finance
monthly
Personal Finance. Money. Investing.
Contribute
Newsletter
Corporate

Traditional companies are struggling to keep up

Today’s digital landscape frequently imposes new demands on financial institutions, with innovative technologies and new regulations such as PSD2 disrupting established processes. As physical banks and cash machines continue to disappear from our high streets, there is a growing shift towards customers using their mobile phones to conduct their banking activity. In fact, over two-thirds of British adults now use online banking[1], putting great pressure on traditional banks that are burdened with legacy IT systems. As 46% of bankers perceive this infrastructure to be the biggest barrier to the growth of commercial banks[2], the need to update the network is more urgent than ever before.

The challenger banks of today, born on the cloud, automatically inherit cost, performance, and efficiency benefits that traditional banks simply do not have. Without having to embrace the initial digital change, this new generation of mobile banks can be more nimble, hoisting technologies to personalise their services, and do so at a much lower cost. Legacy systems have proved reliable in the past, but in order to maintain momentum in the digital age, and compete with innovative businesses, financial institutions should push forward with rapid investment in cloud services.

The need to migrate to the cloud

Massive growth in data usage has made it increasingly difficult for organisations to store all their intelligence on in-house servers. Today’s financially-literate customers should not expect to have their personal information kept in physical computer systems. Instead, they expect instant access to their personal data anytime, anywhere, and in the most secure manner.

While some financial institutions are exploring cloud-based solutions, many remain hesitant in undertaking a full-scale migration. With such a complex transformation to undertake and outdated architecture to contend with, companies are encountering certain obstacles. Time and cost pressures, in particular, are leading to some firms to ‘cut corners’ when it comes to upgrading their infrastructure, causing severe disruption to customers. From October 2018 to October 2019, the UK’s Financial Conduct Authority (FCA) reported that major banks suffered 265 IT shutdowns, which prevented customers from making payments[3].

The financial services sector has also been shaken by a new wave of regulations aiming to better protect both customers and businesses. Since the General Data Protection Regulation (GDPR) has come into force, European Union citizens have been granted more control over their personal data. This means that organisations collecting data are obliged to do so legally and to protect it from misuse.

Legacy systems have proved reliable in the past, but in order to maintain momentum in the digital age, and compete with innovative businesses, financial institutions should push forward with rapid investment in cloud services.

Furthermore, with Payment Services Directive 2 (PSD2) fast-approaching, companies are obliged to implement Strong Customer Authentication (SCA) to mitigate the risk of payment fraud. A huge number of fraud cases – nearly 340,000cases - were reported in 2018[4], calling for a double layer of authorisation to make financial transactions over £28 more secure. It has therefore never been more important for institutions to properly execute a full-scale migration to the cloud to benefit from its innovative services, including biometrics.

Benefits of migration

The AWS marketplace, and similar service providers, offer an online platform through which customers can unlock a plethora of cloud and other digital applications. Making the transition via these networks, where the cloud is effectively brought to you, renders the process far more simple and frictionless.

Through AWS, financial firms can easily integrate the necessary biometric authentication platforms. Designed to verify the identification of employees and customers using multi-factor authentication, companies become far less susceptible to cyberattacks and data breaches. By adopting digital identification technologies, institutions can achieve regulatory compliance and offer a safer customer experience. It is not too late for traditional firms to transform themselves and compete.

The greater computing power of cloud-based software brings a host of other benefits to organisations and customers. Having data centralised through the cloud avoids the latency issues that come from having computing tasks handled from afar, and permits the on-demand availability of resources. This allows a more seamless digital experience to be created, to meet the evolving needs of customers. Simultaneously, businesses can gain cost and time efficiencies that translate into more effective workload management, increased flexibility and ultimately productivity.

If financial companies are to avoid falling behind today’s challenger banks, they must discontinue the use of legacy IT infrastructure, and fast. By utilising the resources that services such as the AWS marketplace have to offer, companies can efficiently embed the cloud into their operations, and deliver the best online experience expected of today’s educated customers. The migration will only ensure secure account entry using the latest biometrics, it will also achieve cost and time efficiencies that could well turn around profit margins.

