By Derek Britton, Solution Marketing Director at Micro Focus
Since the Enron scandal and in the recent period of economic austerity, the public has borne witness to unprecedented scrutiny into industrial-scale problems. High profile banking outages – such as those reported at Santander, Barclays and HSBC in May this year – LIBOR rigging, PPI mis-selling and insider trading have fuelled widespread criticism of the financial industry. This scrutiny, together with new legislative changes, has resulted in an array of new compliance measures such as ISO27002, Basel III, FACTA and SEPA.
In order to support compliance requirements, banks need to change and update their core business applications through software development and testing. Yet related challenges including; missing code documentation, a widening coding skills gap and data privacy risks have led to a melting pot of complexity that has seen banks increase spend simply to ‘keep the IT maintenance lights on.’ JP Morgan recently announced that in order to support compliance demands it had grown its IT spend by 27 percent since 2011.
In a climate of shrinking IT budgets leaders need a new approach to compliance that will drive efficiencies and reduce cost in order to future proof the business. This approach should include the use of automated application understanding, software development and test data software so that banks can find the right code, fix and test it quickly and efficiently, without exposing sensitive employee information.
Going beyond simply ‘keeping the lights on’
The burden of the existing day-to-day IT workload has never been greater, and continues to grow. Spending on basic maintenance and compliance does little to really move the business forward, yet it consumes the vast majority of IT budget. Tech-savvy consumers are demanding cloud, mobile and new IT architecture and this new generation of customer is forcing banks to look hard at their IT strategy and how to reduce expenditure on maintenance so that they can invest in innovation.
However, reducing IT spend on compliance is difficult. The legal imperatives and regulations facing the banking world today are accompanied by unmovable deadlines and threats of punitive measures. HSBC, for example, was forced to a pay a $1.9 billion (£1.2bn) anti-money laundering fine last year. With deadlines usually locked and loaded, associated projects become high priority “must haves” and budget “must spend”
Not complying is not an option, yet updating core applications to ensure compliance presents an array of challenges. So many of the world’s financial transactions are passing, in their billions, through code first devised some thirty years ago, meaning that often:
Application documentation is missing: Understanding where to make changes can be difficult, especially when up-to-date application documentation is missing. This impacts on how quickly developers are able to identify specific areas of code impacted by the compliance change. Add to this the in-house regulations including coding guidelines, standards adherence and quality metrics, and”routine” change projects can become arduous resource-intensive.
Coding skills gap: Developers must rely on the code itself to help them understand where to make their changes. However, many core banking applications are written COBOL, whereas today’s software developer is trained in languages such as C# and Java. IT leaders, often find their skill pool lacking for the task at hand.
Testing can risk divulging personal employee information: A key element in de-risking IT to comply with new regulations is ensuring that applications are released and updated without the introduction of errors. This is fairly well understood in the industry. Less well understood seems to be the fact that using production data to test those applications is a very bad idea indeed. A 2009 survey of over 1,300 US and UK development professionals revealed an overwhelming majority of respondents, including 80% of US respondents, use copies of production data for application testing purposes.
Test data can contain sensitive employee data, such as payroll information, if pulled from company personnel for testing requirements. Personal data leaked through a testing process not only breaches best practice but can represent a very high-profile failure in terms of regulatory compliance.
Find it, fix it and test it – the smart way
Using automation technology can create repeatable, effective steps for updating software when faced with the above challenges, driving efficiencies at every key stage. In doing so, banks are able to create a balance between lights-on and innovation projects, enabling development staff to focus their efforts more efficiently, while fully understanding and managing the impact of the changes they make.
Find It: Embrace change and boost development efficiency
Application understanding technology has been used to great effect on mass change programmes as far back as the year 2000. It has gone from strength to strength, forming the backbone of many organisations’ maintenance activities, including handling the change requests emerging from mandatory regulation. One such example is SEPAi, the Single Euro Payment Area, which becomes a requirement for cross-border trading on February 1st 2014.
This technology helps business analysts’ work with developers to identify and isolate impacted sections of the application portfolio and provide a ‘single source of truth’ for all stakeholders, regardless of role or function. This increased insight impacts positively on risk and productivity, which can be scaled up to support more strategic IT planning and portfolio management initiatives too.
Help in finding where to make changes is also critical. Application understanding technology provides developers with a ‘to do’ list, focusing them on impacted areas and dramatically reducing the learning curve associated with unfamiliar code. From there, the right technology enables developers to get the job done quickly and accurately, avoiding re-work and high-profile system failure.
