Close

Risks and opportunities

Investing in the next generation of FS technologies

download
Cover image - Risks and opportunities

Any change to a core banking system is like changing a Formula 1 car engine while steering at 200 mph on an uneven curve, without stopping the car. Many banks have avoided making fundamental changes to their legacy systems due to the risk of causing disruption to their service offering. 

Innovation is now banging at the doorsteps of companies new and old; changes need to be made quickly, because 6 months of delay might be the difference between market leader or forgotten company.

New players have recently joined the market, challenging the status quo and big players are trying to catch up.

In our latest whitepaper, we analyse several factors to consider when thinking about innovation strategy for investing in:

  • Replacing core legacy components
  • Hybrid cloud solutions for banking
  • Budgeting for FS innovation

Our team of experienced software developers and tax consultants will be sharing some insights into the ever-evolving world of Financial Services R&D.

Risk and opportunities

 

Table of contents

Introduction

Any change to core banking systems is like changing a Formula 1 car engine while steering at 200 mph on an uneven curve, without stopping the car. This is why many banks have avoided making fundamental changes to their core systems; core software capabilities take care of all the functionalities required to service customers and businesses. Hence, limiting these changes allows banks to function correctly and limits any downtime.

Unfortunately, this is no longer a viable solution due to the speed of evolution in technologies that underpin global banking systems. Customers want their money to be moved in real-time, and all of this must be serviced by legacy banks which still rely on outdated, monolithic systems which can’t cope with these type of real-time requirements.

New players have recently joined the market, challenging the status quo and big players trying to catch up. Although it is theoretically possible to build a new real-time bank, through leveraging cloud services such as Azure, AWS, and IBM cloud, it is impossible for those banks that have evolved over decades to do so easily. Especially when core functionalities and data are stored within ill-documented legacy systems.

The last push towards modernisation appeared when regulators forced companies to be more compliant, secure and transparent, with the new PSD2 requirements for Open Banking. This has led to companies innovating in different ways. Although the final goal is shared, each bank undertook its own R&D journey.

In some instances, this meant replicating core capabilities into cloud environments, for example, by enabling fraud detection through scalable cloud instances. In others, it meant segregating the way banks manage customers’ data by using third-party reporting solutions.

All of these projects pose a significant financial risk to the companies undertaking them, and we’ll look at some of the cost implications here.

We’re going to analyse several factors to consider when thinking about innovation strategy for investing in:

  • Replacing core legacy components
  • Hybrid cloud solutions for banking
  • Budgeting for FS innovation

Our team of experienced software developers and consultants will be sharing some insights into the evolving world of Financial Services R&D.

Risks and opportunities trends

Notes: There are 186 cases (29% of total incidents) where firms have not yet informed us of the specific root cause of the incident. We remain in discussions with relevant firms to obtain information.

According to the regulators’ research, the key issues are underpinned by the legacy systems that the companies are leveraging. The FCA “observed that legacy systems still support important business services in some firms and FMIs. Firms and FMIs have built or procured digital services for their customers, which often sit over the top of legacy systems rather than fully replacing them.”

For the financial well-being of the company, investments in research and development can’t be avoided. It is vital to understand how to minimise disruption and costs while bringing their systems up to speed for a digital economy. This digital transformation plan must be based on its long-term strategy rather than minimising investments in the initial years. A partial investment in innovation can have adverse effects on the company and be costly in the upcoming years.

So how do companies manage to innovate successfully? On the one hand, they have legacy systems that are no longer fit for purpose. On the other, they have new technologies that are not well tested. Already some attempts to modernise have led to failure and exposed the companies to additional risks.

So, how are organisations overcoming these challenges?

Global banking systems: changing legacy components

Companies are under immense pressure due to new regulations requiring them to innovate faster, as well as new competitors entering the market. The market is moving away from traditional banks and adopting digital banking solutions; in the UK, 71% of the population adopted Fintech technologies in 2019 alone (based on Statista data – 2019).

71% of the UK adopted Fintech technologies in 2019

This trend has forced the industry to undertake innovation following two different patterns, each with entirely different challenges. We have categorised these into the following: new tech companies building systems from scratch and established companies needing to undertake digital transformation.

Here we focus on the latter, which faces the most significant financial risk.

Retrofitting modern technologies within existing monolithic applications or systems creates the greatest risk. New technologies and frameworks are well documented, but they are designed based on modern software development architectures (e.g., microservices, cloud, APIs) and can’t retrofit existing systems. Most of these legacy applications are often coded in languages such as Cobalt or Assembly, which can’t be readily integrated with modern frameworks based, for example, on Python or Java. This can lead to costly consultation and research into existing systems that can last months or years before any new development takes place. These are all costs that new companies do not face.

Although extracting data might sound like a straightforward process using modern databases, it is significant when dealing with older systems. This is because the data can often be embedded within the application logic. For example, the same data can be stored across different applications, leading to inconsistent records. Again, new companies do not have the same issues with historical data, which keeps costs down.

