Banking StandardsWritten evidence from Intellect

Financial Infrastructure & the Reform of the Financial System

1. Executive Summary

The problem

In reality, financial infrastructure refers to a complex myriad of technology systems, networks, applications servers, databases, physical storage systems, and end-user computing systems and devices. It is the foundation upon which every function within every financial institution sits upon and the provision of economically critical banking services is reliant on. It is also the ‘plumbing’ that allows data to flow within and between financial institutions and which informs banks’ operational decision making—from risk to lending, as well as decisions made by the regulatory authorities.

However, as the financial system has developed, the infrastructure that underpins it—which in some cases was designed some thirty or forty years ago—has become complex to the point where it no longer serves many banks, it hinders them. It does not allow banks to know their customers sufficiently, have a holistic view of their own operations, hinders transparency, is an obstacle to timely change and increasingly is an operational risk to the financial system. It is, to all intents and purposes, no longer fit for purpose.

Banks are essentially technology companies. Without the technology infrastructure there would be no bank. There is no regulatory change that can be implemented without adapting this infrastructure, and in considering reform of the financial system—ie how to address the weaknesses and failings exposed by the financial crisis and events since—it is impossible to do so without taking into account the limitations and realities of this infrastructure. It is important, therefore, that the Parliamentary Commission on Banking Standards has an understanding of the role that this infrastructure is playing in inhibiting beneficial change, and the role that it could play in establishing a foundation for the mutually beneficial evolution of the financial system.

Why does substandard infrastructure need to be addressed?

Prevents regulators from doing their job, inhibits transparency and threatens financial stability. Global efforts to standardise data (eg Legal Entity Identifiers) will be undermined if the issue of the ‘plumbing’ by which data travels within banks and to regulators, is not addressed in tandem. Regulators cannot hope to fulfil their brief of mitigating financial crises before they happen, if the data they receive from banks does not accurately reflect banks’ complete exposures.

Inhibits the delivery of customer centric services, inhibits access to finance for many businesses & undermines economic growth. Banks do not know their customers as well as they should do, and this has a knock on effect on their ability to ensure the customer actually is at the heart of their operations.

Threatens the provision of continuous banking services to customers and the wider economy—and poses both operational and systemic risks. As exposed by systems failures in the summer of 2012, when a bank is unable to operate, regardless of the reason (lack of liquidity or systems failure) the end result is the same—disruption to the provision of essential banking services. Many systems are just getting increasingly complex, which in turn increases the potential for future disruptive systems failures.

Restricts competition across the retail banking sector, as demonstrated by Santander’s decision not to buy 316 RBS branches as a result of the state of the technology that underpins them.

Inhibits banks from ‘knowing their own operations’ and therefore stopping abuses. Events in 2012 such as the exposure of money laundering failings in leading banks, and rogue trading that came close to collapsing a global bank—have both been attributed in part to substandard systems that do not allow banks to know what is going on across their own operations. There are not many other industries that do not have a firm grasp of what is happening across their own operations.

Limits banks’ ability and therefore willingness to change. The complexity and cost of implementing any change that impacts upon core systems is one of the underlying reasons why banks are resistant to change and limits how quickly the financial system can be changed to address the failings of the financial crisis, or evolve to adapt to changing market and customer requirements.

Threatens the continuing viability of the revenue streams of many UK banks. Revenues are falling, costs are increasing and the market share of established banks will come under increased threat from new, disruptive entrants to the market if these established banks cannot remove the primary barrier to timely and mutually beneficial change—their own technology infrastructure. This will have a knock on effect on these banks’ contribution to the UK economy and the position of the City as a leading global financial centre.

Why is financial infrastructure not fit for purpose?

While significant investment has been made in certain products and services that yield a short term return on investment such as systems to support algorithmic (high frequency) trading and low latency trading, many of the more ‘mundane’ but fundamental areas of financial infrastructure have been neglected .

The cost and complexity of implementing any significant changes, as a result of bank’s ageing legacy systems, is significant. Therefore necessary change is rarely undertaken and systems just get more and more complex. Banks are already spending huge sums on implementing regulation which is sometimes overlapping and which is, currently, not guided by an ‘end state’ for the banks to aim at.

In many boardrooms across the UK’s banks, there has, in the past, been a lack of focus on and understanding of technology issues which in turn has led to a lack of investment in the infrastructure that underpins banks operations. In many cases this has led to an uncoordinated approach to business change. This has contributed to the development of ‘information silos’ where data is not shared sufficiently across a bank, which in turn limits the ability of banks to make operational and strategic decisions based on accurate information.

Mergers and acquisitions that have taken place in many banks over a number of years cause systems challenges for banks which, in some cases, are not addressed sufficiently because of the cost and disruption of doing so. The end result is that in many cases M&A activity merely increases the incidence of information silos and further restricts the ability of banks to know their own operations.

There are a number of reasons why banks should look to address this issue as part of the ongoing reform of the financial system—rather than as ‘just another’ thing to implement. There are significant longer term cost benefits, highlighted by financial institutions that have undertaken the task of addressing their infrastructure frailties. Similarly at a time when the importance of ‘the customer’ is rising up both banks’ and regulators’ agendas, addressing infrastructure is an important facet of enabling banks to become more attune to their customers and better able to react to a changing market place. The cost of not changing—the loss of revenue and market share to new, disruptive entrants who are not as shackled to old ways of working—provides a strong argument for banks to address this issue.

How could change be facilitated?

The pressure on banks’ resources to implement unprecedented levels of regulatory change, yet contend with declining revenues and rapidly changing markets should not be underestimated. Consequently there is no realistic case for the wholesale ‘ripping and replacing’ of banks’ infrastructure over a short timeframe.

Instead, Intellect believes there needs to be a co-ordinated regulatory roadmap, set by the regulators, which gives a clear ‘end state’ at which banks can aim at, and a time frame within which to do so. This will help reduce duplication of cost and effort within banks in implementing regulation; free up resource for banks to address underlying issues such as infrastructure (which will in turn reduce the complexity and cost of implementing future regulation); and improve the customer experience. This could be accompanied by a programme of ‘system, process and data mapping’ by banks—which they have to do anyway as preparation for the introduction of Living Wills. However, instead of being a regulatory ‘tick box’ exercise, this could actually be seen by the banks as an opportunity to produce a blueprint for the modernisation of their infrastructure. Finally, this should be accompanied by a platform by which all parties with an expertise in this issue can engage in meaningful dialogue around the issue of technology infrastructure and specifically how the challenges to change can be surmounted.

2. Financial Infrastructure & A ‘Fit for Purpose’ Financial System—Inextricably Liked

2.1 It is widely acknowledged that banks are essentially technology firms. The financial system, and each individual bank, insurer, asset manager, stock exchange, etc within it, is built upon a foundation of technology—its technology infrastructure. It is this technology infrastructure that underpins every function in a bank—from processing transactions to assessing loan applications. It is also widely acknowledged that the technology infrastructure across the financial system is exceptionally complex. To the point where it no longer serves many banks, it hinders them.

2.2 Financial infrastructure is the ‘plumbing’ that allows data—the lifeblood of the financial system—to flow within and between financial institutions. In reality, financial infrastructure refers to a complex myriad of systems, networks, applications servers, databases, physical storage systems and end-user computing systems and devices. It is the foundation upon which every function within every bank sits upon and the provision of economically critical banking services is reliant.

2.3 Today’s legacy systems and processes within banks consist of multiple layers of technology platforms that, as banks and the technology available to them have evolved, have been built on top of each other to facilitate changes and new requirements. These legacy systems are at the heart of established financial institutions’ operations, are business critical, interdependent upon other elements of a bank’s technology infrastructure and are often running 24 hours a day.

2.4 While significant investment has been made in certain products and services that yield a short term return on investment such as systems to support algorithmic (high frequency) trading and low latency trading, many of the more ‘mundane’ but fundamental areas of financial infrastructure have been neglected. Infrastructure and core systems have been upgraded on a patchwork basis rendering them ever more complex and therefore ever more prone to failure—as systems changes are perennially ‘bolted on’ to what is already there, rather than replaced by more modern (and simplified) systems that are better suited to the provision of modern banking services. This combined with merger and acquisition activity has left many financial institutions with disconnected silos of information, duplicative processes and a tangled web of underpinning systems. This has meant that most banks have had significant problems with data quality and, crucially, turning this data into actionable information. On an institutional level it is a significant challenge for banks to have a holistic view across their organisation of anything ranging from risk to fraud to customer behaviour. Instances of money laundering and rogue trading in 2012 are directly attributable to substandard technology infrastructure.

2.5 When data cannot flow freely across a bank, actionable information is therefore not available where it is needed and banks cannot make decisions based on an accurate assessment of their own operations, exposures or risks. The data quality gap, an acknowledged cause of the depth and severity of the financial crisis, is an evolutionary outcome of years of mergers and internal realignments within financial institutions, exacerbated by business silos and inflexible IT architectures. Therefore global efforts to entrench data standardisation across the system—and therefore increase transparency—are entirely welcome, but are not the whole solution.

2.6 Intellect’s submission to the Parliamentary Commission on Banking Standards will therefore demonstrate that effective reform of the financial system cannot take place without a focus on the technology infrastructure that underpins the financial system and each individual bank therein. In many cases this infrastructure is not fit for purpose and will undermine attempts to rectify the failings exposed by the financial crisis, and those exposed since then.