Fix It: Wipe out the skills gap
The right technology to help the skills gap are based on industry standards like Eclipse and Visual Studio, enabling the broadest possible pool of developers to be highly productive in the shortest possible time, whatever their background – COBOL or C#, mainframe or mobile. These environments bring huge productivity benefits through powerful editing, syntax correction and debugging features, and they present these features in a way that is immediately familiar to new arrivals. It means no matter what the required change, whatever the code, the task becomes straightforward.
Test It: Protect privacy through automated test data management
Effective test data management, including protecting sensitive data through various forms of automated masking, satisfies privacy regulation and removes the risk of personal information falling into the wrong hands when company property is stolen or mislaid.
Some organisations go even further, using those same tools to reduce the size of their data sets while keeping full referential integrity. By using smaller, more precise, and secure test data sets, organisations can run their testing lifecycle in a shorter time, at a higher quality and with a lower cost.
Regulatory Change: A catalyst for innovation
Unless banks adapt their approach to regulation changes it will remain impossible for IT departments to service the needs of the compliance office and still satisfy the business innovation agenda. By introducing appropriate technology and, as Forrester analyst Tom Grant says, automating ‘anything and everything that can conceivably automate,’ organisations can get ahead of the game – not just of compliance, but of their entire ‘lights on’ burden.
If teams use compliance as an opportunity for making improvements to team productivity it can act as a force for good in changing the way things are done. Only then will the CIO finally be able to generate the business growth the company needs and which IT can deliver.
Wireless Connectivity Lights the Path to Bank Branch Innovation
By Graham Brooks, Strategic Account Director, Cradlepoint EMEA
As consumers cautiously return to the UK high street in the past few weeks, banks can expect customer footfall in branch to rise accordingly. But whether it’s checking in for a mortgage appointment or cashing in a cheque, awareness of the ongoing potential health risks must be top of mind.
At the same time, the pandemic has forced a transition to the future bank branch. This means that there will be less people and more machines – digital signs, contactless devices, and new cash deposit systems.
To ensure they continue to provide a service that attracts new customers, banks must digitise their branches. And wireless technology is going to form the underlying infrastructure that makes that possible.
Wireless WAN providing reliability
Traditional banks now face their biggest challenge in history: digital-only banking. Over two-thirds of participants in a 2020 study planned to transition to a digital-only bank in the future. It’s therefore vital that traditional banks running physical branches update in-branch customer experience to compete with the new pack on the prairie. Reliability plays a big part. So does trust.
The future of in-branch experience lies in technologies such as IoT, VR/AR, and AI, all of which are highly data-intensive. Reliable connectivity is therefore critical, and banks should be shooting for zero-downtime connectivity, allowing no room for gaps in service.
To do this, banks can deploy Gigabit-class 4G LTE (LTE Advanced) or 5G adapters that bridge to a traditional ethernet connection, providing a wireless option to the wired-line router. Then, in the rare scenario where wireless connectivity is down, at least one of the WAN connections is always guaranteed to be live. The router has the autonomy to determine when failover is necessary.
Better still, the reliability of modern Gigabit 4G LTE and 5G connectivity now means that failover is often unnecessary. A branch can, therefore, run its network independent of a wired-line connection and benefit from the security and agility of a resilient wireless network, while still providing enterprise-grade connectivity.
Branch network reliability, in this way, will support the bank’s reliability as a whole. In turn, this will fuel the higher standards of customer experience needed to compete with more agile digital-only banks.
The new reality of IoT
The first organised response to stop the spread of the virus around the world was social distancing. While transparent screens can be used to block transmission, the overarching effect of these measures has been a loss of communication capabilities. This will affect banks like it has everywhere else, if not more as a space where interaction is so important.
IoT technology will be core to overcoming these barriers. Digital signage, kiosks, and surveillance cameras will all contribute to improved communication and security, and a better customer banking experience. But to enable such extensive use of IoT devices operating on a single network, banks must ensure they can accommodate such high levels of data transfer. Using Gigabit 4G LTE connectivity to extend its services beyond traditional network infrastructure, banks will achieve the required levels of bandwidth.
Hybrid connections managed in the cloud
With high volumes of data being transferred across the network, security and availability should be at the top of the agenda when digitising bank branches. But these are not always easy to implement, especially in an environment with several complex networks of endpoints.
