Automated CASS software: Key considerations for growth and development

Posted: 05/12/2022 | Read time: 7 minutes


In this blog, AutoRek’s CASS Consultant Murray Campbell sets out what firms must consider if they want to grow and develop. He explores the growing inseparability of finance, tech and data, the FCA’s drive to becoming more data-led, the main reasons why firms are automating CASS, and the prerequisites for successful CASS automation.


The convergence of finance, technology and data

The FCA has recently indicated that it plans to take a more data-led approach to its supervision. Chief Executive Nikhil Rathi expects it to become as much a regulator of data as one of financial services across the next five years.

The FCA’s drive to become more data-centric highlights the growing link between financial services, technology and data. Companies like Apple and Google, for example, have already made significant strides in the provision of payments services. As this becomes more commonplace, the FCA wants to ensure that, if Big Tech spreads further into financial services, it does not become a detriment to fair competition given the scale and reach of those organisations.

Further publications from the Bank of England have also covered the use of AI and machine learning in financial services, evidencing again the focus UK regulators are giving to digital innovation. As such, firms can certainly expect technology to be a key consideration in the months and years ahead.


CASS compliance – the importance of data

CASS has long been a regulatory area rich in data, with firms providing a wealth of information to the FCA monthly via CMAR. The FCA uses this data to monitor firms and the services they provide, influencing their supervision strategy where necessary.

One example is the Dear CEO letter sent to firms regarding an increase in the client money balances they were holding. In this case, the FCA had identified a trend in the CMAR data. With that information, they contacted firms to suggest whether an alternative option might be in the best interest of clients.

While data has always been central to CASS reporting, the FCA has stepped up its expectations in recent months. In fact, the number of CASS-related s166 notices – a skilled person review – is on the rise in part due to insufficient data submissions.


Reconciliations and data

Reconciliation performance produces a wealth of data output, all of which can be key indicators of the operational performance of a firm; it is the source for much of the information required for CMAR.

Where reconciliation processes are manual, the subsequent data capture and interpretation are subject to human error, less reliable and require much more work before reporting can take place. The ability to automate key CASS processes and leverage the value in technology therefore provides many benefits for firms.

In this blog, we look at some of the key drivers that lead a firm to introduce automation. We’ll also discuss some prerequisites for delivering successful CASS automation, before finishing with a look at some future considerations for firms to have in mind as their CASS processes become increasingly reliant on technology.


CASS automation: Three key drivers

In our experience across the asset management industry, there are three main reasons why firms decide to automate their CASS processes.


1. Eliminating manual processes

Reconciliations can either be highly manual, spreadsheet-based activities or highly bespoke, automated solutions. Often, the approach will be driven by the size of the firm, the volume of transactions and the budget allocated to invest in automated technologies.

We speak to many firms at varying stages of their development and find a myriad of different approaches. In some cases, start-up firms will look to employ automation from the outset and, other times, firms will consider automation once they have grown sufficiently to require it.

Regardless of the company and their approach, the drive to eliminate processing errors – which are far more likely when using spreadsheets – is always the main consideration. As such, replacing spreadsheets with automation enhances efficiency and increases financial data control.


2. Regulatory pressures

As discussed above, effective financial data management is the cornerstone of regulatory compliance in today’s data-driven financial landscape. Regulators want to see that firms have control over their financial data, with full visibility and auditability of that data.


3. Scalability

Higher levels of automation are often seen as a way to avoid enforcement action, such as a skilled person review or a regulatory breach. In either case, firms identify a challenge or vulnerability and choose to further automate processes to reduce risk.


Prerequisites for successful CASS automation

Delivering CASS automation successfully requires a number of considerations to be in place beforehand. For CASS compliance in particular, processes need to be documented from the outset and be able to stand up to scrutiny in the months and years ahead.

From our experience, there are six prerequisites for successful CASS automation.


1. Internal systems and data

A thorough understanding of a firm’s own internal data and systems is vital. Knowledge of how transactions flow through a firm’s books and records and are reflected on client accounts throughout the transactional cycle is essential for being able to extract the necessary data for reconciliations.

Challenges frequently arise when a process is only partially automated. The ability to unpick the automated solution to understand the source data inputs and any transformation performed can be problematic. This is especially the case where apparent ‘black boxes’ consume data and provide an output, with little clarity or explanation as to what happens in between.

The first step can often be to reverse-engineer the automation currently in place. Although time-consuming, it is a crucial first step for building a new, transparent solution with the correct data input.


2. External data sources

Similar challenges can be thrown up when capturing the required external data sources. A firm may hold client money with multiple agent banks and with statements received in varying formats, providing inconsistent information. Consolidating this into a single view and drawing out any gaps is therefore important to understand how challenges can best be addressed.

The same is also true where payment service providers facilitate a firm’s cash transactions. Understanding how and when transactions are received, and how bulk bank settlements are allocated back to individual clients, is key to ensuring an effective reconciliation process.

Information should be captured during data exploration and requirements gathering at the start of an automation project. This will require subject matter experts from across the firm, including operational staff and colleagues in IT who are best placed to understand how data can be extracted from core systems for use within reconciliations.


