Financial Times Report

Computer errorsMishaps lead toa greater scrutinyof high-speedtradingPage 2

Inside »

InformationanalysisSector has yet torespond to the bigdata challengePage 3

Take care if youfollow the herdModern trendsexacerbate securityrisks, warn expertsPage 4

SystemsmanagementInstitutions try tofind the cloud’ssilver liningPage 4

Law andbusinessCull old records toavoid a ‘smokinggun’ in the archivesPage 5

FT SPECIAL REPORT

The Connected BusinessWednesday October 17 2012 www.ft.com/connectedbusiness | twitter.com/ftreports

The aftermath of the financialcrisis has left banks andfinancial services companiesfacing the challenge of re-inventing themselves in an

industry being reshaped by mergers,regulatory change, cost cutting andpersistent security threats.

In this era of rapid change,commoditisation and consumerisationhave thrust the financial servicesindustry into the centre of whatresearch firm Gartner calls a nexus ofconverging forces – these can bedefined as social networks, mobiledevices, cloud-based resources and thesheer amount of information, so-calledbig data.

But this also presents an opportu-nity for forward-looking financialservices firms to investments in their

IT and use the technology now attheir disposal to drive innovation andcreate financial growth.

Jean Lassignardie, chief sales andmarketing officer of Capgemini GlobalFinancial Services, says: “For years,financial institutions have had tofocus on cost cutting, operationalimprovements and process efficienciesto stay competitive and improvemargins.

“Technology was on the backburner as IT budgets shrank andfirms continued to rely on legacysystems. But customer demands havegrown increasingly sophisticated andtoday technology is seen as a keyenabler for the financial servicesindustry.

“Technology not only driveschange and innovation but also helps

companies adapt to meeting customerdemands while meeting complex regu-latory requirements and reducingoperational costs.”

Although the financial servicesindustry encompasses a wide range ofinstitutions, from commercial banksand insurance companies to invest-ment banks, trust firms and broker-ages, many of the issues they face arethe same.

As Tom Durkin, Bank of America’sglobal head of integrated channels,says: “Banks are challenged withregulatory and information securitydemands and we are getting pressureacross the board. But how we keep ontop of that presents an opportunity touse investment to upgrade technol-ogy, leverage it and better positionthe organisation for long-term growth,not just holding on to what you havetoday.”

Like many others, Bank of America,has also looked to IT systems, andenterprise resource planning softwarefrom provider SAP in particular, toaddress the growing complexity of itsIT systems after a string of mergersand acquisitions.

Don Trotta, global head of bankingindustry development at SAP, says:

“The main challenges banks discusswith us almost always fall into threeareas – risk and regulatory compli-ance, reducing cost and complexity intheir legacy environments, and find-ing new paths to growth – largelythrough transforming to a more cus-tomer centric model in the mobile,multi-channel world we live in.

“IT can be the difference maker onall three fronts,” he says. “Banks dorecognise these challenges as reflectedby the fact that bank IT spending ispredicted to grow incrementally overthe coming years. But the key is toshift the mix from spending much ofit on maintenance to more of it oninnovation. Unfortunately, this is nothappening fast enough. Banks need tofundamentally change their

Continued on Page 2

Focus turnsto IT as toolfor growth

The financial services sector has been usingtechnology to keep pace, writes Paul Taylor,but it now needs to be used for innovation Long-term imperative: banks need to use the latest trends in technology to retain customer attention Alamy

‘Customer demands havebecome sophisticatedand technology is nowseen as a key enabler’

The global financial serv-ices industry has been apioneer when it comes toIT outsourcing, overtakingmost other sectors in termsof deal volumes and values.

More recently it has beena much-needed bright spotfor providers strugglingagainst the effects of thedebt crisis in Europe andthe anti-offshoring rhetoricof the US presidentialcampaign.

Figures from EverestGroup, a research company,indicate that in the secondquarter of 2012, the numberof across the board new ITand business process out-sourcing (BPO) contractsworldwide fell for the fifthconsecutive quarter, thistime down 7 per cent fromthe first quarter. Mean-while, annual contractvalues (ACVs) for the quar-ter – measured by dividingthe value of a contract byits duration in years – weredown 25 per cent.

Acting as a bright spot inthe gloom, however, is thebanking, financial servicesand insurance (BFSI)sector, which beat all othersin terms of transactionvolumes for the quarter.ACVs, meanwhile, rose 61per cent.

This will be a relief tooutsourcing vendors, whosaw revenues from thisimportant customer sectorstumble in the wake of the2008 global financial crisis.

“The immediate resultwas a complete squeeze onnew projects,” says NG Sub-ramaniam, president of TCSFinancial Solutions, part ofIT services company TataConsultancy Services.

However, this has begunto change, he says. “In thepast 18 months, most bankshave figured out that thiscontinued state of uncer-tainty is the ‘new normal’and that, even when there’suncertainty in the externalenvironment, they still need

Banks juggle service providersas they strive to save moneyOutsourcing

Lenders are averse togetting one outsiderto provide for alltheir IT needs, saysJessica Twentyman

to focus on strategy.”For many, cutting the

costs associated with IT hasbeen high on the strategyagenda, driving them backto the outsourcing industryfor help.

After all, cost is a bigdriver of outsourcing acrossall industry sectors. In arecent survey conducted bymanagement consultancyKPMG, 70 per cent ofrespondents cited it as areason to outsource func-tions to a third-party.

That said, it is difficult tokeep driving costs downonce a service is success-

fully “bedded down” with aprovider. As a result, thenext goal for many hasbeen to use outsourcing todrive growth.

New initiatives in finan-cial services companies,says Mr Subramaniam, tendto focus on customer-facingservices, for example, inter-net and mobile banking,more efficient call centres,faster claims processingand loan approval.

These are high-profile,front-office projects that

most banks prefer to keepin-house, but if back-officefunctions are outsourced,in-house resources can befocused on more money-making parts of the busi-ness.

“In effect, what we seefinancial services compa-nies doing is milking theback office to feed the frontoffice,” he says.

At many institutions, thiswill result in smaller, morestrategic outsourcingcontracts, issued across abroader range of suppliers,as different elements ofthe IT infrastructure comeup for reassessment orrenewal.

But this raises challenges,says Jonathan Cooper-Bagnall, head of globalsourcing at PA Consulting.“In the past, financial serv-ices companies were happyto sign megadeals, wherethey hosted all the infra-structure, applications andapplication developmentover to a single provider forone big fee,” he says.

For many reasons, bothfinancial and reputational,the industry is now prettyaverse to these big con-tracts. Instead, they areincreasingly multi-sourcing– using different vendorsto provide differentelements of IT need.

“The difficult thing is,who do you get to manageit all? What’s the best wayto get providers to collabo-rate? How are you going toensure that they all stick to

‘Financial servicescompanies aremilking the backoffice to feed thefront office’

their service-level agree-ments and how do youdecide who’s responsiblewhen something goeswrong?” asks Mr Cooper-Bagnall.

The answer that isemerging is to create afunction with responsibilityfor overseeing the entireoutsourced portfolio. This issometimes referred to asservice integration, or serv-ice integration and applica-tion management, and it isincreasingly being offeredby outsourcing companiesthemselves.

For many customers,however, the idea of havingone outsourcing companymanaging others objectivelyand fairly seems fraughtwith risk.

For that reason, some arehiring people with thenecessary experience inmanaging outsourcing serv-ices to work in-house.

