Legacy of Shadow Technology Threatens Vision of Secure Financial Industry
- Colin Dean, Account Manager, EMEA insurance and financial services at Hyland, creator of OnBase
- 20.04.2017 07:45 am financial services , technology
At a time when regulators and investors are demanding that financial institutions focus more attention and resources on risk management, governance and fiduciary responsibilities, the IT systems necessary to efficiently carry out these tasks are under increasing strain and threaten to create an audit headache.
In most financial services organisations, management has come round to the need to take a tight grip on risk and is seeking an effective overview of all operations in order to do so. However, a legacy of disparate IT systems – some woefully out of date and effectively hidden from view as an information silo – make this impossible.
Even worse, poor communication can mean that executives unwittingly rely on differing versions of events and long-superseded data. Companies with advanced systems can be at even greater risk if some functional areas have been bypassed in earlier upgrades, as nothing creates systemic risk more than a false feeling of security.
Most financial services organisations have been through many technology upgrades over the years. But, as implementing change across an entire system is a difficult task fraught with risk – especially in a financial world placed under the media and regulatory spotlight. For many institutions, there has been an understandable reluctance to review areas where the IT infrastructure, though old, appears to function well.
For example, at least one major UK bank still uses paper forms to record processes in one of its departments. Of course, since non-digitised information is next to useless, that data is manually entered into a core system, or even worse, spreadsheets, for use elsewhere.
This is painfully inefficient and a serious data security risk, with the question posed of how long it takes before updated versions of the data become available to managers and executives – if ever it does become available in a meaningful way that can easily be analysed in the context of other departments and risk factors. The oldest of the legacy IT systems have thus become shadow technology – information silos that cannot easily be audited or assessed.
Whether relating to the operational aspects of a business, an investment portfolio or – in the case of regulators – the entire financial sector, the impact of this approach can be strategically significant, as opportunities are missed due to uncertainty and misinformation, allowing systemic threats to build up undetected.
IT professionals across financial services must address such risks by providing boards with a single version of the 'truth' about the organisation, which allows executives to view the full workings of the business or investment portfolio. It is possible to build such a system while avoiding the risks inherent in wholesale technology change, by harnessing an enterprise information platform. Some organisations are already using this technology as information hubs that tie disparate systems together. But enterprise content platforms can go further when they are used directly to create alternatives to the most out-of-date systems, such as those still relying on paper forms.
Such enterprise information strategies, which are implemented with little disruption to an organisation and work alongside existing IT systems rather than replacing them, make access to all data possible from a single point that is secure and up-to-date. At the same time, strict access management ensures that only individuals with suitable need, clearance and seniority within a company can access or change data.
Not only does the platform establish a single, reliable version of the facts, which are securely available to high-level users, it can also be used to automate many of the functions that are required to establish risk transparency and build clear communications with investors and regulators.
The advantages, of course, go much further, as the hub allows easy implementation of further change in areas of customer-facing systems and technology, workflow management and task automation. These are regarded as key battlefields as the sector seeks to drive efficiency, while providing an ever smoother service, across multiple delivery platforms.
But the most important factor behind the elimination of silos and shadow systems is that it empowers management to build a more resilient organisation, where risk is understood and managed. Ultimately, this auditable and transparent approach will surely become the norm and will allow the financial services sector to fully regain the public's trust, while driving new phases of growth and development in an efficient and well-managed way.