1) The presentation discusses how TSB is building its data analytics strategy and capabilities from scratch. It outlines the bank's history and digital plans.
2) TSB's internal audit team has started using IDEA software to import and analyze transactional data to support audits of fees and charges, credit risk, and partner performance. This allows deeper insights than traditional audits.
3) The presentation outlines TSB's vision of becoming a more digital, data-driven organization. It proposes a roadmap for a new data analytics strategy including using predictive analytics for planning, enhanced capabilities, and embedding analytics in audits.
DBA Basics: Getting Started with Performance Tuning.pdf
How to build a data analytics strategy in a digital world
1. How to Build a Data Analytics
Strategy in a Digital World
Ian Kirton
Internal Audit, TSB
2. The views expressed by the presenters do not necessarily represent the views, positions, or opinions of AuditNet®
LLC. These materials, and the oral presentation accompanying them, are for educational purposes only and do not
constitute accounting or legal advice or create an accountant-client relationship.
While AuditNet® makes every effort to ensure information is accurate and complete, AuditNet® makes no
representations, guarantees, or warranties as to the accuracy or completeness of the information provided via this
presentation. AuditNet® specifically disclaims all liability for any claims or damages that may result from the
information contained in this presentation, including any websites maintained by third parties and linked to the
AuditNet® website.
Any mention of commercial products is for information only; it does not imply recommendation or endorsement by
AuditNet® LLC
3. Agenda
• Overview of TSB, our
team, our approach
• Our data analytics
experience so far
• Future vision and
plans
5. TSB – The New Bank with a 200-Year History
6.6 Million Customers
• £22.3 billion in current
accounts and savings
• £18.3 billion in
mortgages
• £1.3 billion of loans
8,500 ‘Partners’
• 631 branches
• 10 head office locations
• 29 million items of new
marketing literature to
support launch
3-year Project
• May 2011 management
team appointed and
5,500 branch colleagues
moved to create the
Verde team
• May 2012 recruitment
started for core
functions
• 4,400 colleagues
involved in project build
6. TSB – The New Bank with a 200-Year History
2
Develop Audit Strategy
3
Organise Resources
4
Implement Strategy
Growth
Strategy
Branding
Strategy
Market
Strategy
Product
Strategy
Operational
Strategy
Internal
drivers
External
drivers
Audit StrategyAudit
Committee
Expectations Executive
Views
Risk Views
Regulator
Expectations
External
insights
Internal
Insights
• Agree Charter
• Agree scorecard
• Define structures
• Conduct risk
assessment
• Evaluate against each
strategy
• Develop audit plan
(Targeting process)
• Prioritise work
• Execute plan
• Periodically recalibrate
the plan
• Review audit
performance
• Re-evaluate strategy
and audit plan
• Continuously improve
• Adapt to emerging
business and audit
requirements
Audit Resources Co-source
Resources
Critical Strategic Requirements
Audit infrastructure
(GRC, IDEA, EUC’s)
Risk assessmentsMI on key processes, critical
controls, hot spots, issues
Audit Plan
Industry
trends
1
Leverage organisational
strategy
8. 1. You can import data of any size
2. The source data is protected (read-only)
3. Helps you develop tests which are repeatable
4. IDEA can import data in a wide range of file types
5. Makes it easy to perform analyses of data
6. You can select samples using several sampling techniques
7. Makes it easy to join data tables so you can match or compare different files
8. Automatically generates a complete history that documents analyses
Why Use IDEA?
9. Supporting audit testing.
Examples:
• Identifying exceptional items
• Performing analyses
• Checking calculations
• Cross-matching data between
systems
• Testing for gaps and duplicates
• Sampling
Small Steps – Our Experience so Far
10. Case 1 - Credit Risk Acquisitions Decisioning Strategy
Dummy data used to prove test design
11. Case 2 - Fees, Charges to Accounts and Credit Cards
Checking application of correct fees and charges to all Personal Current Accounts
(PCA) and credit cards
• Fees and changes must be charged in accordance with published tariffs and aligned to T&C’s
• High customer service and regulatory interest in accuracy
• 1.6 Million transactions (approximately 80 GB)
• Data transfer, cleansing and joins using IDEA
• Initial analysis showed 99% accuracy
• Deep dive on exceptions to understand differences
• Positive assurance over whole population = value add
12. Case 3 - Reviewing Partner Performance Management
Used IDEA to look at HR data for 5,933 partners, plus relevant sales and training
accreditation data for a two-year period. Looked at range of correlations relating to:
• Grievances
• Partners ‘Off Track’ more than twice vs. formal Performance Improvement Plans
• Resignations
• Dismissals
Audit team compared the data across 3 regions as well as comparing performance
rating data with sales data to establish whether there was any correlation.