2.7 So, why is this relevant to the Parliamentary Commission on Banking Standards? Ultimately this issue has a bearing on the functioning of the financial system, has played a role in its failures and is relevant to the Commission’s terms of reference. Ie to evaluate the ‘lessons to be learned about corporate governance, transparency...and their implications for regulation and for Government policy’. This submission will set out why this issue is important, specifically why substandard infrastructure:

prevents regulators from doing their job, inhibits transparency and threatens financial stability

inhibits the delivery of customer centric services, inhibits access to finance for many businesses & undermines economic growth

threatens the provision of continuous banking services to customers and the wider economy—and poses both operational and systemic risks

restricts competition across the retail banking sector

inhibits banks from ‘knowing their own operations’ and therefore stopping abuses

limits banks’ ability and therefore willingness to change

threatens the continuing viability of the revenue streams of many UK banks

This submission also suggests how initial steps can be taken to address this issue, to the mutual benefit of the banks, their customers and the wider economy.

3. Why Does Current Financial Infrastructure not Support an Efficient Banking System?

3.1 “Many financial institutions are trying to run services on disparate systems whose complexity and inflexibility make it difficult to respond to regulatory demands. Decades of ad hoc technology investment, combined with merger and acquisition activity, has left them with disconnected silos of information and duplicative processes. Systems that were developed in an attempt to stay ‘ahead of the game’ when they were implemented are now holding firms back.”1

[JWG Group, March 2012]

3.2 The operational infrastructure within individual financial institutions (most notably established banks) has long been regarded as inefficient, overly complex and an obstacle for cost-effective and efficient business change, be it driven by commercial, regulatory or consumer necessity. Intellect is not stating that complexity in itself is negative—the financial system is naturally complex, by virtue of its global reach, multiple markets/operators and years of evolution. However, there are issues of over-complexity and opacity which stem from the ever increasing complexity and frailty of the technology infrastructure that underpins many banks across the financial system. It is this over-complexity that means that banks do not truly know their own operations and customers; regulators cannot hope to undertake their forward-looking roles effectively; and all future business change is impeded by systems that cannot be changed without significant cost and disruption. The effect of this infrastructure inadequacy is focused on in a separate section of Intellect’s response to the PCBS.

3.3 What are legacy systems and why do they present a challenge?

“Fully 70% or 80% of big banks’ current IT spend, which is very extensive, is about the maintenance of legacy systems. Many of those systems are antiquated, and we need only think back to the unfortunate events at RBS a few weeks ago to see the costs of having such antiquated legacy systems. It strikes me that the time is overdue for something of an IT transformation within the banking industry. It is one of the real peculiarities that banking, which is an information industry, has not invested more wisely in IT to improve the customer proposition... Change needs to come. Maintaining legacy systems is costly and, at some point, will cease to be an option.2

[Andrew Haldane, Executive Director for Financial Stability, Bank of England;
7 November 2012; at the Parliamentary Commission on Banking Standards]

3.4 Today’s legacy systems and processes consist of multiple layers of technology platforms that, as banks and the technology available to them have evolved over the past thirty or forty years, have been built on top of each other to facilitate changes and new requirements. In reality these systems are made up of thousands of programmes each performing a function across a bank’s operations and which are, in many cases, linked by ‘fragile connections’3.

3.5 Adding new elements or removing them is a complex and expensive process that impacts upon a multitude of different aspects of the bank’s systems. Banks are therefore unable to clearly differentiate layers of operation and system functionality, rendering the introduction of each additional change increasingly complex and costly to implement. This is a problem because if change is increasingly expensive and complex, it will be the case that only essential changes (ie those that are absolutely necessary or mandated) will take place. This has negative connotations for the implementation of better customer services, efficient implementation of regulatory change and indeed resistance from banks to reform (due to the cost of change).

3.6 As these systems are ‘always on’ and so intertwined, making changes to them have been described by some in the industry as ‘open heart surgery’ for banks’ and by the Director of Transformation at Nationwide Building Society as ‘akin to replacing the engines on a Boeing 747 whilst in flight’4. The dangers of elements of these interdependent systems failing (and in doing so reducing the ability of these institutions to function in the market place) are very real if parts are switched off or replaced. It is not unusual for integration testing to account for 50% of the cost of implementing new systems—a laborious and painstaking process—because of the risk that change poses for systems failures. In many cases, the architects that established the systems in the first place—in some instances thirty or forty years ago—are no longer working in the industry and today’s architects are faced with the resource-intensive task of painstaking evaluation of the potential impact of making changes to these old systems. In fact most graduates coming into the workforce are not trained in the coding language that these banks’ systems were originally coded in (COBOL—Common Business-Oriented Language—created in 1959) and this in itself presents a significant future operational risk for banks across the world5.

3.7 The risk of addressing the root problems of the complexity of these systems is therefore a decision that many within banks choose not to take, instead choosing to ‘bolt on’ changes to existing systems. This is understandable, given the necessity for banks to operate ‘24 hours a day’ and the potential cost of implementing large business-change programmes. However this does exacerbate the existing problem—with each change that is bolted on merely adding to this complexity and ensuring that when point in time when addressing this complexity issue is unavoidable (and it will), the task will be significantly harder and more expensive than had it been undertaken before. In fact, as is well known across the banks themselves and set out in this paper, failing to address this issue it ultimately restricts banks’ abilities to serve their customers and the wider economy and is increasingly an operational risk with implications for financial stability. The longer this is left, the more acute this challenge becomes—as does the risk of not doing anything.

3.8 This has been an issue that policy makers and regulators have long chosen not to acknowledge as a failing of the system, but with the RBS systems failure of summer 2012 (by no means the first such systems failure in a retail bank, but one that was picked up by the media on a large scale) there has been something of a watershed in attitudes towards this issue. There can no longer be an assumption that the technology that underpins the financial system ‘just works’. It is important to note that the financial system cannot be reformed to address the problems and deficiencies exposed by the financial crisis effectively—and issues since—if the fundamental platforms upon which banks’ entire operations (the good and the bad elements) are not addressed as part of this wider reform.

3.9 Intellect’s submission to the Parliamentary Commission on Banking Standards explains the detrimental effects of this technology infrastructure in more detail, below.

4.0 Why is Banks’ Technology Infrastructure so Complex?

4.1 Change is costly and complex, and therefore undesirable

The cost and complexity of implementing any significant changes, as a result of bank’s ageing legacy systems, is significant. Therefore necessary change is rarely undertaken and systems just get more and more complex.

4.2 As set out above, more often than not, decisions do not get taken to address this underlying and detrimental complexity and instead merely take the path of least resistance—that is to ‘bolt on’ changes to these systems.

4.3 So, in many cases it is not in the broader ‘short term’ interests of a financial institution to instigate substantial systems changes because of the costs and the disturbances that decommissioning these un-needed systems can incur. Intellect’s members who play central roles in transformation and business change projects across the industry estimate that 70% of the cost of implementing new business functions is attributable to the cost of integrating new functionality into the existing systems.

4.4 These large-scale transformation projects ‘burn’ senior technology stakeholders within banks and, as a result, some are reluctant to recommend and undertake significant programmes of change, regardless of how necessary they may be, preferring instead to just ‘keep the lights on’. In such circumstances, ‘innovation’ largely revolves around bolting on systems and process around the edges of these legacy systems. This is lower risk, but ultimately does not solve any of the fundamental problems that are at the heart of the banks’ infrastructures. Instead, by adding further layers to these systems, this approach is in many cases further adding to the problem by increasing the complexity of the banks’ systems.

4.5 In this vein, resistance to complex policy changes often stems in part from the impact that such changes will have upon the bank’s core systems; the resource that will have to be applied to achieve compliance; and the potential disruption that there will be to everyday banking activities. A current example of this would be successful lobbying by the banks for a long lead in time for the implementation of a ring fence for retail banking operations. The complex task and cost of unravelling the legacy systems that underpin the established universal banks so that clearly defined retail and investment banking operations can function largely independently, was the subject of significant consideration during the Independent Commission on Banking’s review.

4.6 It is often the inflexibility of these common legacy processes and systems that is at the heart of the obstacles that banks now face in implementing changes required by regulation, competitive pressures and wider market changes and which make it difficult for them to effectively implement change programmes or introduce new products and services. In practice, legacy systems are a barrier to beneficial change and have, to date at least, acted as an anchor on the reform of the financial system and even contributed to the financial crisis itself by helping to create the opacity of the financial system.

4.7 Mergers and acquisitions increase the complexity of technology infrastructure

Mergers and acquisitions that have taken place in many banks over a number of years cause systems challenges for banks which, in some cases, are not addressed sufficiently because of the cost and disruption of doing so.

4.8 One of the underlying challenges for many European and American banks stem from the fact that they have expanded rapidly over recent decades, acquiring and merging with competitors, or acquiring operations in adjacent markets (eg insurance). From the perspective of the PCBS’ terms of reference, this is of course a consideration from a competition perspective, but it also presents an infrastructure issue.

4.9 There are a number of recent examples of mergers that have led to significant internal programmes to integrate the acquired and the acquiring bank’s platforms, and which take significant timeframes to complete. For instance, Lloyds Banking Group’s acquisition of HBOS has led to significant consolidation of IT systems across the two organisations (focusing on IT infrastructure including data centres and networks; an integrated IT platform for retail banking; and a single dealing and trading platform for wholesale banking). The project began in early 2009, underwent testing in 2011 and is already nearly four years old. It took RBS over two and a half years to migrate NatWest’s customer base (ie the systems and data relating to NatWest’s banking customers), following its acquisition in November 2000.

