Dan Ellison

2 April 2019

5 ways to compete faster – and safer – in financial services

The financial services sector is undergoing a transformation. Tech giants like Google, Apple and Amazon are stepping into the frame with digital wallets, mobile payments and lending services, and FinTech startups are setting new standards for digital innovation and customer experience.

All of which is encouraging established financial service companies to rethink themselves as tech companies, in order to remain competitive and release new services and features faster. Such an approach, however, has to be balanced against tough new data protection regulations, which call for personal and sensitive data to be safeguarded.

This can, at first glance, appear to be a blocker, but there are five ways financial services companies can compete while remaining compliant with legislation.

1. Recognize that digital transformation is the key to growth

Financial services are now being obliged to move from a bricks-and-mortar approach to one that also includes clicks-and-mortar. PWC’s 2018 Digital Banking Consumer Survey said that banks need to think ‘mobile first’ to win in the financial services market, which is no surprise given that 71% of banking customers in the US regularly use online banking and 43% use their mobiles.

By introducing a DevOps approach to application development, high-performing financial organizations can release faster, deliver value into the hands of users quicker, and change direction sooner to stay on top of the latest technologies.

TD Bank, for example, is already adopting this approach to software delivery for its 12 million active online and mobile personal banking customers, and has reduced its time to market for new features by two months since launching its DevOps initiative 18 months ago.

2. Think DevSecOps

DevSecOps is the term for baking security into the DevOps process so that it becomes a natural part of the workflow, rather than a firefight when a breach occurs. In its October 2017 report, 10 things to get right for successful DevSecOps, Gartner predicts that by 2021, DevSecOps practices will be embedded in 80% of rapid development teams, up from 15% in 2017.

These practices are already fundamental to the ability of American Express to balance the need to deploy changes to code more frequently with demands for the same code to be secure. In 2017, it informed customers that their payment card information may have been compromised after a third party service provider suffered a data breach. With a DevSecOps approach to software delivery, the IT team were able to identify which data had been exposed and develop an application to help the customer service team quickly identify the level of data breach, recommend the best solution, and measure the response time and customer satisfaction of the calls – all in 48 hours.

3. Don’t leave the database behind

The database is often seen as ‘another team’s problem’ in the development process. It then acts, however, as a counterweight to the faster speed of releases that DevOps otherwise enables, which was highlighted in the latest Accelerate State of DevOps Report from DORA. For the first time, it calls out database development as a key technical practice which can drive high performance in DevOps.

Interestingly, including the database in the DevOps workflow also introduces the automation and audit trails which can help companies comply with data protection legislation – and demonstrate that compliance.

It works too. By extending DevOps practices to the database, ABSA Bank in South Africa was able to increase the speed of delivery and improve the quality and accuracy of deployments, which significantly reduced downtime.

4. Standardize tools and processes

The faster speed of development which DevOps enables requires a high level of collaboration and co-operation within and across development teams. This, in turn, means using a common infrastructure, so that everyone works in the same way and database development is integrated into the same workflow.

With 67 different coding languages in its source control system, a leading US mortgage lender recognized this as a priority. The IT team made it their mission to standardize development to improve code quality and, to implement the change, they started small and developed standard quality gates for all new code. With a more transparent and standardized process in place, the team could then focus on how to accelerate development within the team.

5. Demonstrate the real ROI to the business

Introducing DevOps often means a change in the way development teams work and the adoption of new tools. The investment this requires has to have an ROI that the business can understand and relate to. A leading US mortgage lender recently said that when creating DevOps metrics, it’s important to communicate what metrics are for your team, and what metrics are for the business.

It’s also worth noting that when talking about how the ROI of DevOps can be measured in terms of the business benefits and added value to be gained, there may be multiple metrics needed for different stakeholders.

For example, a CEO’s perception of DevOps success will likely be based on the impact on higher revenue and/or profitability. A CIO on the other hand will be interested in how the initiative has increased throughput of the IT department or how skilled IT staff can be recruited and retained to deliver quality services to the business. IT Managers or Technical Leads, however, will be concerned with metrics like the speed of deployment, the number of new releases and the ability to decrease downtime or improve time to recovery.

The competitive landscape for financial services organizations is changing and the ability to deliver value to your customers at speed while also protecting and preserving business-critical data is key to thriving in this competitive and highly regulated environment. For more information about how you can adopt Compliant Database DevOps within your organization and how others have achieved the same, download the Compliant Database DevOps in Financial Services whitepaper.