Technology Is Helping FIs Build Resilience And Battle Black Swans

The trouble with black swan events is that no two of them look alike, so preparing for them is a dicey business.

The unforeseen, global seismic events that touch every aspect of daily life tend to leave things forever changed.

That’s especially true for financial services.

In scrambling to address the coronavirus crises of the present day, where economic headwinds are increasing and the health concerns of the pandemic have spurred millions of workers to telecommute, preparedness is everything.

Vincent Caldeira, chief technologist for FSI in APAC at Red Hat, told Karen Webster that so far, financial institutions (FIs) have held up just fine amid the COVID-19 pandemic.

As he told Webster, “in many mature markets, the responses of most of these institutions have been fast and consistent, with business continuity plans established under the supervision of regulators.”

Banks have not faced issues in fulfilling their obligations to their various customers, Caldeira said, and technology has not proved a hindrance to meeting demand as businesses and individuals look for increased assistance in navigating a new reality of digitally delivered financial services.

But before that, looking back a bit into March (which seems like a lifetime ago), banks had to take care of their own staff before being able to fully address customers’ needs, representing the first step in the business continuity plan.

That included making sure staff was able to work from home, said Caldeira. He offered up the analogy of a plane encountering turbulence: As travelers know, the rule is to put your own oxygen mask in place before helping others.

The Digital Customer

With the shift to working from home and sheltering in place as the new normal, FI customers are expecting their banks to deliver an increased suite of digital services.

That new demand may put pressure on FIs to meet a wave of new and continued demand for banking done in bits and bytes.

Caldeira said FIs were already looking at expanding the palette of digital offerings before the coronavirus hit, often under the pressure of FinTechs and neobanks challenging their dominant positions.

He added that “some players who were already advanced in their technology journeys are able to use cloud resources to scale quickly. For them, the transition has been seamless.”

The transition has been less smooth, however, for other FIs that have been relatively constrained by legacy technologies or by capacity.

Those FIs have had to locate new capacity in a quick and effective manner, he said. Bringing new machines and data centers online, along with the security testing needed for that equipment, can be problematic from both a cost and operational perspective.

That’s especially true for older, larger FIs with legacy systems in place that may be running on legacy systems that date back decades.

He gave the example of a survey showing that 43 percent of banking systems in the U.S. were still built on COBOL, so making the technological leap into the 21st century is no easy task.

It turns out that upgrading those COBOL systems to meet anticipated shifts in demand and to boost capacity can actually increase the number of outages. That’s partly because the institutional knowledge of these legacy systems, as well as legacy programming languages, can be limited among younger employees.

“There’s no easy way to fix this and upgrade,” said Caldeira, but there are ways for FIs to start addressing the problems of technical debt progressively. These FIs can make changes in an iterative way throughout the organization by decomposing applications first, and then progressively update the independent services until most of the legacy monolith application is replaced.

Bit by bit.

Building Technology Platforms With Resilience In Mind

As Caldeira explained to Webster, building resilience throughout critical tech infrastructure can come with a move to distributed systems of service components. Those components work with one another but can also exist separately (aka microservices) as they are functionally bounded, so that critical processes can run despite unforeseen, external stresses. Such a system, said Caldeira, will, by default, be easily scalable.

Being able to scale up and down with speed is a boon for FIs in an environment where, as Webster noted, decision-making for tech projects is being compressed.

FIs have traditionally looked back at data and evidence tied to past outages and economic turbulence to establish and test plans in an attempt to battle “black swan” events. Instead, as Caldeira told Webster, the only way for FIs to effectively prepare for black swans is to think, “How can I gain enough agility in my own operations, and with my own technology, to deal with things that we will not be able to predict?”

Advanced technologies, such as machine learning (ML) and standardized process automation across infrastructure and application platform layers, can help to manage technology operations with a better understanding of underlying problems, as well as greater consistency and certainty in unraveling the pieces that don’t work and starting to solve the problems they confront.

When asked if it could be challenging for FI industry players to acquire the relevant technical skill set, he confirmed there is generally a constraint in getting enough specialists on the market. He added that a possible solution is to not simply focus on growing available resources with specific skill sets, but rather to standardize open-source technologies, built by and for the tech community, so that skillsets and solutions are widely shared.

Tech deployment cycles that used to take months or even years now must be truncated to weeks out of necessity — and the compliance and regulatory environments are not getting less stringent.

As an example, with the newly entrenched work-from-home business models now confronting FIs, employees working in software development functions may now have to change mission-critical code from their home computers, which opens up challenges in terms of authentication, data protection and source code management.