4.10 Given the costs and disruptions that are incurred in changing existing bank’s legacy systems, it is often the case that the systems and processes of newly acquired banks are not integrated as seamlessly as might be assumed. In fact, it is rare for financial institutions to fully integrate newly acquired operations onto their existing platforms because of competing demands on time and resource. This has a knock on effect on the ability of the banks’ to view their customers’ ‘touch points’ across all their lines of business, and from accurately measuring exposures and risk. It has effectively helped to maintain ‘information silos’ across the operations of banks.

4.11 Disjointed/overlapping regulatory requirements and implementation

Many banks have taken a single view of each regulatory compliance requirement and this has further siloed data and information systems across individual institutions (eg Sarbanes Oxley, Basel II, International Financial Reporting Standards, etc). Currently there are a number of regulatory implementation programmes being undertaken at the same time within individual institutions that are, in many cases, not joined up. Over the years this has contributed to a substandard infrastructure that is, to all intents and purposes, a ‘hotch potch’ of systems that are constantly being altered on a point-by-point (rather than holistic) basis.

4.12 The sheer amount of regulatory change, especially since 2008, has meant that banks have had to focus on ‘fire fighting’ rather than long term infrastructural change. As many banks today are responding on the basis of point solutions, the vast majority of their business change resources have been allocated to meeting regulatory requirements (often with significant duplication of resource), rather than taking a more holistic approach and using regulation as an enabler for innovation and better customer service. This is a legacy of the size of many of these institutions and, as set out above, a siloed way of working. It is a self-fulfilling prophecy—the more that the business changes through uncoordinated implementation of regulation, the more siloed it becomes, the less it is able to share data across its operations and the less ‘fit for purpose’ it becomes. Ultimately this uncoordinated approach to the implementation of regulation is reducing the likelihood of regulators realising their ‘end’ objectives (eg financial stability, banks knowing their customers, etc..).

4.13 To compound the challenges for the regulatory authorities, individual institutions also often interpret regulation requirements in subtly different ways to each other, leading to a more complex regulatory landscape. However, it is the approach of the regulatory authorities that have in many ways caused this issue. In the past, the regulators’ unwillingness to stipulate exactly what is required to achieve compliance allows different institutions to apply their own interpretation. The result is heterogeneity and therefore a Herculean task to normalise data/information, gain a homogenous view of risk and therefore an accurate picture of the financial system. A lack of coherence between international standards adds a further layer of complication to this issue.

4.14 However, the regulators have the means to address this, and in doing so address the issue of compartmentalised, point-by-point implementation of regulation by individual institutions as well—through a co-ordinated ‘regulatory roadmap’ that will allow banks to plan for the future, and identify areas of overlap between regulations that can be costly to implement.

4.15 Lack of internal ‘ownership’ of change programmes

In many board rooms across the UK’s banks, there has been in the past a lack of focus on and understanding of technology issues which in turn has led to a lack of investment in the infrastructure that underpins banks operations (see below) and in many cases an uncoordinated approach to business change.

4.16 Within banking, as is the case in many industries, projects are known for their implementation challenges and there have been many failures either through lack of collaboration between IT and the business, lack of specification and design or poorly managed projects and suppliers. Often, this has resulted in more reluctance to undertake large business change projects and migrations, instead implementing workarounds which further complicate the systems landscape.

4.17 This is, however, gradually changing with the rise of technology-knowledgeable individuals to senior positions within a number of banks and, following from the RBS systems failure, an increased focus on operational risk by the regulators. An FSA communication to the Chairmen of the major banks and building societies in 2012 asking for the names of senior managers responsible for a bank’s technology infrastructure and effectively for confirmation by each board that these individuals are competent, may also serve to increase this focus. In the U.S. operational risk is increasingly seen by the regulators as the leading threat to the stability of the financial system—overtaking credit risk. It is likely that this will increasingly be the case in the UK and, as reputational risk is increasingly attached to the safety and soundness of a banks’ technology infrastructure. This will almost certainly increase focus on this issue at board level across UK banks.

4.18 Lack of (appropriate) investment & market short termism

“Much of the money invested in IT still goes into making things faster rather than more transparent.6

[The Economist, 2009]

4.19 Unlike other industries that treat technological capability as a key competitive differentiator—a foundation for better, more customer-centric service delivery and formulating business strategy— the financial services industry has often treated it as an afterthought (with exceptions, such as algorithmic trading that can deliver a relatively quick return on investment). As set out above, this is a stance that stems from the board where there is often no representation of the technology departments within the bank. As a result there has been limited board level priority attached to ensuring that the systems and infrastructure underpinning their operations are fit for purpose, largely because such expenditure would not generate a short term return on investment. Banks are typically listed companies and as the markets are concerned with quarterly results, their boards are not usually prepared to invest in longer term projects (such as infrastructure renewal). As the ‘Kay Review of UK Equity Market & Long Term Decision Making’ has set out, there is a significant degree of institutional ‘short termism’ across the City that has rendered it unfit for purpose.

4.20 This is not to say that banks do not invest heavily in technology. Investment in technology that delivers short term return on investment such as algorithmic trading and improving banks’ ability to generate returns from their investment banking activity, has been high for a number of years. As a recent paper by Deutsche Bank Research sets out, financial services institutions spend more on technology than most other industries7. In fact, at the time of the RBS systems outage in 2012, RBS was spending £1.5bn a year on technology. However, this does not mean that banks are actually spending on improving the way their systems serve the bank. In addition to trading technology, in many cases this cost is increasingly down to the large proportion of budget that goes on maintaining banks’ ever more expensive and inefficient systems, rather than improving their operations or delivering innovative services for customers. As these systems increase in complexity—with necessary changes being bolted onto them—this cost will also increase. The result will be that banks’ IT budgets will increase or, as is more likely given the current squeeze on resources, there will be an even smaller proportion of the budget available for improving operations or delivering better services for customers.

4.21 It is the case—according to RBS executives—”that the retail business suffered under-investment in the years leading up to the credit crunch, when the former management under Fred Goodwin, chief executive, was fixated on expanding the investment bank8“.

5. Why Does Infrastructure Complexity Need to be Addressed?

5.1 Ie why is the current infrastructure not fit for purpose and what are the effects on the financial system and the provision of banking services? Why is change needed?

5.2 Give the regulators the tools they need to do their jobs

“Many of the data needed for identifying and tracking international linkages, even at a rudimentary level, are not (yet) available, and the institutional infrastructure for global systemic risk management is inadequate or simply non-existent.9

[The Bank for International Settlements, April 2012]

5.3 The data quality gap, an acknowledged cause of the depth and severity of the financial crisis, is an evolutionary outcome of years of mergers and internal realignments within financial institutions, exacerbated by business silos and inflexible IT architectures. Ongoing efforts to ensure data standardisation (ie Legal Entity Identifiers), is a step in the right direction but is not the whole solution. Global efforts to standardise data will be undermined if the regulatory authorities are not empowered to take advantage of this—and specifically, data standardisation efforts will be undermined if the failings of the infrastructure of the financial system are not addressed in tandem.

5.4 This is a problem with the foundations upon which banks and the aggregated financial system is built upon. Financial infrastructure is the ‘plumbing’ that allows data—the lifeblood of the financial system—to flow within and between financial institutions. If this was fit for purpose it would have allowed banks to know, in a short timeframe, their exposures to other banks during the financial crisis. If it was fit for purpose, if Lehman Brothers had collapsed at all, it would not be taking four years and counting to unravel who owes what to whom. The bottom line is that current infrastructure does not allow banks to have a complete view of the extent of their operations and exposures and does not allow them to aggregate what data they do have in a short period of time. If the banks themselves are not able to build this holistic view, it is impossible for the regulatory authorities to do so. It is therefore even less likely that they will be able to perform their new role of identifying and mitigating threats to stability before they occur—supposedly a step to reduce the chances of another financial crisis of the magnitude the global economy is still recovering from.

5.5 The Senior Supervisors Group, which includes representatives from regulators across multiple countries, including the UK, stated in a document published at the end of 2010, that ‘some firms still require days and weeks to completely aggregate risk exposures; few firms can aggregate data within a single business day.10“ Regulators can currently have little confidence in their ability to receive data in suitable time frames and with any great confidence that it accurately reflects the exposures and positions of each of these firms, and therefore the financial system as a whole. Many banks do not only run on complex legacy IT systems, but these systems are also built around the legacy of a batch reporting day. Reporting more regularly than once per day does and indeed will prove to be difficult to such organisations and if timely assessment of systemic risk is required for regulators to make timely market interventions, this may not be possible.

5.6 Manipulation and modelling of data will only be possible if the infrastructure is in place to channel this data from all corners of an institution, and then from every institution, to the regulators. Such modelling is crucial in allowing the Financial Policy Committee to not only predict future risk events and act before the worst effects are felt (as is its remit), but also, to allow it to bury down into the cash flow of an instrument or investigate a specific ‘corner’ of the financial system. It will therefore be able to target its interventions more accurately—reducing the wider impact of intervention on the economy. Against the backdrop of a global financial system that continues to be unstable, as the sovereign debt crisis remains unresolved, it is clear that ‘blunt instrument’ approaches to regulatory intervention that affect large parts of the market can further add to this instability or detrimentally affect delicate sectors of the UK economy. Blanket, ‘all or nothing’ interventions based on an interpretation of data that tells a story about what has happened in the past [quite some time ago] risks enflaming this instability further by not taking on board the current realities, risks and characteristics of a rapidly changing financial system.