Tools like IDEA provides more insights, greater assurance in each audit. Also easy for
auditors to use as the functionality is simple to use.
14. TSB will soon migrate to our own IT platform.
Opportunities to:
• Enhance audit access to data
• Develop our capabilities
The journey continues - our migration to a better place
Data
Sources
ETL
Data
Warehouse
Business
Intelligence
15. In July we announced TSB would
be the first bank in Europe whose
customers will use Samsung’s iris
recognition to log in to their
mobile banking app
Eye Eye
16. Our Vision
Build a strong connected and collaborative culture with a central point of communication that encourages
encourages Partners to share and promote information, ideas and feedback quickly.
The Vision and Objectives Driving the New Digital Workplace
Our Objectives
1. Provide the sort of tools that encourage an agile and digital way of thinking
2. Provide ways for Partners to talk and collaborate easily and effectively
3. Create a platform that brings TSB’s values to life and encourages behaviours that supports this
4. Provide best in class digital content and tools that help attract and retain Partners
5. Unlock powerful insight and fuel innovation by providing dynamic ways to share ideas
22. Knowing where you are is a good
place to start.
Have had successes at an early
stage of the data analytics journey
Migration creates an opportunity
to develop approach and look at:
• Team structure and skills
• Technology and techniques
• Training
• Wider use of data analytics
Developing a Roadmap for a New Data Analytics Strategy
23. This means, we need to:
• Underpin the audit universe with data
that allows us to spot trends, target
resource in the highest areas of risk.
• Use data as the vehicle to increase
breadth and depth of coverage,
efficiency and the targeting of adverse
trends throughout the audit plan.
• Develop the capability to continuously
monitor key controls and undertake
regular, repetitive data audits of
common activities.
Data Analytics - Where We Want To Be
We want to be a world class audit function that
develops and optimises the use of its internal skills
and uses the right tools to better focus audit effort,
broaden our coverage and deliver each audit
efficiently.
24. Data Analytics Outline Plan
2020
• Use predictive
analytics to support
audit planning.
2019
• Enhanced data
capabilities with
continuous auditing
and control monitoring
H2 2018
• Data teams and
analytics embedded in
audit delivery
H1 2018
• Data SME in place.
Data sources identified
to support audit
universe
25. How to Build a Data Analytics
Strategy in a Digital World
Ian Kirton
Internal Audit, TSB
TSB has been around for 200 years but we are a new bank.
In 2009 the European Commission decided Lloyds Banking Group must sell parts of its business.
From this decision the project ‘Verde’ was created. The re-launch TSB was the biggest ever new bank created in the UK.
The project involved the segregation of customer accounts and business data on Lloyds Bank and the seamless transition of over 6.6 million customers to a new business.
In data terms the new bank ‘inherited’ a complex architecture of over 600 systems that had been cloned, partitioned or segregated from Lloyds bank and many of which are still run by Lloyds bank under service agreements.
The new business included the establishment of an audit function that was initially going to be FTE 14 at launch.
The Model with IT outsourced to LBG has created challenges for our IT and data strategy.
This slide represents the process we went through to establish the audit function .
Audit Universe. The first Universe was created in 2013 based on the planned operating model for TSB. The Universe now has 111 entities and is updated every six months. The Audit Universe forms the basis for audit risk assessment and planning and includes all systems, processes, products, strategic events and key change programmes. Our risk assessments is supported by internal and external information on hot topics and industry themes.
Methodology - we operate a principles based methodology …… This has three core processes
Targeting – where we use the audit universe to complete a risk assessment and develop the 12 month rolling audit plan. We operate a rolling plan 12 month plan and maintain a number of audit strategies covering topics such as conduct and IT.
Execution – We follow an established methodology to plan and deliver each audit. We aim to use the best information available to the audit team to focus each audit on the highest risks and consider CAATs at the ‘planning’ stage. Our Charters supports our access to all business systems and information to help us deliver each audit
Reporting – We use our audit tool Thomson Reuters GRC to track every issue and report on every audit. We aim to provide insight rather than just numbers and have been developing our MI to focus on themes and causes. Answering the so what is more important to us than the how many.
People – We started with an operating model of FTE 14 with and addition 6 FTE in co-source. Our team has quickly grown to FTE 41 as we went through IPO to become an independent bank. Our team now includes audit professionals, qualified bankers and individuals with regulatory, risk or industry backgrounds to give a mix of skills. We use our co-source to supplement resources and skills where this is required by the audit topic or plan.. We operate in teams who face off to different business areas so they build knowledge of the business areas. This includes people whose role is to audit our IT systems, third party providers, CIO and operations.
There are many tools available some of which are already on your desktop (Excel, Access or even Word).
We wanted a tool that would enable our audit teams to perform their own testing. Professional tools like ACL and IDEA can handle large data better and making testing easy for auditors .
