3 minute read
RISK NEEDN'T BREAK THE
The fix is back office innovation
BY JAMES WHYBROW
Looking back to March last year, we saw new operational resiliency rules come into force, brought in by the Prudential Regulation Authority (PRA). The rules, which impact UK banks, building societies and financial services firms, mandate that these businesses embed resilience within their operations. Organizations are now instructed to adapt systems and processes to ensure they have service continuity in the event of an incident, return to normal as soon as it’s over, and learn and evolve from the experience.
In practice, this means that banks must understand the different risks to their operations and have the right systems and processes in place to mitigate them. These risks are broad and can range from the miscalculation of business rates to issues with cloud services, data security and third-party relationships. As the UK faces ongoing economic uncertainty, there’s no doubt that resilience is now, and will continue to be, more important than ever.
It's been over a year since these rules came into effect, and with the final deadline for sorting operational resilience set for March 2025, what’s the best way for technology to help firms get to grips with risks and create an effective contingency plan?
Dealing with disruption
While technological innovation is often channeled towards customer-facing solutions, we’ve seen that the fers an overall view of processes, requirements and PRA compliance frameworks. It also enables organizations to act on this information, creating, managing and analyzing end-to-end processes. This facilitates continuous process improvement, by which banks can learn from mistakes and therein improve resilience for the future.
Here's where we have also seen a steady increase of process and task mining tools, helping managers discover how systems and people are perform- ing. Mining operational data, banks can analyze processes and simulate scenarios to discover weaknesses and resolve deviations. Sometimes, ‘the problem exists between chair and keyboard’ with human error leading to issues, and according to Verizon’s 2022 Data Breach Investigations Report, 82 percent of breaches involved some form of human involvement. Other times, the process landscape itself is convoluted or compromised, which can lead to problems when it is placed under stress. Legacy processes can be especially vulnerable here. Either way, it’s using the right tools that uncover the fix.
Beyond resilience for a moment too, these are tools that can unlock considerable economic potential through enhanced efficiency. The ability to model environments means that banks can continually optimize their operations, with considerable cost savings. For example, research from Forrester Consulting Group found that a BPM platform could deliver $7.9m of total benefits over three years. If we take this research at face value, this equates to a return on investment of up to 457 percent when using it to improve risk and compliance management processes.
Making connections
The financial sector also faces legacy issues, with 95 percent of executives believing outdated legacy systems prevent them from optimizing data and growing effectively, according to the World Retail Banking Report 2022. Many banks and financial services firms have organizational and technological silos, as well as inflexible on-premise systems, which make it difficult to leverage data across their organization. Crucially, this means banks also lack the visibility and flexibility they need to ensure resilient operations.
Integration using cloud technology can act as a connector enabling businesses to remove these silos, but understandably, financial institutions are unwilling to migrate some systems, such as core banking modules, to the cloud for regulatory reasons. In these instances, using hybrid cloud integration can be the answer. Arguably offering the best of both worlds, banks can effectively leverage best-in-class cloud applications alongside secure core systems. A single flexible platform can bring together disparate systems, applications and data, meaning that silos can finally be a blocker of the past and banks can increasingly monitor their operations in real-time. Plus, with systems like these, they can also use microservices to improve efficiency and resilience amongst internal teams.
Resilience is now non-negotiable
There’s a reason operational resilience is such a focus for banks. As institutions held to the highest standards, robust risk-management and security, as well as regulatory compliance, is a non-negotiable factor. To maintain the trust of stakeholders, a proactive approach to resilience no doubt needs to be taken, getting to grips with their processes and data and avoiding silos.
While investment in these back-office areas may not be as flashy as a new application or improved website user interface for customers, process management and integration create a halo of benefits. There are real savings to be made, alongside real threats to be avoided so we don’t break the bank.
James Whybrow is head of financial services at Software AG UK
