Digital Banking in Asia

        ● Hardware. From massive overprovisioning of high-cost infrastructure hardware to dynamic, right-sized provisioning of simplified and low-cost hardware.

        ● Infrastructure management.From a complex set of management and automation tools for managing the environment to a streamlined set of tools with heavy automation in the service and infrastructure layers.

        ● Workload orchestration.From static placement of workloads tightly coupled with data centers and hardware locations to dynamic workload placement such as on premises or via the public cloud, driven by application policy requirements.

        ● Labor.From an expensive and poorly scaled labor structure with manual bottlenecks to a lean, “silo-less” organization focused on design, rather than hardware configuration and management.

        To enable this NGI transformation, digital banks would have to adopt several new and open technologies:

        ● Open-design general-purpose platforms enable digital banks to achieve scalability and performance at commodity-level price points.

        ● Specific vertical platforms, unlike general-purpose platforms, are capable of providing support for applications with different performance-requirement profiles.

        ● Software-defined networking and storage can shift greater functionality and control into software, simplifying application deployment and enabling use of lower-cost hardware.

        ● Open-source infrastructure platforms can speed time to deployment of private clouds and leverage open interfaces to drive greater heterogeneity and prevent vendor lock-in.

        ● Cloud-orchestration platforms can facilitate the operation of multi- and hybrid-cloud environments by creating an abstraction layer for applications and services.

        In our experience, an NGI technology stack (Exhibit 2) is well suited to support the bulk of workloads within a digital bank (Exhibit 3).

        4．A simplified technology ecosystem

        The digital bank must manage technology complexity while keeping pace with technological changes and customer preferences. Winners will have created an adaptive technology ecosystem as a core capability, providing a reliable, scalable, and high-performing technological foundation without skyrocketing costs. The process by which this ecosystem is created relies, in our experience, on a number of essential practices.

        Rationalizing application portfolio to reduce complexity.Many banks, especially those that have grown through a series of mergers and acquisitions, find themselves operating on myriad overlapping, redundant systems that do not integrate well. Many of these systems also rely on information that resides in different repositories, thus preventing banks from creating a single source of truth. In addition, many legacy applications cannot support digital business requirements and require lengthy and unwieldy workarounds, resulting in longer development cycles, even for simple enhancements. To surmount these obstacles, many digital banks have begun systematically to review and rationalize their applications, for example, allowing the sun to set on end-of-life applications, merging overlapping applications, and so on. They are furthermore institutionalizing and refreshing portfolio management as a part of their IT governance.

        Using enterprise-ready open-source platforms to provide scalability and flexibility.This includes deploying the “LAMP” stack (Linux + Apache + MySQL + PHP) for development of front-end systems; using open-source system-management tools, including monitoring, network management, and process engines (for example, Solarwind); and adopting a standardized cloud-based delivery model (such as Amazon Web Services, or AWS) for specific applications to speed solutions delivery and manage fluctuating business demand.

        Deploying cloud-based, service-oriented solutions for select application types.Efficacious use of the cloud will require a clear understanding of the availability of private, hybrid, and public clouds and their relevance to the different digital-banking application types. For example, many best-practice digital banks host nonsensitive applications (say, branding or awareness sites) on virtual private clouds through AWS and retain more sensitive information (such as financial transactions or customer information) on their own private clouds. In addition, digital banks are pushing forward with service-oriented solutions that are much more scalable in the long term.

        Taking a “right-sourcing” approach to retain strategic capabilities in-house.Instead of full outsourcing, digital banks should selectively outsource, applying either a partial vertical approach, by function (for instance, digital, Web site, and internal applications), or a horizontal one, by steps in the system-development life cycle. The definition of in-house strategic talent would be based on a number of variable factors, including business outlook and geographical considerations.

        5．Advanced analytics and data management

        Effectively managing data is a critical priority for digital banks, yet many are still wrestling with basic challenges due to a lack of good tools and high-quality data. In our experience, best-practice banks have built strong capabilities in a number of core areas, which together provide a distinctive analytics and data-management capability:

        ● The end-state vision should be well articulated for analytics and data management. An effective vision must be customer-backed and would generally include cross-sell and up-sell objectives, risk-management requirements, and operational efficiency.