For example, marketing teams need to push personalised content to customers on digital signs and IT teams need to set visitors up on a guest WiFi network. These operations require the guarantee of security and availability, with trust and the customer experience at the core.
Wireless networks excel in this aspect as they can employ the benefits of a cloud-based management system. Cloud-based systems make it easier for bank staff working from home, who can access the same assets and applications from their sofa as they would otherwise have in-branch. The service is the same.
Cloud management systems also provide improved network visibility, giving IT teams endpoint information from across the network as it happens. With security patches being updated on devices simultaneously, leaving reduced time for opportunistic attacks to exploit known vulnerabilities.
Equally, by using a hybrid Gigabit 4G LTE network in tandem with a wired connection, businesses can achieve simplicity from an otherwise complex challenge. The primary wired network can be used to transmit any sensitive information securely, while a separate network using the Gigabit 4G LTE connection runs other in-branch operations.
The branch’s network, in this way, is ‘air-gapped’. The secure data being processed by the operations team runs on an essentially separate network to that of the marketing team’s content. The network will also increase its ability to process more information, with its workload spread out.
The simplest solutions are often the best. In this case, exploiting a hybrid network can address the complexities of security and availability when employing enterprise-grade connectivity.
Invest now for future 5G rewards
As banks continue to adapt their branches over the course of the pandemic, they should invest in business-wide digitisation to secure a sustainable pathway to the future. To achieve this, banks must ensure their network solution enables carrier-class connectivity. It should make use of the full spectrum of connectivity – 4G LTE to 5G – and offer the full spectrum of 5G bandwidth. Branches aren’t going anywhere soon. They must ensure that their services are optimal now, and in ten years’ time.
Fortune favours the bold, and those who chose to adopt revolutionary and innovative technology early are already on their journey. Learning from this, banks that invest now to improve their future infrastructure will thrive once 5G does arrive. Good things do not come to those who ‘wait’. They come to those who prepare well in advance.
Financial Regulations: How do they impact your cloud strategy?
By Michael Chalmers, MD EMEA at Contino
How exactly do financial regulations affect your cloud strategy? It’s a question many of our customers have been scratching their heads about. Some solutions are costly and over-complex – but by asking the right questions, the wrong solutions can be avoided.
Following the Financial Conduct Authority’s (FCA) 2020 review, it’s clear that highly regulated enterprises must work harder than ever to stay within various limits which protect customers during an economically strenuous pandemic. Below, I address three questions we’re hearing from customers about how to optimise the cloud whilst sticking to FCA regulations.
- What regulations must you consider before outsourcing to a cloud provider?
If you have an application or workload that you’re looking to put into the cloud, you will have various service levels that you’ve defined for that particular stack. When you’re looking at the cloud provider and asking yourself what services to use, you’ll need to consider how that aligns to your service levels. How do I architect it to make sure that it’s aligned and that it can tolerate failure?
At the very start of that journey, before you even start putting your workloads into the cloud, you need to set the standards that you will need to adhere to. The Shared Responsibility Model is a key asset in understanding where your responsibility lies.
There are a number of things that you need to make sure are in your contract with the cloud provider. Unless you specifically sign a contract addendum with them, you can’t guarantee that useful and knowledgeable assistance is included.
While the guidelines are very clear on a number of clauses that you need to put in your contract with the cloud provider, these regulations apply to outsourcing in general. Cloud providers are very mature, so they will come with pre-packed addendums to the standard contract they offer that are customised to comply with FCA regulations. However, if you start outsourcing IT functions in a different way, e.g. if you start using a Software-as-a-Service (SaaS) provider which is delivered using the cloud, the new provider will need to be vetted to make sure that you have the right clauses in your contract with them. While cloud providers are very mature on this, most SaaS tools are not.
- How can you control or restrict where data in the cloud moves?
When it comes to data security, there are various options available on Amazon Web Services (AWS). For example, you can securely lock particular regions into an account on AWS. It’s also worth looking at your account structure policy. If you have accounts where data can’t reside outside the EU, you can put the workloads into that bundle and you can lock it down at policy level. There is an element of trust with the provider here as well.
While AWS offers prescribed controls to block certain regions, other cloud providers have different strategies. In the case of Google Cloud (GCP), you can specify service controls so that, even for managed services such as Big Query, you can lock your data in not just one region, but within your virtual private cloud. In other words, not only can you block specific regions or allow specific regions, you can specify that only things within a region can assess data within a region as a general policy.