 

[1] https://www.theguardian.com/business/2019/jul/01/mobile-banking-to-overtake-high-street-branch-visits-in-two-years

[2] https://www.instapay.today/insight/legacy-technology-in-banking-a-real-issue-or-is-it-just-perception/

[3] https://www.telegraph.co.uk/news/2019/11/27/major-banks-suffer-five-glitches-week-finds/

[4] https://www.paymentscardsandmobile.com/uk-fraud-report-2019/

IT failures at major banks are high on the news agenda right now. A recent Treasury Committee report found that the frequency of crashes and associated customer disruption was “unacceptable”, leaving customers cashless and cut off. Recent outages have happened as a result of various factors, such as upgrades going wrong and – in some unfortunate cases – crippling cyber-attacks.

 Given the costs of disruption to both customers and to banks, outages are simply not an option. To cope, banks must ensure their systems, processes, and underlying infrastructure are resilient – but doing so requires significant investment. How then, do they select the right partners who will help them not only survive, but thrive, in the long term?

Swiping right on an IT partner

With a vast range of technological partners out there, the first step for banks is knowing how to select the business best equipped to help them build resilient and effective IT systems.

But it’s not just about experience. Crucially, an effective IT partner will adopt a certain approach to contingency planning. It will not only think about today, restricted to existing infrastructure, ways of working, services and threats. Instead, it will focus on tomorrow, asking how will innovation impact on systems; what new threats lie over the horizon; how will increasing automation impact on networks?

Selecting an IT partner with foresight, infrastructure and technical knowledge to challenge a bank to think about the future, is critical. It is the only way to ensure systems can deal with the now while proving adaptable as their business, and customer expectations, evolve.

Getting the infrastructure right can have a major business impact.

Resilience is king

If services go down – nothing else will matter. That’s why putting in place rock-solid connectivity with the stand-in systems and backup infrastructure for emergency situations is so important.

Whether that’s selecting a connectivity provider with 99.99% reliability or investing in high capacity backups to cover the 0.01% of times, banks need to plan for failure. Investing in resiliency is not a nice-to-have – it’s an essential part of keeping services running.

Evolutionary, rather than radical change

Financial service companies should look for a partner’s ability to implement incremental change. The best partners won’t be looking to rip out a client’s infrastructure and start again. Not only would that be incredibly expensive, but it would likely cause major disruption to employees and customers.

One bank that has realised this with great success is Danske Bank. Choosing Virgin Media Business to guide it through an overarching transformation agenda, it listened to advice on the potential of incremental change to deliver a new vision for customers, employees, stakeholders and society – with enormous success.

Boosting the bottom line

 Banks should also consider whether their potential IT partner has experience making the connection between IT systems and customer acquisition. Perceptions of IT departments as back-end and functional parts of a business are misguided. In fact, small changes to IT infrastructure can hold the key to boosting profitability and bringing in new revenue.

Metro Bank has transformed its IT architecture in a way that supports business goals. By using application programming interfaces (APIs) and a loosely coupled IT platform – as well as putting the IT team at the centre of its digitalisation strategy – the business has implemented a rapid and streamlined process for customers opening new accounts.

Clearly, getting the infrastructure right can have a major business impact. An effective strategic partner can play a crucial role in guiding a financial services institution towards incremental success that drives revenue.

Partnerships win

To prevent IT outages and move towards systems capable of supporting growth and first-class customer experience, it’s vital banks choose a long-term strategic partner. This isn’t just to boost resilience in the face of cyber-threats, but to work out how infrastructure can feed into commercial growth and customer retention and acquisition.

As competition heats up in the sector and challenger banks continue to shake things up, infrastructure will take on new importance – supporting business growth, creating compelling customer journeys and implementing effective cybersecurity strategies. Having round-the-clock counsel from a trusted and experienced partner is vital to achieving this.

For an insight into Banking-as-a-Service (BaaS), Finance Monthly connected with the Managing Partner of zeb - Bertrand Lavayssiere.

The rise of service-based platforms

Improving cost-income ratios by 15% or more is becoming a necessity for most financial institutions looking to win through in the new age of banking. Moving operations to a service-based model such as software-as-a-service (SaaS) and business-process-as-a-service (BPaaS) can help achieve this goal and free up the business to focus on its customers. Platform banking or as it is otherwise known as Appisation of banking IT systems, combine the advantages of outsourcing with the power of automation, ubiquitous access and virtually unlimited scalability. Yet the answer lies not just with technology, but with the business strategy. To achieve true simplification, banks must be prepared to critically rethink their business models and seek close alignment with the capabilities of these new platforms. Is now the right moment to move your business to the cloud?