In this respect, financialservices companies areprobably better positionedto put together serviceintegration teams thancompanies from othersectors, according to SteveTuppen, partner at Informa-tion Services Group, anadvisory firm.

“The decision aboutwhether a company buysservice integration from themarket or develops it in-house depends on the levelof maturity that it has withoutsourcing,” he says.“Some of the retail banks,for example, have a veryhigh level of maturity andmay well decide to developservice integration usinginternal teams.”

At present, however,there is a dearth of formalaccreditations in the area ofservice integration and anacute shortage of individu-als with the right skills andexperience to manage end-to-end delivery of multipleproviders.

“I’ve spoken to IT leadersat two major financial serv-ices firms in the past coupleof weeks about multi-sourc-ing and they’ve both toldme that deciding howthey’re going to managegaps in service delivery andcreate an integratedapproach is the biggeststruggle they face with out-sourcing right now,” saysMr Cooper-Bagnall.

One outsourcing company managing others seems risky AP

2 ★ FINANCIAL TIMES WEDNESDAY OCTOBER 17 2012

The UK’s Financial ServicesAuthority announced inSeptember it would beef upits existing Zen transactionreporting software with anadditional monitoringsystem acquired fromNasdaq OMX, the USexchange operator.

The system, known asSmarts, will increase theFSA’s ability to keep an eyeon banks and other finan-cial institutions tradingsecurities in London.

The upgrade is a smallpart of the battle waged byregulators globally to keepon top of the ever moresophisticated automatedtrading in banks. Thespread of high-frequencytrading across the worldhas given an added urgencyto the process.

“Only in the fairly recentpast has the regulatorstarted to get serious aboutthe data it takes from thefinancial services industry,”says Andy Whitton, partnerin the data analytics prac-tice at Deloitte. “Regulatorsare now more comfortablewith using data than theywere 10 years ago.”

John Macdonald, directorof IBM’s Risk Analyticsbusiness, which suppliesrisk assessment software tobanks and regulators, says:“Financial institutions usedto file reports but increas-ingly the regulators are ask-ing for the raw data, notjust results, and runningtheir own tests. They com-pare the results of theirown tests with what thefirm says. They are alsoincreasing the frequency,asking for daily returns.”

Zen itself is a relativelynew addition to the FSA’sarmoury, having replaced aprevious system known asSabre II in August 2011. Itcollects and interrogatesthe returns that firms arerequired to submit on theirtrades. It allows the regula-tor to sift vast quantities ofdata in a hunt for anoma-lies and suspicious tradingpatterns that might showup front-running (tradingahead of a client order) andinsider trading.

Increased surveillancebeing brought in by theFSA and other regulatorsacross Europe marks aresponse, in part, to thewider range of securitiesthat will be covered byMifid II, the second Marketsin Financial InstrumentsDirective that is working itsway through the Europeanparliament. The revisionsproposed for the originalfive-year-old directivewill include extra elementsof transparency, particu-larly for the over-the-coun-ter debt and derivativesmarkets as well asmeasures to reduce high-frequency trading.

But how good are regula-tors’ software systems andare they capable of keepingup with those employed bybanks? Opinions differ.

“Regulators generally arebehind in dealing with theregulated entities and inproviding guidance as towhat approach they shouldtake,” says AlistairMaughan, partner at lawfirm Morrison & Foerster.“The FSA is taking a longtime in producing guide-lines on, for example, cloudcomputing or the consumer-isation of IT. A more proac-

tive approach would helpthe industry.”

But Risk Analytics’ MrMacdonald thinks regula-tors are in a stronger posi-tion. “They can say whathas to happen so it putsthem ahead of the game.The regulator says to thebank: ‘We require you toinvest in technology so weknow what you are doing.’

“We provide banks withthe software to measurehow much capital they areusing and to carry outstress testing. Regulatorsuse the same software toassess risk. They mighttake a different view of thetype of test applied but theyuse the same principles.”

The Smarts software isused by regulators globally,as well in brokers’ compli-ance departments.

While the regulators havefinal oversight of the firmswithin their jurisdictions,regulation depends in parton self-regulation under-taken by the financial insti-tutions themselves.

The FSA says: “The pri-mary tool we use is thefirms themselves reportingsuspicious transactions.The onus is on the firm.”

Morrison & Foerster’s MrMaughan agrees. “The obli-gation is on the firm. Theyhave risk committees tooversee how the firm organ-ises its technology to servethe customer and mitigaterisk.”

However, as severalrecent instances of tradingtechnology failures haveshown, financial sectorfirms are not always mas-ters in their own house.Knight Capital suffered adisastrous meltdown inAugust when newly

installed trading softwaresent erroneous orders forNYSE-listed securities, cre-ating a $7bn position thathad to be unscrambled at aloss. This followed the so-called “flash crash” in NewYork in May 2010, when theDow Jones Industrial Aver-age tumbled hundreds ofpoints within minutes onlyto rebound later.

These incidents sent regu-lators everywhere scurryingto strengthen their controlsover algorithmic and high-frequency trading. TheEuropean Securities andMarkets Authority hasissued guidelines requiringinvestment firms to providea feed of orders in as closeto real time as possible andto have staff present tomonitor their systems. TheUS Securities and ExchangeCommission is speeding upthe writing of rules to makemandatory guidelines overcomputer systems in placeof the voluntary basis thathas existed since 1987.

Serious computer failuresof this sort are not the sameas the market and creditrisks regular monitoring oftrading is designed to spotand prevent. But they dorepresent an operating riskto the firm involved and tothe wider markets.

“Firms have a responsibil-ity to ensure their auto-mated trading systems aresafe,” says Rajesh MenonPudukulangare, financialservices partner at Infosys,a consulting and IT servicesprovider.

Watchdog getsSmarts to keepeye on dealsRegulation

FSA steps upmonitoring, reportsCharles Batchelor

‘Regulators aremore comfortablewith using datathan they were10 years ago’

Financial regulations arecomplex, and every freshpiece of legislation aimed atbanks generates a smallindustry to comment andadvise on it. But by anystandards the US Dodd-Frank Wall Street Reformand Consumer ProtectionAct of 2010 stands apart.

The act, named after twoof its architects in the USsenate, Christopher Doddand Barney Frank, is a vastweb of provisions that aimsto curb the rash decision-making that led to the sub-prime mortgage crisis. Itconsists of some 400 rules,of which half are yet to berolled out.

Robert Simpson, vice-president for global finan-cial compliance at US soft-ware house Verint, admitsDodd-Frank is “an unfin-ished symphony”.

He says that it joins along list of legal enactments

from around the globe thathave profound implicationsfor any actors in interna-tional financial markets.

Mr Simpson ticks off justa few of the areas Dodd-Frank covers, such as capi-tal adequacy and the rela-tionships between invest-ment and retail banking.With so much global finan-cial trading activity passingvia the US, the effects of theact will be felt worldwide.

Yet Verint is not alarmed.Its own financial tradingImpact 360 product is beingexpanded to cover the act’sprovisions, many of whichboil down to demands forstorage of voice or instant-messaging communications.This extends the existingconcept of email captureand storage, not in itself ahuge problem. “Our chal-lenge is to work out how toextract the information andpresent it in a usable formfor compliance purposes,”says Mr Simpson.

Prasad Chintamaneni ishead of global financialmarkets at Cognizant, a US-based IT outsourcer operat-ing worldwide. Financialsector clients make up 40per cent of its business.