IDEA has been used by some of the team before and we felt it was easy for auditors with general audits skills to use. So this is where we started but we are at an early stage of embedding use.
The market for data visualisation tools is vast and there are many tools out there. TSB is not there – yet!
Computer Aided Audit Techniques are currently used by TSB to support audit testing.
CAATs let you test whole populations of data. Using analytical tools help us to increase our audit coverage and avoid risks associated with testing small samples to provide more reliable and insightful test results.
There are many tools available some of which are already on your desktop (Excel, Access or even Word).
Professional tools like ACL and IDEA can handle large data better and have tools that making testing easyier
The market for data visualisation tools is vast and there are many tools out there.
Case 1
This is taken from a recent credit audit. This audit used CAATs to help validate credit decision models and tools used to implement the credit strategy
The example is just one of many tests on this audit. We find that we get most value form using auditors who understand the business process and know what they want to test. So developing clear test objectives is key before you star asking for the data. However general auditors may not always have the data skills or confidence to use the tools to extract, cleanse or clean up the data.
Personal current Accounts (PCA) and Credit Cards both have fees and charges associated with them, a topic which has been considered by the Financial Conduct Authority (FCA) and the Competition and Markets Authority (CMA). Setting these fees creates regulatory and conduct risks if customers pay different amounts to that stated in their terms and conditions.
Our objective was to check the accuracy of fees and charges. The team had to first define their test objectives and data needs in order to send a request the data owner in the business.
The initial import consisted of 1.6m transactions (approx 80 GB). The key challenges were:
Moving the data to a place where the team could access it due to file size
Working with the power of our laptops to import the data to IDEA
Understating the data tables and content
Joining three sources of data together to create the tests data
Cleansing the data to make is easy to test
The initial filters removed any transactions where the correct (expected) charge was applied. This left 12,102 exceptions = 0.71% for further investigation. The team then applied a stratified random sample to help investigate the exceptions and were able to find explanations as to why the charges where different to that expected. E.g. different charges for charity, club and society accounts or where fees had been waived within policy.
The outcome was that the audit was able to provide more complete assurance than a typical judgemental sampling approach. Data anlaytics takes time but adds value so the effort is worth it where higher confidence levels are needed
TSB is just undertaking a massive project to migrate to our own systems.
The project is large in scope and ambition which exceeds the original Verde project. Key facts so far:
50000 pages of design materials
800 IT colleagues in Barcelona building our core system
2 new data centres
66 new contracts with third party suppliers
70k+ test cases
Over 200 business testers
For data analytics this will be a game changer as far as access to data is concerned.
Our own data centre where we access the data we need
A new data warehouse supported through the IBM InfoSphere Enterprise Edition set of tools which will be used to populate a physical data model in Teradata.
IBM InfoSphere toolset will provide ETL tools (Extract, Transform and Load) tools as well as data lineage and data governance tools
A opportunity to engage with our business intelligence teams to review audit access and take advantage of new data tools
Microstrategy
SAS
InfoPortal
Our own systems with a much simplified system landscape with more in house system, making audit access easier. Our Proteo4uk system will manage approx 70% of our IT needs
A modern cloud based platform in which to operate, using office 365
Eye eye
In July we announced TSB would be the first bank in Europe whose customers will use Samsung’s iris recognition to log in to their mobile banking app. This is a great example of the sort of digital innovation we’re capable of – with migration later this year really liberating us to be a more agile, digital business that happens to be a bank.
From September TSB customers with a Samsung Galaxy S8 or S8+ smartphone will be able to unlock our mobile banking app using the Samsung Pass iris scanner. Making them the first in Europe to benefit from secure, simple iris recognition.
Samsung’s iris technology is part of Samsung Pass, which allows secure access to services, such as our banking app, just using your fingerprint or iris recognition - so no need for an ID or password.
Iris technology is the most secure form of biometric authentication available today, with 266 unique characteristics compared to 40 for fingerprints. It is also the most user-friendly – one look and the mobile app is ready to use.
“As well as a more customer-friendly approach to identification, iris recognition is also the most secure method of authentication available today. We want our mobile app customers to continue to have a fast, easy-to-use experience; iris recognition delivers that and, when combined with our other security measures, an unparalleled level of cyber security.
“Our new banking platform, Proteo4UK, allows us to accelerate our ability to make banking better for all UK consumers and I can’t wait to continue to surprise and delight our customers with new technology like this. Introducing Samsung’s iris technology to our mobile app is one example of what we can now deliver.”
And this sort of digital innovation is getting us noticed.
And to top it off, we’ve been nominated for a Financial Innovations Award too. We’ll find out the results towards the end of the year.
We’ve got a lot more planned on our journey to a more digital future. And over the coming months you can expect to see more things that will make banking even better, safer, faster and easier for our TSB customers. So make sure you keep an eye out.