Information technologies in banks.

The banking sector, both in Russia and globally, is going through a phase of global transformation. Against a backdrop of weak economic growth, traditional sources of income do not provide sufficient dynamism for the banking business. Thus, as of August 2016, retail lending in the Russian Federation was virtually unchanged from 2015. Mortgage loans grew by 12.5% year-on-year, but retail non-mortgage loans fell by 8%. The corporate lending segment also showed weak dynamics, with the corporate loan portfolio showing growth of 1% in 2016, taking into account currency revaluation. The retail deposit segment is under pressure amid low appetite of the country’s leading banks for fundraising and, consequently, declining rates. And tight fiscal policy is having a negative impact on the corporate deposit segment.

However, consolidation of the banking sector as a whole continues, with the number of Russian banks down to 600 as of October 2016, and the CBR will continue to strengthen its supervisory activities going forward, as well as moving to bail-in as the preferred tool for bailing out troubled banks.

The regulator’s actions also have a marked impact on banks’ business strategies and approach to risk management.

In addition, companies from other industries that offer financial services and successfully compete with banks, such as mobile device manufacturers, major retailers, telecom operators, Internet companies and numerous fintech start-ups, are constantly emerging in the market.

All of this suggests that traditional banking business models are no longer working well enough, and it is not surprising that in this environment banks are actively seeking new ways to attract and retain customers, and are also focusing on developing portfolios of services that can increase the share of non-interest income. In the corporate segment, an increasing number of banks are offering comprehensive services for small and medium-sized businesses, including functional outsourcing of accounting and tax accounting, various analytical tools or even virtual office services. In the retail segment, remote banking technologies are being developed, biometrics for customer identification are being researched and the payment services segment is rapidly developing. The general trend in retail banking is aimed at ensuring a high level of customer satisfaction, loyalty management, as well as realizing the expectations of users of banking services in terms of accessibility and immediacy of consumption of banking services using mobile devices. There is interest in banks establishing their own virtual network operators, the so-called MVNO (mobile virtual network operator), in order to develop the ecosystem of banking services and monetise the growing synergies between the banking and telecommunications sectors. The launch of a mobile virtual network operator enables the bank to qualitatively expand its service portfolio, attract new customers and increase the loyalty of existing customers, as well as reduce the cost of customer service without compromising the quality of the services provided. In addition, telecom services are one of the very sources of non-interest income that the banking sector is currently seeking.

Another source of non-interest income for the bank can be the data accumulated by the bank over its lifetime. The data at the bank’s disposal reveal customer preferences and consumption patterns. If appropriately anonymised, this data can be used to offer various services to the bank’s corporate clients who are interested in tailoring their products and services to the needs of their target audience.

Banks are also focusing on improving operational efficiency and finding internal sources of synergies, which is particularly relevant against the backdrop of banking sector consolidation. Developments in automation technology, artificial intelligence and machine learning, blockchain and Big Data analytics will help meet these challenges, transforming business processes, the branch network and offering a truly omni-channel customer experience that is fully aligned with the current digital paradigm.

According to Delloite, the financial sector is among those industries characterised by high digitalisation dynamics and high risks of digital disintegration (i.e. loss of competitiveness due to the emergence of new players implementing disruptive business models in the sector). According to the 2016 survey, 45.5% of respondents selected collaboration as their main tool for engaging with fintech companies, 43.6% of banks plan to invest in fintech businesses, 42.6% want to develop internal fintech skills, 17.8% intend to acquire fintech companies and only 4% of banks plan to do nothing.

Information technology has long been key for banks, with banks spending on IT averaging 8.4% of all enterprise operating expenses in 2016, according to analyst firm Gartner, with IT employing nearly 10% of bank staff. And the largest share of spending in banks’ IT budgets, at 28%, is on data centres.

Virtualisation and cloud technology is one of the most popular technologies, allowing for the simultaneous solution of many pressing tasks for banks to develop banking services and improve operational efficiency.

Server virtualisation technologies originally appeared in the mid-1960s and were available for mainframes, the monolithic hardware and software complexes on which banks ran automated banking applications. For so-called standard architecture servers, or as they are called x86 servers, the first commercial virtualization solutions appeared in the late 90s. The first company to bring these solutions to market was a Silicon Valley start-up, VMware.

The essence of server computing virtualisation technology is very simple: specialised software (so-called hypervisor) is installed on top of the server hardware, on top of which multiple instances of different operating systems can be installed, each of which is independent and isolated from other such instances. That is, instead of one hardware (physical) server running one instance of an operating system, you get a set of virtual servers, or, as they are called, virtual machines.

How is virtualisation useful?