Mr Chintamaneni now

adds the US ForeignAccount Tax ComplianceAct to the list of laws ITstaff have to wrestle with.For Cognizant, revising pro-cedures to take account ofregulatory change is not aproblem. Mr Chintamanenithinks it is where the fund-ing comes from that willcreate difficulties furtherdown the road.

Banks have to spendmoney on matching soft-ware to changes in law.“We find that regulatorywork takes up fundsreserved for new initia-tives,” says Mr Chintama-neni. This hidden cost mayundermine the ability ofsome institutions to main-tain a cutting technologicaledge, he says.

Are some staff annoyed athow regulation and compli-ance costs are eating awayat their plans? Yes, says MrChintamaneni. “It is anongoing frustration forthem.”

The good news is theplethora of rules emanatingfrom the 2008 financial cri-sis and other banking scan-dals will settle down afterthe next three years or so,leaving institutions toregain the balance between

statutory duties and invest-ing in future capabilities.

Meanwhile, there is nogetting away from regula-tion. Andrew Whitton, apartner at business advisersDeloitte, the professionalservices firm, says: “Theseregulatory projects take thenumber-one priority. Asthey have a legal deadlinethey trump all othermatters.”

He notes that thetimescale of regulatorychange usually leaves IT

departments with sufficientwarning to adapt. “Mostnew laws have a 12-24month lead time. If there’sa call for entirely new sys-tems, then big banks will beable to invest significantsums in developing themwhile smaller institutionswill be able to find a soft-ware package to meet therequirement.”

However, Mr Whittonagrees the current wave ofregulatory change is havingunforeseen consequences.“There’s a mood in IT thatthere has been so much reg-ulatory change that it is sti-fling the ability to createnew business.”

The giant presence in anydiscussion of corporate gov-ernance is the Sarbanes-Oxley Act, a huge piece ofUS legislation that came todefine a whole generation’sattempt to keep business ona morally competent level.Yet, in the decade since itarrived, scandals have beenplentiful, in and outside thefinancial sector.

David Curran, chief exec-utive and founding memberof Boston-based Risk Readi-ness Corporation, is a USlawyer who thinks that thequestion of compliance with

regulations needs a newapproach.

His opinion is reinforcedby a recent conversation hehad with Senator Paul Sar-banes. “I talked with himabout this and he agreedthat the whole goal was tobring about more visibil-ity.”

Mr Curran believes thatcompliance and the toolsused to meet it are toofocused on reporting tointernal committees. Itneeds to extend and engagewith the entire spectrum ofcorporate lawyers and audi-tors.

RRC is devising a seriesof legally approved signifi-cant points in a company’slife, such as post-mergerintegration or supply chainmanagement, where poten-tial breaches of complianceshould become evident.

A software tool that pullsthese strands together issold as part of RRC’s con-sulting package and is allabout making any flaw sovisible that it will be impos-sible to ignore.

The crux of RRC’s propo-sition is not technology, butdisplaying potential prob-lems in a way that shouldguarantee a response.

Compliance costs eat into plans

The Securities and ExchangeCommission, the US equitiesregulator, last month, and forthe first time, fined a stockexchange for breaking rules.

The levy of $5m against the NewYork Stock Exchange was unique asexchanges enjoy a quasi-governmen-tal legal status as “self-regulatingorganisations”, which gives them cer-tain exemptions denied other marketparticipants. It also marked a newpoint in an continuing battle forauthorities to monitor effectivelyhigh-speed trading in the market.

The SEC alleged compliance failuresat the Big Board “gave certain cus-tomers an improper head start ontrading information” over a two-yearperiod. It argued the NYSE had feddata through two proprietary feeds toits proprietary customers. However, athird feed that sent data to the consol-idated tape, a publicly available repos-itory of trades and quotes, sometimeshad software issues that slowed dis-semination over a range of times,from milliseconds to several seconds.That final point, the SEC alleged, rancounter to regulation that held thepublic should have fair access tocurrent market information.

The customers that benefited fromthe faster information were the oneswho had paid for it; high-frequencytraders. As an industry it has grownin the past five years to account forthe majority of daily trading on USequity markets and around a third inEurope according to analyst esti-mates. It is also common in exchange-traded derivatives, currencies, andincreasingly, commodities.

Typically conducted by investorstrading their own capital, these trans-actions rely on superfast computers,and algorithms and automation tohold positions in assets for fractionsof seconds. Trading strategies areplotted by analysing data rather thandetermining an asset’s fundamentalvalue. Their rise was aided by fallingtechnology costs, decimalisation ofasset prices and the fragmentation oftrading across trading venues –ironically something made possible inthe same legislation that NYSE wasaccused of contravening.

As high-speed trading becomes abigger part of daily transactions, sodoes their importance to exchanges’profits. But their emergence also cre-ated a race for greater speed. Mostmarket participants – banks, otherinstitutional traders and exchanges –argue they need similar tools to reactquickly so orders are not left exposedas prices move in microseconds.

This focus on technology and auto-mated trading has thrown up an ever-growing list of high-profile mishaps.Facebook’s stock experienced a tech-nical glitch when its shares debutedon Nasdaq OMX, a technology issuekilled the initial public offering ofBATS Global Markets on its own mar-ket, while Knight Capital Group lostnearly $10m per minute for 45 min-utes in August.

According to an August 2012 TabbGroup survey, carried out only daysafter the Knight incident, half of buy-side survey respondents had weak orvery weak confidence in today’smarkets, and two-thirds want regula-tors to act very fast or extremely fast

to protect markets from flawed tech-nology, as did almost 60 per cent ofsell-side respondents.

Mary Schapiro, chair of the SEC,last week said the Knight problem,with the IPO mishaps, was the resultof basic technology issues.

But each mishap has led to greaterscrutiny not only of electronic traders– who have had little outside atten-tion – but also the technology theyuse and the organisations that facili-tated their trades, such as exchanges.Hence why the SEC’s charge laid outa marker to the industry.

In response to growing criticismfrom investors, exchanges around theworld have introduced rules aimed atmaking such trades safer for all.Ratios determining the number oforders investors can send and cancelbefore they are required to execute atrade have been tightened, while USexchanges have introduced circuitbreakers for stocks, although the defi-nition of the parameters that will tripthem remains a contentious issue.

The lines between trading and tech-nology have become blurred even to

experienced executives. Reutersquoted Tom Joyce, chief executive ofKnight Capital, as saying: “Regula-tory risk was not our biggest issue,operational risk was, and we unfortu-nately proved it.”

A study by the Federal Reserve ofChicago found that, when left to man-age risk by themselves, many high-frequency trading firms tended to cutcorners to pursue profits.

Regulators, it seems also remainwary. A few days after the SEC tookaction against the NYSE, Germanypressed ahead with a bill to forcehigh-speed traders to be certified andpoliced by exchange operators and thenational financial regulator, who willhave access to their trading algo-rithms at all times.

On the same day the European par-liament voted to introduce a mini-mum resting time of half a second fororders on markets as part of an over-haul of Europe’s financial markets.

That demand may yet be removedfrom the final text of the legislationbut it is clear technology issues arenever far from regulators’ minds.

Mishapsprompt greaterscrutiny of highspeed traders

Computer errors Exchanges are acting tomake dealing safer, saysPhilip Stafford

Fast pace:high-speedtrades areimportant toexchanges’profitmarginsBloomberg

Act architects: ChristopherDodd, left, and Barney Frank

traditional legacy ITapproach of proprietaryhomegrown banking sys-tems to accelerate thistransformation.”