3. Deliverables

An agreed set of deliverables from the outset is fundamental to recording the processes a project aims to automate. This could be client money or custody asset reconciliations, both internal and external, plus any supporting control processes as required by the firm’s data.

Ensuring deliverables are agreed upon and understood from the outset is critical for determining the success of the project. If the end goal of the project is not agreed upon, then success for one individual is different to the view held by another and the wider team is not working towards a common goal. Documenting and agreeing to this upfront allows for success to be determined when the deliverables are achieved.


4. Solution design

Agreed deliverables will then influence the solution design, providing a visual representation of the solution build. This will be from the data input stage to any enrichment, aggregation and calculation requirements, through to the reconciliation processes and confirming the output required via MI, dashboards and reporting. Mapping this out effectively means that project teams have a clearly documented understanding of the solution and what it will deliver.


5. Project governance

Proper documentation is a key part of sound project governance and change management.

In the case of CASS reconciliations, a change of this nature will draw the attention of an auditor during the annual audit. Therefore, sharing detailed documentation to provide evidence of the oversight in place during the process is vital. Examples can include:

  • Design documents
  • Action trackers
  • Project plan
  • Regular project reports
  • Testing plan
  • Go-live plan


6. Testing

Allied with any successful solution deployment is thorough testing. Testing should include the capture of various scenarios and data challenges that might be encountered through BAU processing, for example post-bank holiday reconciliations. A period of parallel run alongside existing reconciliation processes should also be completed to provide final confidence when switching to a new solution.

Testing completion should be documented and evidenced, with a record of issues identified and how they were addressed and retained.


Considerations for the future of CASS operations

As the regulatory landscape becomes increasingly complex and intertwined with technology, there are many things that firms should consider to futureproof their operations. Below, we outline some of the core considerations.


1. Silver bullet

The first point to make is that automation should not be viewed as a silver bullet for CASS operations.  While replacing manual processes will remove many inherent challenges, enhance processes and deliver efficiency, automated technologies will present firms with a set of fresh challenges. It is important to take the time to articulate these challenges and formulate contingency plans beforehand.


 2. IT controls

Strong IT controls are an important aspect of effective forward planning. Mapping out process flows, understanding where human intervention is still required and where controls are needed, and building these considerations into the process is essential.

In respect of the internal client money reconciliation, having controls in place to ensure only complete data is used, and flagging any instances of incomplete data, is key for a system to produce consistently reliable results. Firms should take the time to consider what additional controls can be embedded into the solution to validate and check the integrity of data.

Controls of this nature will of course be fully tested as part of the annual audit and therefore need to be documented and reviewed regularly.


3. Substantiating output

Substantiating the output is a key challenge for firms where a system is used to complete a reconciliation. Teams must be able to explain the output received from a system and have confidence that the result is accurate.

Having transparency in a system to evidence the way data has been used is crucial. A simple example would be the ability to trace the total client money requirement back to the individual client balance protected for each client, rather than merely accepting the total value presented by the system.


4. Remaining manual tasks

Where a process has been automated, does the solution provide end-to-end automation? Or have some steps or supporting tasks been left manual by the initial delivery? If it’s the latter, further plans will be required to drive further automation.

It is common in projects for the day-two list to grow as the go-live date gets closer. Where that is the case, is it accepted such tasks will remain manual if they are ultimately de-prioritised? What does this mean for the overall process and the controls required?


5. Process responsibility and audit challenges

Once a process has been automated, firms should be clear where the responsibility for those processes sits. Because reconciliations are an ongoing operational task, once automated they will likely require the support of IT for consistent maintenance.

This scenario creates the risk of a grey area. While controls in the process may sit with IT, for example in respect of data extraction, that control supports a daily operational process. Identifying ownership of controls is therefore a fundamental tenet of sounds CASS process governance.

This can present a challenge when reviewing and testing a process, particularly during annual CASS audits. Rarely is there a single point of contact to provide an end-to-end walkthrough of a reconciliation solution. Determining where a process and its control sits with one team where it is handed off to another can raise complexities when understanding and testing the entire solution.


6. Future of CASS Recruitment

Given the growing relationship between CASS reconciliations and technology, what does this mean for the future of CASS recruitment? What are the key skills that will be required for a reconciliation analyst, for example? Will it require an operational background to understand transactional flows and settlement cycles? Or will the role require an IT background to understand technology controls and databases?

It is fair to say there is a growing need to have both sets of skills. However, finding, attracting and then retaining talent of that nature is very difficult at a time when recruitment is challenging enough already.


The bottom line

  • The FCA continues to focus on the increasing role data and technology will play in financial services
  • Harnessing the value and opportunities provided through digital innovation is therefore a key item on firms agenda
  • At a time of competing demands and economic challenges, it is also vital for firms to capture the advantages of using the right technology
  • Delivering automation across key regulatory processes will provide a firm with efficiency and control which supports growth and allows valuable resources to be used effectively
  • Successful automation relies on detailed planning to allow for data challenges to be identified and addressed from the outset
  • Firms must ensure that CASS solutions are designed with strong IT controls, transparency, and clearly defined responsibilities