By Max Clarke
Proposals to ‘ring fence’ retail and investment arms of major banks were yesterday given the seal of approval by Chancellor George Osborne.
Initially proposed by the Independent Commission on Banking, the proposals are intended as means of protecting customers’ savings and curtailing losses in event of banking failure.
Former Chancellor Lord Lawson urged the government to consider a full break-up of banks retail and investment arms arguing that ring-fencing isn't enough to protect investors. The report earlier this year from the Independent Banking Commission calling for UK banks to ring-fence retail banking operations certainly puts IT departments in banks on red alert. Under plans contained in the government-commissioned report, IT systems and outsourcing deals will be significantly affected by the recommendations to separate different parts of the bank.
Banks currently have many integrated support services and IT outsourcing agreements across different divisions and the requirement for separation will result in an expensive shake-up of IT departments including re-procurements and architecture re-design in the banking sector. IT initiatives supporting shared services and risk management will require overhauls if the recommendations become regulations.
Roger Rawlinson, managing director, Assurance Division at NCC Group discusses the implications of the Commission’s recommendations:
“The proposed ring fencing comes at a time when international banks have been moving to join up their IT systems and processes across different divisions and regions, in order to streamline their internal operations and have a clearer view of their overall risk profile. This could force an expensive re-think or even U-turn, which will involve numerous IT contracts being outsourced.
"Banking IT managers will need to carefully consider the security of outsourced technology services. Despite a rapid increase in the volume of hacking attacks in recent years, the security of information handled by third-parties is often overlooked. Banks must therefore ensure comprehensive security audits are carried out when outsourcing work, and implement all necessary measures to assure the security of third parties handling private company data, avoiding costly damage to both finances and reputation.
"In addition, most banks are heavily reliant on software to deliver both key products, and mission critical internal and external services, yet few businesses consider the ongoing availability of these applications. Banking IT managers, who may not have much experience of sourcing IT suppliers after years of using legacy systems, must review operational continuity when developing IT plans for the newly ring-fenced operation.
"Software verification and Escrow should be used by organisations to ensure that they can continue to maintain and support essential software applications in the long term. The software application source code is stored with an independent third party, with the agreement of the software supplier. This form of protection allows the end user, in this case the banks, to legally redeploy software in the event that the original supplier is no longer able to provide it — whether due to insolvency or even merger and acquisition currently rife in the technology industry."
Join us on