and insurance sector, we offer you a safe pair of hands.

With the emergence of regulations such as Basel II, Solvency II and IFRS, all financial service companies recognise a need to improve their processes, internal control systems, techniques and systems. Change demands new risk, finance and compliance (RFC) practices. It places increasing pressure on the delivery cost of projects at a time when consolidation of IT infrastructure and reduced operational expenses are the key priorities for financial institutions.

Responding to regulatory change also requires the introduction of measures to deal with risk, capital adequacy, resolution planning and more. Organisations in this sector must address a lack of risk awareness, limited data transparency and fragmented and overlapping approaches to risk management. Setting up an integrated RFC framework is vital – but hard to achieve.

Dynamic risk management

With a proven track record in RFC, we can help you integrate the framework across all functional areas and link it with the overall strategy and performance of your organisation. We will support your centralised

systems for tracking deficiencies in RFC processes, enabling you to build dynamic risk management models. And we can address the challenge of how to share real time information in the face of siloed operational systems and unconnected data records.

Our clients benefit from business and IT consulting services to support their key challenges in the areas of:

• Risk:BaselII/SolvencyII:meetingregulatory requirements with new solutions and risk management advice;

• Finance:accounting,businessprocessoutsourcing and regulatory reporting – implementing and monitoring accounting and supervisory requirements;

• Compliance:financialcrimeandMiFIDII – gaining advantage from efficient implementation of regulatory driven changes.

We help banks and insurers take a risk-oriented managerial approach to their finance, risk management and the lines of business, streamlining reporting and compliance.

Responding to evolving regulatory requirementsThe financial services sector is in a state of flux. It’s not just the impact of the prevailing financial crisis that is posing a challenge; new regulations, impending regulations, and those still on the drawing board are also placing huge pressure on risk, finance and compliance regimes.

Putting risk, finance and compliance at the heart of business strategy | 03è www.steria.com

Europe’s regulatory reform agenda in response to the financial crisis is constantly changing. Deadlines for implementation, such as that for Basel lll, have shifted. What remains constant, however, is the need for an overhaul of existing risk management practices. Whatever the timeline, banks and insurers must ultimately meet their obligations in relation to Basel lll and Solvency ll.

This demands a change in mindset and internal structures. There is far more data to manage and match than ever before and new reporting requirements that must be addressed. Risk processes are being reformed and finance and risk regulatory disclosure audits are integral to the new regulatory landscape.

Manyorganisationsarealsousingthenewregulatory requirements as a springboard for upgrading their IT infrastructures. New systems, or upgrades to existing ones, are being implemented, such as those required to improve liquidity planning and risk controls. The industry response is thus both process- and IT-driven.

Gaining control with effective risk management

A key measure in the re-building of public trust in the financial services sector is the introduction of revised regulatory requirements for capital requirements and risk management. Banks and insurers must put in place the methodologies and systems to ensure compliance.

Did you know… Steria worked with Santander to embed risk management focusing on compliance and operational risk management throughout a highly complex major post-merger integration programme.


Regulatory advice and reporting

Steria can help you respond to the new risk management and reporting requirements. We have a proven track record in regulatory advisory services and the IT implementation of risk management systems. Our clients benefit from our offer to:

• Provide consulting advice on reengineering risk processes in line with the regulatory timelines;

• Develop and implement or enhance the analytic tools needed to calculate and report on risk positions;

• Implement data warehouse solutions to optimise data quality and matching;

• Support the migration, integration and implementation of risk systems;

• Align integrated risk controlling and reporting solutions with regulatory reporting requirements;

• Transform and rationalise risk architectures;

• Consolidate or redevelop reporting systems depending on reporting maturity and requirement to harmonise local and central reporting;

• Undertake back office risk information system consolidation and process reengineering.

As a transformation partner, we work with banks and insurers to help them integrate accurate risk management information and data into the risk strategies that are integral to the business. This gives senior management early warning of any forthcoming changes to risk management issues in line with their regulatory obligations.

We also help to ensure that risk reporting for regulatory authorities, stakeholders, investors and internal communication purposes is transparent and accurate.

The deadline for the implementation of MiFIDll(MarketsinFinancialInstrumentsDirective 2) is likely to be in 2015, or even later. There is still uncertainty in terms of both the timeline and the revised requirements. This puts global banking groups, smaller local banks, insurers and other companies onwhichMiFIDllwillhaveanimpactinachallenging position. What new processes, procedures, documentation and system requirements will they need to have in place tocomplywithMiFIDll?