First, as standard architecture servers improved and their performance increased, it became clear that the applications deployed on these servers were often not able to consume all available hardware resources. This meant server utilization averaged 5-10%, which in turn meant a poor return on investment in IT infrastructure. By allowing multiple, isolated and independent virtual servers to be deployed on a single physical server, virtualisation has improved the return on infrastructure and reduced the cost of upgrading and operating the infrastructure. Take as an example the current rate of server consolidation (i.e. the number of virtual servers simultaneously running on a single physical server). According to VMware, as of Q2 2016, the average consolidation rate in banks was 18 virtual servers running on a single 2-processor physical server. What does this mean in terms of budgets? With the purchase price of a simple server being $4,000, it would have taken 18 x $4,000 = $72,258 to buy 18 of these servers. A server with virtualization, even if initially more expensive and powerful, would cost $30,000 – $40,000. The savings are obvious even without considering other factors such as the cost of hosting the servers in the data centre, power and cooling, administration and maintenance costs, etc.

Secondly, virtualisation technologies made it possible to improve the quality and reliability of banking systems. Due to the fact that the virtual machine is not tied to hardware, it is possible to apply various high availability technologies and reduce the time required to restore normal application operation after a hardware failure. Meanwhile, taking hardware servers offline for scheduled maintenance is done without any application downtime at all. This is certainly valuable for banking applications that need to operate 24×7.

Third, virtualisation has greatly simplified the tasks of server deployment and administration.  With spare hardware capacity, the deployment of a new server does not require time-consuming and labour-intensive budgeting, procurement and commissioning activities. The rich virtualisation capabilities to centralise and automate server administration tasks relieve the bank’s IT staff of many routine tasks and focus on creating maximum business value for the enterprise. As of Q2 2016, one virtualisation administrator was running an average of 940 virtual machines, according to VMware.

The benefits of virtualisation are so clear that it is now the default technology used by banks, with an average of 84% of all x86 servers in banks being virtualised.

The next step

Virtualisation in the banking sector is a proven technology with proven efficiency, but life moves forward and the business context demands further development from IT. It has become clear that virtualisation alone cannot meet the emerging challenges at the speed required by changes in the market. In the face of high uncertainty and resource constraints, banks are going through a phase of profound organisational, process, cultural and technological change. Agile application development and DevOps methodologies, lean / kanban-based enterprise management models, the proliferation of fail-fast cultures and more are on the agenda to help banks adapt and evolve faster. After all, nowadays, even to stay in place you have to run very fast. Traditional approaches in IT are too clumsy to keep up with the pace of business change and that’s where cloud technology comes in. How are clouds fundamentally different from virtualization? Virtualization servers are the foundation of the cloud, but virtualization also requires additional controls, automation, accounting, self-service etc., as well as new process and organizational models that together create the elastic, dynamic and flexible environment in which new projects and initiatives progress. As it turns out, there are many things in banks’ IT infrastructure that limit acceleration and innovation. Server virtualisation has made computing software-defined, allowing flexible management of server configurations while abstracting away from the hardware. The data centre no longer appears as a set of discrete servers, but as a group of processor and RAM resources available for consumption by banking systems. But beyond these resources, every data centre has networks and storage systems, and until recently, these systems remained classic, hardware-defined systems that limited the implementation of end-to-end automation. Back in 2011, VMware introduced the idea of the software-defined data centre, that is, a data centre that virtualises not only servers but also storage and networking. In a software-defined, virtualised data centre, the data plane is separated from the control plane and all functional network services such as routing, load balancing or firewalls are implemented fully software-defined, allowing the migration to low-cost, high-performance network equipment. Similar to server virtualisation, network virtualisation (or Software-Defined Networking, SDN) allows the management of networks and network services as a group of resources. Together, this functionality enables intelligent enterprise-class networks to be built at lower cost, while seamlessly integrating server virtualisation and network virtualisation.

Software-defined storage implements the same principles of abstracting the underlying storage service from the hardware (essentially virtualisation), clustering storage resources and policy-based storage management. Virtualisation of core data centre subsystems removes the technological barriers to building private clouds and accelerating bank innovation.

Banks are actively considering the use of public clouds too. For quite some time now, public cloud service providers have emerged in Russia that meet the requirements of the Central Bank of Russia. The use of a single technology platform in both the bank’s private cloud and the public cloud makes it possible to seamlessly connect these clouds and realise what is called a hybrid cloud. This is a cloud that applies uniform rules for managing deployed workloads, uniform security and surveillance policies, and provides the ability to move workloads between the private and public shoulders of the hybrid cloud in either direction. The hybrid approach allows even greater flexibility in resource and cost management while maintaining IT control. 

