Financial Institutions Reporting Solution

Transcription

1 REQUEST FOR INFORMATION Issued on: 24 January 2014 FOR Financial Institutions Reporting Solution RFI No: Bank of Jamaica

2 Table of Contents 1. Purpose Background Current Information and Communication Technology (ICT) Environment Current Application Environment High Level Business Requirements High Level Functional Requirements High Level Non Functional Requirements Company Capacity and Customer Listing Schedule Evaluation Criteria and Short-Listing Incurring Costs Clarification Submitting the Information... 7 Appendix I Supervision and Regulatory Proposed Framework... 8 Appendix II Proposed Solution Flow

3 1. Purpose 1.1. The Bank of Jamaica (hereinafter called the Bank ) is embarking on a project to replace its existing reporting system, FISIS (Financial Institutions Supervisory Information System), with a view to enhancing support for the Central Bank s Supervisory, Regulatory and Financial Stability oversight responsibilities and monetary policy mandates, whilst improving the data collection methods and enhancing the reporting, analysis and data dissemination processes within the Bank The proposed replacement solution, (FIRS) is expected to deliver on a number of objectives aimed at enabling the Bank to keep pace with the changes in the financial industry, including: - international Best Practice Standards (e.g. those issued by the Basel Committee for Banking Supervision and the International Monetary Fund Special Data Dissemination Standard (SDDS)) and the recently passed Banking Services Act (BSA). In addition, this new solution is anticipated to aid in facilitating the Bank s expanded role of institutional responsibility for the stability of Jamaica s financial system This document is a Request for Information (RFI) from companies interested in providing relevant information on their capability and capacity to: a) Implement a secure, flexible, scalable, data collection, analysis and reporting solution to support the Bank s supervisory, regulatory, financial stability and monetary policy mandates; b) Plan and implement the requisite information technology solution within 18 months preferably with an offthe-shelf product with minimal customization; c) Provide training before, during and after the implementation process; d) Provide post implementation support, ongoing maintenance and timely upgrades for the solution; and e) Assist with the migration of data from existing systems to the new solution. This RFI is an information gathering and short-listing mechanism only and is not a procurement opportunity but a prelude to the procurement process. Responses should not include prices. 2. Background The Bank collects data from over one hundred and ten (110) entities (inclusive of Deposit Taking Institutions (DTIs), foreign exchange traders, remittance companies, the Financial Services Commission (FSC) on behalf of its licensees, among others). Of these reporting institutions, FISIS currently collects data only from DTIs, namely (6- Commercial Banks, 2-Merchant Banks, 37-Credit Unions and 3-Building Societies). Deposit taking institutions are required by law to submit prudential, economic and other information to the Bank within specified timeframes. Data is collected in both electronic and hard copy formats and includes qualitative (e.g. surveys), quantitative (e.g. balance sheets), as well as structured and unstructured information/data. It is envisioned that the new solution will replace the existing FISIS infrastructure, eliminate hard copy submissions with electronic signatures and facilitate data collection from non-dtis, including financial groups of which a DTI is a member, in pursuit of the Bank s wider supervisory, regulatory and monetary policy mandates Current Information and Communication Technology (ICT) Environment The current ICT environment at the Bank is based on a Local Area Network (LAN) with a number of servers supporting a variety of Personal Computer (PC) workstations. The workstations operating system used are Microsoft 7 and 8 (64bit and 32bit). The Bank, while being vendor neutral, utilizes predominantly Microsoft products and has a Microsoft Enterprise Agreement in place. It is anticipated that the proposed solution will be based on a modern system architecture with a browser based user interface that integrates seamlessly within this environment. 2

