CA Technologies, the New York software firm that provides tooling for continuous delivery, counts all of the UK’s tier one banks, and many of its tier two banks among its customers, according to Robert Coleman, the firm’s chief technology officer for the UK and Ireland. In an interview with QA Financial, Coleman said that an increasing number of banks are working with his firm to implement service virtualization to speed up their app development process – part of the industry-wide move towards continuous delivery. Service virtualization is a technology that simulates the back-end dependencies between apps and mainframe computers. Using service virtualization, apps can be tested earlier and more often because they are not reliant on external hardware. Coleman has been working in IT for more than 25 years, eight of them with CA Technologies. He previously he worked at Bank of Ireland, and at RSA, the insurance company. At CA Technologies Coleman works with the firm’s top customers, most of which are in banking. He has seen the financial industry transition from developing IT systems for internal use to a customer-facing engagement model.
How can banks use service virtualization to speed up app development?
All banks are on the journey towards continuous delivery, some more advanced than others. Service virtualization is a big part of that because it lets banks make changes quickly and often while maintaining a high-standard of quality. We’ve been through a first phase of banking app development. Now banks will focus their efforts on making banking apps begin resemble our social media apps in terms of the range of interactions they offer users. For example, they might notify us whenever we send money or make a purchase, that way you can keep an eye on your account to make sure you are not being hacked. Gamification is another hot topic. Consumers will engage with their finances in a more game-like way. Your banking app might let you create spend-targets so that you get notified when you get near your limit. All of this means that you’ll be interacting with your finances on a daily basis, or even several times a day. To reach this point, banks will have to incrementally change the apps through a frequent, but small, releases. A fully automated delivery pipeline is the only way to do so reliably. The more manual interaction, the more possibility of error.
How does service virtualization help with continuous delivery?
You have to eliminate any manual steps that are slowing you down, whether this is setting up test environments or relying on a mainframe whenever you want to conduct a test. Service virtualization allows you to simulate those back-end dependencies so software can flow through the software development process. By using service virtualization, banks can catch defects much earlier on and conduct more in-depth testing. Defects that are caught earlier save banks money. Many banks have already implemented service virtualization to varying degrees, while others are starting to implement it.
What obstacles are banks encountering on their journey to continuous delivery?
There are two major obstacles. The first is the heterogenous nature of existing architecture in traditional banks. They are able to run their platforms very well, but they hit an obstacle when they try to automate across platforms. There are steps that still need to be performed manually, and that slows things down and increases the chance of things going wrong. The architecture is already very complex, and this is only increasing. The API economy is the latest layer, and the banks need to keep managing these systems and keeping them tied together. The second obstacle is completing the transition to agile. That requires the dismantling of traditional operations as they have been conducted in the last few decades, and the bigger the organisation, the more difficult it is to make those changes because of the sheer number of people that work there. You need to reorganise your developers, your testers, your operational people, the system architects, and they all need to get used to working together in smaller teams. That is a large cultural shift. But when technology itself is not an issue. Banks are in a healthy financial position and they are able make investments. Now it is just a gradual progression until they get to that point of continuous delivery.
What kind of impact will regulations have on your business?
PSD2 (the European Union’s Directive on Payment and Services, which will force banks to open up their APIs to third parties) is a tremendous opportunity for us in terms of API management. Traditionally, banks have seen regulation as something they have to do, and they have spent a significant amount of money complying with it. But I think with PSD2 we are seeing something different – it is not just about ticking boxes, it will open up the market and increase competition. PSD2 changes the payments landscape, allowing non-banking organisations to interact with and access banking APIs. This will lead to the fragmentation of the payments ecosystem, which has traditionally been monopolised by a few large firms. Consumers will be sharing their identity with multiple financial firms and they will be able to shop around for deals on savings products. APIs will be driving all of that. But they are potentially an area of vulnerability to exploit, and our API management products will see the benefit of that.
You mentioned API management, what other technologies do you see banks investing in?
Data is the number one testing priority for banks. The process for generating test data is still very manual. That means it is time-consuming and costly in terms of man-hours and the infrastructure necessary to support multiple test environments. The European Union’s incoming General Data Protection Regulation, which mandates that all data be anonymised and secure, will create additional demand for mature test data management capabilities. [See here for more information on the GDPR] Banks also need to gather more data from their customers on how they are using their apps. That data can be used to make sure that from a design perspective, they are adding the right features and functionalities. Many banks right now do not have detailed enough information about how their apps are being used. They can then use that data to power artificial intelligence. There area number of obstacles to this, but the first one is to gather that data, something that banks are not doing particularly well.
Where do partners fit into your strategy for delivering technology to banks?
We rely heavily on our partners: consulting companies, global service providers, and system integrators. We work across many industry verticals, but partners have industry-specific expertise that helps us enter specific niches. Our partners will provide our software to banks, who in many cases will not even know that it is ours because the tools are packaged as part of the service provider’s offering. On a day-to-day basis we spend most of our time working with partners. We make sure they have the technical know-how to use our tools, so that they can pass that expertise down to their customers. Rarely will we have a conversation with a bank that does not involve one or more of our partners.
How do you price your services?
Five or six years ago, when the first software-as-a-service (SaaS) providers entered the market, there was a turning point in terms of innovative pricing. Banks opened their eyes to to the cloud and to more flexible, subscription-based, pricing that let them flex up and down depending on business needs. Nowadays, all banks are using organisations like AWS, Microsoft Azure and Google to host test environments. There are some risk factors to consider when moving workloads to the cloud, but it has had a transformative impact to how our business works. The end result is that we have increased the number of SaaS offerings to our customers, and that we have moved more to a subscription-based approach, which is something that all technology companies are doing.
