The bank will create agile teams where “product owners in business and infrastructure divisions will lead teams of technologists, using agile principles, to continuously work on products and ensure progress meets their expectations”.
It will also increase the proportion of software engineers in the workforce and better support and motivate them, as well as “reduce the burdens that slow them down.”
The strategy has four parts, according to the presentation. The investment bank wants to:
Offer a digital client experience
Build scalable infrastructure
Make room for innovation
To do so, Goldman Sachs is using 45% of its $4 billion engineering budget in 2019 on investment. The other 55% will be used to run the bank.
In the financial services sector, banks are making huge investments in technology. JPMorgan allocated $10.8 billion last year and has earmarked $11.4 billion for technology in 2019. Bank of America spent $10 billion on tech in 2018.
Unlike America, where banks have a return on equity of 12%, Europe does not have strongly positive government-bond yields, or a pool of investment-banking profits like that on Wall Street, or a vast, integrated home market. All this is true, but European banks have been lamentably slow at cutting their costs, something which is well within their control. As a rough rule of thumb, efficient banks report cost-to-income ratios below 50%. Yet almost three-quarters of European lenders have ratios above 60%. Redundant property, inefficient technology and bloated executive perks are the order of the day.
And when the next downturn comes and banks need to raise capital, which investor would be foolish enough to give even more money to firms that do not regard allocating resources profitably as one of their responsibilities?
There’s much room and ability to improve the bottom line by fixing the back-office sprawl:
Costs are falling at an annual rate of about 4%, according to analysts at ubs. This is not enough. As consumers switch to banking on their phones there are big opportunities to cut legacy itspending and back-office and branch expenses. Lloyds, in Britain, has cut its cost-income ratio to 49% and expects to get to close to 40% by 2020. The digital German arm of ing, a Dutch bank, boasts a return on equity of over 20% in a country that is supposedly a bankers’ graveyard. If other banks do not do this they will soon find that they have lost market share to new digital finance and payments competitors—both fintech firms and the Silicon Valley giants such as Amazon—that can operate with a fraction of their costs and which treat customers better.
Source: Fixing Europe’s zombie banks
The bank has selected AWS as its preferred cloud provider with the intention of porting its production workloads, including its customer facing platforms and strategic core banking applications to the cloud.
From what I can tell talking with banks, they’re over that 2010 thing of “public cloud isn’t secure enough.” Now it’s a scramble to move their shit up there.
Thus far, it seems like the large banks are fending off digital disruption, perhaps embracing some of it on their own. The Economist takes a look:
- “Peer-to-peer lending, for instance, has grown rapidly, but still amounted to just $19bn on America’s biggest platforms and £3.8bn in Britain last year”
- “last year JPMorgan Chase spent over $9.5bn on technology, including $3bn on new initiatives”
- From a similar piece in the NY Times: “The consulting firm McKinsey estimated in a report last month that digital disruption could put $90 billion, or 25 percent of bank profits, at risk over the next three years as services become more automated and more tellers are replaced by chatbots.”
- But: “Much of this change, however, is now expected to come from the banks themselves as they absorb new ideas from the technology world and shrink their own operations, without necessarily losing significant numbers of customers to start-ups.”
- Back to The Economist piece: “As well as economies of scale, they enjoy the advantage of incumbency in a heavily regulated industry. Entrants have to apply for banking licences, hire compliance staff and so forth, the costs of which weigh more heavily on smaller firms.”
- Regulations and customer loyalty are less in China, resulting in more investment in new financial tech in Asia:
- As another article puts it: “China has four of the five most valuable financial technology start-ups in the world, according to CB Insights, with Ant Financial leading the way at $60 billion. And investments in financial technology rose 64 percent in China last year, while they were falling 29 percent in the United States, according to CB Insights.”
- Why? “The obvious reason that financial start-ups have not achieved the same level of growth in the United States is that most Americans already have access to a relatively functional set of financial products, unlike in Africa and China.”
- There’s some commentary on the speed of sharing blockchain updates can reduce multi-day bank transfers (and payments) to, I assume, minutes. Thus: ‘“Blockchain reduces the cost of trust,” says Mr Lubin of ConsenSys.’
Fixing legacy problems with new platforms, not easy
- The idea of building banking platforms to clean up the decades of legacy integration problems.
- Mainframes are a problem, as a Gartner report from last year puts it: “The challenge for many of today’s modernization projects is not simply a change in technology, but often a fundamental restructuring of application architectures and deployment models. Mainframe hardware and software architectures have defined the structure of applications built on this platform for the last 50 years. Tending toward large-scale, monolithic systems that are predominantly customized, they represent the ultimate in size, complexity, reliability and availability.”
- But, unless/until there’s a crisis, changes won’t be funded: “Banks need to be able to justify the cost and risk of any modernization project. This can be difficult in the face of a well-proven, time-tested portfolio that has represented the needs of the banking system for decades.”