4 2.3. Current Application Environment The Bank currently supports several applications that collect data from the Financial Sector. The existing system (FISIS) which we are desirous of replacing, runs on Oracle 10G (on Windows 2003) platform (See infrastructure diagram below). Using a java based fat client, financial institutions enter/upload prudential information, compiled on templates/forms developed in Java using Oracle Forms Designer, Net Beans and RefData. Once the data is validated and verified against predefined business rules, it is accepted and then transferred to a data warehouse on a nightly basis. Internal users access the data warehouse using Oracle Discoverer Business intelligence tool when analysing individual institutions, financial groups, sub-sectors or the wider financial system. In addition, institutions profiles and submitted returns are tracked and administered internally by using a browser based application (Webapp) While the system was envisioned to be used for all data collection, there are instances of data being collected through other media such as the Bank s FTP portal, s, telephone and hard copy format including newspaper articles. This has presented several challenges to effectively manage and use this information in a timely manner. It is anticipated that the new reporting and analysis solution will offer a more comprehensive and scalable framework to facilitate various data types and provide consolidated reporting using a single interface High Level Business Requirements The primary goal of the Bank is to implement a comprehensive solution to support the entire supervisory and regulatory lifecycle, with data collection being the first module implemented using this framework (See Appendix I - Proposed Supervision and Regulatory Framework). It is anticipated that the new solution will consolidate, enhance and support the data collection and reporting business processes of supervision, regulation, monetary policy formulation and financial sector stability. This will be accomplished by implementing a single data capture module to collect data and information from all external parties (inclusive of deposit taking institutions, financial holding companies, foreign exchange traders, credit bureaus, remittance companies, FSC on behalf of its licensees among others) using predefined reporting templates. The solution should provide the capability to securely manage the flow of data, from submission through to reporting and analysis (See Appendix II - Proposed Solution Flow.) The solution must also support advanced reporting (standard and ad-hoc), analytical modelling and forecasting capabilities. 3

5 2.5. The solution will be implemented in phases starting with the DTIs and eventually incorporating other reporting entities. The replacement system must be flexible to accommodate these changes and must integrate with the other business Intelligence solutions as well as other support systems within the Bank. The scope of Phase 1 of the project will be limited to the DTIs To ensure a successful project implementation, vendors must demonstrate that they have the capability and capacity to: a) Implement a secure, flexible, scalable, modern data collection, analysis and reporting solution to support the Bank s supervisory, regulatory, financial stability and monetary policy mandates; b) Plan and implement the requisite information technology solution within 18 months preferably with an off-theshelf product with minimal customization; c) Provide training before, during and after the implementation process; d) Provide post implementation support, ongoing maintenance and timely upgrades for the solution; and e) Assist with the migration of data from existing systems to the new solution. 3. High Level Functional Requirements Functionally the new solution must: a) Support best practices and international standards such as Basel Core Principles for supervision, Special Data Dissemination Standards and other internationally applicable standards and guidelines. b) Provide a secure, flexible and easy to use data capture module that facilitates qualitative and quantitative inputs (for routine and ad-hoc data) from external and internal sources including supervised institutions and other entities (financial and non-financial). c) Facilitate the modification of existing and addition of new reporting templates based on international standards and new emerging risks within the financial system. It should also include the management and enforcement of business and validation rules. d) Facilitate the tracking of issues/queries and monitoring of pre-defined indicators/benchmarks of supervised institutions, with alerts and notifications. This should include the capability to create micro and macro views of the financial system so as to easily identify inherent risks to determine supervisory, regulatory and policy decisions/actions. e) Support and enforce business process flows to ensure the ease of follow-up/actions and approvals through automated routing. f) Provide a flexible and easy to use reporting module that facilitates standard and ad-hoc reporting, comprehensive data modelling, forecasting, simulation and real-time analytics with minimal technical support. g) Provide an interface or methodology for reporting institutions to easily and seamlessly provide the requisite data from their internal systems or using other methods such as excel/file uploads, XML or XBRL with minimal data entry. h) Facilitate the maintenance of Institutions profiles including corporate structures, directors etc. while maintaining the history and trends of closures, mergers and acquisitions of institutions. 4