Implementing and maintaining security across the technological estate is another challenge. Legacy systems were not designed to be connected to external parties. Hence, no security mechanisms were built in to share data using internet protocols. New systems can readily implement security suites. These technology suites do not work with old infrastructure due to incompatibilities. This leads to increased costs around the development of security suites to retrofit legacy systems rather than buy off-the-shelf solutions that tend to be cheaper.

Implementing and maintaining security across the technological estate is another challenge. Legacy systems were not designed to be connected to external parties. Hence, no security mechanisms were built in to share data using internet protocols. New systems can readily implement security suites. These technology suites do not work with old infrastructure due to incompatibilities. This leads to increased costs around the development of security suites to retrofit legacy systems rather than buy off-the-shelf solutions that tend to be cheaper.

These are just some of the issues faced across the FS industry. Here we look at some of the potential solutions.

Experimenting with ancillary functionalities migrated to new software solutions (e.g., new ERPs, reporting tools) allows the team to understand some of the underlying software/data interdependencies without changing the source systems. This means a company needs only to fund capabilities that work, rather than buying or investing in complex technologies later deemed not fit-for-purpose. These new functionalities are tested with a smaller number of real-customers and slowly scaled up. Over time, the team increases this sample size and can then gradually retire the legacy components and fully migrate to new ones.

Replicating core capabilities into a modern environment requires rethinking the entire architecture. Companies are trying to replace tightly coupled monolithic architecture with more microservices or docker oriented systems. The financial risk posed by the degree of uncertainty around the redevelopment of these capabilities using new technologies is not often proven. It is almost impossible for an FS institute to adopt vanilla solutions that work for them. Companies need to carefully invest capital to ensure that these solutions not just work for the time being but are future proof.

Each company can design different strategies where a combination of third-party system integrations and in-house development need to be undertaken. In both cases, there is significant research when it comes to integration of components, often due to several factors:

  • Technical debt of the existing technological estate Incompatibility of technologies (e.g., different security protocols)
  • Performance issues (e.g., how to integrate components most efficiently)

Every technical journey is client-specific, but one thing is common to all: for these strategies to be successful, the company must think about the long-term strategy rather than short-term fixes.

Global banking systems – cloud financial risks

Financial risks of the cloud model

We have all heard much about the cloud, but what does it mean for the global banking industry and how it can save organisations millions of pounds or lead to another financial disaster?

Although cloud might sound like an overused term, nobody knows what it means to move the billions of transactions processed by the financial industry onto this technology and the financial risks associated with it.

Some financial institutions such as Capital One went all in and moved their central infrastructure to the cloud. Thereby allowing them to leverage, for example, AWS for its security model and provide infrastructure on the fly, to deal with the increased workload. If effectively managed, this type of cloud migration process can lead to cost savings, by reducing the number of internal staff or contractors required to maintain security and other technology. It can also reduce the need to buy hardware and refresh it overtime. The main benefit is that it can easily retrofit new technologies and frameworks, avoiding some of the issues with legacy systems.

Although they might lead to short-term cost savings, subscription fees and pay-as-you-go contracts can lead to substantial unexpected bills over time. More and more companies are deciding to move most data onto the cloud, but this can lead to huge costs for amount of data stored. This data was previously held on internal mainframes that had fewer running costs, such as electricity bills.

The financial risk is augmented with the idea of unlimited scalability; hence, many companies can deploy code or store data that is not optimised, leading to increased use in resources just because of this idea of unlimited resources. Previously these resource consumption considerations were factored into the software design due to companies trying to minimise additional hardware costs.

Many banks are factoring all of this in before entirely moving into a cloud-based environment. The ideal scenario is that services that need to scale up and down quickly should be moved into the cloud. All the data and services that don’t need to be in the cloud remain in on-premise hardware. For example, companies could use the cloud for real-time fraud detection, capture client data, and provide a quick response. Simultaneously, all the services that still rely on old banking processes (e.g., clearing of cheques) can be run overnight on cheap and existing hardware.

Financial risks of cloud migration

As described in the research “The Banking Industry Underestimates Costs of Cloud Migrations,” there are several areas where most companies struggle to estimate the cost of cloud migration. Although once successful cloud migration might reap some benefits, the initial stages might lead to surprises, due to banks and financial institutions’ complex business requirements. A clear costs for the technical implementation is unclear and hard to budget for.

