As the face of technology in banking continues to change, are small and medium-sized banks’ technology departments morphing into vendor management functions or disappearing? Many banks already look to vendors to provide key technology applications and as the trend spreads to hosted infrastructure, there are significant consequences for the bank’s technology department and the key functions that will need to be retained or extended to ensure success.

by Robin Hinds, Senior Architect, Banking Practice

Introduction
As the face of technology in banking continues to change, are small and medium-sized banks’ technology departments morphing into vendor management functions or disappearing?  Many banks already look to vendors to provide key technology applications and as the trend spreads to hosted infrastructure, there are significant consequences for the bank’s technology department and the key functions that will need to be retained or extended to ensure success.

Current State and Macro-Trend
On some level, most mid-market banks already outsource part of their core banking platform or ancillary systems to vendors.  This typically includes providing the application itself, hosting the physical server hardware and providing management and support for both the application and hardware in the event of problems.

The trend of hosting technology applications and services outside of the bank is set to continue with the growing adoption and efficiency of “the Cloud” – where multiple applications for multiple clients can be hosted, managed and supported by vendors, using scalable shared physical resources and the appropriate security measures to keep each one logically separated.

With commoditization of many core banking technologies in the past 10 years and a greater part of technology moving under vendor responsibility, the in-house role of technology departments have declined across the industry.

Looking into the Future – So where does this end?
As application outsourcing continues to grow within many organizations, less infrastructure will be required in bank datacenters.  In addition to reducing the amount of infrastructure, this will also reduce the economies of scale and the ability for the internal technology organization to compete on efficiency and effectiveness.

The result is that banks would increasingly look to vendors to help provide both efficiency and competitive advantage in their technology and banks will build up a portfolio of relationships with multiple technology vendors.  Management of these  vendor relationships will be critical to ensure that the technology continues to supports the bank’s customers and operations.

In particular, each vendor relationship will have specific: 

  • Service Level Agreements, pricing and Conditions of Service
  • Security procedures and standards
  • Integration capabilities
  • Change and Incident Management procedures
  • Business Continuity solutions
  • Performance, capacity and scalability management  

The challenge of developing, managing and maintaining applications and infrastructure is gradually being replaced by that of managing multiple vendors and coordinating those vendors to provide an overall seamless service to the bank and its customers.

Is your organization prepared?
It is tempting to think that reducing the volume of applications and infrastructure developed and managed by the bank would be a simple cost saving reduction within the Technology area.  However it is important to remember that managing multiple individual technology vendor relationships from separate business units will invariably lead to inefficiencies and incompatibilities between solutions as well as issues with managing data and risk at an enterprise level.  As a result, the role of technology departments may increasingly evolve to managing the many technical and operational complexities emanating from a multi-vendor based strategy.  In particular:

  • More complex and varied technology landscape
  • Need for more technical vendor management skills
  • More sophisticated security and risk management
  • Increasingly elaborate service, change and incident management
  • More intricate DR scenarios (partial failures)
  • More complex Data Landscape

There are a number of core practices and responsibilities a bank will need in place to successfully take advantage of the technology savings that are available without extending their risk profile beyond acceptable limits.  In particular, the following areas:

Enterprise Architecture – managing and understanding the overall technical landscape and how it supports each business function that depends on it.  This is a multi-disciplinary function which needs to maintain a core business and technical understanding of the various solutions that integrate to make up the overall landscape.

Data Governance and Architecture – with a dispersed set of operational applications, the bank view of data becomes more complex.  It is important to govern data quality and ensure that the organization is able to determine, own and use a single version of the truth for all aspects of data including accounting, management information and business intelligence.

IT Security and Risk Management – with an industry focus on risk management and an ever-present need to protect system security, a multi-vendor landscape adds additional complexity to these practices which must be managed carefully to avoid costly breaches, reputational damage and ultimately loss of customer, management and stakeholder confidence.

Service, Incident and Change Management – with multi-vendor-based services supporting the business, orchestration of processes is required to manage the service and service level for the business, coordinating change activities across vendors and providing the employees and customers with a point of contact for resolution of problems.  This function allows the business to simply see and interact with a service which may be enabled by a range of vendor solutions in the background.

Technology Vendor Management and (critically) Monitoring – active management of technology vendors, maintaining both technical knowledge and understanding of the vendor solution as well as management through the vendor lifecycle, including:

  • Robust Vendor Selection
  • Contract Negotiation/Re-Negotiation
  • Service Level Management and Monitoring
  • Conflict/Issue Resolution
  • Vendor Termination/Deconversion

With maturity in the areas above, the bank can be an informed technology customer, maintaining control and ownership of its data and technology landscape to ensure that it remains in control of its destiny. 

Conclusion
Advanced vendor management capability is increasingly becoming a critical success factor for small and medium-sized banks.  Active and informed ownership of the bank’s overall technology and data landscapes will safeguard the banks’ IT transformation into the future, and help avoid many of the pitfalls we’ve witnessed in the past.