6 i) Facilitate internal and external access to information by Bank Staff and their counterparties, while enforcing user restrictions on information granularity Based on the proposed comprehensive supervisory and regulatory framework (See Appendix I- Proposed Supervision and Regulation Framework), solutions that supports the following business processes or provide integration abilities will have an advantage: a) Document management processes for storage, retrieval and tracking of documents and records including correspondences, manuals, standards and onsite reports.(this list is not exhaustive) b) Institutions licensing and approval of new products and services. c) Fit and proper assessments. d) Working Papers for Onsite Examinations e) Management and tracking of customer complaints and queries. 4. High Level Non Functional Requirements 4.1. The Bank is interested in a solution that facilities future growth, taking into account new and emerging requirements and technologies The system must conform to best practices and internationally accepted standards to ensure: a) Independence from hardware suppliers; b) Ease of implementation; c) Ease of maintenance; and d) System stability Some technical requirements that should be considered are: a) Ease of Operation: The proposed system should require minimum intervention (preferably none) by technical staff for normal operations. b) Security: The system should have at least two-factor authentication, against electronic mandates (tokens) for electronic signatures. The system should also adhere to international security standards such as ISO c) Access Controls: These should facilitate access to information and data on a need-to-know basis at the most granular data level. d) Audit Trails: All access to system and changes should be logged and accessible for authorized retrieval. e) Operating System: Microsoft Platform is preferred The response to this RFI must: a) Describe the general architecture and design of the proposed system. In the case of multi-tier solutions, explain the entire solution, as well as the level of functions allocated to each tier; b) Address explicitly security and access controls; c) Address scalability and performance benchmarks; d) Identify the use of technology in relation to: I. Interface specifications (APIs) links between systems; 5

7 II. III. IV. Use of standards such as XML, XBRL; Use of Relational Database Management standards; Proprietary and/or third-party products; V. Object oriented programming languages; VI. VII. HTTP and other network technologies; and Standard Web browsers as clients and their relationship to proprietary client products. e) Explain configuration options which the proposed system can support; f) Describe the technical infrastructure needed (hardware, software and network); g) Describe the business continuity model/infrastructure needed to ensure 95% availability; and h) Identify skills sets needed to support the environment. 5. Company Capacity and Customer Listing 5.1. Each vendor should provide an overview of its organization s capability and capacity to deliver and support the best solution for the Bank. To assist with this assessment the submission should include and/or demonstrate: a) Company organisation and structure; b) Project organisation structure and management approach including principal officers and proposed technical team along with the skills sets for: I. Development; II. Project management; III. Support; IV. Maintenance; and V. Training. c) Capacity to deliver and support the proposed solution; d) Customer base of similar services including sites/establishments using the newest version of their products. To include primary contact information (name, title, , phone number) and a brief description of the solution delivered; e) The two most recent audited financial statements; and f) The primary contact (name, title, , phone number) through whom clarification questions will be referred. 6. Schedule Milestone Date The RFI Sent out 24 January 2015 Deadline to submit queries 10 February 2015 Response to queries 13 February 2015 Deadline to respond to RFI 24 February 2015 Decision of short listed companies is taken 09 March

8 7. Evaluation Criteria and Short-Listing The key criteria which will be used to evaluate responses to this RFI are based on the responsiveness to the requirements of sections 3, 4, 5 of this document. 8. Incurring Costs The Bank of Jamaica is not liable for any cost incurred by vendors in replying to this RFI. 9. Clarification A party requiring any clarification of the RFI document shall contact the Bank in writing via to: bojtender@boj.org.jm Subject: (FIRS) RFI Clarification. All enquiries regarding the RFI shall be made by Tuesday, February 10, Responses to all queries and requests for clarification will be made available to all parties by Friday, February 13, 2015 via the Bank s website: (It is therefore incumbent on interested parties to monitor the Bank s website). 10. Submitting the Information The completed RFI proposal must be submitted in duplicate (along with an electronic version) and in a sealed envelope addressed to: RFI # Attention: Head of Procurement Procurement Administration Section Bank of Jamaica Nethersole Place Kingston Tenders must be physically delivered to the BOJ and after being stamped at the Information Desk, deposited in the Tender Box located in the Foyer. The deadline for the submission of proposals is Tuesday, 24 February Proposals should be deposited in the box provided at the information desk no later than 3.00pm. 7

9 Appendix I Supervision and Regulatory Proposed Framework 8

10 Appendix II Proposed Solution Flow 9