Some financial servicesfirms have begun this proc-ess. For example, Toronto-based Home Trust, whichprovides deposits, mortgageand credit card services toclients whose needs are notaddressed by larger, tradi-tional financial institutions,is using SAP’s Bank Ana-lyzer and HANA in-memorycomputing technology tospeed up report generationand help manage risk andmake faster decisions.

Continued from Page 1 Martin Reid, HomeTrust’s president, says:“The key is to have infor-mation, not data, in front ofyou as quickly as possibleso that you can identifychanges in trends and cer-tain variables, understandthe risks within your port-folio and manage that.

“The sooner we can getthe information the better,and the more granular [thatinformation is], the morethat we can deal with thatinformation, the better.”

Indeed, as global manage-ment consultant Accenturenoted in a recent report:“To achieve and sustainhigh performance in the

future, traditional commer-cial banks across the worldwill need to master two fun-damental changes: thetransformation of theirproduct offerings, channelsand customer service toreflect the demands of the‘changing consumer’ (con-nected, impatient, empow-ered, and demanding ofservices that meet theirindividual and social needs)and the reshaping and rein-vention of their core bank-ing operations to enable amore competitive, custom-er-centric, efficient and sus-tainable business model.”

The report’s authorswarned that: “A failure to

achieve either of theseimperatives will exposebanks to disintermediationby nimble, low-cost onlineand mobile providers of per-sonal financial managementand payments services –resulting in loss of rele-vance to customers and,therefore, their prominencein the financial servicesvalue chain.”

An awareness of theserisks is driving IT invest-ment in many large finan-cial services firms andbanks. For example, WellsFargo is undertaking atechnology upgrade focusedon expanding thebank’s corporate data and

analytics capabilities.Jim Smith, Wells Fargo’s

chief information officer,says: “What we’re trying todo is pull together what hadbeen a very distributed net-work of data environmentsand analytics teams into amore centrally and strategi-cally managed data group.

“We are investing in whatwe’re calling ‘foundationaldata’ or what other peoplemight refer to as ‘masterdata’, so that we have acommon view, understand-ing and definition of cus-tomers and products.

“We want to have oneversion of the truth. Thatwill enable us to have more

consistency in the tools weuse, the approaches we’retaking and how we managerisk.”

He says big data and newanalytics software can givebusinesses insights intowhat customers want andenable the bank’s businessunits to make better deci-sions.

“A 360-degree view of acustomer becomes muchmore important whenyou’re focusing your timeon cross-selling to a cus-tomer,” he says. “Then youreally need to know asmuch about them as yoursystems can tell you, firstto understand your risk,and so you can get a com-plete view of a client interms of their business.”

But unfortunately, asCapgemini’s Mr Lassignar-die, says: “The focus on reg-ulatory compliance canchallenge banks’ capacity toundertake customer centricinnovation. For example,partly as a result of the

eurozone debt crisis, Euro-pean banks are complyingfaster than originallyexpected with the Basel IIIobjectives, but as a resultthey have less capacity tofocus on innovation.

“Customer-centric innova-tion, which has been suc-cessfully undertaken [inother sectors], is key toremaining competitive.”

Mr Lassignardie believesthe sector needs to invest inflexible payment infrastruc-tures. “With the growth ofelectronic and mobile pay-ments accelerating fasterthan many predicted, theimperative now is to driveinnovation,” he says.

Focus turns from maintenance to IT as a tool for growth

‘The key is to haveinformation, notdata, in front ofyou quickly’

Software

The price of keepingup with new laws isoften hidden, reportsMichael Dempsey

The Connected Business

FINANCIAL TIMES WEDNESDAY OCTOBER 17 2012 ★ 3


A search on Twitter for thenames of the world’s big-gest banks calls up plentyof expressions of dissatisfac-tion, if not outright hatred.Like it or not, banks have apresence on social media.

Yet, when it comes totheir ability to be initiators,rather than the targets, ofsuch communications,many argue that mostfinancial sector companieslag behind other industries.

The launch this month ofThe Vital Few – a disclo-sure initiative helping ordi-nary people with pensionaccounts use social mediato demand from pensionfunds greater transparencyon carbon use and climaterisk – underlines the pres-sure banks are under toengage widely with clients.

In some ways, their cau-tion regarding social mediacan be forgiven. As part ofa heavily regulated indus-try, banks have to tread acareful path when commu-nicating with customersand clients. And, in manyinstances, regulation issimply failing to keep pacewith technology.

“Every message thatbanks and financial institu-tions have with clientsmust be audited,” says Jus-tin Peyton, director of strat-egy at LBi, a marketing andtechnology agency. “Theaudits and tracking theyhave to do is so severe,there is a legitimate reasonwhy some of them areapprehensive about socialmedia.”

Financial sector organisa-tions are not generally setup for the kinds of rapidresponses demanded bysocial media in a worldwhere users want responsesin seconds.

Traditional banking com-munications have tended totake place face-to-face, inthe branch or by phone, orhave taken the form of one-way communications, suchas advertising and accountstatements.

But the biggest challengeis not in the technology, butin change management,says Pierre-Yves Glever,head of consulting firmCapgemini’s financial serv-ices global business unit.

Security fears are anotherbarrier to greater customerinteraction. “People havebeen trained to be carefulwith what information toreveal relating to financialmatters,” says Nathan Sage,

a social media expert at PAConsulting. “So even with alegitimate channel providedby a bank, there’s a chal-lenge as to whether or notpeople will use that.”

Some banks are gettingaround security issues byusing sites such as Face-book, but moving them todedicated bank web pageswhen it comes to enteringany security details.

Mr Glever believes thisapproach has potential, par-ticularly for younger, moretech-savvy customers.According to data from BTas part of its Youbiquityresearch, 25 per cent of 16-24-year-olds would like touse video chat to speak to abank. Even so, obstaclesremain.

“Banking just isn’t thatinteresting,” says MarkGuinibert, a partner atKPMG Management Con-sulting. “If you’re Sony,Nike or Apple, people wantto engage.”

By contrast, says MrGuinibert, consumers want-ing to find out about, say,the range of interest-onlymortgages on the market,are unlikely to turn tobanks for information.

Some banks have usedsocial media to identify theinterests of customers andoffer them related deals.

Examples include Ameri-can Express’s “Link, Like,Love” Facebook application– allowing card members tolink their cards to the pro-gramme, choose deals andhave credits sent to theiraccounts for use in partici-pating shops – and Bank ofAmerica’s BankAmeriDeals– which allows customers touse a mobile app to choosedeals at selected shops andrestaurants and have cashautomatically credited totheir account.

Banks also use socialmedia to engage consumersthrough sport or charitysponsorships. Chase, forexample, has done thisthrough its annual ChaseCommunity Giving pro-gramme, in which the bankallows Facebook users tovote on which charitiesshould receive a share of itsphilanthropic funding.

Banks are also usingsocial media in other ways.For example, aggregation ofdata from Twitter can pro-duce valuable informationon market trends.

“There are some excitingthings around predictabil-ity, giving banks an indica-tion as to where a marketmight be going,” says MrSage. “And banks are usingsocial media to identify any-thing that shouldn’t be hap-pening, such as fraud ormis-selling.”