Previous research and experience in the sector can help companies better prepare for tackling innovation in this space. Most of these issues are raised by the hybrid cloud model that financial institutions must develop. It is highly risky and complex to migrate the entire estate to the cloud, so several on-premise services must co-exist. This is one of the main reasons which leads to increase in costs, but there are four main strategies that a company can undertake:

  1. Rehost – this is the simplest solution where applications are moved, as they stand, onto a cloud service, but this is not optimal due to not fully leveraging the cloud architecture’s benefit.
  2. Refactor – certain components are redesigned using modern stack (e.g., containers), but this can lead to technological and financial risks. For example, code refactoring can affect the rest of the services or introduce security threats.
  3. Rebuild – the existing codebase is discarded, and a new rebuild process is required. This is usually expensive in the outset but can lead to benefits down the line. The core services which need to be hosted within the cloud should be built as cloud-native. This allows maximising the technical capabilities while designing services that don’t lead to substantial subscription bills (e.g., through optimised processing.)
  4. Replace – third-party packages or services can be used instead of existing in-house systems. This can sometimes minimise the risk of developing a solution from scratch but can often lead to companies being locked-in into third-party networks, which are costly over time. Furthermore, integrating these systems can lead to millions of pounds being spent on customisation.

Furthermore, most banks want to maintain the existing on-premise services as a backup option, if regulations change or issues arise from the cloud services. Some redundancy costs might still be faced.

There are other areas where costs are significantly underestimated:

  • Lack of internal knowledge about new technologies can lead to significant investments in training existing IT staff. Due to the learning curve, the initial development can take two or three times what was initially planned.
  • Costly third-party resources can fill the company’s knowledge gap, but they tend to be expensive. Also, if a proper knowledge sharing strategy is not in place the company may become reliant and any vacuum is hard to bridge.
  • Migration costs are the most under-budget areas of all. Due to the fundamental incompatibility between legacy architecture and the cloud, data and application migration can take years.

More money is spent managing the dependencies that still exist between on-premise applications and the cloud where the cloud providers can’t offer much help. This can either force the company to invest in further migration from on-premise to cloud, or develop an alternative architecture that can securely and performantly integrate different components.

The cloud landscape might look a bit daunting. Still, many companies that successfully invested in this are now at the forefront of the industry; they save money and provide a better customer experience.

Innovating in such a complex industry seems daunting, especially considering that one out of four digital transformation projects tends to fail, based on the statistics from Econocom. Although failure is often unavoidable in an innovation journey, some common pitfalls can be avoided. These allow you to build with purpose and due diligence to ensure that your project is not another FS transformation fiasco. In the FS industry, the risk of failure is even higher than in other areas; seven out of ten FS companies, based on Finextra’s analysis, believe their project might fail.

There are some common issues across digital transformation projects, which need to be bridged to deliver success.

Lack of understanding of the technology and the skills gap within the firm and the wider industry. The current implementation strategies still follow a top-down approach. Senior members who are not aware of the technological feasibility of solutions are designing the innovation strategy. Companies need to understand that attracting digitally native staff will be essential for the success of their projects. They need to change their business mindset based on planning, budgeting, and extensive controls and delegate the projects’ decision- making journeys to their technical experts.

Adopting third-party promises that are not fit-for-purpose. Many solutions promise more than they can deliver in the public domain. Great sales pitches from sales staff to senior decision-makers in the company can lead to contractual agreements and investment in technologies that would never work or require extensive re- development to be fit for purpose.

Due to the FS industry’s complexities, budgeting can provide challenges. The development cycle, which should be continuous and follow modern practices such as Sprints, can lead to delayed projects. Critical technical staff leave and can increase the investment required in the future to retrain and restart projects.

There are various issues that can hinder success, but many can be easily avoided by relying on technical staff’s subject matter expertise. Decisions made by CEOs and CTOs need to be guided by the team, leading to successful projects and the retention of staff who feel appreciated.

We often hear about FS transformation vision, but what most companies lack are scope and strategy. Companies need to understand what they are expecting out of a project and how it will impact the underlying development and success. The scope can significantly impact all the areas discussed above because it can lead to unrealistic budgets and timeframes, knowledge gaps, and other issues. This vision can be summarised into two areas, as discussed by Oliver Wyman in their 2020 report1.

Vision and value mindset

Parts of vision and mindset

 

These two mindsets, both often required, lead to a collision because expectations are unclear. Some companies decide to invest tens of billions in the new vision, which is never achieved, leading to 75% of investors thinking that digital transformation will be ineffective (Oliver Wyman and Procensus Investor Survey 2019). As a global bank CFO stated:

I know 50 percent of my digital transformation spend is wasted – I just don’t know which 50% percent.”

Often these issues are underpinned by different stakeholders talking different languages; business jargon vs. technical jargon. The second two aspects are aligned, for example, by upskilling system architects to understand the finance/ business context, making a lot of this friction will disappear.

The high-level vision of CFOs, CTOs and CEOs can be translated into a short-term strategy, to be implemented by using them as subject matter expertise on costs, timelines and feasibility. This is required to redesign the management model, which sits on top of FS transformation projects. Layers of hierarchy are reduced to a chat between the sponsors of digital transformations and the people who can make the vision a reality.

 

 

 

 

1 https://www.oliverwyman.com/content/dam/oliver-wyman/v2/publications/2020/January/Oliver-Wyman-State-of-the-Financial-Services-Industry-2020.pdf