Managing IT in Financial Services during the Credit Crisis

By Adam Burns, Editor-in-Chief

Sub-prime fallout, rogue traders and the threat of a global credit crunch – the Financial Services Industry is suddenly in very deep waters. While IT organisations at Financial Services firms had little to do with creating the current credit crisis, CIOs must steady the ship and steer a course between process improvement and technology. How? Ca has an idea (or five, to be exact).

Chief Information Officers have their hands full. They must demonstrate how they are investing their budget, the value they provide, and the implications of any new initiatives or budget cuts. They must deliver the capabilities that the business needs to perform, while showing that technology can sustain – and even stretch – the strategic agenda. They must implement best practice. And the clock is ticking.

How can it be done? Regardless of bull or bear markets, technology plays a key role. The sub prime situation, unsupervised trades, mega-merger activity, and the uncertainty of the overall economic climate are driving a new type of behavior from the technology community.

In April of this year, CA and the Wall Street Technology Association (WSTA) hosted a unique executive roundtable, bringing together 15 senior representatives from banking, capital markets, and insurance firms to discuss the impact of the credit crisis and best practices for managing IT during today’s difficult economic circumstances.

CA Executive Vice President Dr. Ajei Gopal kicked off the roundtable with a brief introduction of how the credit crisis has brought CA closer to its financial services customers as they struggle with the extraordinary pressures of managing IT, and then opened up the roundtable to each participant to share their experiences and how they have been addressing them.

Figure 1 : CA viewpoint: best practices for managing IT during the credit crisis in financial services

Perhaps unsurprisingly, many common themes were uncovered. For example, one thing that most CIOs have in common is a new CEO. This has lead to IT Governance becoming a prominent topic. The CIO needs to rapidly explain how IT resources and investments align to the goals of the business and what happens if budgets, people or other circumstances change.

IT Governance efforts need to be accelerated to avoid potentially disastrous, unsound cuts in IT investments without understanding the full short and longer term impact on the firm.

In addition, most firms are experiencing unprecedented motivation to make major infrastructure changes, consolidation, and investments in automation – to do more while spending less. Wall Street firms are making the difficult decisions to cut redundancy out of systems and at the same time increase critical capabilities such as security and transaction efficiency. In the next twelve months many financial services firms will face hundreds of millions of dollars in litigation fees and fines. Now is the time that the CIO can architect for the coming litigation and expect massive savings.

Risk and compliance have been the key words of the last three years. Institutions have purchased various point solutions as stopgap measures for credit, market and operational risk. Control frameworks are now emerging as a common sense best practice. These framework technologies not only reduce the compliance redundancies present today, but also increase the agility of the firm going forward.

And finally, as the market participants consolidate, operational efficiency will come to those players who have mastered the ability to monitor individual and aggregate financial transactions across heterogeneous environments and platforms. There is no room for a system slow down. There is no budget for unnecessary manual intervention. There is no excuse for losing customers due to a diminished IT capacity or poor system performance.

At the conclusion of the roundtable discussion, CA VP of Financial Services Mark Bubar and CA Chief Financial Services Solution Architect Dave DeCamp led an open discussion to gain feedback on CA’s “Top 5” IT best practices, and how CA partners to align its solution portfolio to help firms manage IT through the credit crisis.

The roundtable group was in agreement that the CIO, and the IT organization at financial services firms, can take this opportunity to lead their firms out of the crisis, especially when those efforts are supported by their technology partners and vendors, and yield a stronger, more resilient financial enterprise when the credit crisis is resolved.

The Top 5

“As Wall Street moves to shore up its damaged image, major financial services firms are cleaning house of top executives. CIOs are now faced with providing transparency into their IT initiatives to new management teams and helping them to understand the implications of changes in IT budgets and strategies,” says Mark Bubar.

With estimates of losses among several investment banks ranging from the tens to the hundreds of billions of dollars, CIOs must accomplish more with less. When investigations into potential fraud occur, CIOs must be able to support their organizations by quickly providing the electronic information – unstructured e-mails, instant messages and user-generated contract – required during the investigative process. At the same time, IT systems must continue to operate without outages and with high performance while minimizing IT risks and complying with regulations.

By adhering to the following five IT best practices, according to Mark, “CIOs at financial services firms can better address the challenges resulting from the current credit crisis, operate within tighter budgets and deliver new value.” It’s a view shared by many analysts and industry leaders.

Provide transparency into IT operations

As financial services firms replace senior executives, CIOs must demonstrate to new bosses, investment and retail banking groups as well as other business partners how they are currently investing their budget, the value they provide and the implications of any new initiatives or budget cuts.

They must deliver the capabilities that the business needs to perform, while showing that technology can sustain – and even stretch – the strategic agenda. They must implement best practice. And the clock is ticking.

IT governance bridges the gap between IT and the business side of the firm. It enables CIOs to provide executives with transparency into IT operations, the value from IT dollars and how IT initiatives align with the strategic objectives of the firm. IT governance delivers improved visibility into the firm’s IT resources – providing graphical dashboards that illustrate the relative sizes of various projects, costs, number of people involved, whether the project is on schedule and other project information. It also enables “what if” analysis to help executives prioritize initiatives.

“Good governance requires carefully defined processes,” says Tim Newman, Senior Executive at Accenture Technology Consulting. “For the CIO it will deliver the best possible service at the lowest possible cost. Proper governance allows you to maximise the resources available for strategic, value-adding spend. It means you can stop misaligning projects – or at least realign them to prevent losses. And more proactive planning of IT assets increases utilisation.”