But, when it comes to car-ing for their own reputa-tions, Solitaire Townsend,chief executive of Futerra, asustainability communica-tions agency, believesbanks are missing a criticalopportunity. “Lack of trustand unhappiness with thebanks rages across socialmedia – but none of thebanks are using socialmedia to confront that.”

Lenders fail tocapitalise onsocial mediaPublic relations

Sector needs torefine web presence,says Sarah Murray

‘There is alegitimate reasonwhy some banksare apprehensiveabout social media’

The banking and insuranceindustries are used to han-dling vast volumes of datarelating to payments andloans, policies and claims.

But how are they responding to thechallenge of “big data” – the currentbuzzword in the field of IT used todefine the sheer amount of informa-tion institutions have to deal with?Some experts think they still havesome way to go.

The amount being generated nowthreatens to overwhelm the ability ofconventional software tools to captureand process the information in a rea-

sonable time. IBM, the technology andconsulting group. calculates thatevery day 2.5 quintillion bytes of dataare produced – a quintillion is 1followed by 18 noughts – with theresult that 90 per cent of the data inthe world today has been created inthe past two years alone. Alongsidestructured data, including sales fig-ures and share price movements, is anincreasing amount of so-calledunstructured data, such as emails,posts to social media sites, digital pic-tures, videos and text messages.

Rashmi Joshi, assistant directorforensics and fraud at Ernst & Young

UK, says: “Organisations are onlymaking use of 20 per cent of the totaldata available. Most of the unstruc-tured data are not being analysed yet.There is only a limited number oftechnologies to sift through it.”

Edwin van der Ouderaa, managingdirector in financial services analyticsat Accenture, adds: “A lot of whatfinancial services organisations aredoing is actually normal analytics.Big data is a question of petabytes [10to the power of 15] and exabytes [10 to18] of information and the technologyyou need for that is very different. Ihave not seen a lot of banks that have

introduced big, mature applications.”Steve Shelton, head of data services

at BAE Systems Detica, thinks invest-ment banks are farthest advanced inusing big data because “their businessmodel involves good analysis anddoing it fast. The retail banks aremore focused on driving value out ofthe transactions and payments datathey already have rather than miningseries of unstructured data”.

The insurers offering personal lines– motor and home insurance – havenot had a need for a big dataresponse, though the introduction ofin-car devices to record driver behav-

iour will provide masses of data thatthey will need to process, says MrShelton.

Much of the big data developmentwork in financial services organisa-tions has been focused on improvinginternal procedures of risk assessmentand fraud prevention. However, thereare some examples of companies thathave applied data analytics to directlyserving customers.

ZestFinance, a US lender to borrow-ers with poor credit ratings, used bigdata technology to assess its custom-ers. People who took a long time read-ing its terms and conditions, estab-lished by tracking software such ascookies, were judged a good risk. Thecompany has since moved out of loansbut sells its analysis to other lenders.

Visa, the credit card provider, wentinto partnership last year with Gap,the clothing retailer, to alert custom-ers by text message to discounts innearby stores. With the customer’spermission, Visa uses the data fromits global transaction processing net-work to see where the customer lastmade a purchase in same district.

Although the banks process thepayments that underpin these trans-actions, they face similar privacyissues to those that have caused prob-lems for Google and other internetsearch engines, and it is unclear howthey might benefit from the informa-tion they acquire.

There are also other barriers thathave held up the sector’s response tothe challenge of big data. There is ashortage of the statistical, IT and dataanalysis skills needed to collect andinterpret the information. These, inturn, need to be paired with detailed

knowledge of the business and con-text in which the data are to be used.

A further challenge is the frag-mented nature of governance in manylarge organisations. Accenture’s MrVan der Ouderaa says a lot of thesetechnologies cross barriers. “Depart-ments such as risk, treasury andfinance have to learn to worktogether.”

Paul Thomalla, managing directorfor Europe, Middle East and Africa atACI Worldwide, a supplier of elec-tronic payment software, says: “Thelarger banks may have 20 or 30 differ-

ent methodologies for making pay-ments. We talk to the banks aboutunifying their systems. At themoment social media are not even inthe picture.”

But others believe big data isbecoming a tool for business. JojyMathew, global practice leader forenterprise information managementat Capgemini, identifies eight keyareas for action, including sentimentanalysis – for example, social mediacomments that can affect a brand,fraud detection and “next best cus-tomer action”, tailoring customer con-tact to the last interaction, which mayhave been a complaint.

Business yet torespond to bigdata challenge

Information analysis Financial industryfaces huge barriers, reports Charles Batchelor Key facts: insurers will need to start assessing driving performance data Dreamstime

20%Estimate of the amount of big databeing used by most organisations



When Carnegie MellonResearchers scatteredmemory sticks on pave-ments outside govern-ment offices and in car

parks as part of an investigation intoillicit cyber activity in US financialservices, they got some amazingresults.

Some 60 per cent of the picked-upsticks were plugged into office com-puters. For those sticks bearing anofficial US government logo, the fig-ure rose to 90 per cent, according to areport published in July.

Such tactics, known as “pavementhacking”, work, says John Skipper,information security expert at PAConsulting, because a surprisingnumber of people are naive. “Theysuccumb to their natural curiosity tosee what information is on uncheckeddevices.”

Such curiosity can result in datatheft, sabotage and reputational dam-age. The costs of cyber crime rangefrom an average annual $3.3m fororganisations in the UK, to $8.9m inthe US, says Michigan-based PonemanInstitute, a research body.

Individual incidents can be muchmore expensive. Sony spent $171m

recovering from the leak of 77m of itscustomer records last year.

The commonest type of cyber attackin the UK is denial of service, whileUS companies are more likely to bevictims of ill-intentioned insiders,malicious code and web-basedincidents.

Many attacks are unsophisticated.The Carnegie Mellon report foundlow-grade action over a long timecaused most damage, says Mr Skipper.“Simple vulnerabilities were beingexploited, for example by peoplewhose access hadn’t been revokedafter being made redundant.”

Technology trends such as out-sourcing, cloud computing, socialmedia and the use of personal devicesfor work are exacerbating securityrisks, so how can organisations pro-tect themselves?

It is impossible to secure every-thing, says Richard Archdeacon, headof security strategy at HP EnterpriseSecurity. “You have to take arealistic, pragmatic view rather thanthe old, blanket, one-size-fits-allapproach.”

This requires an overview thatsimplifies the picture and integratesorganisations in the wake of mergers

and acquisitions. Risk managers andchief information security officershave an increasingly complex taskbecause they must be part-technolo-gist, part-lawyer and part-psycholo-gist, says Mr Archdeacon.

They also need a grasp of compli-ance across multiple jurisdictions,because rules such as the level ofpassword protection required forfinancial transactions vary from oneto the next.

An important skill is the ability tounderstand how attackers’ mindswork, says PA’s Mr Skipper. “Youneed people who can think as sneak-ily as the cyber criminals, and havethe insight and expertise to test outtheir ideas.”

Allan Boardman, international vice-president at ISACA, a worldwide asso-ciation of security professionals,points out that lots of areas are stillquite new in legal terms.

“If employees bring personaldevices to work for use with corporateapplications, their equipment can beseized for evidence in court,” he says.“A device that is subject to a courtorder becomes the organisation’s,including any personal data on it. Butsome of this is untested.”

Overcoming the silo mentality prev-alent in financial services is crucial tosecurity, says Mr Boardman. Peopleneed to include risk from the begin-ning of a venture, rather than boltingit on later. “Too many slip-ups happenbecause product speed is everythingwhen a business is under pressure.”

