By Dave Lewis, Director, Alpha Insight
One of the fundamental problems within the banking industry is the notoriously complex IT infrastructures found within institutions.
Created piecemeal to deal with particular challenges, but fostering all kinds of hidden bottlenecks and snag-points, banks often have no true end-to-end view of their payment systems.
The misfortune that struck RBS last month is a case in point, sending reverberations around the entire UK banking sector. Here, yet again, was a major bank that had suffered an IT failure with significant consequences.
In this instance, 600,000 payments failed to enter the accounts of its customers, leading to widespread inconvenience and embarrassment, as well as very public criticism from politicians.
Wages, tax credits and benefits were among the payments that were affected, while small businesses were unable to access their banking facilities. The failure affected almost the entire spectrum of retail banking, also hitting the operations of NatWest, Coutts and Ulster Bank, which are part of the same group.
Political flak came from Andrew Tyrie, chairman of the House of Commons Treasury Committee, who said the delay in processing the affected payments was “unacceptable”. A long-time critic of banks over their IT failures, he said he would be writing to RBS, the Financial Conduct Authority and the Prudential Regulation Authority to ensure the necessary measures were taken to prevent a repetition of such problems.
“Restoration of payments should be a top priority. It is crucial for those in the greatest financial need and also those who find it difficult to go to a branch,” he said.
This is not the first time RBS has suffered such a failure, having been fined £56 million by regulators over a malfunctioning 2012 software upgrade. Indeed the latest difficulty comes on the heels of an IT outage at Nationwide Building Society which meant customers had problems with online payments following its bungled system upgrade.
Anthony Browne, the chairman of the British Bankers’ Association quickly set the RBS experience in the wider context of banks spending £3 billion a year on improvements to what he termed “creaking IT systems”. The institutions were aware of their IT shortcomings, but it was unacceptable for them to experience failures like RBS, he added.
Setting all the criticism to one side, the truth is that such difficulties can be avoided if banks establish what it is they should be paying closest attention to from their billions of metrics, and then have the right business logic in place, on top of their monitoring tools, so they can achieve it.
The RBS example is just one of the many different kinds of glitches that can afflict banks. In this instance it is likely that overnight processing of a large amount of payment data failed, missing an important deadline. This is a process that seems simple enough to an outsider and which ought to be flagged up to the bank’s staff. After all, what can be more significant to a bank than processing payments?
The problem for most banks is that their current monitoring solutions do not allow them to see their payments processing end-to-end because of the inherited jumble of systems added to the side-effects of extensive outsourcing.
They lack the crucial business insight that tells them what is really important and then measures and represents it in an easily comprehensible way. A bank may have dashboards and screens that monitor its every process, but they are of little use if staff looking at them do not know what it all really indicates at a business level.
In effect, despite having what appears to be a robust monitoring solution, the bank or institution has no end-to-end view of the millions of transactions it must handle every day. Nor does it know how to sort the wheat from the chaff when it comes to billions of potential metrics. Nobody really understands what is critical and the system lacks the transparency that would let them find out. When market conditions lead to a sudden spike in activity, such as a significant increase in transactions, they will never know if the system is coping until a problem hits them.
Secondly, even when the processes are monitored with any degree of effectiveness, the alerts and signals they relay are usually behind the curve. They may suddenly indicate that a process is failing, but by then it is too late to fix anything. What is required is monitoring that possesses the in-built power to predict a failure, allowing for preventive action that removes the threat before damage is inflicted.
Having the right monitoring tool is important, but having the right business logic and knowing what to monitor is vital. This may seem straightforward, but for most banks their systems do not make its execution easy. Banks need to acquire the ability to understand end-to-end payment flows and performance criteria and then apply that thinking to the monitoring tool.
In this way it is possible to establish what really matters and then create a set of meaningful metrics around it, establishing very clearly what must happen and by when.
The criteria can be set so that if say, a bottleneck is building up in one area, a warning will be issued at a set time before the deadline, giving staff the chance to intervene, manually if necessary, and eradicate the problem. This approach quickly establishes what is normal and benchmarks performance against it.
The methodology successfully avoids the snare of examining every transaction and only explores the detail when a risk is indicated.
Once a bank uses the right business logic and knows what is critical to its operations, where and precisely when, it will rapidly see a return on its investment in the form of hugely enhanced continuity and efficiency.
Its processes are far less likely to suffer costly and embarrassing failures, building a solid reputation with clients and customers for reliability and stability.
Achieving this level of transparency and automation means that fewer man-hours are required for monitoring, giving both IT and business access to the critical metrics. The value of pre-existing monitoring tools can be doubled or tripled.
At a time when all eyes are on the banking sector – including those of regulators – it is to everybody’s benefit for a bank to have the technology in place that shows it is in control of its processes and is paring back risk to the bare minimum.