28 May 2018
Derek Britton

Derek Britton - Micro Focus

Derek Britton - Micro Focus

1Posts 3,091Views 4Comments

Tackling the Compliance Conundrum

30 May 2014  |  3092 views  |  0

The Enron scandal and subsequent regulatory breaches by financial institutions during the recent economic crisis has placed organisations’ financial reporting and business processes under on-going scrutiny. Exacerbated by other high-profile incidents like the IT outages suffered by HSBC, RBS, Barclays and Santander, LIBOR rigging, PPI miss-selling and insider trading, the banking industry now faces a myriad of compliance measures that cover a variety of issues such as data protection, corporate practice and consumer protection.

New measures continue to be introduced, while existing rules are updated yearly – recent regulations include ISO27002, Basel III, FACTA and SEPA – but meeting the expectations of multiple regulations can be extremely challenging.  Not only does each bank have their own and different regulatory priorities, but finding and addressing these regulations on time is a significant IT risk.

Adding to this challenge are recent IT failures that have been attributed to existing IT infrastructures, implying that the technology is outdated and unable to keep pace with changing needs.  Updating an entire IT infrastructure doesn’t happen overnight and can seriously jeopardise meeting regulatory or other critical internal deadlines.

The simple answer might seem to be a ‘rip and replace’ approach to outdated infrastructure but many banks’ IT estates comprise a vast array of complex, interrelated systems and platforms, encompassing significant business-critical applications that contain decades of business intelligence in millions of lines of code.  The cost of managing such established infrastructures can be significant and has impacted the pace of keeping up with requirements.  According to research by Vanson Bourne, 590 CIOs and IT directors estimate it would take an average of $11 million to update core applications, however they expect to continue relying on these systems for another ten years because of the valuable business intellectual property held within them.

The truth is that it is far more costly and prohibitively risky to replace these incumbent systems with something else.  You only need to look at the findings from the recent Kelly Report about Co-Op Bank, which highlights the problems encountered as the bank tried to replace its core banking systems.

In order to best support compliance requirements banks need to consider a modernisation strategy that helps them to continually but gradually change and update their core business applications through software development and testing to keep up with business demands.

IT automation and better insight to improve efficiency are key to this approach.  Through automated application understanding, software development and test software, banks can pinpoint the required application change, and then fix and test it quickly and efficiently.  This technology helps find where to make changes, providing developers with a ‘to-do’ list so that they can get the job done quickly and accurately, avoiding re-work and high-profile system failure, across a range of IT projects, including both routine maintenance activities and mandatory regulatory changes.

Overall, managing modernisation in this way enables banks to streamline their technological approach to regulation  to reduce the complexities faced in servicing the needs of the compliance officer.

TagsSecurityRisk & regulation

Comments: (0)

Comment on this story (membership required)

Latest posts from Derek

Tackling the Compliance Conundrum

30 May 2014  |  3092 views  |  0 comments | recomends Recommends 0 TagsSecurityRisk & regulation

Derek's profile

job title Director of Solution Marketing
location Newbury
member since 2012
Summary profile See full profile »
Product Management and Marketing Professional and IT / Technology Exponent at Micro Focus, the enterprise application modernization specialists.

Derek's expertise

Member since 2012
1 posts4 comments
What Derek reads
Derek writes about
SecurityRisk & regulation
Derek's blog archive
2014 (1)

Who's commenting on Derek's posts