The growth in outsourcing andcloud computing also creates securityrisks, says Rupert Alabaster, directorof professional and financial servicesfor BMS Group, an insurance broker.

Every time data are transferred,there is an opportunity for criminals,he says. “The problem is that, how-ever robust an organisation’s internalsecurity, subcontracting data manage-ment to third parties reduces it to theweakest link in the chain.”

Social media create further hazardsas people often reveal sensitive infor-mation about past and presentemployers. Even just a name andcompany on Facebook or LinkedIncan be a trigger to a hack, says MrAlabaster. “Citing IT projects or soft-ware you have worked on will helphackers find the loopholes. They areconstantly trawling these sites to getclues for fast-track entry.”

Employee handbooks need to warn

staff of these risks, he says. Organisa-tions should also have strict processesfor deleting data from defunct devices.Apart from the risk of stolen databeing misused, there can be signifi-cant damage to reputation.

When a computer discarded byMorgan Grenfell was found to containfamed musician Sir Paul McCartney’sbanking details, reputational damagewas estimated at £10m to £12m. “Youwould be amazed at the number ofobsolete servers still lying aroundwith valuable data on them.”

All this is partly about educationand raising awareness – about dodgymemory sticks, for example, says MrBoardman.

And money has become tighter,says HP’s Mr Archdeacon. “Five yearsago, banks were spending about 8 percent of their IT budget on security.That’s risen to 10 or 11 per cent, butnow there is much stricter control ofwhere that money is being spent.”

Financial institutions are seeingtheir security problems more clearly,but investment banking and insur-ance have some way to go to catch upwith the retail sector, says PA’s MrSkipper. “Retail banks are moreaware of the dangers.”

The speed with whichinvestors and institutionalinvestment managers havetaken to portable comput-ing devices has forcedfinancial services firms torespond quickly or riskbeing left behind.

Most retail banks alreadyoffer mobile banking serv-ices, including in somecases the ability to checkbalances, transfer fundsand make payments. Somebanks, including Chase inthe US, have gone a stepfurther. Chase’s mobilebanking application isavailable for Apple iPhone,iPad, Android and Black-Berry handsets, andincludes a feature calledQuickDeposit that enablesusers to scan in cheques.

Generally investmentbanks are quite secretiveabout their mobile apps.However, beginning lastyear, a number of invest-ment banks launchedsmartphone or tablet appsto promote trading and cap-ital markets activity at atime of changing regula-tions and difficult marketconditions.

Among them were Deut-sche Bank, whichannounced 12 months ago itwould begin offeringresearch, trading and serv-ices, via an app store, mod-elled on those used formobile phones and tablets.

Deutsche’s app storegives clients the ability tocall up a variety of bankingservices from one program,with apps such as tradercommentary, research andpost-trade services joiningits existing Autobahn plat-form of algorithms andother electronic tradingtools, which trades curren-cies and precious metals.

“After the financial crisis,we started noticing agreater emphasis on ‘flow’products,” says SergeMarston, managing director

at Deutsche Bank, at thetime of the launch. “Theseproducts are more cost-effective, and much easierto mark-to-market, andthat’s where clients aremoving,” he adds. He pointsout that the Dodd-Frankreforms, which emphasisetransparency in how deriva-tives and other products aretraded and cleared, wasleading to an increaseddemand for such tools.

“There is a view thatthere should be a greaterlevel of transparencyoffered to market partici-pants, and people associatetransparency with elec-tronic services,” he adds.

Meanwhile, a number ofother banks have begungiving clients access totrade execution and othercapital markets servicesthrough mobile devicessuch as the iPad. For exam-ple, Citigroup launched aniPad app for issuers of secu-rities, allowing them totrack bids on equity salesas they come in.

Similarly Barclays Capi-tal created an iPad app thatincludes its Barx electronicexecution platform, andCredit Suisse has an app forits Merlin platform that exe-cutes foreign-exchangederivatives trades.

Some banks have usedtheir own internal ITresources to build mobileapps but, given the special-ised skills required, mosthave turned to externalcontractors. For example,eFinancialcareers, an onlinesite that tracks jobs in the

sector, reported this yearthat Barclays, DeutscheBank, HSBC, Lloyds,JPMorgan, Morgan Stanley,and RBS had all brought inteams of external develop-ers to work on mobile appdevelopment projects.

The eFinancialcareerssite noted in an article inApril: “At this point lastyear, the majority of invest-ment banks were looking tohire interaction designers,user-experience architectsand developers to createtrading apps for tablets andsmartphones.”

The same article addedthat UBS is believed to have

a team of about 30 peopleworking on a trading plat-form for tablets and smart-phones in London, usingthe services of RMA Con-sulting, a London-baseddigital design firm.

Investment managementfirms and brokerages arealso jumping on the mobil-ity bandwagon, designingand building and tabletapps clients can use totrack their portfolios, verifytransactions and, in somecases, to analyse exposureand risk.

Boston-based State Street,

which provides custodialand other services for insti-tutional investors, an earlyadopter of both smart-phones and tablets, was oneof the pioneers in this area.

Sixteen months ago StateStreet announced a mobileapplication for the iPadcalled Springboard, whichbecame available in theApple App Store lastautumn.

Springboard allows cli-ents to view essential port-folio information that isspecifically designed formobile users and uses thecontent and informationfrom State Street’s secureonline information service.It also provides a full suiteof market data and analysisapplications.

The app targets execu-tive-level portfolio and fundmanagers, and includes theability for users to viewtheir entire investmentportfolio at a glance, includ-ing risk-exposure analysis,net asset value summaries,and fund flows.

“As part of its multiyearbusiness transformationprogramme, State Streetcontinues to invest in newtechnologies, like mobileapplications, to introducenew or strengthen existingservices that meet thechanging needs of our cli-ents,” says Chris Perretta,State Street’s chief informa-tion officer.

“The rapid adoption ofthe iPad in the financialservices industry makes it anatural fit for our firstforay into mobile applica-tions for our institutionalclient base,” he adds.

State Street continues toexplore other businessapplications for mobiletechnologies while develop-ing additional device andoperating system deploy-ment plans for its Sprin-board app.

“Clients are increasinglyfocused on risk manage-ment and are relying onmobile devices more thanever for immediate accessto critical information in arapidly changing globalmarket,” says Pat Centanni,State Street’s head of globalproduct management.

Investment houses jumpon the apps bandwagonMobile devices

Specialists followretail banks’ lead,reports Paul Taylor

Cloud computing – thecommon term for acompany hosting computerresources, such as emailstorage, on external serversinstead of on servers in itsown premises – may bringprofound changes to thebanking and financial serv-ices sector.

“Cloud computing willincreasingly provide bankswith new lower cost operat-ing models thanks to virtu-alisation, greater automa-tion, and the ability to pushmore activities offshore,”Accenture, the IT consul-tancy, said in a report thisyear.

“As these benefits arerealised, banks will facedecisions regarding thebusiness case for movinglegacy systems [such asdata on existing internalservers] into the cloud orbuilding cloud-enabledassets that they will thenintegrate into the legacyenvironment.

“Banks are already mov-ing very aggressively tocloud and software as aservice consumption models[in which programs arehosted in the cloud] foralmost everything, usuallysupporting processes thatare not mission critical anddon’t need to be managedwithin their own environ-ment, things like humanresources and procure-ment,” says Don Trotta, glo-bal head of banking indus-try development at SAP,the software group.