- What does the regulator need to see to approve your exit strategy?
In terms of documentation, it’s not a case of “show me your policies and test plan” but rather “show me how you exercise it”.
Most of the time it’s a months-long process and it comes down to personal relationships: you build trust over time with the regulator as you build your exit plan. You should be able to discuss what else they would like to see in there. While there used to be a template for an exit plan in the European Banking Authority (EBA) regulations in a previous version, this has since been removed.
Regulators don’t tend to look at test reports. However, they do post a lot of information on audit reports and auditors. These auditors are there to check you’re doing what you say you’re doing. At the end of the day you are responsible for demonstrating your exit plan – it has to be coherent, consistent and compelling.
The truth is, most of the time, regulators are just trying to encourage you to do what works. That being said, sometimes their outlook doesn’t quite match with your view, or sometimes there’s an artificial difference that can be smoothed over or finessed. Occasionally you have to remember that we had 2008. What if in 2020 we have a massive AWS outage?
Multi-cloud is a natural strategy. There’s a number of high-level, cloud-native services that can be leveraged to simplify the implementation of multi-cloud in large financial institutions. Adhering to the multitude of guidelines can be complex and time-consuming, but forging the right path through the regulations will ensure that your multi-cloud is optimised to provide the most streamlined and efficient service possible to your business.
Post-COVID Mortgage Processing: Ripe for Intelligent Automation to Boost Organisational Resiliency
By Asheesh Mehra, Group CEO and Co-founder, AntWorks
As seen in many other countries, the COVID-19 pandemic sent a shockwave through the UK housing market, bringing the entire sector to a virtual standstill. As lockdown restrictions ease, we are now witnessing a housing boom like no other, as thousands have entered the market looking to capitalise on the UK government’s new stamp duty relief on properties priced up to £500,000. At the same time, however, the economic fallout from this financial crisis has resulted in almost 750,000 people losing their jobs and countless more being furloughed, leading to an increase in property remortgaging requests and payment holidays.
As a result, banks and mortgage companies now find themselves inundated with new mortgage applications, refinancing and forbearance applications. To support this, there is now a drastic need for increased manpower to manually process the plethora of mortgage enquiries in a more efficient manner. That being said, the uncertainty of future pandemic impact and restrictions being imposed at a local or global level is leaving the industry under severe pressure to deal with the demand as quickly and effectively as possible.
Like many other industries feeling the impact of the COVID-19 crisis, the mortgage sector needs to deploy digitisation in their operations in order to scale their business faster than before or risk being left behind. Artificial Intelligence, deployed in conjunction with intelligent automation, can help ease the burden on mortgage brokers and lenders by accelerating the mortgage loan process and reducing costly errors caused by manual input.
Achieving speed and scale through intelligent automation
Automation is a viable and logical solution for mortgage lenders as approximately 60 – 70 per cent of tasks in mortgage processes across the value chain are, replicable and prep-based tasks that are suitable candidates for automation. Traditionally, mortgage companies frequently conduct borrowing assessments that require careful analysis and comparison of customer data. This includes checking and establishing customer credit history as well as affordability by manually processing data from income documentation such as bank statements and payslips. This is a tedious but highly necessary process known (rather un-fondly) in the industry as the “stare and compare” stage of mortgage processing
These tasks require a huge amount of paperwork and form filling, which is not only time-consuming but also prone to human error. Furthermore, in their day-to-day routine, mortgage processors are required to literally unpackage and organise documents that are often in paper formats. This is a laborious process especially when executed across multiple mortgage applications at the same time.
This is where intelligent automation steps in to help mortgage companies take on and complete far more work, at a much faster rate and with higher accuracy. Automation can relieve mortgage workers from repetitive tasks such as manually populating the loan origination systems. This means that customers can get loans approved quickly and efficiently. In fact, a global mortgage provider leveraged the power of automation to increase the speed at which mortgage documents were being generated by up to 90 per cent without compromising the integrity of its review process. What’s more, they also managed to improve the turnaround time for the more complex documents by 100 per cent.
Cognitive Machine Reading (CMR) based solutions are the answer for companies looking to achieve straight-through processing for all their mortgage documents. CMR enables mortgage companies to overcome the challenges of digitising unstructured data and achieve faster ROI with higher accuracy with data certainty. Additionally, it can help mortgage companies to cut down on loan processing costs by up to two-thirds and mortgage origination time by 50 per cent.