AnditisnotsimplyMiFIDthathastobeaddressed. Financial services organisations must identify and integrate diverse supranational, EU and national compliance requirements across their organisations. These range from European anti-fraud regulations,VAGandMaRisk(inGermany)and the EU anti-money laundering directive, to Sarbanes Oxley, Dodd-Frank Act and the General Review of Public Policies known as RGPP (in France).

The compliance challenge is thus complex and, at times, uncertain. With proven expertise in both compliance and financial services processes, Steria helps to unravel this complexity.

Enterprise-wide compliance

We will work with you to ensure that your compliance is viewed as an enterprise-wide challenge, not as isolated projects. This

Embedding compliance in all areas

As spending on regulatory compliance increases, how do you ensure your investment in systems and process change adds true strategic value?


Did you know… Steria helped a leading global bank develop a blueprint for global compliance, rolling out new processes and standards within a strict legislative timeframe across 40 countries and numerous IT platforms.

is important because the speed at which new or revised regulations continue to be introduced demands an enterprise-wide framework for all compliance activity. This requires an in-depth understanding of front-to-back processes, data management, IT platforms and respective governance structures.

Our combined consulting and technology expertise gives us this understanding within a portfolio of end-to-end compliance and risk management solutions and services:

• We have a strong track record in ‘know-your-customer’ due diligence activities – and the supplier processes associated with this;

• Our dedicated fraud risk management and analysis tool analyses deficiencies and quantifies their potential risk;

• We enhance transaction and trade surveillance applications with our own set of rules, business logic and a wealth of expert knowledge;

• We perform both transactional modelling by type and threshold optimisation for financial crime detection analysis – taking a statistical approach to understanding customer behaviours;

• We integrate your IT processes and controls into a governance, risk and compliance framework;

• Our regulatory watch provides a radar for clients, helping them to understand and prepare for the likely impact of forthcoming regulatory change.

When Société Générale needed to adapt its retail banking information system to meet new regulatory standards, we saw it as an opportunity for change. We developed a business continuity and information system disaster recovery plan, analysed and set up links between key business processes and the bank’s information system, and drew up a roadmap for change, taking into account the merger of two information systems.

We can provide you with a comprehensive compliance strategy that also helps to reduce costs and increase efficiencies through higher process quality and increased financial crime detection. And we draw on our considerable technology expertise to build and adapt compliant solutions that have built-in flexibility to seamlessly encompass new regulations.

Finance teams are tasked with providing accurate and timely reporting of financial information in compliance with a number of regulations and standards. These include IFRS, local GAAP, FinRep and CoRep, as well as disclosure audits. However, often tied up with controlling month-end books and day-to-day transactional processing, finance teams can struggle to meet all these requirements.

In many cases external and internal reporting processes have to be modernised in order to provide the statutory and management level of information. Siloed systems must be integrated and security of content and access guaranteed. Even with the requisite information, finance teams must then analyse and report on it to provide performance metrics and meet control and governance requirements.

Another layer of reporting complexity is added in organisations undergoing post-merger finance integration activity. This demands the merger of each organisation’s finance systems into another entity and the introduction of consistent financial procedures. Finance systems must be put in place to monitor and standardise financial information.

Accounting and control

Steria helps you to respond to these requirements. We have a proven track record in regulatory advisory services and

Improving corporate performance through financeIn responding to a range of accounting, controlling and supervisory requirements, your finance function has an opportunity to improve corporate performance with accurate and timely business insight based on a single version of the truth.


Did you know… Steria is supporting Nord LB’s compliance strategy by operating and developing its SAP Bank Analyzer applications used for the bank’s integrated controlling.

the implementation of accounting and controlling systems, as well as supervisory reporting. We also recognise that effective financial processes have the potential to transform corporate performance. They support greater business insight, allowing the finance function to give more relevant decision support and make recommendations regarding business decisions.

We support our clients’ reporting needs with:

• IT and process related business consulting;

• Specialist technical support for finance systems applications;

• Dedicated analytics, data quality and business intelligence (BI) tools;

• In-depth understanding of internal and external reporting and statutory requirements;

• Taylor-made IT solutions.

As experts in business process outsourcing, post-merger integration and infrastructure management, we can also take over certain high volume reporting and controlling tasks and enabling IT services. These include assuming responsibility for your financial systems and analytics applications. This leaves you free to focus on more complex or strategic reporting responsibilities.

At all times our focus is on helping you to improve corporate performance with compliant, consistent finance processes.


