“Prediction is very difficult, especially if it is about the future,” said Niels Bohr, the Danish physicist. Predictions are, however, a journalistic tradition at this time of year, and it we feel it’s our duty to do our best to summarise what we believe 2017 will hold for our readers. We’ve settled on three.
1 – Automation will remain the key driver of change …
… As it was in 2016. However, even the world’s largest banks admit (privately) that they still have important decisions to make about investment in automation technologies.
In software quality assurance and testing, this in particular means test service virtualization, a focus of our recent interview with Rob Coleman, CTO for CA Technologies in the UK and Ireland, which you can read here.
The problem many of those banks have is that the business case for automation isn’t always an easy one. The CEO wants to see savings from automation. They have spent years cutting costs by outsourcing to off-shore IT vendors and developers. Now they have to juggle the long-term opportunity — faster deployment at lower costs — with the shorter-term requirement for investment in those new technologies. It’s not just about finding the money: the right decisions have to be made about recruiting staff with the right coding skills and investment in new data environments and cloud resources.
There are decisions to be made about whether to centralise development and testing, or build separate platforms in different divisions; investment banking, asset management and retail, for example.
And looking at the financial services industry as a whole, the move to automation technologies prompts two further questions. Will banks speed things up and reduce costs by sharing test data and test data environments for app development? And how will pricing models for development services change with automation, as the standard linear benchmarks (the number of test cases performed; the number of lines of code tested) become increasingly irrelevant?
2 – The IT Risk Manager comes of age
Technology risk management isn’t just about the integrity of code, security and regulatory compliance. New legal and IP risks related to financial software are emerging, as typified by our story here on Blockchain patents. While you might think that banks are moving inexorably toward open-source, freely-available, software for distributed ledgers and smart contracts, there are those, including Goldman Sachs and Bank of America that taking out numerous patents on the innovations based on those technologies. Others may be left out in the cold as the opportunity to establish truly profitable businesses based on Blockchain becomes a reality.
This is just one example of how IT risk management is evolving. One obvious step toward resolving the question of who has the responsibility for communicating the nature of IT risk to the board is to formalise the role, responsibilities and title of the IT Risk Manager. BlackRock, the world’s largest fund manager, is one major firm that has already done that. Others will follow in 2017.
3 – The regulatory burden will grow
The recent headlines have been about massive fines for Deutsche Bank and Credit Suisse for transgressions that date back to the financial crisis. Looking forward, regulators are going to be more concerned about how banks are transforming themselves into technology businesses.
An obvious example is the requirement of the EU’s MiFID II law that will — from January 2018 — require investment firms to self certify that their trading algorithms will not disrupt markets.
The broader trend in regulation is that supervisors such as the Federal Reserve Bank of New York are moving away from a one-sized-fits-all approach to the supervision of financial IT, towards a more granular approach, as highlighted earlier this year in this article by QA Financial, which you can read here.
Regulators in the US and Europe are following the lead of the Monetary Authority of Singapore, which is the world leader in terms of its guidance for financial firms on how it wants to see financial firms develop and deploy apps.
As regulators increase their scrutiny of those apps that they see as critical to the firm and to the smooth operation of markets, the idea of technical debt has to be redefined. A global investment bank might have to manage several hundred of new app releases and upgrades each week. It becomes increasingly important for the bank to know which of those apps have to be 100% right when they are deployed and which can be 95% right. Again, this requires financial firms to reconsider who has the responsibility for not only understanding how the technology works, but also for communicating what might happen if it doesn’t work.
So, three predictions, but one inevitable conclusion. Whoever is in charge of app delivery and quality will be even more important — and maybe under a little more stress — in 2017.