5.7 Addressing existing infrastructure fallibilities will enable better risk management within banks, as a more accurate picture of the whole of the banks’ operations and exposures will be extracted. This will improve the ability of banks to make strategic decisions themselves based on greater degrees of certainty. From the perspective of the Prudential Regulatory Authority which will be receiving these more accurate positions, this will allow for more accurate interventions—and allow it to do so in a targeted and timely manner. Improving the infrastructure—ie how data is passed and processed through the system—will allow banks to report to regulators on a more regular basis and with the added ability for the regulators to scrutinise particular areas of a bank’s operations, without adding to their workload.

5.8 Building on a more accurate aggregated view of individual institutions, addressing the current inadequacies of financial infrastructure would in turn allow the FPC to have a more accurate view of the build up or risk across the financial system and, crucially, have confidence that the information it is receiving reflects full and complete positions and exposures, and not just portions of it.

5.9 Inhibits the wider ability of banks to ‘know their own operations’ and reduce abuses

A number of ‘events’ in 2012 have demonstrated the deficiencies and weaknesses around the way that banks operate and the inability of existing infrastructures to allow sharing of important information across departments and geographical boundaries—most recently issues around money laundering and rogue trading. As above, it is current infrastructure that inhibits banks from fully knowing their own operations as a result of business and information silos and a lack of integration between existing systems, yet also presents obstacles to implementing change to address this.

5.10 Mergers and acquisitions, organic growth and banks’ legacy systems have all contributed to the creation of business application silos within individual financial institutions (with banks largely being structured along lines of business). Whilst serving banks well in the past, the information silos that have resulted have meant that at an institutional level it is a significant challenge to achieve a holistic view of anything ranging from risk to fraud to customer behaviour. As well as operating in lines of business silos, many banks’ data and systems operate in front, middle and back office silos further adding to this opacity. This is currently providing challenges for banks to address market, liquidity and other risks as, for the first time, the front office is now dependent on data being sourced from the back and middle offices.

5.11 Two specific events from 2012 that have now publically exposed the frailties of some banks’ infrastructure and therefore their ability to identify unlawful behaviour:

5.12 Rogue trading

The FSA has recently highlighted the serious defects in UBS’ systems that were meant to detect unauthorised (rogue) trading in the case of Kweku Adoboli who at one point risked inflicting a loss of £7.4 billion on UBS and ultimately lost £1.4 billion. Specific criticisms of the technology systems in place included a risk system that did not adequately detect risks associated with unauthorised trading, a trade monitoring system that did not detect all trades (allowing Adoboli to manipulate it) and a lack of integration between the two11. This was despite UBS incurring a fine in 2009 for a similar failing of its systems and processes. The prosecutor in Adoboli’s trial, Sasha Wass, stated that Adoboli ‘was a gamble or two from destroying Switzerland’s largest bank for his own benefit12‘ and action was only taken once Adoboli had himself admitted to his activity.

5.13 Money laundering

In 2012, both HSBC and Standard Chartered settled the largest penalties in history over instances of money laundering with US regulators, which in the case of HSBC had been taking place unaddressed for nearly a decade. The cases highlighted that the way information flows throughout large banking operations, across multiple national boundaries, was insufficient for them to be able to identify suspicious activity and react to this. This, again, was a result of infrastructure that, as the bank grew on a global basis, did not receive sufficient investment so that it could support an increasingly complex organisation and could not provide the means for data to flow to where it was needed. Notably HSBC has admitted the failings of its systems in allowing money laundering to take place without any action by the bank over so many years:

5.14 “ is now clear to many of us that the bank’s business and risk profile grew faster than its infrastructure. We have learned that implementing the kinds of robust policies and practices expected of a global banking leader can take longer than anticipated. The bank underestimated some of the challenges presented by its numerous acquisitions, and despite efforts to meet these challenges, we were not always able to keep up.”13

[David Bagley, former Head of Group Compliance, HSBC Holdings plc]

5.15 As these two 2012 examples demonstrate, it is the ability of many banks to share and interpret data which identifies illegal and dangerous activities across their own operations which has suffered as their operations have grown and become more complex, but their technology infrastructure has not been adapted to support this. Of course, it is also a cultural issue as well. The attitude of business units and the people operating within them towards their day to day operations and roles has led to a silo mentality—with many business units largely operating independently from other units, with their own objectives and profit lines to worry about. In effect this has created ‘internal competition’ between departments in many banks and is a major obstacle to generating a holistic view of their operations.

5.16 Inhibits access to affordable finance & undermines economic growth

As a facet of re-establishing trust in the banking system, Intellect believes that a sea-change in attitudes towards the collation and use of data within individual banks—either voluntary or mandated by Government—will also facilitate the side-benefit of improving the availability and cost of credit to small businesses in the UK.

5.17 The Office of Fair Trading found in 2010 that credit information collated and held on micro companies (which the Government has deemed to be the engine of the economic recovery) was poor to non-existent14. Poor collation and sharing of credit risk data—a result of the substandard infrastructure that the banks are built upon—has played a significant role in the drying up of finance to small businesses since the financial crisis and therefore the need for government coercion (ie the Merlin Agreement) or encouragement (ie Funding For Lending Scheme) in order to get banks lending again. Data on the smallest companies has never been of a very high ‘standard’—however before the crisis a combination of a liberal risk attitude towards lending and a localised, branch-orientated decision making process meant that finance was available to many small businesses—and at affordable rates. However this was not based on an accurate assessment of credit risk. This same dearth of accurate data on the smallest businesses remains in existence in the post-crisis era, but is now accompanied by a more centralised decision making process (and therefore a reduction in the ‘local knowledge’ that branch-based decision makers had of their customers) and a highly risk averse attitude to lending. The result has been that affordable finance has been scarce for the smallest companies, those deemed by the Government to be the catalyst for economic growth in the UK, as banks cannot differentiate between those companies that represent a sound investment opportunity (ie with reduced risk) and those that do not. Consequently, due to a lack of granular data, these smaller businesses are all largely treated as a risk by lenders—with finance either being unavailable or at unaffordable rates of interest.

5.18 This is severely restricting the ability of the banking sector as a whole to act as a catalyst for the wider economy and compelling the Government to intervene to improve the flow of credit to business—small business especially. The most recent lending figures from the Bank of England demonstrate that this intervention is not having the desired effect. Banks do not see lending to these businesses as commercially viable as their infrastructure inhibits their ability to accurately evaluate the credit risk of specific businesses.

5.19 This deficiency is restricting banks from being able to play the economic catalyst role that they should be playing—at a time they need to be playing it. Intellect believes that addressing the infrastructure—or plumbing—issues that are restricting the flow of data across banks’ operations will have the side benefit of banks being able to more accurately assess risk and, by this virtue, will provide opportunity for businesses, the banks and the economy to benefit through better assessed, more affordable yet commercially viable finance. Ie a better informed market, rather than the state, can drive finance to those companies that are viable recipients of it.

5.20 Inhibits competition in retail banking

If reduced concentration across the retail banking sector is seen as an important facet of increasing financial stability and improving customer choice, it is again the substandard infrastructure of many established banks which is providing an obstacle to this.

5.21 The recent failure of the RBS/Santander branch divesture deal was due to the complexity costs of RBS’ technology infrastructure which were too much for Santander to want to continue with the purchase. The recent RBS systems outages demonstrated the scale of the challenges that Santander would have had to address in order to successfully integrate the RBS systems onto their own. This issue of complexity will stifle competition in the sector in the short-medium term. At the time of writing, RBS is still looking for a purchaser for these 316 branches. The subsequent announcement of £80m to be spent on RBS’ systems is largely an upgrade which, whilst very welcome, will not deal with legacy complexity which is still the drag on significant progress within RBS, and indeed across the financial system.

5.22 Separately, some of the new entrants and smaller banks rely upon established banks’ infrastructure to deliver their own services to customers —therefore if this fails, it is not only the customers of the established bank that suffer, but those of the new entrant as well. This can pose significant reputational issues for the new entrants, who will already face significant challenges in establishing a foothold in a market. Whilst not the only instance of this detrimental knock-on effect, in both October 2012 and on the 31st December 2012, when Lloyds Banking Group’s systems failed—with disruption to 22 million of their own customers—it also impacted upon the customers of the Co-operative (and its subsidiary Smile Bank).

5.23 Restricts banks from ‘knowing their customers’ and reacting to customer demand

Infrastructure across the financial system currently inhibits the ability of banks to know their customers, provide timely products to market and play a more constructive (and less coerced) role in economic growth (see above). Research conducted by research house Datamonitor in 2007 has found that ‘existing legacy core banking systems are increasingly incompatible with new business requirements and do not provide a foundation for future growth’15. Six years later and this infrastructure has become even more complex and more time consuming to adapt to changing customer demands.

5.24 A recent survey by KPMG of attendees of the 2012 International Payments Summit found that fewer than 1 in 10 respondents believed that banks are currently effectively mining their customer data, resulting in a mismatch between customer needs and product offerings16. The result is financial products that have either been brought to market after demand has shifted, or do not suit the market to which they are being delivered. If it were not for the existence of poor infrastructure, banks would know their customers significantly better than they already do and, for instance, it would have not been necessary for the government to compel the investment of over £1billion by UK banks to improve their Single Customer View capabilities to enable the Financial Services Compensation Scheme to operate effectively.

5.25 To compete and succeed in today’s business environment, banks need to become more agile so that they can better understand market dynamics and anticipate customer needs; design, introduce, or modify products and services; implement a new value added delivery system, even if that means reshaping the information infrastructure; and identify resources (people and goods) internally or externally.

