Software Project Contribution and Onboarding - Compliance Horizon Scanning

[sndpkumar14]

Business Problem

Financial firms are dealing with the growth of new and changing regulations coming from different regulatory bodies (FINRA, ESMA and others) impacting their businesses. Regulatory and compliance teams spend a significant amount of time keeping up with regulatory changes, manually determining relevant regulatory obligations, and mapping these obligations to internal policies and procedures.

Proposed Solution

Enable continuous subscriptions and data ingestion from prime, identified regulatory agencies across operating geographies. Use Data Science (NLP) and analytics tools to automatically ingest, analyze and categorize new and revised rules and regulations.

Tentative Roadmap

Short-term - cover select reg agencies - from select regions
Medium-term - cover all major reg agencies - from NA, EMEA

Current State

A dashboard for the compliance officer with personalization based on type of regulatory agency, notices, and regulatory topics. Also, comprises of a Q&A library to facilitate fetching genuine answers to regulatory questions of the user. Current state fetches information from key regulatory bodies such as FINRA & SEC from the US, ESMA & CSSF from Europe, FCA & PRA from the UK, and MAS & HKMA from APAC.

Existing Materials

https://www.synechron.com/investtech-accelerators/Digital_Compliance.html

Development Team

Maintainers

• Punit Shah (Lead Maintainer)
• Uday Chaudhari
• Hachem Ohlale

Confirmed contributors

• Synechron FinLabs

Target Contributors

Compliance experts, analysts
Developers
NLP, machine learning experts

Infrastructure needs

Describe the FINOS infrastructure you will need for this project, in addition to a GitHub repository. The FINOS team will connect with you before setting up any of this infrastructure

• Recurring meetings
• Mailing list
• A project on the Legend Studio shared instance
• Other (please explain):

What's next?

Upon submission of this project proposal, the FINOS team will get in touch with you to discuss next steps.

---

Contribution process (v. 1.1, last updated on December 20, 2021)

Below is the list of tasks that FINOS Team and the contribution author go through in order to complete the FINOS contribution process.
Please do not edit these contents at contribution time!

Kick-off meeting

• Set up kick-off meeting with project leads
• Run kick-off meeting
  • FINOS overview (if necessary)
  • FINOS Maintainers cheatsheet
  • FINOS Project/Standards Governance
  • FINOS Project Lifecycle
  • Walk through the checklist, answer questsion and remove items that don't apply
  • Write and send contribution proposal announcement (optional - see below)

FINOS Contrib POC

• Identify and Assign FINOS Project Coordinator
• Identify and Assign FINOS Strategic Advisor

Proposal (Lead Maintainer)

• Lead maintainer to send out announcement to [email protected] using this template:

  Dear FINOS Community, 
  
  We would like to propose a new FINOS project. Please review the proposal details at (_TODO: add link to the GitHub issue proposal_).
  
  If you're interested in participating, please :+1: the GitHub issue proposal and drop a comment with your name, org and email
  
  Thanks a lot,
  

Identify project meta (Lead: FINOS Contrib POC, Support: FINOS Marketing)

• Project main coordinates
  • Project Name - Compliance Horizon Scanning
  • Project Slug - compliance-horizon-scanning
  • Does the name have a registered trademark? - No
  • Request logo design (if needed) - Logo Required, Not Requested
• Category and sub-category (for FINOS Landscape)
• Is there existing code? If so, is it public? If not, can you grant read access to user github.com/finos-admin ? - Horizon Scanning Core (initial contribution) - https:/synechron-finlabs/horizon-scanning-core
• Was the project ever released? If so, are releases public? And what's the latest released version? - No public releases
• Team composition: lead maintainer and other maintainers
• Are meetings currently held for the project? - No
• Are meeting minutes, agenda and attendance tracked? - No
• Is Continuous Integration used? If so, which system is used?
• Is there an existing Documentation website? If not, would you like to have one? - No current website. To be prioritised after contribution

Maintainers, contributors and CLAs (Lead: FINOS Contrib POC, Support: FINOS infra)

• For each maintainer identified in the previous step, collect: the following info:
  • Punit Shah (Lead Maintainer)
    • GitHub username
    • Corporate email address
  • Uday Chaudhari
    • GitHub username
    • Corporate email address
  • Hachem Ohlale
    • GitHub username
    • Corporate email address
• Identify other existing contributors (assuming there's a contribution history (eg Git history)
• Check if maintainers and other contributors are all covered by FINOS CLA
• Engage with FINOS Legal team to figure out what’s needed to cover all maintainers and contributors with FINOS CLA
• Reach out to contributors and employers to coordinate CLA signatures

Project Communication Channel(s)

• Ask maintainers which communications channels they'd like to use
• Asynchronous
  • GitHub Issues (public) - Yes, GitHub Issues Required
  • GitHub Discussions (public) - No, GitHub Discussions Not Required
  • GitHub Team Discussions (public and private FINOS CLAs Required) - No, GitHub Discussions Not Required
  • Google Groups - Yes, Google Groups or Groups.IO Required
• Synchronous
  • FINOS Slack Channel (general public Slack / leadership private Slack) - Yes, Public and Maintainer Slack Required
• Create the identified communication channels during infra set up
  • Create mailing-list on lists.finos.org (optional)
    • Enable Hubspot Sync for all project mailing lists created
    • Aggregate mailing lists to [email protected]
    • Update marketing lists
      • Add new list to the included "Email List" part of the filter
      • Add new list to the excluded "Email" part of the filter
• Link communication channels linked front and center in the project README.md

Code validation (only if code is contributed) (Lead: FINOS Infra)