- Sort of in the “but wasn’t that always the goal, but from that same article, Gartner suggests the vision for new fintech: ‘Gartner, Hype Cycle for Digital Banking Transformation, 2015, says, “To be truly digital, banks must pair an emphasis on customer-facing capabilities with investment in the technical, architectural, analytic and organizational foundations that enable participation in the financial services ecosystem.”’
- BCG has a prescriptive piece for setting the strategy for all this, from Nov. 2015.
- A bit correlation-y, but still useful, from that BCG piece: “While past performance is no guarantee of future results, and even though all the company’s results cannot be entirely attributed to BBVA’s digital transformation plan, so far many signs are encouraging. The number of BBVA’s digital customers increased by 68% from 2011 to 2014, reaching 8.4 million in mid-2014, of which 3.6 million were active mobile users. Because of the increasing use of digital channels and efforts to reconfigure the bank’s branch network—creating smaller branches that emphasize customer self-service and larger branches that provide higher levels of personalized advice through a remote cross-selling support system—BBVA achieved a reduction in costs of 8% in 2014, or €340 million, in the core business in Spain. Meanwhile, the bank’s net profits increased by 26% in 2014, reaching €2.6 billion.”
- And a more recent write-up of JPMC’s cloud-native programs, e.g.: ‘“We aren’t looking to decrease the amount of money the firm is spending on technology. We’re looking to change the mix between run-the-bank costs versus innovation investment,” he said. “We’ve got to continue to be really aggressive in reducing the run-the bank costs and do it in a very thoughtful way to maintain the existing technology base in the most efficient way possible.” …Dollars saved by using lower-cost cloud infrastructure and platforms will be reinvested in technology, he said.’ JPMC, of course, is a member of the Cloud Foundry Foundation which means, you know, they’re into that kind of thing.
Commonwealth Bank of Australia, for instance, replaced its core banking platform in 2012 with the help of Accenture and software company SAP SE. The job ultimately took five years and cost more than 1 billion Australian dollars ($749.9 million).
Being conservative, multiply $500m across the top 20 banks, and you’ve got $10bn, using $749.8m directly, you get much closer to $15bn.
Better start planning.
A good, pretty long overview of JPMorgan Chase’s plans for doing cloud with a PaaS focus. Some highlights.
More than just private-IaaS and DIY-platforms:
Like most large U.S. banks, JPMorgan Chase has had some version of a private cloud for years, with virtualized servers, storage and networks that can be shared in a flexible way throughout the organization.
The bank is upgrading its private cloud to “platform as a service” — in other words, the cloud service will manage the infrastructure (servers, storage, and networks), so that developers don’t have to worry about that stuff.
On the multi-/hybrid-cloud thing:
By the second half of 2017, the bank plans to run proprietary applications on the public cloud. At the same time, it’s building a new, modern internal cloud, code-named Gaia.
While “hybrid-cloud” has been tedious vendor-marketing-drivel over the past ten years, pretty much all of the large organizations I work with at Pivotal have exactly this approach. Public, private, whatever: we want to do it all.
Shifting their emphasis innovation:
“We aren’t looking to decrease the amount of money the firm is spending on technology. We’re looking to change the mix between run-the-bank costs versus innovation investment,” he said. “We’ve got to continue to be really aggressive in reducing the run-the bank costs and do it in a very thoughtful way to maintain the existing technology base in the most efficient way possible.” …Dollars saved by using lower-cost cloud infrastructure and platforms will be reinvested in technology, he said.
On appreciating the scale of “large organizations” that drive their very real challenges with adopting new ways of running IT:
The bank has 43,000 employees in IT; almost 19,000 are developers.
Good luck having the “we have no process by design” process with that setup.
On security, there’s a nice, almost syllogistic re-framing of “cloud security here”:
For years, banks have worried about using the public cloud out of security concerns and fears of what their regulators will say. Ever since the 2013 Target data breach, in which hackers stole card information from 40 million customers by breaking into the computers of an air conditioning company Target used, regulators have strongly urged banks to carefully vet and monitor all third parties, with a specific focus on security.
“We’re spending a significant amount of time to ensure that any applications we choose to run on a public cloud will have the same level of security and controls as those run internally,” Deasy said.
Most notable corporate security breeches over the year have involved on-premises IT (like the HVAC example above). The point is not to make sure that “cloud is as secure as [all that on-prem IT that’s been the source of most security problems in the past], but to make sure that all IT has a rigorous approach to security. “Cloud” isn’t the security problem, doing a shitty job at security is the security problem.
Update: or it could be 30,000.
