New research conducted on behalf of Tideway Systems by Expand Research, has shown rising regulatory pressures remain secondary to delivering cost savings and effective cost management amongst the IT organisations of Investment Banks - indeed, only 50% of the banks are actively driving SOX projects with IT as an integral part.
Further, the variety of regulatory requirements and best practice frameworks available are still causing confusion, delaying the adoption of industry standards.
Due to the intrinsic role that technology is playing in financial services the need for effective IT governance, measurability, accountability and simultaneously cost savings, have become critical. Compliance pressures on the financial services sector have served to accelerate the focus on governance capabilities within the IT department, but have not addressed the fundamental need for a fully transparent, holistic view of the IT organisation that will allow IT to achieve the ultimate goal of managing itself like a business. A variety of best practice guidelines, including the IT Infrastructure Library (ITIL) and COBIT (often applied to Sarbanes Oxley compliance), provide frameworks for how this is to be achieved, but the major incentives driving most projects still remain the need to achieve cost savings and provide cost transparency. The research, which looked at adoption of best-practice and regulatory guidelines amongst the top 10 global banks, highlighted the necessity to take a pick n' mix approach to standards:
- 50% are actively using ITIL
- 50% are developing their own "best practice for IT" frameworks
- 40% are using Six Sigma
- 30% are using CMM
"Compliance, in whatever form required, should ideally be a natural consequence of a good IT control environment strategy rather than a driver. To look at this topic any other way is to put the proverbial cart before the horse," said Stephen Ashton, Global Head of IT Business Management at Dresdner Kleinwort Wasserstein. "When dealing with the mission critical environment of an investment bank one can't afford to be distracted from the cornerstones of resiliency, agility, security and effective cost management. Achieving a clear, reliable view of the entire IT environment, from the business application and user level to the infrastructure layer, is the foundation for effective IT management, and the best way of meeting compliance requirements."
"Pain, confusion and spiralling costs are the symptoms that regulatory demands are perceived as causing." said Richard Muirhead, CEO of Tideway Systems. "Our customers are juggling a multitude of demands from the business as well as the regulators, but there is a clear understanding that nothing will be achieved if the IT organisation isn't in the best possible shape in the first place. We believe this can only be achieved at the lowest level - by ensuring complete transparency of the IT organisation."
While the myriad of regulations are seen as creating additional cost to the business with little immediate value, it is accepted that "best intentions" are no longer sufficient to meet the requirements of core business processes on the technology infrastructure. Driven by legislative or best practice rules the IT organisation has become accountable - but it needs the tools to be able to achieve the goals that the regulators are setting. Many tools exist in the market today to solve parts of this problem: Business Service Management, Provisioning, Service Desk, Inventory and Asset discovery techniques. However, below these is the need for a living, constantly updated view of the IT environment to underpin all other activities.