iQoncept - Fotolia

Dutch bank cuts compliance data retrieval from weeks to hours

Rabobank has moved from tape libraries and robotic arms to a platform-based storage and retrieval system to help it comply with regulations

The Netherlands’ Rabobank has reduced the time it takes to retrieve information that is vital to compliance, cut out mistakes, eased the burden on its IT department and cut costs by using a centralised data storage and retrieval system that includes automated processes.

Faced with a growing compliance burden, Rabobank has invested in technology to enable it to quickly retrieve information from a plethora of systems without loading its IT department with extra work.

Since the 2008 global financial services crash, regulators have toughened their rules around banks providing relevant data to prove they are complaint with regulations. This means banks must store and be able to access information on multiple communication systems to prove exchanges are compliant.

Headquartered in Utrecht, Rabobank has more than 10 million customers and 51,000 employees across 47 countries. Traditionally, the bank’s IT department would support its global compliance operation by gathering communications data from multiple sources in multiple countries. This might include email, recorded voice calls, instant messaging and chat applications, as well as messaging technology from Bloomberg and Thomson Reuters.

“This was a time-consuming, resource-intensive and error-prone task,” said Colin Chatelier, head of datacentre UK at Rabobank.

In line with current banking trends, the organisation opted to buy rather than build the technology. It realised it was not an expert in the niche area of search technology, so is using the Hitachi Content Platform to enable it to find structured and unstructured data from different communications sources.

This fitted in with the bank’s IT strategy to buy technology off the shelf where possible. “Writing search technology was, and still is, a niche field and it is very easy to get it wrong without a history of doing so already,” said Chatelier. “This project was IT-led. IT didn’t want to be stuck supporting code, but rather consume code that another company would support.”

Rabobank will benefit from any features other banks add to the platform in the future, Chatelier added.

Read more about financial services compliance

Chatelier described how, in the past, Rabobank had large tape libraries with robot arms moving across them to retrieve relevant disks, when required. “These tape libraries are not cheap and space is limited,” he said. “And there are logistical and financial problems. Just for storage and retrieval, it would have cost between €2m and €3m a year.”

An added complication for global banks is that different operations in different sectors and countries would store data using different technologies, he said. Although banks strive for global standardisation, mergers and acquisitions make this unlikely, he added.

Chatelier said a major international investigation for a large bank would require five or six different teams to collect data in each country because separate teams manage matters such as voice and email. “The coordination is quite difficult and the financial cost is high,” he said.

IT workers often become subsumed collecting information from different systems for compliance teams, said Chatelier. “We decided to use the Hitachi technology with our business acumen and our IT team problems to create a solution for us,” he said. “Not just to solve the problem for today, but to look forward and get a grip on whatever was going to come and hit us in the future because electronic messaging today is IM, Skype, email and voice, but tomorrow it could be anything.”

The bank is currently adding text messages between Rabobank mobile phones to the system.

Automated self-deletion

Different sources of data need are joined together using metadata, said Chatelier. Today, Rabobank has a system that ingests data daily or even in real time where it can, with data flowing into a large centralised global system. It can also automate the self-deletion of data when it is no longer needed, which cuts costs, he said.

The new system’s ease of use and automation has reduced the burden on IT teams, said Chatelier. Compliance teams have an interface that enables them to configure the system to ensure that certain rules are applied in certain countries and to certain messaging systems, through a tick-box system.

“This allows them to be self-sufficient,” he said. “Previously, an investigation would take weeks or months and be very iterative. But compliance workers can now get from A to Z point in a day or two, which gives us a lot more credibility with regulators and makes things so much cheaper.”

Chatelier said that at peak, Rabobank was paying a supplier about €250,000 a month to collect data for its compliance teams. This was often the same data multiple times. Added to the millions of euros spent on storage each year and retrieval, this really adds up, he said.

Data was often processed by third parties, said Chatelier, and these companies use their own software to sort the data and process it in a way that can be used by the regulators. “We don’t typically have to do that now and we can do it through our own system,” he added.

Read more on Clustering for high availability and HPC