Some interesting ideas to improve debit (and credit, one’d presume) with software-driven features:
CardGuard provides additional protection against fraud, since customers are able turn their debit card “on” or “off.” When the card is “off,” no withdrawals or purchases will be approved, with the exception of previously authorized or recurring transactions. Additionally, transaction controls can be set according to location, meaning transactions attempted outside of the geographic parameters set by the customer will be declined.
With CardGuard, customers are able to better manage their spending by establishing limits for debit card purchases based on the amount of the transaction. Additional controls can be set to manage spending in different categories by enabling or disabling transactions for certain merchant groups, such as gas, grocery or retail stores.
This a good parable on what can go wrong in large organizations when incentives are not working as planned.:
But the reality seems to be messier and more boring: Wells Fargo wanted its employees to push lots of real accounts, it asked too much of them, and the employees rebelled by opening fake accounts to get the bosses off their backs. The fake accounts weren’t profitable for Wells Fargo, and no rational executive would have wanted them, which is why Wells Fargo kept telling the employees not to open them. But the employees did anyway because they felt like they had no other choice. It was not an evil high-level plot. It was just dumb. It was a form of employee resistance that was channeled into fraud by bad incentives and bad management. There is a limit on how many times you can ask a guy in a hearing “this thing you did was pretty dumb, wasn’t it?” Though look for the Senate Banking Committee to test that limit.
Knowing very little about the details, back in IT-land problems like this usually mean the culture needs some tweaking.
Check out some more commentary.
According to the bank, the built-in automation of Pivotal’s cloud platform allows it to focus on delivering differentiated value, instead of being caught up with systems management and IT resource procurement. This means that DBS will be able to quickly deliver services, as well as build and update next-generation applications in order to deliver a better banking experience to users.
Another Pivotal Cloud Foundry customers. Banks seem to like it.
After 15 years of useful life, CORBA is currently being retired and replaced with Web services. It’s interesting to see that many of the initial performance challenges have appeared again with the switch to the new technology.
It took four years from the strategic decision until the whole organization was fully committed to the plan. This is because it takes a while to fully deploy complex middleware technology in an environment that’s sensitive to performance, stability, and security. The real challenge has been the stamina and governance needed to make this strategic decision pervasive—it took 10 years before everybody accessed the mainframe through the service layer. We debated whether this is unusually slow, but we’re now convinced that this is normal for this kind of organization and application landscape. On the business side, the SOA approach has helped revolutionize user interfaces. Nobody accesses the mainframe through terminal screens anymore. Credit Suisse has built several Internet channels on top of the service layer, from a simple electronic banking application in the beginning to today’s sophisticated mobile banking.
And, the thrilling conclusion:
Looking back over 15 years of enterprise service architecture at Credit Suisse, we’ve learned a few lessons. First, deep architectural changes in large companies take longer than most people think. The reason for this is because most projects are risk-averse and only want to adopt a proven approach. Proving a new approach plus the time lag between design decisions and implementation completion adds up to three to four years. After that, depending on the rollout strategy, it could take several years to fully implement a strategy. Patience and stamina are absolutely necessary for success in this field. If your CIO wants to see results within a quarter, SOA or other enterprise architecture approaches aren’t worth pursuing. Second, when thinking about SOA, technology on an enterprise scale is a nontrivial prerequisite, but it’s the easier part. Orchestrating the entire organization around SOA, providing a proper semantic framework to create a common language across the organization, and implementing the necessary governance processes are the harder parts, in our opinion.
Bank of America made the decision to slide the bulk of its backend computing systems to the cloud in 2013, and wants to have 80 per cent of its systems running in off-premises data centers within the next three years. Last year it spent over $3bn on new computing kit.
From The Register
53% of financial services industry respondents gave reputation risk a “No. 1” ranking among the hazards. By contrast, 19% named compliance as the greatest risk, and 9% selected data security.
Some comments from my old boss at Structure Europe, recently, on who’s looking for private clouds:
From a Dell perspective, we just love open stack. I think it’s fantastic. I think it’s gaining great traction in the market. A year ago we weren’t seeing this but now we’re seeing banks who are coming to us and this is beyond POC stuff. They’re actually doing production stuff with open stack and we’re helping them. Seeking three Fortune 500 retailers, doing the same thing. So we think open stack is real. How many open stack clouds? I don’t know, but we’re in the fortunate position of sitting on top of all of this and just making sure that the customer wins. I really don’t care who of the 18 win.
We’ve got a rule of thumb that we’ve done our own internal analysis and once you reach an Amazon bill of about 50,000 per month, it’s time to go to a private cloud. We see customers coming to us with that problem all the time. We see lots of start-ups. We meet a lot of the venture capital community. And they’re saying, “Look, all of my start-ups started in Amazon but these bills are getting ridiculous.” And how do we get them over to private cloud? So we’re doing this like wholesale through the venture community and the start-up community because everybody’s facing the same problem.