Most banks are ill-prepared for the transformation ahead. Their bespoke structures, having developed gradually over time, are dogged by complexity. Bloated product portfolios, error-prone manual processes and antiquated IT architecture not only drive up the cost of operations, they severely limit agility. Consequently, implementing complex regulatory requirements such as BCBS 239 or GDPR, building fully automated end-to-end digital processes and integrating the latest products offered by FinTechs, is both cumbersome and costly.The effort required ties up banks’ capacities and prevents their top management from focusing on truly value-generating business issues.

Revolution not evolution needed

Doing away with this complexity that has developed over decades is not easy through a process of gradual evolution. More often, banks need to make a clean start. They need to critically reappraise their business and operating models, focusing on the parts that truly matter and radically simplifying the rest – streamlining product portfolios and outsourcing or standardising processes and IT systems.

This radical step involves a substantial revamping of existing process and IT structures. Here, we find that banks increasingly rely on the ready-made, standardised software and process solutions offered by external providers. Banks see these solutions as a fast-track to cutting complexity in terms of reduced resource consumption and shorter implementation times. They hope to benefit from reduced costs due to economies of scale in development and operations. Often, they also see these external solutions as a gateway to standards and market innovation.

Banks have several options open to them for integrating external solutions into their operating models. In practice however, banks often adopt a variety of approaches in different parts of their process and IT landscape.

One option is to adopt cloud-based service models such as ‘software-as-a-service’ (SaaS) and ‘business-process-as-a-service’ (BPaaS). This option has become popular thanks to a wave of technological innovations collectively known as ‘cloud computing’. But it is also the notion of ‘service’ – in the sense of a highly automated bundle of software programs and/or process functionalities – which makes this concept particularly interesting for banks striving for simplification. We believe that this option is of overriding importance for the future of banking. In other words, we have entered the world of ‘banking-as-a-service’.

How does the notion of ‘banking-as-a-service’ compare to traditional forms of outsourcing? The key distinction is the degree of standardisation and automation. Typical traditional outsourcing arrangements are highly customised to the needs of the client. Moreover, they are usually characterised by transfers of staff and technology infrastructure from the client to the provider, who may provide their services from a low-wage country, while the existing processes and technology structures are often retained.

By contrast, service-based models are built from the outset with standardisation and automation in mind. They are characterised by modular building blocks containing standardised pieces of business logic, for the most part executed by software with only limited human intervention. The result is straight-through processing (STP) rates of 90% or more for processes that are amenable to standardisation.

In the past, this type of standardisation would typically lead to unacceptable limitations with respect to business requirements for all but the simplest scenarios. But modern software architectures increasingly allow for ‘long-tail’ customisation – producing an additional variant of a banking product, service or business process, at virtually no extra cost. What used to be an exception, handled by a human agent, can simply be implemented as yet another process variation, handled autonomously by the software. In the world of banking-as-a-service, software no longer merely supports the business processes executed by humans: It becomes the process itself. We are witnessing the gradual transformation from software-leveraged processes to process-leveraged software.

Smart alignment

Reaping the full benefits of service models such as SaaS and BPaaS is a question of smart alignment to the capabilities and standards of the underlying platforms. Banks will inevitably discover some downsides to banking-as-a-service after they make the shift – some limitations and ‘gaps’ compared to traditional models. But the key questions are: Are those limitations relevant from the point of view of customers? And are they significant in terms of their impact on the bottom line or regulatory compliance?

These questions transform the topic of banking-as-a-service from a purely technological issue to a strategic issue. At the end of the day, it comes down to business strategy: Which products and services contribute to the bottom line? Which processes promote the overall excellence of the organisation? Do customers really value hand-tailored offerings? And are they willing to pay the required premium?

Far reaching decisions

Understanding which aspects of your business are truly differentiating and which can be standardised is a good foundation for throwing excessive luggage overboard before engaging in a large-scale transformation exercise. Ideally, the examination of technological options should already be part of the strategic discussion taking place at CEO level. Its consequences will likely require some far-reaching decisions.

Written by Nick Pointon, Head of M&A at SQS

 

In June 2015, US security regulators investigated a group of hackers, known as FIN4. The group were suspected of breaking into corporate email accounts of 100 listed companies and stealing information in relation to mergers[1] for financial gain. Hackers are always on the lookout for opportunities to exploit vulnerable IT systems during mergers or acquisitions.

Starwood Group, an American hotel and leisure company, was the victim of a data breach in 2015 caused by malware infected point-of-sale terminals, shortly after the acquisition by Marriott Corporation had been announced. As a result of the breach, hackers gained access to customer names, payment card numbers, security codes, and expiration dates. It was later questioned whether IT systems were appropriately assessed before the acquisition was made public knowledge.

There is so much going on in the process of an acquisition or a business merger that IT systems are often neglected. This creates vulnerabilities, potentially exposing sensitive information which cyber criminals can exploit. IT teams must focus their attention on ensuring the security of existing systems before a company even considers undergoing an acquisition or merger.

 

Pre-acquisition technical due diligence

Technical due diligence refers to the period during which IT systems are inspected, reviewed and assessed for areas of vulnerability that need to be addressed. Organisations looking to be acquired or merge, should begin a process of technical due diligence internally before seeking interested parties. By carrying out such an internal technical due diligence, the company being acquired can be satisfied its systems are robust, secure and fit for purpose, and the acquirer’s due diligence will not expose any issues that may jeopardise the deal.

In addition to the security vulnerabilities, many organisations carry open-source licensing risks.  Open-source modules or snippets of code are commonly incorporated by developers into software to aid rapid development.  Although this open-source code is freely downloadable, it is normally subject to an open-source licence, and this licence places restrictions and obligations on what can be done with this code. Companies often have no idea what open-source code is used in their systems and any breach of licensing restrictions can be costly to fix and endanger the deal. So the internal technical due diligence should include an assessment of open-source licensing risk, allowing the company to resolve any problems in advance.

By conducting thorough technical due diligence before embarking on the process of an acquisition, organisations will have a greater appeal to interested parties and can ensure the deal will proceed smoothly. Those looking to acquire will have a clearer understanding of the technical assets for sale, with the added reassurance there won’t be any unpleasant surprises.

Yahoo recently felt the ramifications of neglecting IT systems in anticipation of the Verizon acquisition, after it was revealed earlier this year that 500 million customer email accounts were hacked. This now has the potential to affect the final deal - Verizon have issued a statement stating that the company is looking to alter the terms of the deal, as it felt Yahoo wasn’t completely transparent about the breach. This is a prime example of technical due diligence that hasn’t been thoroughly conducted and proves issues unearthed during the closing stages of an acquisition have the potential to affect the final sale price.

 

Pre-implementation hurdles

Once an acquisition has been agreed in principle, senior stakeholders must then address which systems are being continued and which should be decommissioned. A skilled project manager must be chosen to manage and monitor the implementation of the systems; ensuring decisions impacting the seamless integration of the acquisition are made on time.

Companies often underestimate the amount of work that goes into managing the process of an acquisition. This can result in the appointment of a project manager without the necessary skills needed to efficiently run the entire process. All too often it is assumed acquisitions only affect the financial and legal teams, when in reality it affects every department. An individual is needed with the skills to communicate across all departments and at all levels.

 

Post-acquisition finishing touches

The sale is agreed and personnel have merged, but it doesn’t stop there. Post-acquisition integration is a separate project in its own right and requires close engagement from senior stakeholders. Merging IT systems across companies can affect the smooth running of daily operations, exposing flaws in acquired systems likely to cause system downtime. By bringing third-party experts on-board, companies facing both pre- and post-acquisition challenges can be kept safe in the knowledge that IT systems are maintained and sensitive data is kept safe.

No matter how big or small the company or the number of employees, acquisitions are always a major upheaval. In order to allow the organisation to continue to operate efficiently both during and after the deal, it is vital the entire integration is properly planned and effectively executed.  This planning starts during due diligence by carrying out a thorough assessment of the technology and systems.  And the process continues with the execution of the integration project, which requires a skilled project manager supported by engaged stakeholders and effective communication at all levels in the new organisation.

 

About Finance Monthly

Universal Media logo
Finance Monthly is a comprehensive website tailored for individuals seeking insights into the world of consumer finance and money management. It offers news, commentary, and in-depth analysis on topics crucial to personal financial management and decision-making. Whether you're interested in budgeting, investing, or understanding market trends, Finance Monthly provides valuable information to help you navigate the financial aspects of everyday life.
© 2024 Finance Monthly - All Rights Reserved.
News Illustration

Get our free monthly FM email

Subscribe to Finance Monthly and Get the Latest Finance News, Opinion and Insight Direct to you every month.
chevron-right-circle linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram