The Enron scandal and subsequent regulatory breaches by financial institutions during the recent economic crisis has placed organisations’ financial reporting and business processes under on-going scrutiny. Exacerbated by other high-profile incidents like
the IT outages suffered by HSBC, RBS, Barclays and Santander, LIBOR rigging, PPI miss-selling and insider trading, the banking industry now faces a myriad of compliance measures that cover a variety of issues such as data protection, corporate practice and
consumer protection.
New measures continue to be introduced, while existing rules are updated yearly – recent regulations include ISO27002, Basel III, FACTA and SEPA – but meeting the expectations of multiple regulations can be extremely challenging. Not only does each bank
have their own and different regulatory priorities, but finding and addressing these regulations on time is a significant IT risk.
Adding to this challenge are recent IT failures that have been attributed to existing IT infrastructures, implying that the technology is outdated and unable to keep pace with changing needs. Updating an entire IT infrastructure doesn’t happen overnight
and can seriously jeopardise meeting regulatory or other critical internal deadlines.
The simple answer might seem to be a ‘rip and replace’ approach to outdated infrastructure but many banks’ IT estates comprise a vast array of complex, interrelated systems and platforms, encompassing significant business-critical applications that contain
decades of business intelligence in millions of lines of code. The cost of managing such established infrastructures can be significant and has impacted the pace of keeping up with requirements. According to research by Vanson Bourne, 590 CIOs and IT directors
estimate it would take an average of $11 million to update core applications, however they expect to continue relying on these systems for another ten years because of the valuable business intellectual property held within them.
The truth is that it is far more costly and prohibitively risky to replace these incumbent systems with something else. You only need to look at the findings from the recent
Kelly Report about Co-Op Bank, which highlights the problems encountered as the bank tried to replace its core banking systems.
In order to best support compliance requirements banks need to consider a modernisation strategy that helps them to continually but gradually change and update their core business applications through software development and testing to keep up with business
demands.
IT automation and better insight to improve efficiency are key to this approach. Through automated application understanding, software development and test software, banks can pinpoint the required application change, and then fix and test it quickly and
efficiently. This technology helps find where to make changes, providing developers with a ‘to-do’ list so that they can get the job done quickly and accurately, avoiding re-work and high-profile system failure, across a range of IT projects, including both
routine maintenance activities and mandatory regulatory changes.
Overall, managing modernisation in this way enables banks to streamline their technological approach to regulation to reduce the complexities faced in servicing the needs of the compliance officer.