5.26 To all intents and purposes, many established banks are not able to do this because the infrastructure—and in particular these legacy systems—upon which they are built have not evolved as the financial system has. Implementing new services or products, if they require amendments to core systems (as most do), can take upwards of two years to implement, by which time customer requirements may have already shifted. A recent exception has been the implementation of Barclays PingIt mobile payments service which, as a result of largely bypassing change to its core systems, hasreduced development times from two years to just seven months through the use of cloud computing17—rather than having to rely on multiple patches and code re-writes of existing infrastructure. The uptake of cloud computing across the broader financial sector however, remains notoriously slow when compared to other industries.

5.27 A completely unfettered view of every touch point of every customer within a bank will not be achieved until the information silos within these banks are removed. It will only be at this point that banks will be able to completely know their customers well enough to improve the services that they are able to offer them, and the manner in which they do so. There is plenty of data on individual customers floating around a bank. The challenge is ensuring that this data can be fully aggregated from across every corner of a bank’s operations, with no holes or gaps.

5.28 Ever-increasing operational risk = systemic risk

As many banks’ systems are becoming more complex with every change (at a time when unprecedented regulatory changes are being imposed upon banks), they are consequently posing an ever increasing risk of systems failures and the continued delivery of banking services. Concurrently, the propensity for human error will also get greater as the environment they are responsible for changing becomes more and more complex.

5.29 The effects of systems failure have been no more visible to the public than in recent months with the issues surrounding RBS batch payments processing. While the exact causes of this are not yet publically known, the disruption of services to customers has been widespread and plain to see. Across all banks, the more complex their systems become—as a result of ‘bolt-on’ updates to existing infrastructure and systems—the greater the operational risk.

5.30 Operational risk, generally defined as the risk of loss due to failures of people, processes, systems and external events, is a perpetual threat to banks as a result of the constant need to apply changes to their technology infrastructure. As more updates are ‘bolted on’ to banks’ systems, their complexity grows and with it, so does the risk associated with applying future updates and the potential for future systems failures.

5.31 In a recent speech to the Exchequer Club in the U.S., Thomas J Curry, Comptroller of the Currency, (US Treasury Department) stated that “Operational risk is heightened when these systems and procedures are most complex. Given the complexity of today’s banking markets and the sophistication of technology that underpins it, it is no surprise that the OCC [Office of the Comptroller of the Currency] deems operational risk to be high and increasing. Indeed, it is currently at the top of the list of safety and soundness issues for the institutions we supervise.”18

5.32 If a bank cannot operate, it cannot fulfil its role in the interlocked financial system and, as was seen during the financial crisis, the knock-on effect can turn a market event into a crisis and a crisis into a recession. In terms of end result there is no difference in a bank being unable to operate within the interconnected system as a result of a lack of liquidity (as demonstrated by the strains on interbank lending during the crisis) to a bank being unable to operate as a result of systems failure. It is, in essence, a systemic risk.

5.33 Adding new elements or removing them from these systems is a complex and expensive process that will impact upon a multitude of different aspects of the banks’ systems. In many cases, the architects that established the systems in the first place—in some instances up to 30 years ago—are no longer working in the industry and today’s architects are faced with the resource intensive task of painstaking evaluation of the potential impact of making changes to these increasingly complicated systems. Banks are unable to clearly differentiate layers of operation and system functionality, rendering the introduction of additional change increasingly complex, a risk to operations, and costly to implement. It is not unusual for integration testing to account for 50% of the cost of implementing new systems—which in itself indicates the level of resource required to mitigate the threat of systems changes causing a systems failure. Logic would dictate that as these systems grow ever more complex with additional changes, this figure will also rise. The more of a bank’s budget that is spent on implementing regulatory change—and ensuring that this change does not cause systems failures—the less scope there is for banks to implement new services or products that can facilitate better customer service.

5.34 The longer banks leave it to modernise their operations, the greater the risk of systems failure, and therefore the risk of disruptions to the provision of banking services becomes greater—as do the potential financial and reputational costs.

5.35 Limits banks’ ability and therefore willingness to change

Resistance from banks to substantial business change (such as ring fencing, account portability, etc) often stems in part from the impact that such changes will have upon banks’ increasingly complex core systems; the resource (time, money, etc) that will have to be applied to achieve change and compliance; and the potential disruption that there will be to everyday banking activities. Current infrastructure is, to all intents and purposes, an obstacle to any change that can benefit customers, the banks themselves and the wider economy.

6. Why Should Banks Want to Address this Issue?

6.1 Aside from mitigating the adverse reactions of the issues above, there are a number of commercial cases for addressing this issue:

6.2 Efficiency savings

In the medium to long term, addressing the inefficiency (eg cost and resource of implementing change, huge cost of system testing, duplication of processes, poor information sharing, etc) that is inherent in many banks’ infrastructures will deliver significant efficiency savings to banks—at a time when revenues and profit margins are falling. To date the majority of UK banks have taken the view that continuing to maintain their existing infrastructure—despite the spiralling cost, complexity and risk of doing so—is less expensive in the short term than comprehensively addressing their technology platforms and beginning with a relatively ‘clean slate’ from which they can operate. There are significant challenges and costs to doing so—it can be equated to open heart surgery for banks, given the necessity for the bank to keep functioning during the transformation; and the costs are significant. However there are examples in the UK, Europe and globally of financial institutions addressing their infrastructure deficiencies and subsequently reaping the benefits. Examples include:

6.3 Deutsche Bank

In 2010 Deutsche Bank began Project Magellan, a programme to migrate it’s 24 million customers off their 40 year old legacy systems and onto a new platform that would not only deliver savings through reduced complexity, but would make the integration of future systems following acquisitions less time consuming, complex and costly. The project, which is due for completion in 2015, is expected to cost around €1billion but in 2012 alone it is expected to report that it will have made €200million in efficiency savings from operational IT costs as a result19. As Deutsche Bank has replaced its fixed coded legacy systems with a more flexible architecture, it is able to implement regulatory/market/customer driven changes far quicker than previously was the case—reducing implementation cost and increasing its agility and ability to adapt to suit changing requirements (from customers or otherwise).

6.4 Santander

Santander has used its own core banking system, Partenon, to consolidate its systems and run the businesses of acquired banks—which is seen by many analysts as one of the most advanced in the industry. In simplifying its own core systems, whenever Santander acquires new banks (as it did with Abbey, Alliance & Leicester and Bradford & Bingley) it is able to do so at a reduced cost. Fortune Magazine (CNN) has praised Partenon as the “key to cost savings... which has slashed back-office expenses at all its subsidiaries”20 Carol Wheatcroft, an analyst at Tower Group, a research company specialising in the financial services industry, says Partenon is “probably the best of breed” due to its speed and ability to take the strain off of back office IT systems21.

6.5 Whilst there are still risks to migrating the systems of one bank to another—and Santander has experienced this during some of the integrations over the last decade—the approach that it has taken in investing in a platform that can receive the huge amount of customer data from its acquired institutions has meant that it is able to facilitate a more advanced single customer view than other rival banks—across various business lines (where many banks struggle) such as mortgages, credit cards and insurance. As all of a customer’s relationships with the bank are automatically linked, and can be viewed immediately by bank employees, it is easier to more accurately cross-sell services to customers.

6.6 Better serve customers

To compete in today’s business environment, banks need to become more agile so that they can better understand market dynamics and anticipate customer needs; design, introduce, or modify products and services in a timely manner; implement a new value added delivery system, even if that means reshaping the information infrastructure; and identify resources (people and goods) internally or externally. To all intents and purposes, many established banks are not able to do this because the infrastructure upon which they are built—and in particular their legacy systems—have not evolved as the financial system has.

6.7 Organisational changes, increasing competition and new regulatory requirements demand that infrastructure complexity gives way to business agility for future growth and improved customer service. The challenge for banks is to see that changes being driven by regulatory mandates are an opportunity to improve their operations and infrastructure (as they will be changing them anyway) and render them more adaptable to a changing market. Those financial services providers that appreciate and act upon this will ultimately benefit from doing so. Those that do not, will risk losing business to others in the market that are able to react in a timelier manner to the demands of their customers.

6.8 Nationwide Building Society

In 2008 Nationwide said publically that the legacy systems its operations were running on were restrictive to their future growth plans and in order to compete, it had to use its technology as a platform for better customer service delivery. Specifically it stated “the new platform will enable us to respond to future changes in the industry, as well as provide faster product development and innovation processes that will translate to increased benefits to our customers.”22

6.9 Nationwide, although not a bank, does operate within the retail banking market and has been increasing its market share within this area. It has spent £1 billion (as of November 2011—most costs available) on improving its IT systems and fully integrating Cheshire, Derbyshire and Dunfermline building societies, which it took over in 2009. The company has also delivered a new internet banking site, new types of current account, significantly reduced mortgage and ISA application times, improved its ability to price loans across its customers and constructed what it has itself termed a “state of the art” data centre. The purpose behind these changes—and the replacement of the core systems that underpin its entire operations—it to provide better customer service and product innovation. Nationwide’s operating profits are not as large as many of the established banks—it does not operate in capital markets where established banks are able to make profits that mask the poor contribution to profits from their retail banking arms. Nationwide has taken the decision to make its operations as customer centric and efficient as possible in order to improve customer experience and it is anticipated that this will eventually improve its ability to generate profit.

6.10 Whilst Nationwide has stated that generating savings was not the primary driver for addressing its infrastructure inflexibility, it is also expected that this will be a benefit that it will ultimately enjoy. As part of its transformation programme it has reduced its ration of servers from 12 to 1, eliminating un-needed capacity that was a legacy of its ageing systems, through the virtualisation of its data centre estate. It is anticipated that this action alone will generate £8 million in savings by reducing operational and energy costs23.

