A SOX-regulated financial institution needs a unified mortgage-servicing dashboard that is fast, consistent, and audit-ready. This demonstrates how I design a Power BI solution that satisfies both analytical and control requirements.
I demonstrate a governed Power BI solution on a star schema (FactPayments, Loan, Borrower, Calendar) with business logic standardized in SQL Server views, incremental refresh and partitioning for speed, and Row-Level Security aligned to SOX access matrices. Every measure, refresh, and access grant is documented so the report doubles as audit evidence.
A SOX-regulated financial institution needs a unified mortgage-servicing dashboard. Reporting definitions vary across departments, refreshes are slow, and auditors require traceability and access controls. Executives cannot agree on a single number, and every reporting cycle triggers manual reconciliation.
Source systems flow through governed SQL views into a partitioned star schema and a documented semantic layer. The keystone is the semantic model, where definitions and security live.
A classic star keeps the model fast and the definitions unambiguous: one fact surrounded by conformed dimensions.
The example dashboard standardizes definitions and makes them explorable while keeping controls intact:
This dashboard demonstrates the full solution — KPI cards & drill-through, MTD/QTD/YTD time-intelligence, saved bookmarks, and live Row-Level Security: change Viewing as and watch the model filter to only the portfolios a role may see. Illustrative data.
| Loan # | Product | UPB | Rate | Status | Next due |
|---|
Measures are authored in the semantic layer with time-intelligence and clear naming so report authors never redefine business logic.
// -- Total scheduled principal + interest collected (MTD) -- Payments Collected MTD = CALCULATE( SUM( FactPayments[AmountCollected] ), DATESMTD( DimCalendar[Date] ) ) // -- Delinquency rate with SOX-safe division -- Delinquency Rate = DIVIDE( CALCULATE( [Active Loans], DimStatus[IsDelinquent] = TRUE ), [Active Loans] ) // prior-period and rolling-12M variance measures follow the same pattern
Row-Level Security enforces SOX segregation of duties directly in the model. A security table maps each user (or AD group) to the portfolios they are authorized to view; the RLS role filters every fact query to that authorization. Because the rule lives in the model — not in each report — it is testable, documented, and auditable.
// Applied on DimBranch; USERPRINCIPALNAME() maps to the SecAccess security table DimBranch[BranchKey] IN CALCULATETABLE( VALUES( SecAccess[BranchKey] ), SecAccess[UserPrincipal] = USERPRINCIPALNAME() )
This example shows how a modern Power BI solution can, in practice: