System Implementations - A Best Practices Guide

I. Introduction

? Now that your organization has completed the process of selecting a vendor, the implementation can begin.? System implementation is a lengthy activity and brings its own set of actions and challenges. An enterprise implementation can last well beyond a year and during that time the project needs to remain on track, resources need stay engaged and deliver on schedule, and senior leadership will need to see continual progress throughout the project.? In order to achieve success, careful planning and preparation must occur.?

? Planning can take several months but is essential for a smooth implementation. More importantly, planning then executing the plan ensures the system meets the needs of the business and delivers an immediate return on investment.

? The details below will further examine the logistical functions that allow for an effective, efficient system implementation.

II. Implementation Process

While reasonable to believe the implementation begins when the selected vendor walks through the door, this approach can result in key preparation tasks being overlooked. An effective implementation is the result of careful planning and management.

Several groups of stakeholders such as IT, Compliance and Operations will be affected during and after the implementation.? Negative impact to these stakeholders can be mitigated and managed through communication and participation during planning and decision making.? Technology is the core of the implementation and it must be able to meet the objectives of Compliance. Therefore, Compliance should be able to drive the implementation through clear and thoroughly documented requirements and a target state.? These requirements must be taken into account throughout the implementation and configuration process, and the requirements should not be compromised in favor of an easier or quicker implementation.

? Therefore, emphasis should be placed on the organization as a whole engaging in the implementation, with all necessary stakeholders involved to facilitate cooperation across stakeholders.? Generally speaking, system implementation includes the following steps:

A. Pre-Project Planning

? Preparing and planning is a critical first step of a smooth, effective implementation.? Planning can be time-consuming but establishes the framework and foundation for the entire implementation.? Crucial pre-project planning items include:

1. Clear and Complete Business Requirements

? Reviewing the business requirements for completeness and accuracy is crucial.? The business requirements will guide the implementation and system configuration.? Typically, business requirements already exist because they were utilized during system selection.? However, in the event that they do not exist, they should be developed in a system agnostic manner and not tailored to the capabilities of the system being implemented.

2. Creation of a Detailed Project Plan

? A detailed project plan is another critical aspect of the planning phase.? The plan should cover a comprehensive, end-to-end implementation life cycle based on the agreed upon strategy and methodology. The plan will consider internal and third-party resources, priorities, timeline, and any applicable change / risk / project management processes.? In the event the implementation involves multiple modules for a system, planning should take into account the module implementation sequencing (e.g. case management followed by sanctions filtering modules followed by transaction monitoring).??

3. Development of a target state and success criteria

? Defining a target state at the onset of the implementation will help achieve success. A documented target state will ensure that decisions or changes that are made throughout the implementation will allow the system to achieve the intended target state.

B. Data Identification and Sourcing

? During the Data Identification and Sourcing phase, the universe of source systems and associated data required for the implementation are identified.? This can be performed in various ways depending on the type of system being implemented.? For example, in the case of AML transaction monitoring, first a full inventory of transactional systems should be identified.? Then, for each system, inventory all transaction codes within the system, to allow for clear evidence that all customer-initiated transactions have been identified and are being supplied to the system.

? The quality of the data should also be tested to confirm it will be able to support the objective of the system logic.? Data testing can be particularly important when using a data warehouse a source of data for the new system.? In the case of a data warehouse, there should be an effort to reconcile the data between source systems and the data warehouse to ensure the data in the warehouse is complete and not altered in a manner that would adversely affect system logic.

Data ingestion and extract transform and load (ETL) development complete the sourcing phase.? Data ingestion is facilitated with close collaboration from the vendor to verify the correct elements are mapped to the appropriate location of the system’s data model.? Once the mapping has been completed and validated, the ETL code can be developed so that the data is routinely extracted from the source system(s) and supplied to the correct locations of the data model.

C. System Configuration

During the system configuration phase, the responsibility shifts to the vendor translating business, functional and non-functional requirements to the system configuration. This involves changing software or hardware settings to align with the organization’s specific needs. Configuration settings are adjusted to reflect the desired thresholds, parameters, workflows, user permissions and roles as outlined in the established requirements. ?In the case of a rules-based transaction monitoring system, rules will be coded and tuned in an external environment.? The vendor will then configure the system’s rules to align with the final thresholds from the external environment and the output of the vendor rules will be compared to results from the external environment to confirm the parameters and thresholds were configured correctly.? Any discrepancies need to be examined and explained.