6.11 The cost of doing nothing...

‘A shift in consumer mindset and growing demand for anytime, anywhere access to applications is giving rise to a new kind of competitor. Banks are being left behind as search engines and technology companies capitalise on the online opportunities to deepen customer engagement and create more connected end-user experiences.’24

[Monitise, November 2012]

6.12 Banks are currently experiencing the ‘perfect storm’ of both falling revenues and rising costs. Investment banking is no longer as profitable as a result of increased regulatory supervision, increased capital requirements and continued uncertainty across the global market. News of redundancies from investment arms of banks operating in the UK (and indeed Europe, the U.S., etc) is commonplace. Retail banking has never been a significantly profitable business for most banks—largely because revenues are smaller and the ability to maximise margins is severely hampered—ie most simply do not know their customers sufficiently well and their operations are not nearly efficient enough. Costs are almost always high compared to revenues. In many cases the short term option of ignoring this and simply concentrating on returning more profit from the investment arm was taken (hence the significant resource allocated to developing ‘faster’ trading, which increased returns).

6.13 However, as this is no longer possible, where will future revenues come from? There has been no significant change on the retail banking front, where the technology infrastructure is as inefficient as ever and (as set out above) it prohibits banks from knowing their customers or reacting swiftly to demand for products or services. Banks are therefore faced with a serious medium term threat—change or be disintermediated by disruptive new entrants to the market. The delivery of an account redirection (switching) system in September 2013 that will allow customers to vote with their feet if they feel they aren’t receiving a suitable service, will further add pressure to established banks to rectify this.

6.14 In the longer term, there is a significant challenge to established banks from disruptive, non-traditional entrants to the retail banking sector. At current rate and speed, banks cannot offer customers what they want today, let alone in five or ten years. The next generation of bank users may never go into a branch and may see Google Wallet or PayPal (for instance) as their main bank account, transferring their salaries to these services on a monthly basis. Operators providing digital wallets may, in the future, also see the benefit of providing broader digital retail banking services—a natural progression from the provision of digital payments services. If these disruptors choose to only offer payments services, and shy away from banking services, established banks may become merely transaction/payments utilities, in which case they lose revenue streams they can ill afford to lose. If these disruptors see the commercial potential for offering retail banking services, the situation for these established banks—if they do not address their current infrastructure shortcomings—may be far more serious. This will, of course, have knock on effects on the City of London as a financial centre, and the wider UK economy.

6.15 Reduce financial crime (fraud, cyber attacks, etc)

Fraud is one of the most prominent and persistent threats to the operations of UK banks and on many levels this threat is increasing. Given this persistence, it is increasingly regarded as an operating cost by banks and credit card companies alike. For credit card companies, it is often cheaper to write off fraud losses than investigate them. As the most recently available statistics demonstrate, there was a 23% increase in attempts to open current accounts in UK banks in Q1 2012, compared to Q4 2011, with 44 in every 10,000 applications for an account determined to be fraudulent25. Whilst this ratio itself may not seem significant taken out of context, banks have millions of current accounts and this can amount to significant levels of fraudulent activity at both individual bank and industry wide levels.

6.16 Infrastructure renewal will also help reduce the incidence of fraudulent activity—by facilitating a more accurate single customer view and by allowing banks a greater holistic oversight of their operations (ie breaking down silos) to better identify it in good time—through the reduction in the opacity of a bank’s own operations. As a general rule of thumb, the more accurate, comprehensive and readily available the data is on a banks’ customers and transactions, the more likely they will be to spot fraud at an earlier stage—with a reduction of costs to the banks.

6.17 However, the true benefit for the wider industry will be the ability to more readily collate and aggregate data on potential fraudulent activity on a cross industry basis. In many cases fraudsters do not target just one bank at a time and financial products can be taken out by fraudulent means across any institution. However, there is currently limited provision in place for information sharing between institutions on interconnected fraud—especially on a granular and timely basis that can help institutions identify and limit the effects of fraudulent activity in good time. As individual institutions will attest, fraudulent activity is most likely to be identified when banks are viewing activity across the breadth of their own individual operations (ie across credit cards, debit cards, online banking, etc—ie all transactions of an individual customer being viewed together). However, current practices do not allow aggregated activity to be viewed across institutions

6.18 More accurately gauge exposures & therefore capital requirements

More accurate reporting of risk—based upon regulatory confidence in the accuracy and breadth of reporting from banks—could lead to savings for firms such as a haircut on capital requirements. Ultimately better, more accurate and timely understanding of risk across an individual institution may well have significant effects on the capital requirements of that specific firm—which are currently estimates of the exposures that banks have. If these exposures can be more accurately mapped across the entirety of a bank’s disparate operations, there is no reason why (if the regulator is confident in the accuracy of their views of the ‘whole’ of individual institutions) that capital requirements on banks cannot be reduced to reflect actual, rather than perceived or estimated risk.

6.19 Additionally, there is no reason why the banks themselves cannot utilise this data for their own benefit. By sharing appropriate information with a potential lending bank, more appropriate terms can be agreed, based upon a more accurate assessment of the risk exposure that the funds represent. Morgan Stanley has estimated that in the United States, the implementation of a systemic risk utility—and the associated requirement to standardise data at individual institution level—would result in a 20—30% reduction in operational costs for most banks. In the U.S. it has been estimated that operational costs would also be reduced by helping individual banks cut down the time it takes for them to cleanse their legal entity and reference data and significantly reduce the amount of effort required to clear trades. Again, Morgan Stanley has estimated that it could save the financial services industry in the U.S. as much as $1 billion per year.26

7. What Role does Account Portability Play in the Reform of the Financial System?

7.1 In November 2011, Intellect produced a concept paper entitled ‘Facilitating a central account switching & mass account migration solution for the UK banking industry: How to achieve the interlocked objectives of consumer choice & financial stability’27. This purpose of this paper was to demonstrate how—by taking into account the ‘technological art of the possible’ at an early stage, a potential central utility could facilitate two seemingly unconnected priorities for the reform of the financial system. Ie

the competitive switching of current accounts between retail banks (account portability)

the provision of continuous banking services in the event of a failure of a retail bank (mass migration of current accounts from a failing bank, to a number of healthy banks ‘over a weekend’)

7.2 The paper set out, from an objective perspective, one approach that could be taken in implementing such a central utility and, crucially, a theoretical projection of what the end state of this technological change might be—an ‘Overall Vision’. This Overall Vision sees account portability and mass account migration as steps towards the realisation of retail banking operations and supporting systems that are utilised by multiple retail banks on a shared service model—with potential benefits for banks and customers.

7.3 However this was not intended to be a statement that a central utility should be implemented—instead it is an overview of this technological art of the possible, ie how one could be established, what it might consist of, and what the benefits of doing so might be. Intellect believes that there could ultimately be a number of benefits that could be accrued by customers, the economy and banks themselves but before any decision is made to implement an account portability utility, a comprehensive evaluation should be conducted by an independent body (ie not the technology industry and not the banks or a body representing the banks) of the costs, benefits and challenges of doing so. Vested interests should not play the central role in this process. However, Intellect also believes that this evaluation should be focused on the UK banking sector, and not on the findings of similar reviews in other countries—the UK’s financial system has its own characteristics, strengths and weaknesses and these should be the primary determinants. Intellect members reserve the right to their own opinions of whether such a utility should be established or not.

7.4 The Intellect proposition

7.5 Overview

A Central Utility, developed in two phases, that will allow for the competitive switching of current accounts by consumers and then the facilitation of mass migration of accounts in the event of a failure of a retail bank. The Central Utility will consist of a central mandate facility, unique identifiers to differentiate individual consumers across the banking system and will be scalable to accommodate the mass migration of up to 30 million accounts in a short time frame. Each Phase of the Central Utility will be built with the next in mind, so that the ability to expand it to fulfil the above dual objectives, is not limited by design. The development of this Central Utility would be guided by an ‘Overall Vision’, which need not necessarily represent an actual intended goal or even an aspiration to be planned for in detail. Rather, it provides a delineation of what is technologically possible and could be beneficial to banks, consumers and the wider economy under current circumstances and that can serve as the theoretical reference point for specific decisions.

7.6 Why?

A Central Utility could fulfil two key objectives (see above) that are currently being examined separately by policy makers and regulatory authorities. Intellect’s members believe that approaching these dual objectives as two separate endeavours, represents a duplication of effort and expenditure for all stakeholders. Such an approach is also deemed to be counterproductive to the timely and effective achievement of these objectives, especially in respect of mitigating systemic risk from a potential bank failure and achieving a functioning recovery and resolution regime that the public will have confidence in.

7.7 How and what?

Phase 1 of the Central Utility—facilitating account portability—would see the establishment of a central mandate facility (holding direct debit, standing order and recurring card transactions information), and unique identifiers to differentiate individual customers (be they personal or business account holders)—in effect building the infrastructures and operating processes that will allow customers to switch accounts in hours rather than days. There would be no need for an explicit redirection service, as there would be a de facto, automatic, permanent redirection service operating for all accounts as information on all direct debits, standing orders, bill payments, etc would be attached to the unique identifier and as an account was transferred to a new bank, this information would follow. Moreover, it would also work for subsequent switches ie if the customer switched accounts more than once.

7.8 Phase 2 would be the enablement of mass account migration—of up to 30 million accounts ‘over a weekend’—which will follow and use the architecture, operational and technical infrastructure created in Phase 1 as its basis.

7.9 In essence each phase and introduction of additional capability, such as the scale required for mass account migration, will be delivered by building on what was put in place by earlier phases. The fundamental principle is that of ‘keeping doors open’ through the adoption of standards, infrastructure and operational guidelines that facilitate scalability and applicability across a range of usages that is broader than that required to cater only for competitive account switching requirements.

7.10 Objectively, Intellect believes that the current account switching system being built does not achieve this final point—that it can be built upon in the future and used as a means to fulfil other roles/duties and therefore deliver further benefits to both customers and banks without having to build a completely new system. It was designed, with cost in mind, as a single purpose vehicle and to this degree it could therefore be considered as a missed opportunity.

7.11 Phase 3—the Overall Vision—which represents the technological ‘art of the possible‛—ie it is what technology could facilitate if there was the will to do so. From a functional perspective, the Overall Vision sees account portability and mass account migration as steps towards the realisation of retail banking operations and supporting systems that are utilised by multiple retail banks on a shared service model—with a reduction in operational costs for all participating banks. These are in turn linked to individually differentiated operations and systems that provide competitive advantage to each specific retail bank, to their management’s own design and choosing. It demonstrates a progression of the Central Utility, potentially providing significant economies of scale in all non-competitive operational functions and reducing the incidence of fraud (amongst other potential benefits) through greater centralisation of the information held about individual accounts across multiple banks, allowing a more holistic view of potentially fraudulent activity. However, it is conceptual. It need not necessarily represent an actual intended goal or even an aspiration to be planned for in detail. Rather, it provides a delineation of what is technologically possible and could be beneficial to banks, consumers and the wider economy and that can serve as the theoretical reference point for the specific design decisions made on the Central Utility, ie a point to aim at.

7.12 Is an account portability/central utility a silver bullet for challenges facing the UK banking sector?

On its own, no. Although in the longer term, if taken as a strategic option of a wider set of reforms to the substandard infrastructure that underpins the financial system, it could feasibly deliver significant benefits to customers, banks and the wider economy.

7.13 However it is only one part of the wider challenge facing the banking sector currently and will not, on its own, address the broader shortcomings and failings that have been exposed since the financial crisis. These are issues that all point towards the fact that it is the infrastructure that underpins the financial system that is no longer fit for purpose and cannot support a modern banking system, or allow banks to play a meaningful role in an increasingly digital economy.

7.14 There are benefits that could be accrued from the development of a central utility such as enhanced fraud detection and prevention, reduced operational costs for banks, greater competition and, ultimately, enhanced financial stability if functionality was incorporated to facilitate the mass migration of accounts in the event of a bank failure. However it is impossible to give anything other than educated approximations as to the quantitative benefits and costs of doing so, as there is very little in the way hard facts in the public domain about the costs and benefits of technology expenditure by banks and the specific limitations of each individual bank’s own infrastructure. Banks are not required to include any of this information in annual reports and figures from statistics agencies are scarce28.

7.15 What is clear however, is that a significant proportion of the cost of a bank implementing an account portability solution will stem from the ‘distance they have to travel’ to bring their own technology infrastructure up to a point where an account portability utility would be able to function effectively. This is again, a data issue, and the fact that the customer data that bank A holds, will be different (and in a different format) from the customer data that bank B holds. Account switching is a process that currently takes weeks because often incompatible analogue data has to be transferred between banks and mandates are not readily available between Bank A and Bank B. To implement an account portability utility where all banks’ customer details are held centrally will require a significant data standardisation programme across the retail banking sector which, under the current limitations of many banks’ own technology infrastructures, would be a very expensive and complex process.

7.16 However, this is not to say that addressing the widespread problem of ‘too much data, not enough actionable information’ is a task that banks should not be undertaking anyway—regardless of account portability.

7.17 As set out in this submission to the Commission, it is this infrastructure that is holding banks back from truly knowing their customers, accurately evaluating exposures, identifying abuses such as money laundering and rogue trading in good time, implementing timely and cost effective change etc. Ultimately it is this ‘plumbing’ that will undermine the effectiveness of any initiative that requires banks to use their data in a more effective manner—which indeed account portability would. Currently banks have significant difficulty in building a detailed and holistic view of their entire operations—so to fix part of this whilst neglecting the rest of it would seem to be, again, a missed opportunity.

7.18 By way of analogy, building an account portability utility without dealing with banks’ substandard infrastructure could be compared to building a conservatory for a house that is suffering from subsidence. It might well add value and provide additional benefits to those using the house, but ultimately its being built on foundations that are not sound and is ignoring the real work that needs to be done first or building the conservatory will be an unnecessarily expensive and complex process.

7.19 The process of transformation that banks would have to go through, in order to comply with any account portability/central utility requirements might go some way to addressing the problems that banks have with knowing their own operations. However, the logical (and ultimately less costly) way of approaching this issue would be to address the fundamental problems first—which the banks are going to have to address sooner or later anyway—which will go some way to addressing the broader challenges that the post reform system is facing. Once progress has been made here, industry could then look at other initiatives such as account portability—if indeed they are still required.

7.20 Whilst Intellect supports the concept of an independent evaluation of the benefits and feasibility of an account portability solution, this should be undertaken as part of a wider evaluation of the suitability of banks’ existing infrastructure for the provision of modern banking services to an economy that does not want to see a repeat of the 2007/08 crisis.

7.21 On the broader issue of ‘central utilities’...

Across the financial system, although not necessarily in the UK, there has been some degree of warming to the concept of a central utility across some areas of the system, in order to reduce the operational costs that banks incur through their own technology infrastructure.

7.22 A central utility can be a means by which all participating banks can share some non-competitive systems (ie those systems that all banks have and which could be used collectively without a loss of competitive differentiation) in order to improve efficiency and cut costs. Much of the technology used by banks is similar, with many developers and technology providers often replicating the significant proportions of systems built at one bank once for other banks. It is these duplicative systems that could, feasibly, be recreated in a central utility whose functionality is shared by subscribing banks.

7.23 In 2012, Deutsche Bank proposed that a central utility be created for banks operating in the wholesale market where participating organisations can lower the collective cost of creating and maintaining trading software29. This demonstrates that there is an increasing openness to examining all possibilities for reducing the extremely high costs of maintaining technology infrastructure, and Deutsche Bank in particular believes that the sharing of software will save banks billions of dollars that they might have otherwise have spent on software that was duplicated across the industry.

7.24 However, it is unsurprising that many banks are not open to the concept of such significant change within the current environment of high regulatory costs and falling revenues, regardless of the longer term benefits. Barriers to achieving any sort of central utility would be the short term cost of implementing it; the requirement for some sort of agreement to be reached and co-ordination amongst participating banks; and a (somewhat misplaced) belief that all a bank’s technology is its competitive advantage.

7.25 “Everybody thinks that IT is a source of competitive advantage... Is all of the stuff we do in IT creating competitive advantage? I’m not sure it is.”

[Kevin Rodgers, Global Head of Foreign Exchange, Deutsche Bank]

7.26 The ability to share systems, reduce costs and bypass the inefficiencies of banks’ individual infrastructures was a driving principle behind Intellect’s ‘Overall Vision’. This could form part of a wider programme of renovation of existing infrastructure across the financial system. However, as with the creation of an account portability utility, it would only form part of a potential solution to the larger challenge of addressing substandard infrastructure across the financial system and would not be a solution in itself.

7.27 Industry utility case study—Faster Payments

The Faster Payments service, implemented by VocaLink, allows customers to make faster automated payments, typically using the phone or online banking, enabling the payments to get to the destination within a couple of hours. As would be the case with renewal of the wider infrastructure across the financial system, Faster Payments has delivered two major benefits since it was implemented in 2008—increased efficiency and greater transparency.

7.28 Efficiency—It facilitates near real-time payments, enabling money to move quickly between customers, corporates and banks. This in turn delivers greater efficiency and frees funds and resources for other crucial segments of business—a benefit enjoyed by both banks and the wider economy.

7.29 Transparency—Facilitating increased traceability and a clearer view of cash flow, which means customers no longer have to rely on their banks to confirm that a payment has been received. This creates a more streamlined, transparent process, whereby it is easier to identify discrepancies, such as overpayment. This has similar benefits for banks as it can help identify and act upon fraudulent activity quicker.

7.30 Near real-time payments helps to bring banks back into alignment with their customers’ needs and, crucially, provides a platform on which they can develop more value-added services for customers. Despite the fixed technology costs that banks incurred bringing their systems in line with the requirements for the Faster Payments utility, it soon became evident to banks that there were revenue benefits for them in doing so. A study carried out by VocaLink and PWC shortly after the utility went live demonstrated that banks had already identified that revenues were exceeding costs and a return on investment was an eventuality, rather than a possibility30.

7.31 Similarly, Faster Payments has provided the foundation upon which future opportunities and market requirements can be built—most notably online payments and latterly mobile payments, the popularity of which is widely expected to increase in popularity and transaction volumes exponentially over the coming months and years. The Payments Council’s own mobile payments platform, which will go live in 2014, will utilise the Faster Payments utility—demonstrating that it can deliver additional value for banks and their customers.

7.32 The creation of an industry utility is not a radical concept. Faster Payments demonstrates that when it suited the industry to do so, it has been able to implement something that delivers benefits to all stakeholders across the financial system. The creation of an industry utility to give the regulatory authorities the means to have a holistic and real-time view of the financial system and its exposures is by no means impossible and could form part of a wider process of renovation of the infrastructure that underpins the financial system.