“This allows them toreduce internal costs andcomplexity.”

But many are movingcautiously, in part becausedata privacy and securityregulations in many coun-tries prohibit storage andprocessing of customer dataoutside national borders.

Banks are also understand-ably wary of the potentiallydisastrous impact of a seri-ous breach of security orprivacy, or of even a brieffailure in areas such asATM operations, fraud mon-itoring or credit cardprocessing.

“Many banks, therefore,take the view that theyshould keep their corebanking processes undercomplete control in theirown data centre so theyknow where the data [are]at all times,” said theAccenture report.

Such caution is reflectedin comments by Tom Dur-kin, global head of inte-grated channels for Bank ofAmerica. “Cloud computingis certainly something weare evaluating,” he says.

But he adds: “There’s alot of focus on the securitythat goes with it. Obviouslywe’re talking more aboutprivate cloud type infra-structure [which limitsaccess and is protected by asecurity firewall] than pub-lic, but there’s also lots ofinternal education to be

done to get your risk andyour compliance folks edu-cated on what this means.”

But some newer bankshave incorporated so-calledmulti-tenant cloud-basedsystems (under whichsoftware is provided for theuse of many clients ratherthan for the use of an indi-vidual customer) into theircore banking activities.Examples include the UK’sMetro Bank and SofolTepeyac in Mexico.

Some US banks, includingAtlanta-based SunTrust, areusing the Varolii pay-as-you-go cloud-based voice

dialler to call customers toremind them to make pay-ments and prompt them todo so.

SunTrust says it hasreduced the number ofinbound calls to its call-cen-tre, saved between $8 and$25 per call, and cut firstpayment defaults by morethan 60 per cent.

Accenture adds thatprivate cloud models areplaying an increasinglypivotal role in core bankingactivities.

One example is WellsFargo, the San Francisco-based bank, which touts theadvantages of using cloud-like technologies to helpsteer the company througha three-year integrationproject following the $15bnacquisition of Wachovia,the financial servicescompany. “We think thecloud is here to stay, butnot a public cloud,” saysScott Dillon, executive vice-president.

Wells Fargo began by“virtualising” its servers –running software that ena-bles multiple applicationsto run on the same serverand still be managed asthough each has its owndedicated server.

The advantages of thisare much greater flexibility– you can add a virtualserver for a new applicationalmost instantly – andmuch more efficient use ofthe physical hardware. Forexample, 80 per cent usageof a server’s capacity

instead of 15 per cent.Additionally, by moving

to standardised software –programs used by everyone– it effectively made a pri-vate cloud inside its ownfirewalls. This enabled thebank to reduce its numberof data centres dramati-cally, cut the number ofapplications it was runningby 25 per cent to 3,000 anddecreased the time neededfor starting up a new appli-cation server from monthsto 10 days.

By the end of last year,almost two-thirds of thebank’s servers were virtual-ised and 80 per cent stand-ardised.

As a result, Wells Fargoachieved $1bn in savingswith a significant portionattributed to its infrastruc-ture efficiency effort.

“Because private cloudsare not exposed to external‘tenants’, banks tend toregard them as a moresecure environment for cus-tomer data,” notes Accen-ture, although the firm addsthat, “in many cases, thesecurity mechanisms put inplace by global public cloudproviders may actually bestronger than thosein many banks’ internalsystems”.

Over time, Accenturethinks that most banks arelikely to follow a hybridcloud strategy, which mayalso include a cloud ownedby and located in the bankbut operated by a third-party.

Institutions tryto find cloud’ssilver liningSystems management

Paul Taylor finds agrowing demand forexternal hosting

‘People associatetransparencyin the marketswith electronicservices’

Banks are wary of data breaches in sensitive areas Dreamstime

Modern trendsexacerbatesecurity risks,warn experts

Threats The more organisations follow theherd in terms of the technologies they use, thegreater the dangers, discovers Jane Bird

‘The security ofglobal public cloudproviders may bestronger than thatof many banks’

On FT.com »

ConnectedBusiness podcastCyber securitymonth andEurope’s largestcyber war gamesexercisepodcast.ft.com

Hacked-off: understanding howattackers’ minds work is animportant skill Getty

‘Subcontracting datamanagement to thirdparties reduces it to theweakest link in the chain’

FINANCIAL TIMES WEDNESDAY OCTOBER 17 2012 ★ 5


Apple’s court battles withSamsung over the design ofthe iPad and the iPhone arenotable on several levels.These include the complex-ity of the case, Apple’s $1bndamages award, and thefact neither side seems will-ing to let the issue lie. Thelatest twist is that Samsunghas asked for a re-trial overclaims the jury foreman didnot disclose his involve-ment in certain previouslegal cases.

One aspect of the casethat has received less pub-lic attention regards thepreservation of possibleevidence. Both sides wereaccused of “spoliation”, ornot retaining, electronicevidence, something notdisclosed to the jury.

Experts say disturbingwith or destroying elec-tronic evidence is increas-ingly commonplace. And,such are the complexities ofmodern data storage, a com-pany can damage evidenceunintentionally withoutknowing it.

Questions of when andhow to preserve electronicevidence go far beyond pat-ent cases, with regulatedindustries, and financialservices in particular, gen-erating vast amounts ofelectronic data. As well ascourts, regulators and con-sumer protection bodies arealso demanding access toelectronic data.

“Financial services isthe dominant source ofdisclosure material,” says

Laurence Lieberman, apartner at law firm TaylorWessing. “The proliferationof electronic material hasexpanded the universe ofpotentially relevant mate-rial [in trials], and courtsare grappling with theincreasing volumes of infor-mation before them.”

In the UK, the Jacksonreforms of civil justice, setto come into force in April2013, aim to set limits onthe rising cost of electronicdocument disclosure inlegal cases. The cost of dis-covery will have to be “pro-portionate” to what is atstake in the case. In the USthere are fewer limits eitheron the scope of e-discoveryrequests or their costs.

This raises some very realchallenges for businesses,especially as the scope ofelectronic informationrequests is widening.

E-discovery requests areno longer limited to staticelectronic documents oremails, but can cover infor-mation from transactionalsystems, from trading tofinancial management,social media, or evenrecordings of phone calls.“We are seeing requests foraudio data, social mediadata, even data from[personal] devices,” saysSanjay Bhandari, a partnerin the fraud investigationteam at Ernst & Young.

“Using electronic meansto transmit business infor-mation means it is unavoid-able,” agrees FrancesMcLeod, a co-founder ofForensic Risk Alliance, aninvestigations company.

For business this canmean rising costs, moremanagement and staff timespent on discovery requests,and even raises the ques-tion of whether a company

is complying with requestsat all. The problem is madeworse because of the ease ofstoring and copying elec-tronic information. Often itis easier to keep informa-tion than dispose of it. Butthat information, in thehands of an adversariallawyer, could turn into a“smoking gun”.

Financial services organi-sations are responding bylooking more carefully attheir arrangements forrecord keeping and custodyof potentially sensitive doc-uments, especially where acourt has made a discoveryrequest or one is likely. Butbusinesses also need to con-sider how much informa-tion they are keeping, for

how long, and whether theyreally need to do so.

This, according to PeterRobinson, head of e-discov-ery at Deloitte, should gobeyond just e-discoveryrequests and extend intothe wider policies a firmhas around its data and doc-ument management. “Youshould ensure your recordmanagement complies withregulations, but once youno longer need a document,you should get rid of it. Theidea of ‘defensible disposal’has to be part of the targetoperating model.”