Already, the top global systems integrators use IT governance capabilities both to manage their internal IT projects and to provide these capabilities to their top financial services clients.

Do more, spend less

During the housing boom, mortgage lenders earned substantial profits and could afford to spend heavily on IT resources. Now, in the face of staggering losses, the new mantra has become, “Do more spend less.” CIOs can achieve substantial cost reductions through workload automation and by eliminating redundant software.

CIOs need to maximize the work they can accomplish using existing mainframes and distributed systems while minimizing the staff devoted to job scheduling. Workload automation capabilities allow IT to process workloads based on policies, real-time events or triggers as well as to handle exception conditions automatically across the enterprise. This enables financial services firms to improve the delivery and availability of critical business services while reducing costs.

“It is a ‘virtuous circle’,” says Karoline von Richthofen, Head of Corporate High Value Payments, Cash Management, for Deutsche Bank. “Automate your workload and you are able to enhance the use of IT systems to increase automation and drive further savings.”

“We’re trying to consolidate a lot of our similar types of activities so that we can get some economies of scale, and then identify best practices to reduce costs in these new consolidated environments,” says Wayne Mekjian, Group Technology Executive and Chief Information Officer of Wells Fargo. “A major aspect of this process includes working more closely with business partners to understand their needs and collaborating with them to find out where automation is possible.”

The issue of workload automation has become so important that many of the largest financial services firms on Wall Street have joined forces with CA to form the Autosys Advisory Council to discuss IT capabilities they need to better automate workloads.

Financial services firms can also realize significant cost benefits by eliminating redundant software and standardizing on software from a single vendor. Such consolidation reduces software licensing fees and the need for maintenance and administrative staff – since firms no longer need different people with knowledge of different products to perform the same function.

Respond to regulatory investigations

With the credit crisis has come the realization that many sub-prime loans, particularly those from second-tier financial institutions, were fraudulent.

As lenders conduct and respond to investigations, IT must support these efforts by developing systems that can rapidly and cost-effectively retrieve confidential unstructured data – e-mails, instant messages and other user generated content – that may be requested.

Citigroup’s SVP of IT and Risk Management Richard Gomes, says records management is a “foundation” competency. “Records management helps you understand the information you own, what controls you need to put in place, and the legal and regulatory requirements surrounding retention of this information. Once an institution understands this, it then can streamline its information-handling processes.”

The Financial Services Technology Consortium (FSTC), which is comprised of more than 40 major financial services firms, consultants, associations, standards organizations and technology vendors, is currently working to help financial services firms establish world-class electronic document/records management policies, procedures and technologies.

“We’re not only looking at what is out there today, but how emerging technology will impact records management tomorrow,” says Roger Lang, Managing Executive of FSTC’s Security and Infrastructure Standing Committee.

Manage IT risk and compliance

With the credit crisis, financial services institutions have turned their attention to carefully evaluating and managing risk throughout the organization. While IT is not responsible for credit risk or market risk, it does need to manage IT operational risk from people, processes and systems as well as compliance with Sarbanes Oxley, Basel II, PCI and other regulations.

Governance, risk and compliance (GRC) solutions enable IT to make fact-based decisions about and oversee their enterprise risks by correlating organizational risk and controls to corporate policies, best practices and regulatory requirements. These solutions also help IT manage the staffing and execution of all GRC work.

“For many of the CIOs that we work with, GRC is at or near the top of the agenda,” says Dennis L. Chesley, a Partner at PricewaterhouseCoopers. “There are two primary drivers of that: transparency, which is the organization’s demand for better and more accurate GRC information, and cost. Cost pressures continue to drive organizational behavior, and continue to drive the CIO’s agenda. GRC activities are a primary area for cost management.”

Governance, risk and compliance management solutions incorporate a unified compliance framework that incorporates hundreds of established standards and applicable regulations. This enables IT to rationalize controls across multiple regulations and standards to minimize duplication and costs. Dashboards and reports provide a portfolio-type view of all monitored risks, furnishing insight into the current status of activities for regulatory compliance and risk mitigation as well as allowing IT to manage these efforts.

Maintain transaction performance and efficiency

Despite tighter IT budgets, IT organizations must continue to verify that transactions perform well and execute efficiently – not to mention guard against high severity outages – or they risk losing customers for the businesses they support. Therefore, IT needs to proactively monitor customer transactions and manage the distributed IT infrastructure to validate that service levels remain intact and that customers remain satisfied.

“On a typical day, MasterCard processes millions of transactions and settles billions of dollars,” says Robert Reeg, the company CTO. “To make sure every transaction goes smoothly, managing the software and hardware that makes all of these ‘handshakes’ possible. This is the brand promise to our customers and what MasterCard is all about… Technology is a big part of our business.”

IT management capabilities provide real-time visibility into distributed applications and connected systems. Alerts notify IT staff and business teams of defective customer transactions, degraded performance or problems in packaged or custom applications. This enables IT to detect existing or potential performance problems, then precisely and rapidly pinpoint the source of the problem to resolve it quickly.

At the same time, business managers and executives know whether or not their applications are working, service level agreements are being met and how the business is actually running at all hours of the day.

Summary

By following these five best practices, IT organizations within financial services firms can help their firms respond proactively to the new challenges that have arisen due to the credit crisis. As a result, they can add new value to their organizations – and document that value – even as they adjust to budgetary pressures.