        ● Business-driven requirements must be well defined across all business functions, including sales, marketing, and product development. Our experience has shown that successful digital banks prioritize these requirements, deciding to be best in class in certain areas while maintaining industry standards in others.

        ● Banks need to be able to create layered data models, from a conceptual description of the business objects in scope to an integrated, logical data model. A best-in-class data model should be based upon consistent data access across channels, provide real-time analytics and processing capabilities, support a common master data source, provide consistent access to customer data, and support an enterprise-standard staging area. The data model should also address integration of internal and external data sources, as well as how to operate across structured and unstructured data sets.

        ● They emphasize a well-defined enterprise-wide data architecture, consisting of a description of data structures, integration technologies, and applications supporting the entry, storage, and use of data in the enterprise.

        ● A set of guiding principles for the data-governance model should be focused on creating a clear structure for ongoing realization of business value. A comprehensive data-governance model should address business value creation and capture, clear decision rights, transparency, and enterprise-wide collaboration and simplicity.

        ● Banks must possess the data-analytics and intelligence capabilities needed to create new knowledge from data based on pattern-search historic analysis and business intelligence.

        The diverse and dynamic Asian banking terrain includes exceptional digital leaders and unique opportunities. Especially for banks in Asia’s emerging markets, the possibility presents itself for leapfrogging many more advanced peers and tackling the challenge of building the digital-banking IT engine sooner rather than later, along the lines laid out in this chapter.

        Asian banks that fail to heed the call of the digital consumer, again especially in Asia’s emerging markets, may lose market share to unconventional players. Customer populations in most Asian markets are young, more comfortable with mobile technologies, and increasingly less dependent on conventional banking infrastructure. Alipay, for instance, a leading Chinese third-party online-payment provider, serves more than 800 million registered users as of July 2013 and facilitated around 8.5 million transactions every day in December 2012. A digital-banking IT engine that allows for scale, seamless connectivity, and agility is a must for banks seeking to respond to the massive online shift in customer expectations and behaviors, as well as the emerging and real competition from innovative nonbank competitors that already have such an engine.

Links：Stuck in the moment or on the move?

        The ancient Chinese philosopher Laozi wrote, “A journey of a thousand li begins with one step.” That was a long time ago, but Laozi’s wisdom has held up well these 2,500 years. We might say that the journey toward building a powerful IT engine for digital banking must also begin with a single step. The questions of which direction to go in and which first step to make will be decided according to each bank’s starting position.

        “Basic transactors” and “focused transformers”

        In our experience helping banks across Asia-Pacific to embark on this transformation and see it through, we have found players in a range of different starting positions. The variations, however, are generally consistent with a single criteria, dividing Asian banks in two fundamental camps, which we have called “basic transactors” and “focused transformers.” Basic transactors are banks that are still operating in basic transaction-processing mode; these banks are a long way from building IT capabilities that would allow them to shape their business. Many core capabilities still need to be developed before an IT transformation can begin. Focused transformers are those banks that are already making targeted efforts to move into the digital world. Having developed the basic requirements of an efficient IT operating model, these banks have shifted their emphasis to transforming the IT operating model to enable a fundamental business transformation.

        IT investment gaps in emerging- and mature-market banks

        We have observed the following IT investment patterns in basic transactors and focused transformers in Asia’s emerging and mature markets, which we have confirmed with further detailed research.

        Asian banks in emerging markets

        Asian banks in emerging markets have significantly underinvested in IT. These banks have been increasing IT investments lately, but most have been too timid and generally the increased IT spending trails the rise in overall business cost. The truth is, two-thirds of total budgets for emerging-market banks are still being spent on “running the bank”; significantly more than half of spending is on infrastructure. Too little, in other words, is being dedicated to the transformation effort needed to digitize the bank.