Businesses can, though,turn to technology to helpsolve a problem that, atleast in part, technologyhas caused. Tools such as

corporate-wide search andarchiving, as well as morefocused automation tools,such as electronic earlycase assessment (ECA) cansave costs and time.

“E-discovery is forcingpeople to use more technol-ogy but also better technol-ogy,” says Taylor Wessing’sMr Liebermann. “The moreeffective these tools are, theeasier it is to find the keymatter of a case.”

Christian Zeunert, headof e-discovery managementat Swiss Re, the reinsur-ance firm, which has usedECA technology from tech-nology vendor Recommind,says: “Cutting out clearlyirrelevant data via ECA is akey concept both from theUS and the European per-spectives.

“On the one hand it helpsUS counsel to get quickly torelevant data supporting anearly disclosure,” he says.On the other, Europeandata protection require-ments can be addressed.

But technology aloneshould not be a substitutefor good records manage-ment, and a good system ofcustody for evidence, once acourt, regulator or even aconsumer starts a case.Without proper policies inplace, firms will incurunnecessary costs, andmight even hand a legaladvantage to the other side,warns Steven Stein, manag-ing director in the US foren-sic technology practice atKPMG.

“It is dangerous if you areusing technology to searchand you are not restrictingthat search to specificwitnesses or to the depart-ment that is the subject ofan inquiry,” Mr Stein says.“You will come up with toomuch information.”

Cull old records to avoid legal‘smoking guns’ in the archivesLaw and business

Stephen Pritchardconsiders the perilsof too much data

Paul TaylorThe Connected Business Editor

Philip StaffordEditor, FT Trading Room

Sarah MurrayContributing Editor

Charles BatchelorJane BirdMichael DempseyStephen PritchardJessica TwentymanFT Contributors

Adam JezardCommissioning Editor

Steve BirdDesigner

Andy MearsPicture Editor

For advertising, contactJames Aylotton +44 (0) 20 7873 3392,email: [email protected]

All FT reports are on FT.com.Go to ft.com/specialreports

Contributors »

$1bnAmount awarded to Applein Samsung court case

Few people in Ghana have lifeinsurance because traditionalpolicies – that require custom-ers to fill in and sign forms –are too complex and expen-

sive to administrate.Policies need to sell for less than $1

a day to be affordable, says DareOkondjou, chief executive of MFSAfrica. Merely printing forms and get-ting them in front of clients wouldpush premiums above that price.

Moreover, collecting payment canbe laborious for policies paid byweekly or monthly debits.

This excludes the many people inAfrica who do not have bankaccounts. However, they often havemobile phones. So MFS has devised ascheme to provide life insurance viamobile telecom networks.

As all subscribers are registered,most of the information needed tounderwrite insurance – such as name,date of birth and address – is alreadyin the database, says Mr Okondjou.

By capturing these details electroni-cally, administration can be reducedto a few text messages, enabling MFSto offer policies much more cheaply.Launched in Accra in March 2012, thepolicies are selling at the rate ofseveral hundred a day, and MFS plans

to launch in Ivory Coast andCameroon this year.

Such services could be provided inthe developed world, but thereinnovators tend to focus more on theinternet, tablets and smartphones,says Mr Okondjou. “We started withthe phone in Africa because that iswhat we have.”

The ubiquity of mobile phones inthe developing world is creating ahuge market for financial services.

In Azerbaijan, the mere use of SMSmessages for transaction confirmationis coaxing business and privatewealth clients into conventional bank-ing, says Farid Akhundov, the chiefexecutive of Pasha Bank.

“There are still many people whokeep their money under the mattress,and small businesses that prefer cashto bank accounts,” says Mr Akhun-dov. Mobile-based services are oneway Pasha hopes to change this.

Although 100m people worldwidehave begun using banking-type serv-ices – referred to as “banked” – usingmobile technology in the past 10years, the GSMA, which representsmobile operators, points out that2.5bn adults still lack access to formalfinancial services such as savings,payments, loans and insurance.

As an illustration of the quickeningpace of the growth of services usingmobile technology, UK-based JuniperResearch forecasts that the number ofnewly banked people will double thisyear to 200m.

Hannes Van Rensburg, chief execu-tive of Cape Town-based Fundamo, amobile financial services companyacquired last year by Visa, says thebanks they join are not traditionalones with branches. Instead, they uselocal agents – typically shopkeepersor small businesses – to pay cash inand take cash out using their mobilephone accounts as digital wallets.

“In effect, they have bank accounts,but they don’t think of them thisway,” Mr Van Rensburg says. “Theysee them more as a replacement forcash. The agents are effectivelyhuman ATMs.”

Customers can also make paymentson the spot or send money over longdistances. It is more secure than cashbecause the money cannot be lost orstolen. When handsets go missing,accounts can be frozen.

People can have their salaries paidinto their phone accounts directly,and in Cameroon, for example, theycan borrow against their salaries. “It’san overdraft done in a different way

because the employer has to sign up,”says Mr Van Rensburg.

Moving people away from the casheconomy has huge economic benefits,because it makes business more effi-cient. The ability to present and paybills, or receive micro loans, is takenfor granted in countries with typicalbanking infrastructure, says NickWilde, managing director of Asic-Pacific for Fiserv, a financial technol-ogy company. “But these services canlift GDP by more than 1 per cent inthe developing world.”

Banks are under pressure to providesuch services, because of the competi-tion they are facing, Mr Wilde says.“In the Philippines, the two largestcompetitors on payment networks arethe telcos (telecommunications com-panies), Smart and Global Telecom.

“This means a large proportion ofthe population has joined the bankingworld through a telco and may neverleave it,” says Mr Wilde.

“These are people that the bankdoesn’t know or have access to, whichis a significant lost opportunity forrevenue.”

As customers become more prosper-ous, they are more likely to move toconventional banks, but banks willhave to fight hard with each other to

win the clients, says Mr Wilde. “Ifthey had a proper strategy for bank-ing the unbanked, they could not onlymake money by doing good, but gainclients who will buy more services astheir prosperity grows.”

Even in developed markets, thereare many people without bankaccounts. This happens because serv-ices are too expensive, or peoplebelong to a segment that banks do notwant to work with, such as immi-grants.

“These customers are looking foralternatives to banks at a time whenconsumer confidence in traditionalinstitutions is low,” says Ed Chandler,chief executive of CQR PaymentGroup.

CQR provides a service that letscustomers turn cash into electronicmoney on a prepaid card, voucher ormobile phone. The service is beingintroduced across Europe.

In 2013, Mr Chandler also plans tointroduce account numbers and sortcodes that will let customers transferfunds in and out of their cardaccounts automatically, at participat-ing supermarket checkouts for exam-ple, and they will be able to paystanding orders and direct debitsusing them.

Phones helplevel playingfield for the‘unbanked’

SMS Jane Bird reports that across the globethe number of people who access basicfinancial services on mobiles is set to double

Movingpeopleaway fromthe casheconomyhas hugeeconomicbenefits

Talking telephonenumbers: thepopularity ofmobile phones inAfrica has helpedmore people tobecome ‘banked’


Date post:	13-Apr-2015
Category:	Documents
Upload:	alexandra-kouk
View:	37 times
Download:	0 times

Financial Times Report

Documents