Steria helped BNP Paribas implement a programme of transformational change that included the successful roll out of new processes and reporting tools in compliance with Basel ll regulatory requirements.

Steria helped BNP Paribas implement a programme of transformational change that included the successful roll out of new processes and reporting tools in compliance with Basel ll regulatory requirements.

Insurers too face myriad regulations across the European insurance landscape. As a fundamental review of the capital adequacy regime for European insurers, the new Solvency ll reporting requirements represent a major shift in governance and reporting activity.

The challenge for insurers is how to comply with the new requirements without tying up valuable resources. Among their key tasks in the context of Solvency II are the following:

• ThedefinitionofamodelstrategyforSolvency II, including the decision for standard versus partial versus internal model and its parameterisation;

• Theoptimisationofthemodelscopeaccordingtobusinessusability/usage,andthe integration of risk and risk-modelling in the decision process of business (units);

• TheestablishmentofanadequateOwn Risk and Solvency Assessment (ORSA) process and the fulfilment of general compliance requirements;

• Thederivationofdatarequirementstogetherwith the identification of data sources;

• TheadequatefulfilmentofSolvencyII reporting requirements, including regulatory reporting and Quantitative Reporting Templates (Pillars 1 & 3).

Steria can support you in these challenging tasks. We have a deep understanding of Solvency II requirements, profound business and IT consulting expertise in data quality and business intelligence, extensive knowledge of insurance (core) systems and a dedicated software solution for Solvency II standard requirements.

Drawing on more than 20 years’ experience of providing European regulatory reporting solutions, we have developed the SOLVARA® reporting tool in collaboration with our existing insurance customer base. It is a unique approach to meeting future Solvency II reporting requirements. SOLVARA takes away the pain of your Solvency ll preparations and ultimate reporting.

No other company or solution, including large-scale bespoke projects, has achieved SOLVARA’s degree of success. The ability to configure your insurance business, including insurance classes, countries and other areas, combined with workflow optimisation, creates a simpler reporting environment. You’ll achieve fast and easy data migration using automated interfaces to legacy systems.

SOLVARA helps you to produce reliable results due to excellent data quality, process automation and cross validation. Traceable methods, procedure documentation and documented workflows ensure results are fully transparent and you will be able to carry out ad hoc scenario evaluations on which to base specific business policy decisions.

In the complex world of governance and compliance, SOLVARA is a proven and unique approach that incorporates frequent updates to keep you in line with the regulator’s amendments to Solvency II.

Unravelling the complexity of EU insurance regulation and compliance How do insurers manage risk and address the challenge of implementing the new reporting requirements demanded by Solvency ll?


Insurers needing to sell new lines of business, take advantage of new distribution channels, or simply offer variations of existing products are typically constrained by their IT environment. Their current software applications do not have the flexibility for today’s complex and fluid market. Adopting a package solution approach can eliminate the delays caused by resources being dedicated to basic maintenance and regulatory enhancements. This allows insurers to meet the new requirements within the necessary timeframes.

Steria is amongst the leading implementers of software solutions for the financial services sector in Europe. Besides creating and developing standard software, our offering also includes implementation services for integrating selected software products into existing insurance system environments. In co-operation with our clients we undertake software development and implementation projects using Steria consultants with in-depth insurance industry knowledge.

We have a number of core software applications that are proven in the insurance sector:

• SOLVARA® – solvency and risk analysis and reporting tool for Solvency II. Our standard software solution for regulation-compliant reporting in accordance with Solvency II. Regular updates ensure the product always complies with the latest changes in regulations;

• KAVIA® – asset management and information system with supervisory authority reporting. KAVIA is a comprehensive standard solution for capital investment management and analysis. It covers the complete application spectrum in portfolio management, spanning front, middle and back-office areas. KAVIA offers an integrated overall view of the investment portfolio from the perspectives of investment policy, accounting and regulatory law, in due consideration of the requirements of risk controlling. With more than 140 clients in Germany and Austria, KAVIA is the leading asset management system in the insurance sector;

• winsure® – non life portfolio management system. winsure is a comprehensive solution for property insurance companies. winsure facilitates portfolio management of partners, quotations, contracts and claims. ManyinsurancecompaniesinGermanyand abroad have successfully used it as a complete system for years. Due to its modular structure design, winsure can also be used as a component solution.

Rapidly implement reliable and robust insurance software Insurers are looking for off-the-shelf ‘rules and tools’ solutions to give them in¬creased flexibility to deal with rapidly changing economic and market situations.