Continuous calibration and alterations are conducted to verify that the configured system operates in a manner that is consistent with the requirements outlined in the BRD and FRD. Any discrepancies or issues identified during this phase are addressed through iterative refinement until the system configuration aligns seamlessly with the organization’s objectives and ultimately, the business and functional requirements.

D. User Acceptance Testing (UAT)

While testing is performed throughout the implementation, the UAT is a more formal type of testing and is usually the final phase of the implementation prior to deployment.? UAT tests the system in a manner that is consistent with how it will be used in production.? The UAT environment is also established in the same manner the Production environment will be established and includes a complete copy of Production like data.? The objective of UAT is to affirm the system meets the business and functional requirements, or least the majority of them, prior to moving to Production.

? Prior to the execution of UAT, the UAT approach will be documented and at a minimum should include:

1.???? Resource allocation

2.???? Acceptance criteria or conditions that should be met prior to deployment to the Production environment

The UAT scripts are based on the business and functional requirements documents.? Each requirement should have a corresponding test script and can be reconciled through the creation of a traceability matrix.? As the testing is performed, defects are tracked and managed to determine their criticality and when they will be corrected and re-tested.?

? The User Acceptance Testing (UAT) phase serves as a critical checkpoint before the system Go-live, allowing for the identification and resolution of any potential issues that may impact the user experience or hinder business practices.

E. Deployment

The Deployment phase exhibits the culmination of efforts, where the configured and tested system is released for production use.? As part of the deployment, system governance procedures should be developed and adopted.? The governance should include items such as:

1. Change management procedures

2. Data governance

3. Issue management

4. MIS reports

5. Periodic testing, tuning and optimization

Time should also be allocated to training the operations team during this phase to prepare for the release to Production. The operations team needs to understand how to use the system and be provided with policies and procedures aligned to the new system to reference when entering the production environment. This guidance, along with the governance procedures, ensure the system continues meet the intended objectives through consistent maintenance and oversight.

III. Considerations For Global Implementations

In the event the system will be deployed globally, not only do the details provided above apply to each region, but there is additional planning to be performed for such implementations.? When deploying a system globally, one of the first items to consider is the sequence of jurisdictions to be deployed.? Typically, it is best to address those that are easier to implement first.? In the event there are external factors such as regulatory pressure to address in certain regions first, that will take precedence. However, addressing the less challenging jurisdictions allows progress to be shown to senior leaders, and the ability to apply “lessons learned” when deploying in more complex ones.? This approach of iterative implementations across regions decreases the time to value for each subsequent region, and ultimately can reduce the overall time for a full global implementation.

? The business requirements for each domain will also vary.? These requirement differences must be documented and leveraged as part of the user acceptance testing.? While there are requirements that are unique to each jurisdiction, there is also a need to have uniformity in requirements globally. Local requirements can then be developed to understand which requirements need to be added, changed or omitted from the global requirements for each specific jurisdiction.

IV. Conclusion

System implementation is a challenging, time-consuming endeavor.? Failed implementations or systems deployed that do not meet the needs of the business are frequently the result of poor planning.? System implementations utilize a variety of resources throughout the project.? These resources can be internal IT, vendor resources, business stakeholders and third-party resources.? A detailed project plan with clearly defined roles and responsibilities outlines when these resources will be needed and the duration of their involvement in the implementation.? Required documentation such as business requirements, a target state definition, and success criteria must be in place at the onset of the implementation as they guide the process from data sourcing to system configuration through acceptance testing.? Decisions that are made throughout the course of the implementation lifecycle can leverage the documentation to ensure the decisions made maintain the path to the target state, meet the needs of the business and align with the success criteria.? Each step of the implementation relies on the success of the prior step.? Taking a planned, methodical approach to a system implementation leads to a deployment that meets the needs of the business and provides a return on the investment made on the system.