Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on globalbankingandfinance.com is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies Sponsored Posts etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at globalbankingandfinance.com with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. Globalbankingandfinance.com also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites. Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. A very few articles on our website are sponsored posts or paid advertorials. These are marked as sponsored posts at the bottom of each post. For avoidance of any doubts and to make it easier for you to differentiate sponsored or non-sponsored articles or links, you may consider all articles on our site or all links to external websites as sponsored . Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.

Behind the scenes of a ‘challenger bank’ merger

Less change is more when it comes to keeping IT systems secure, successful and compliant

 By Guy Tweedale, regional VP, Rocket Software.

The UK banking industry is changing and we’re starting to see smaller, more local ‘challenger’ banks join forces to take on the big four high street lenders.

This summer’s takeover announcement of Virgin Money by Clydesdale and Yorkshire Banks (CYBG) is an example of this trend and provides a good test case as the new bank promises to champion consumers and ‘challenge the status quo’.

There is a certain amount of scepticism around the deal, but whether you view the move as a challenger revolution’ or the creation of just another faceless bank, any such merger requires careful planning and risk mitigation – especially when it comes to customer-facing technology and operations.

Reputation and customer service are everything to banks and any hiccups, downtime or, worse, security issues – perceived or otherwise – can send valued account holders running to the competition.

What’s in a name?

Guy Tweedale
Guy Tweedale

It’s natural for customers to question their banks when a new merger is announced – will their trusted bank still provide them with the best rates? Will their investments, savings or mortgages still be safe? Will the new, larger bank understand their needs and provide the service – and access – they are used to?

To avoid creating panic and losing customers, the first thing merging banks need to do to keep their accounts safe is nothing. Well, not exactly nothing – but before they start making changes to their brand or integrating their IT systems, banks need a clear action plan to mitigate risk and to assure customers and investors that not only is their money safe, but that the newly merged bank will provide the level and quality of service they expect.

When it comes to branding,banks need to tread carefully. Customers of Clydesdale and Yorkshire Bank, for example, may think that by adopting the Virgin brand, their new bank is ‘going global’. They may feel left behind – especially if they perceive that they are currently working with a more local bank that understands them. Any change in bank cards, account numbers or login details may also make customers feel they are being forced to move to a different bank anyway and could prompt them to consider moving their money elsewhere.

Safety – and security – first!

Branding and names aside, keeping customers’ accounts and data safe are paramount to any merger, and in the highly regulated world of banking this is even more essential.  When it comes to keeping sensitive information safe, the less movement of data, the better.  Rather than choosing one bank’s IT system over the other, it needs to be about maximising business value, while minimising risk.

In other words, the CIO needs to assess where merging or changing systems can positively impact the business and mitigate security threats by paying close attention to these areas and leaving the rest alone. For example, little value can be derived from merging or changing underpinning systems such as mainframes – and trying to do so can lead to opening up massive security holes.

Banks can avoid the risks of a mass migration of data and IT systems and still create an easy-to-access and secure customer front-end,post-merger. By using APIs and data virtualisation, merging banks can link mainframes and distributed IT systems, meaning that existing systems can communicate with each other seamlessly. This allows the new, consolidated bank to mix and match data from its various back-end systems as if they were one, to create a personal experience for each customer at any point of contact – mobile, online, via phone or in branch – without compromising security.

Customers are happy with the consistent, tailored experience from the bank and thanks to the APIs, their information remains in place and secure. The bank reduces the risks associated with moving data and merging systems, as well as saving time and money while remaining compliant with regulations.

 Leaving a trail

Speaking of compliance, a bank merger can become a minefield when it comes to ensuring compliance with regulations such as GDPR and PSD2. And when it comes to integration and building new systems, automated application lifecycle management (ALM) technology can help to control the development process and ensure it remains compliant and secure.

When developing new applications and technology post-merger, it’s important to make sure you don’t  open ‘back door’ holes in the systems. To ensure you never leave customer data unprotected or in breach of regulations, the bank needs to create an audit trail of any changes to applications – and ALM automation can do just that. It automatically tracks and documents every step of the development process which not only ensures the data stays in the right place, but also helps to avoid errors and keep the process on track, minimising downtime and allowing the bank to maintain an inventory of each new application.

An automated system can detect whether versions have somehow fallen out of sync, allowing action to be taken to either prevent users accessing it until the problem is fixed, or quickly rolling back to a previous version if required.

Maintaining the status quo

The current merger of Virgin Money and CYBG is unlikely to be the last we see of smaller banks coming together to compete with larger institutions – with each promising the most mobile, customer-friendly banking yet. Whatever stance you take on this latest trend, any bank merger requires due diligence and meticulous planning. From a technology perspective, by keeping things simple and avoiding change for change’s sake, banks can minimise risk, reduce downtime and keep their systems compliant and up and running – all of which are essential to keep their customers on side and encouraging them to invest in the future.