Did you know… We are the No.1 provider of standard software for reporting to the regulatory institutions serving >95% of German and Austrian insurers.


Our risk, finance and compliance solutions portfolio is built on more than 20 years’ experience of providing European regulatory reporting solutions. It is complemented by our proven IT-enabled consultancy services and technology solutions. These give you the agility you need to make change happen as quickly as possible:

• Transformation services: ensuring the efficient transformation of business processes, applications and IT infrastructure;

• Consulting: making the most of our sector expertise to successfully implement strategic and organisational change;

• Application development and system integration: from solution definition, design and development, to deployment and ultimate benefits realisation;

• Testing and quality assurance: bridging the gap between application development and systems rollout;

• Application management: agile, focused IT services based on guaranteed outputs and outcomes designed to optimise and maintain solutions;

• Infrastructure management: meeting the drive for cost reduction, flexibility, performance improvement and growth;

• Business Process Outsourcing: delivering a step change in business efficiency, agility and performance in functions such as HR and Finance & Accounting.

We draw on our best-in-class consulting, solutions, services and implementation expertise to ensure our clients are able to operate efficiently in this constantly evolving area. For example, we are supporting a transformation for a major insurance company with subsidiaries all across Europe during a complex programme of transition for both data centre operations and IT services. This is integrating multiple national IT systems into a new pan-European data centre environment.

In Denmark a combined IT transformation and business process management project has seen us designing a case management solution for life insurance company Industriens Pension. This has introduced paperless case handling, where all workflows have been digitised and connected in a central infrastructure. It is delivering increased control and visibility over products and service.

Rising to the challenge of 21st century risk, finance and compliance Steria offers advanced risk, finance and compliance solutions that incorporate new business models, game-changing technologies and proven expertise in business process optimisation.


Did you know… Steria has helped the UK Financial Services Authority transform the delivery of technical services and projects by taking over application management services and moving them offshore to reduce costs, improve availability and increase effectiveness of the systems.


Steria advanced risk, finance and compliance solutionsIn addition to our specific risk, finance and compliance solutions, we deliver related services, solutions and innovations, including:

Services and Solutions

• ApplicationDevelopmentandManagement

• ApplicationCustomisation(SAPincl.SAPHANA, Oracle, Detica, Actimize)

• BusinessConsulting

• BusinessProcessOutsourcing(Finance)

• Standardsoftwaresolutions:SOLVARA®(Solvency II); KAVIA® (asset management); winsure® (portfolio management)

• ControllingandReporting(internalandexternal)

• FinancialCrimeMechanisms

• ITCompliance

• ITSecurity

• KnowYourCustomerProcesses

• KnowYourSupplier

• MiFIDII

• OperatingModelDesignandImplementation

• ProgrammeManagement

• RegulatoryTransformation/ChangeManagement

• RegulatoryReporting

• ReportingandMIS

• RiskAnalysisandModellingTransactionand Trade Surveillance

• TransactionMonitoringThresholdOptimisation

Innovation:

• ProvisionManagementTool(IFRSandLocal GAAP) for Finance

• GlobalRiskAnalysisToolforCompliance

• MobilePaymentsAnti-FinancialCrimeFramework

• TransactionMonitoringThresholdOptimisation Tool

Find out more

Find out more about Steria’s extensive range of Risk Finance and Compliance services and solutions, as well as our diverse portfolio of IT-enabled business services, by visiting www.steria.com or email [email protected]

About Steria: www.steria.com

Steria delivers IT enabled business services and is the Trusted Transformation Partner for private and public sector organisations across the globe. By combining in depth understanding of our clients’ businesses with expertise in IT and business process outsourcing, we take on our clients’ challenges and develop innovative solutions to address them efficiently and profitably. Through our highly collaborative consulting style, we work with our clients to transform their business, enabling them to focus on what they do best. Our 20,000 people, working across 16 countries, support the systems, services and processes that make today’s world turn, touching the lives of millions around the globe each day. Founded in 1969, Steria has offices in Europe, India, North Africa and SE Asia and a 2012 revenue of €1.83 billion. Over 20%* of Steria’s capital is owned by its employees. Headquartered in Paris, Steria is listed on the Euronext Paris market.

*Including “SET Trust” and “XEBT Trust” (4.15% of capital)

Groupe Steria SCA 43 - 45 Quai du Président Roosevelt F-92130 Issy-les-Moulineaux CEDEX France © Steria DOERFC001

For further information about our services visit www.steria.com