• The codebase doesn’t have HIGH or CRITICAL CVEs across direct and transitive libraries - CVE, license scanning and static code analysis synechron-finlabs/horizon-scanning-core#1
• The codebase doesn’t have any unfriendly licenses across direct and transitive libraries
• (optional - if a build system is provided) The build process runs successfully
• finos-admin is Admin of the GitHub repository to transfer
• The codebase doesn’t include any patent or copyright that conflicts with FINOS Governance and bylaws (to be validated with FINOS Legal team)
• Apply project blueprint contents - see ODP docs
  • Ensure that the proper project governance is in the CONTRIBUTING.md file
• All incubating criteria are checked and documented below

Approval (Lead: FINOS Infra)

• Assign issue to Executive Director (@mindthegab) to trigger voting
• (optional) if additional socialization is required, the Executive Director may bring projects to the FINOS Governing Board
• FINOS accepts the contribution (and the contribution process can move forward)

Code transfer (Lead: FINOS Infra)

• Backup (even with screenshot) GitHub permissions of the repository to transfer
• Check GitHub repository transfer requirements:
  • finos-admin has Admin to all repositories to transfer
  • finos-admin ia allowed to transfer repositories out of the org
  • if the repository is owned by a user (and not an org), the user must be able to transfer the repository to finos-admin
• Review FINOS project blueprint contents
  • Project title/description in README
  • Project badge in README
  • License in README
  • Contributing in README
  • CONTRIBUTING.md
  • LICENSE (look for {} placeholders)
• Check protection settings and disable after transfer if necessary
• Transfer all code assets as GitHub repositories under github.com/finos
• Invite GitHub usernames to GitHub FINOS Org
• Create <project-name>-maintainers GitHub team and invite users
• Configure finos-admins (Maintain role) and finos-staff (Triage role) team permissions

Infra setup (Lead: FINOS Infra)

• Enable EasyCLA
• Add project to metadata
• Add identities, orgs and affiliations to metadata (deprecated by EasyCLA)
• Add logo to FINOS landscape
  • Create staging branch on finos/finos-landscape
  • Merge finos/metadata changes on master (will udpdate landscape.yml in finos/finos-landscape)
  • Create PR from staging branch on finos/finos-landscape
  • Review Netlify preview
  • Merge PR
• Add project maintainers emails to [email protected] list
• Add project maintainers GitHub usernames to the project-maintainers Team
• Onboard project on LF systems (SFDC, Insights, EasyCLA, Groups.io)
• (best effort) Update release coordinates and code namespace to include finos
• Enable security vulnerabilities scanning
• (optional) Enable meeting attendance tracking
• (optional) Onboard into legend.finos.org/studio

Announcement (Lead: FINOS Contrib POC)

• Lead maintainer works with FINOS marketing to send out announcement to [email protected] , checkout announcement template at the Contribution page
• Notify FINOS Contrib POC and FINOS marketing (@grizzwolf + finos-marketing internal Slack channel)

[DavidVtFreshAIR]

+1

[lolabeis]

+1
Interested in the potential of this project as an upstream to the "Digital Regulatory Reporting" programme we're involved in.

[mcleo-d]

FYI - The next FINOS Technical Steering Committee meeting is 28th September @sndpkumar14 if you're in the position to be added to the agenda to present?

[mcleo-d]

@ianhollowbread to help build the business case for the TSC if required.

[mcleo-d]

Hi @sndpkumar14 - Thank you for the meeting yesterday to discuss the Compliance Horizon Scanning contribution.

Can we get a list of the Synechron team who will be maintaining the project (including the lead maintainer). We need to be specific with this point before heading across to the FINOS TSC.

Many thanks,

James.

Maintainers

Synechron FinLabs team at present.

[mcleo-d]

The initial reason of Compliance Horizon Scanning, Horizon Scanning Core, is now found on GitHub here https:/synechron-finlabs/horizon-scanning-core

[mcleo-d]

Hi @ColinEberhardt - I've noticed this contribution has been moved to the TSC done column. Can you confirm if this status is accurate as we'd like to add to the TSC agenda this month for approval. cc @robmoffat

[ColinEberhardt]

I've noticed this contribution has been moved to the TSC done column

@mcleo-d that was a mistake! We'll discuss shortly

[mcleo-d]

Thank you @ColinEberhardt - We eagerly await the feedback from the FINOS TSC 😄

[stephengoldbaum]

+1
Great potential to complement and expand the ecosystem for the Open Reg Tech at FINOS.

[ColinEberhardt]

@mcleo-d can you please add @opoupeney as an assignee? He is looking at this contribution on behalf of the TSC

[ColinEberhardt]

@maoo @mcleo-d (bump) can you please add @opoupeney as an assignee? He is looking at this contribution on behalf of the TSC

[maoo]

@maoo @mcleo-d (bump) can you please add @opoupeney as an assignee? He is looking at this contribution on behalf of the TSC

Done!

[opoupeney]

After reviewing the current contribution and discussing with the team, the TSC is not able to accept the contribution. We are waiting for a revised version of the project, as discussed with the contributor, with a more substantial feature set.

[TheJuanAndOnly99]

Thanks for the update @opoupeney closing this issue.

[mcleo-d]

Following a conversation with @sndpkumar14, it's been decided to transfer the CHS ecosystem (that includes https:/synechron-finlabs/horizon-scanning-core) to FINOS Labs for further development until ready to present to the TSC for another round of approvals.

[ColinEberhardt]

Thanks @opoupeney for evaluating this contribution on behalf of the TSC 👍

[mcleo-d]

Added to the Regulation Innovation SIG kanban to track contribution with team.