Firms must take a holistic approach to
compliance
Peter Redshaw, research director, Gartner
With reference to the
article on Mifid
concerning the possibility of vexatious attacks and the need for
more sophisticated storage techniques, I would like to add some
points for clarification.
First, on the subject of vexatious attacks, the need to monitor
trading activity for signs of suspicious patterns of activity,
possibly malicious, is only analogous to what is already done by
credit card operators and banks for anti-money laundering. I would
not suggest that financial services firms deploy exactly the same
kind of software.
Nor would such vexatious attacks be intended to directly defraud
a firm, but more likely to damage its reputation. Systematic
failure to give best execution (after frequent changes in execution
policy or trading in unusual asset types) if referred would be hard
for even the most lenient regulator to ignore.
Second, on storage, the many compliance initiatives that firms
face (not just from Mifid) mean that they need a holistic policy
that avoids creating any new silos of data and is advanced enough
to retrieve all the data needed to reconstruct a trade's lifecycle
years after the event. A holistic storage policy would utilise a
single logic and be able to link compliance, risk management and
even customer relationship management processes.
UK education system in danger of being left
behind
Edward Tippelt
The article by Karl
Flinders on IT education, demonstrates an apparent lack of
contact by Liberal MP John Pugh with the realities of UK
education.
After years of meddling with our education system, the
government is facing a serious loss of experienced teachers,
leading to mainstream subjects such as Physics A-level having to be
taught (badly) by videoconferencing.
Many schools are no longer able to maintain their teaching
headcount, leading to reductions in many courses, including IT.
This has led to an increased emphasis, at A-level and university
level, on personal study, rather than formal lectures, because of
the lack of staffing or the need to cut costs.
The lack of staff time and staff skills impact the ability of
schools to deliver the training required to create the next
generation of programmers. Teaching students the ability to think
for themselves is now a lost art, and I fear for the ability of the
UK to compete with other better-educated nations.
Automated discovery tool to streamline
acquisitions
Richard Muirhead, chairman and chief executive, Tideway
Systems
In your strategy clinic
"How do you map out and
research the IT estate of an acquisition target?", I was
surprised that none of the panel recommended using an automated
discovery tool to map applications to infrastructure, including the
dependencies between them.
Application dependency mapping can perform a continuous audit on
an infrastructure, automatically discovering all the components -
applications, hardware and software - on a daily and hourly basis.
This can replace expensive, slow and error-prone manual processes
and provide a 360-degree view of the IT estate.
Committing substantial man hours and expense to gathering
information that may well be irrelevant by the time the deal is
closed will not deliver the value firms are looking for.
A eulogy for IT lobbying at the party
conferences
Dick Vinegar
Regarding Philip Virgo's blog post,
"The missing
ghost at the party conferences", I became addicted to
IT-oriented fringe meetings 10 years ago, and, like Virgo, I regret
the passing of IT lobbying at the party conferences.
They were a good way for grassroots activists to moan about IT
policies. This year there are plenty of grassroots worries, with
child porn, cyberbullying, grooming, firms banning Facebook etc.
And of course there are the patients who are not getting any better
care from the billions spent on NHS IT, and worries about whether
the billions to be spent on ID cards will stop terrorism or improve
public services.
But, as Virgo says, there will be few fringe meetings where
activists can express these worries.
Legal position misused with NHS data
sharing
Terri Dowty
I write regarding
Tony Collins' blog
post on Bolton Primary Care Trust's testing of the primary care
record.
The instructions sent by Bolton to GPs include the advice that
parents may opt out on behalf of their children, but in the case of
an older child, if the parents choose to opt out the GP should make
an appointment to see the child and decide if the child is "Frazer
competent" and the parents can be overruled.
This is a misunderstanding of the legal position, which is in
any case about "Gillick competence" - Lord Fraser being the lead
judge in the House of Lords case. He delivered a judgment that a
child could consent to certain medical procedures so long as
certain criteria were met - not least that the child themself
refused any parental involvement and the clinician could not
persuade them otherwise.
He warned that the judgment should not be seen as a licence to
disregard parents' wishes whenever it was expedient to do so, and
that he would expect a clinician to be disciplined if that were the
case.
It is alarming how often Gillick competence is being misused in
order to justify data sharing. Moreover, although a GP is qualified
to assess a child's competence to consent to a medical procedure,
they are no more qualified to assess competence to consent to data
storage and sharing than any of us.