        We are, however, beginning to see more banks in emerging markets focusing on getting the fundamentals right and reducing complexity by streamlining architecture and through platform renewal and application consolidation. Banks with a shorter history, often in the private sector, are finding this easier to do than those with stronger legacy issues. However, most emerging-marketbanks struggle to keep up with increasing complexity, scale, and productivity challenges arising in both business and IT operations as a result of growth. IT investments are often not sufficiently focused on building capabilities to support growth and the digital-banking IT engine.

        Asian banks in mature markets

        In mature-market Asian banks, we have observed a stronger focus on transformation but also a need to step up efforts for the digital bank, with respect to both ambition and speed. While many mature-market banks in Asia have tightened IT budgets over the past few years, they have also managed to increase their focus on more strategic “change the bank” investments. Most of these investments are intended to support growth, creating scale through customer-centricity, channel transformation, or infrastructure upgrades and driving business efficiency through process-efficiency improvements and automation in application development.

        It is true nonetheless that over half of IT spending by mature-market Asian banks is dedicated to “running the bank,” a level that is still too high in this era of resource constraints to leave enough for transformational investment. These banks will have to continue investing in IT, especially in simplification efforts, to carve out the needed budgetary resources. Once sufficient resources have been concentrated, the digital-banking effort can truly begin. The object will be a transformed business model with the capability to create the seamless connected experience that defines customer expectations in the digital age.

Chapter 7：Scaling up your cybersecurity response

(Tucker Bailey, Josh Brandley, Allen Weinberg)

        Executive summary:

        ● Asian banks are recognizing that cybersecurity must be treated as a core business function.

       ● To counter the cyberthreat, banks should apply a risk-based approach to information security.

       ● They should identify critical information assets, apply differentiated process- and technology-based protection to them, use threat intelligence and advanced analytics to leapfrog the cybersecurity talent gap, and practice how to respond to cyberincidents.

       ● By taking a coordinated, cross-functional approach, banks can more effectively shore up their security environment while developing a more robust ability to respond to emerging threats and recover from breaches.

        Cybersecurity is a top priority for CEOs, CIOs, and boards of Asian financial-services companies. A recent study by McKinsey and the World Economic Forum revealed that 80 percent of global banking IT executives believe that the risk of cyberattack is a significant issue that could have major strategic implications over the next five years.

        Many organizations have experienced sophisticated cyberattacks. Malevolent actors send e-mails to individuals, including innocent-looking but virus-infected files that appear to come from CEOs. This form of “social engineering”increasingly makes use of social-media channels to target unsuspecting users. They use public sites to distribute malware. And they employ other techniques to gain access to and move freely within company networks, often for months before detection, in the process obtaining financial-transaction data, intellectual property, business plans, and customer-account credentials.

        Cyberfraud risks are acute in the financial-services sector because “that’s where the money is,” to paraphrase the famous 20th-century American bank robber Willie Sutton. Banks are witnessing the rise of transnational cyberfraud syndicates that hack customer accounts and siphon money from unwitting users. China lost $46 billion in 2012 through cybercrime—40 percent of total global losses, according to Symantec, a leading security-management and solutions company. In Japan, the average cost of a data breach is more than $2 million per incident, according to the Ponemon Institute. In addition, cyberenabled fraud losses are spurring regulators to take action constraining banks’ operations. For example, a recent spate of breaches enabling fraudulent ATM transactions has led regulators in Hong Kong and Singapore to push banks to require users to set limits on online transfers and overseas transactions.

        Many financial institutions are spending more on cybersecurity and have beefed up their overall anti-cyberfraud efforts. They are employing increasingly sophisticated approaches to the problem, such as monitoring network activity. They are also investing in cyberoperations centers, which are meant to provide a better view of threats from the outside world. In Japan, for example, many financial institutions are beginning to work with the Japanese Computer Emergency Response Team Coordination Center, an independent, nonprofit organization, to circulate information on known cyberthreats.

首页 上一页 5 6 7 8 9 下一页 尾页

扫码即可手机
阅读转发此文