8. How can Substandard Infrastructure be Addressed?

8.1 In an ideal world, banks would see that by addressing their infrastructure issues, they will provide a foundation in the longer term for decreased costs, increased revenues, improved customer service delivery and a reduction in operational risk. The industry would make addressing this issue infrastructure an underpinning priority to all other change—as it would make all other change simpler, less costly and less risky. However in reality, given the current weight of (often disjointed) regulatory change upon banks; reluctance to invest in business change projects that do not deliver immediate returns on investment; and the scale of change that is now required after years of not addressing their infrastructure frailties, this is an issue that many, although not all, banks are reluctant to address voluntarily.

8.2 Intellect fully appreciates the pressure on banks’ resources to implement unprecedented levels of regulatory change, yet contend with declining revenues and rapidly changing markets. Consequently there is no realistic case for the wholesale ‘ripping and replacing’ of banks infrastructure over a short timeframe. However, at the other end of the spectrum, change does need to take place or the UK’s banking system, its customers and the wider economy will suffer.

8.3 The middle ground, where Intellect believes the most realistic path to change lies, is through a consolidated regulatory roadmap that sets out to banks precisely what will be required of them in the future and allows them to work towards this with greater certainty over a number of years. Through cross industry dialogue (with the regulators, technology industry, academia, interest groups etc) the banks can then work towards this prescribed ‘end state’ but do so in a way that allows them to plan ahead and address these infrastructure issues as part of this ‘journey’.

8.4 Consolidated regulatory roadmap and ‘end objective’

Banks currently face an unprecedented regulatory burden that is costing billions of pounds to implement with no clear ‘end objective’ at which to aim. The difficulty of co-ordinating regulation set by multiple regulators, government and policy makers on a global scale is immense and whilst significant progress has been made in improving co-ordination since the crisis, the lack of an end state to aim at is encouraging banks to undertake implementation one project at a time, in a ‘tick box’ manner. As a result of the siloed nature of business lines and departments in banks, such implementation often results in duplicated efforts across operations. In addition regulation is becoming increasingly complex and banks have to dedicate even greater internal resource to achieving compliance. Ultimately this reduces the resource available to banks to implement more customer-focused services or increase the availability of finance for business.

8.5 An aggregated estimate from Intellect’s members is that approximately only 4% of banks’ technology budgets are spent on actual innovation, improving the way that it operates or generally improving the customer experience31. Intellect would argue that this is actually counterproductive to the broader objectives of the reform of the financial system.

8.6 If the amount spent on implementing regulation by reducing duplication, reducing confusion, encouraging co-ordination across individual bank’s operations and the wider industry can be reduced, this will free up resource for banks to address underlying issues such as infrastructure (which will in turn reduce the complexity and cost of implementing future regulation), and improve the customer experience.

8.7 In order for this to happen however, Intellect believes there needs to be a co-ordinated regulatory roadmap which sets a clear ‘end state’ at which banks can aim at, and a time frame within which to do so. This naturally falls to the regulatory authorities to set, based on what they feel the banks should be able to do in the future. This will require further consolidation of existing regulatory initiatives and the provision of a regulatory ‘bottom line’ which all banks will need to comply with. In short this requires the regulatory authorities to show leadership on this issue, where there has been little to date.

8.8 Mapping systems

The onus, however, is not just on the regulators to consolidate requirements and provide a vision for the future. Banks should also be developing their own maps of their complex existing systems, so that they are able to plan and implement change more efficiently and so that simplification can be undertaken where current budget allows. In essence, they should now be plotting how to move from analogue to digital operations, in line with the trajectory of the rest of the UK economy, and factoring in how this can be done as part of ongoing regulatory change programmes and despite of budgetary restraints. This is, in effect, preparation for a point when banks can aim towards the ‘end state’ set by the regulators.

8.9 Banks are currently having to undertake the sizeable task of mapping all their systems, processes and data ‘obligations’ across their operations in order to comply with resolution plans under Living Wills—a task that many might have expected banks to have already undertaken as a basic facet of running a large corporate entity, this has in many cases regretfully not been the case. However this represents a significant opportunity for the banks, as they are being compelled to undertake this task for regulatory purposes, they should use this as an initial blueprint from which they can map their modernisation.

8.10 There has been significant investment and many examples of technologically advanced, cutting edge innovation devised by hugely intelligent people in algorithmic trading—this was where the immediate return on investment was for the banks, and therefore this is where significant effort was applied. Intellect would suggest that there is a strong case for banks to refocus these people they have working for them—both as employees and as contractors from the technology sector—from driving quick returns on investment to solving this all encompassing infrastructure challenge for the banks, and in doing so ensuring that these banks have a sustainable business in the future.

8.11 Cross industry dialogue

If this definitive roadmap is produced, it will then afford the banks and authorities a platform on which to engage in meaningful dialogue around how the financial system’s infrastructure can be designed to not only implement ongoing reforms in a more cost effective and joined up manner, but also allow banks to better serve their customers, the economy and indeed their own shareholders. This is a discussion that will be best served by involving other key stakeholders such as academia and the technology industry, amongst other organisations.

8.12 Innovative solutions to some of the specific challenges posed by the financial crisis are being developed by bodies consisting of a cross section of the financial system, such as the EDM Council and ISITC. Intellect aims to create such a forum through the launch of its ‘Financial Infrastructure’ programme, with the objective of facilitating targeted and insightful discussion amongst interested organisations; and provide the foundation for tangible outputs to inform mutually beneficial change across the financial system.

8.13 Timeframe

This is not a problem that can be fixed overnight, more something that should be addressed as part of ongoing reform. There is a time dimension however; as banks cannot continue on the path they are on without harming themselves, the City as a financial centre and the wider economy.

22 January 2013

1 P3, ‘FS infrastructure: ready for G20 Reform?’, JWG, March 2012

2 Andrew Haldane; Oral Evidence taken before the Parliamentary Commission on Banking Standards; 7th November 2012

3 ‘Banking: Finances’ Fifth Column’; Financial Times; Sharlene Goff & Maija Palmer; 25th July 2012

4 Darin Brumby, Divisional Director Business Systems Transformation, Nationwide Building Society in ‘‘The challenges of a transactional banking project – akin to replacing an aircraft engine in mid-flight”; IFB Group Annual Report 2007/08

5 ‘Brain drain: where COBOL systems go from here’; ComputerWorld, 21st May 2012

6 ‘Silo but deadly: messy IT systems are a neglected aspect of the financial crisis’; The Economist; Dec 3rd 2009

7 ‘IT in banks: What does it cost?’; Deutsche Bank, DB Research; Dec 2012; p2

8 ‘Banking: Finances’ Fifth Column’; Financial Times; Sharlene Goff & Maija Palmer; 25th July 2012

9 P1, ‘Systemic Risks in Global Banking: What Can Available Data Tell Us and What More Data Are Needed?’ Working Paper 376; Bank for International Settlements; April 2012

10 P10, “Observations on Developments in Risk Appetite Frameworks & IT Infrastructure”, Senior Supervisors Group

11 P12; ‘Final Notice, UBS AG’; Financial Services Authority; 25th November 2012

12 ‘UBS trade Kweku Adoboli gambled away £1.4bn’; BBC Online; 14th Sep 2012

13 David Bagley, Head of Group Compliance, HSBC Holdings plc; Written Testimony for Senate Permanent Subcommittee on Investigations; July 17, 2012

14 ‘Review of barriers to entry, expansion and exit in retail banking’ Office of Fair Trading, November 2011.

15 ‘Core Banking Infrastructure Renewal’; Financial Services Technology; May 2007

16 ‘High street banks inability to exploit data leaves customer experience wanting’, KPMG, April 2012

17 ‘Barclays banks on cloud and Linux to slash development costs’; FinExtra; 10th Jan 2013

18 Remarks by Thomas J. Curry, Comptroller of the Currency, before the Exchequer Club; 16th May, 2012

19 ‘Deutsche Bank moves first customers to new core platform’; FinExtra; 11th July 2012

20 ‘Banco Santander's Emilio Botín takes on the world’; Fortune, CNN Money; 12th March 2012

21 IT integration essential for Santander’s M&A strategy; Computer Weekly, June 2009

22 ‘Nationwide invests in IT change’; Computing; 20th March 2008

23 ‘Nationwide banking on £8m saving with server virtualisation’; ComputerWorld; 3rd Feb 2010

24 P2; ‘Mobile money and the battle for customer engagement’; Monitise; November 2012

25 ‘Current account fraud hits highest level ever, according to Experian’; 10th June 2012

26 P11; Testimony Before the Subcommittee on Security, International Trade and Finance (Committee on Banking, Housing and Urban Affairs), United States Senate; ‘Providing Financial Regulators with the Data and Tools Needed to Safeguard Our Financial System’; Allan Mendelowitz & John Liechty; 10th Feb, 2010

27 Facilitating a central account switching & mass account migration solution for the UK banking industry: How to achieve the interlocked objectives of consumer choice & financial stability’; Intellect; Nov 2011

28 ‘IT in banks: What does it cost?’; Deutsche Bank, DB Research; Dec 2012; P2 & 6

29 Deutsche Bank urges rivals to share IT

30 ‘Tomorrow happened yesterday - How banks are building a business case for Faster Payments’; VocaLink & PriceWaterhouseCoopers; 2009

31 80 per cent of banks’’ technology budgets spent on maintaining existing complex and inefficient systems (‘run the bank’) leaving 20 per cent available for implementing any sort of change (‘change the bank’). Of this 20 per cent, 80 per cent of that is spent on implementing regulatory requirements – equating to approximately 4 per cent of banks’ total technology budget for innovative, non regulatory change.

Prepared 19th June 2013