A harmonised framework for issuers and services providers of crypto assets (MiCA), that are not covered by existing financial legislation, and a pilot regime for trading and settlement infrastructures based on distributed ledger technology
MiCA Trilogue Compromise 06/2022 + DLT Pilot Regime final 05/2022
DORA formulates uniform requirements concerning IT risks, security incidents and service providers to ensure operational resilience of the financial sector
In force since 01/2023
(Risk-based) rules for the development, deployment and usage of systems that employ artificial intelligence (AI) techniques – including product components and stand-alone systems
Proposal published 04/2021
Rules for the sharing and use of customer-permissioned data by banks and third party providers to create tailor-made financial services
Proposal expected Q2/2023
Facilitated access to disclosed information relevant to capital markets in standardised and machine-readable formats via the European Single Access Point (ESAP)
ESAP proposals published 11/2021
Harmonised requirements for automated reporting in standardised and machine-readable formats to promote the use of RegTech and SupTech tools
Supervisory Data Strategy + Feasibility study of an integrated reporting system published 12/2021
Creating competitive and fair EU-wide retail payment markets to offer innovative and state-of-the-art payment solutions
Instant payment proposal Q4/2022 + proposal on payment services expected Q2/2023
d-fine developed several Proof-of-Concepts (PoCs) to evaluate different technologies for secure custody of crypto assets (e.g. HSM and MPC based solutions).
This was complemented by the development of a PoC approach for money laundering compliance.
d-fine assisted in designing the target operating model of a corresponding custody, trading and anti-money laundering solution.
In addition, the impact of the MiCA proposal on the future business model was analysed and compared with the current regulatory requirements.
As general contractor, d-fine implemented a solution consisting of a web portal for the supervised companies, a data science platform for massive data analysis and web applications for the financial supervisors.
The platform runs on over 100 servers and uses a process engine to uniformly map standard and exception processes.
The technical basis was a mixture of standard technologies such as Camunda or Tableau, which were integrated with in-house developments for web applications, back ends and a data science platform.
The first release went into production after just nine months, with 70 d-fine consultants involved in implementation at peak times.
Several stress tests and other supervisory exercises have been successfully performed on the platform since go-live.
The central tasks of our project team included the development of a platform for the presentation of the customer's own portfolios including KPI calculation (liquidity forecast, LCR, present values, distribution among issuers / countries / companies, stress scenarios, ...) and the inclusion of trading APIs.
Here, trading workflows for bonds, money market products and swaps, tools for portfolio, what-if and KPI analyses and access to research were integrated as key customer requirements.
As a long-term partner, d-fine supports the customer in the continuous expansion of the platform and thus contributes significantly to the rapid growth of the platform and its acceptance by customers.
d-fine revised the internal information security requirements and methods based on the international ISO standards 27001 ff. The information security requirements were thereby classified in a structured and easily comprehensible document hierarchy.
The risk methodology was based on a protection requirements analysis of all components of the information network. Inheritance between interdependent information network components was taken into account.
The challenge of the project was to design a methodology that was both easy to use by information owners and met operational risk management requirements for risk assessment and risk acceptance.
To explain a complex AI model, it must be transformed into a simpler representation. The challenge is to find a good compromise between the consideration of the properties of the AI model and the simplicity of the representation as well as a suitable approach.
Central tasks were the conception and design of an XAI (eXplainability AI) module for complex AI model ensembles using model-agnostic methods (LIME, SHAP and ANCHOR), including the evaluation of the technical-mathematical foundation of the XAI methods and their suitability for the use case, as well as the evaluation of alternatives (e.g. model-specific methods) and the weighing of advantages and disadvantages.
The Explainability Module was integrated into the customer's own infrastructure and a reporting solution with suitable visualizations of the results was built.
d-fine makes a significant contribution in all areas of the project - from the regulatory-compliant requirements specification to the implementation of data migration and project management.
In this project, we are convincing through the combination of our professional expertise in the areas of payment transactions, compliance and process digitization as well as our technical skills in system integration.
The result is, on the one hand, a scalable and modern IT infrastructure via which payment orders can be processed efficiently and in compliance with regulatory requirements, and, on the other hand, a state-of-the-art e-banking solution for the customers.
In a first step, d-fine contributed significantly to standardizing the supplier files, which had previously been created manually, and to automating their technical processing.
This enabled the automation of the infrastructure around the database and reporting at group level in parallel with the design and coordination of new technical interfaces.
The result was quick wins after each project phase, so that the customer could benefit from digitization as quickly as possible.
d-fine supported the revision as well as the consolidation of individual processes in information risk management into one overall process (IT/IS/risk management) with clear definition of responsibilities.
This included the revision of the connection of the risk sources for information risks and the methods, processes and specifications in information risk management with the goal of a central inventory of all individual risks as well as methods, processes and specifications for the risk treatment options 'risk acceptance' and 'risk transfers'.
In the process, appropriate dovetailing with the overarching methods and specifications of OpRisk and overall risk management was ensured.
Central tasks were the technical conception and implementation support of the analysis and marketing platform for (third-party) issues of debt securities in private placement format.
The solution includes an automated workflow for the sales process as well as improved data handling and analysis processes.
For the optimal implementation of the very specific requirements, the marketing platform was implemented as an in-house development.
The implementation was carried out in an agile manner according to Scrum, with d-fine taking on the role of shadow product owner.