A systemically important European bank (127,000 employees in 17 countries, 7,000 branches, €875 billion in assets) was able to achieve very interesting results by implementing software-defined data centre and hybrid cloud technologies. As part of its strategy implementation plan, the bank needed to reduce costs by €1.3 billion while improving the bank’s customer service, information system reliability and the time required to execute inorganic development projects. The bank’s existing network security model limited the potential for innovative development because of the long and complex approval and execution process. The introduction of hybrid cloud has radically redesigned network architecture and network security, reducing the time it takes to bring a new banking service to market by several times. In addition, the hybrid cloud and the software-defined data centre enabled the consolidation of IT service subsidiaries and reduced the cost of IT services by 16%.

Another project to comprehensively transform banking systems was implemented in one of the UK’s largest banks. A key element of the business transformation outlined in the bank’s 2020 development strategy was the creation of a new software-defined technology platform for the bank’s data centres, which would improve the quality of services provided and the efficiency of IT investments.  The economic impact, including a 58% reduction in the size of the physical IT infrastructure, was expected to be £430m. The project was successfully implemented last year and the gradual migration of key automated banking systems to the new platform is now underway.

ING Bank (€845 billion in assets, 48 million customers in more than 40 countries, more than 75,000 employees) implemented an equally revolutionary project. To successfully deliver on its digital strategy, the bank set the following objectives for its IT departments: to halve the time to market for the bank’s customer applications; to reallocate IT costs so that the operational component accounts for no more than 48% of costs (originally 71% at the start of the project); and to reduce IT costs by €300 million per year. The project was successfully implemented in 2015 in cooperation with EMC, VMware and Pivotal. The core of the new technology platform was a software-defined data centre, the capabilities of which were further enhanced by the creation of a hybrid cloud.

Information security and digital banking

A pressing challenge for the banking sector is the growing trend of cybercrime aimed at stealing funds from banks. According to a joint study by the Internet Initiatives Development Fund (IIDF), Group-IB and Microsoft, the damage to the Russian economy from cybercrime in 2015 exceeded RUB 200bn, representing 0.25% of GDP. At the same time, only the number of cybercrimes and related damage is growing faster than information security spending. The answer to this challenge could be a new approach to information security – zero trust information security – proposed by Forrester. The idea behind this approach is to build a unified information security continuum from the data center core to the mobile device by implementing three principles: a) access all resources securely regardless of location; all traffic, no matter where it originates, is considered potentially malicious; ALL traffic is authorized, analyzed and inspected. b) tight control over access rights and granting only the minimum required authorization. c) inspect and never trust – not only inspect ALL traffic, but also inspect all traffic. The idea of zero-trust information security has been around for a number of years, but only recently, thanks to the micro-segmentation capabilities of software-defined networks, is it possible to put the idea into practice. By microsegmenting the enterprise network within the data centre network perimeter, VMware enables “zero-trust” security to be put into practice. This does not require a mandatory upgrade of the hardware component of the bank’s network.

A similar scenario of redesigning banks’ information security approaches using virtualisation technologies has been successfully implemented at companies such as Citigroup, AIG, mBank, Plains Capital and many others.

Virtualisation and digital workspace for bank employees

What else could be virtualised in a bank? What about personal computers? What if you move everything on the personal computers to the data centre, leaving the employees’ workstations with simple terminals whose job is only to display information and connect peripherals. Such technology is called Virtual Desktop Infrastructure (VDI). The banking sector is one of the most active in adopting this approach. VMware estimates that, on average, about 19% of user desktops in banks are provisioned using VDI. Desktop virtualization has some interesting advantages over the traditional PC. Firstly, VDI provides flexible and mobile access to the bank’s systems and data and is the first step in the transition to a digital workspace. Secondly, VDI enables one to significantly extend the office equipment refresh cycle by simplifying equipment at the workplace. Thirdly, VDI provides better ergonomics and saves energy at the workplace. Fourth, VDI provides better worker productivity through its ability to instantly provide a working environment as well as more reliable and efficient performance when compared to a traditional PC, especially if the PC is not brand new. Fifth, VDI is easier to administer than traditional PCs and thus requires fewer people to support the users. Last but not least, VDI concentrates both user data and control access to this data in the data center, making it easier to address IT security concerns. VDI capabilities enable to streamline call centre operations, provide secure access to the bank’s systems for third party contractors and speed up integration tasks in the course of bank mergers and acquisitions. For example, in July 2011 VTB Group acquired a controlling stake in Transcreditbank, and the full merger of banks was announced at the end of 2012. The consolidation of IT services and systems in such acquisitions is long, time-consuming and costly. This also applies to the private task of delivering applications to the workstations of the employees of the merged bank. In the case of VTB 24, VDI technology was used to deliver corporate applications to TCB’s retail offices. This approach allowed TCB employees to have secure access to VTB 24’s banking systems in the shortest possible time, thereby making it possible to offer VTB 24’s services to TCB’s legacy customers almost immediately after the merger was completed.