The (fractal) science behind CMR is that it uses integrated AI capabilities to process highly complex unstructured data along with the more basic data formats. This data can then easily flow through the entire organisation via an end-to-end process achieved with little to no human interference.
Inevitably, all business data needs to be digitised so that it can feed analytics, drive automation, and provide those much-needed customer insights. CMR can play a part to eliminate repetitive and error-prone stare-and-compare tasks that are often a commonplace in mortgage processing. It is able to identify and process the context of data and validate it against existing information elsewhere. As a result, this speeds up the overall processing time for new mortgage and refinancing requests.
Avoiding common automation mistakes
Before kickstarting any digital transformation journey or automation projects, it is imperative that businesses look into avoiding the pitfalls of adopting the wrong automation tools. For example, utilising traditional Optical Character Recognition (OCR) technology for business processes can lead to significant data challenges which will slow down and impede automation goals. OCR is a simple data ingestion tool that is limited to only processing and automating structured data that comes in the form of fixed-field text. Given that 80 per cent of the data within most organisations is unstructured or does not have a predefined format (e.g. emails, images, signatures, social media feeds), OCR technology cannot ingest the vast majority of data trapped inside a mortgage process (or any other business process). In order to overcome this and improve its business process outcomes, one leading Insurance provider managed to process large volumes of unstructured data via CMR automation to achieve 75 per cent reduction in the manual data extraction of handwritten documents. Additionally, the company also achieved more than 92 per cent accuracy in identifying and processing handwritten content.
Critical, everyday business data contained in multiple formats such as emails, images, and handwritten material make up a large part of unstructured data. This is why businesses need to put greater emphasis on researching and identifying intelligent automation solutions that can unlock this date to achieve their business goals. CMR enables mortgage companies to significantly accelerate the course of identifying and classifying all types of documents by cutting down the reduction time for processing mortgage claims by 90 per cent with a substantial level of accuracy (75%). What’s more, it enables any organisation to automate at scale, bringing true automation as a company-wide approach rather than a segregated one.
The COVID-19 pandemic has managed to speed up the need for businesses to embrace digital transformation. This may well be the catalyst for many mortgage organisations steeped in antiquated legacy-based ways of working to refine and streamline their business operations via straight-through processing. It is clear that companies can successfully automate entire business operations to not only improve their operational efficiency but also achieve organisational resilience in a long run. And the faster mortgage lenders can tackle their processes right now, the better for the sooner they can pass those efficiencies and savings onto customers to help rebuild the economy and bolster the housing market in the UK and elsewhere.
Mastercard Delivers Greater Transparency in Digital Banking Applications
Mastercard collaborates with merchants and financial institutions to include logos in digital banking applications Research shows that ~25% of disputes...
Success beyond voice: Contact centres supporting retail shift online
As the nation continues to overcome the challenges presented by COVID-19, customers have shifted their channel preferences, and contact centres have demonstrated...
7 Ways to Grow a Profitable Hospitality Business
Hospitality requires charisma and innovation The hospitality industry is a multibillion-dollar industry with lots of career opportunities in hotels, theme...
AML and the FINCEN files: Do banks have the tools to do enough?
By Gudmundur Kristjansson, CEO of Lucinity and former compliance technology officer Says AML systems are outdated and compliance teams need better...
Finding and following your website’s ‘North Star Metric’
By Andy Woods, Design Director of Rouge Media The ‘North Star Metric’ (NSM) is one of many seemingly confusing terms...
Taking control of compliance: how FS institutions can keep up with the ever-changing regulatory landscape
By Charles Southwood, Regional VP – Northern Europe and MEA at Denodo The wide-spread digital transformation that has swept the financial...
Risk assessment: How to plan and execute a security audit as a small business
By Izzy Schulman, Director at Keys 4 U Despite the current global coronavirus pandemic and the uncertainty it has placed...
Buying enterprise professional services: Five considerations for business leaders in turbulent times
By James Sandoval, Founder and CEO, MeasureMatch The platformization of professional services provides businesses with direct, seamless access to the skills...
Wireless Connectivity Lights the Path to Bank Branch Innovation
By Graham Brooks, Strategic Account Director, Cradlepoint EMEA As consumers cautiously return to the UK high street in the past...
Financial Regulations: How do they impact your cloud strategy?
By Michael Chalmers, MD EMEA at Contino How exactly do financial regulations affect your cloud strategy? It’s a question many of...