BFSI sector needs to tackle security challenges- CXOtoday In what way are Thinksoft solutions beneficial to the BFSI sector?
Software deployed at large global financial corporations has frequently changed due to the competition, customer demands, compliance requirements etc. Since banks facilitate thousands of transactions, involving billions of dollars/euros, the need for 'first time right' software is absolutely critical. To ensure that desired business requirements are delivered by the software, it is critical to achieve comprehensive and accurate business requirements documentation, 100% mapping of business requirements to software vendor documentation to avoid gaps and corresponding 'Upside Quality Risks' and rigorous testing of delivered software against requirements to mitigate 'Downside Quality Risks'.
Relying on technology-focused system integrators to manage these critical activities is proving to be ineffective.
What are challenges faced by banks and how can IT help in addressing these challenges?
Companies in the BFSI sector are constantly increasing their investments in IT as part of their strategy to increase profits, improve time-to-market of new products and services, cope with regulatory changes and meet rising customer demands. The problems are aggravated by mounting pressures to respond quickly to these challenges. Banks and financial institutions are sensitive to the knowledge that a single error can result in loss of business, revenues and reputation. They realise the importance of testing and re-testing systems, processes, protocols and products. By its requirement, software testing is a very exacting job, making it imperative for this service to be managed by dedicated experts with the necessary domain knowledge.
Are Indian CIO's waking up to the benefits offered by IT?
Mostly yes but they are probably not tuned in with the global price points to appreciate value delivered against what is being spent.
What, according to you is the main stumbling block for BFSI institutions; is it security, the need to provide 24*7 services, efficient communication between branches, etc?
For BFSI, security and efficient communication between branches are the main stumbling block. With BFSI spanned across branches, it is important for the internal communication to be spot on. On security front the main stumbling blocks are phishing and endpoint security.
What are the main points that BFSI institutions look for while deploying a new solution?
Operational risk, risk of identity theft, fraud, and extortion, systemic risk and risks in failure resolution, are the main points that any BFSI institutions look for while deploying new solutions.
Inadequate electronic security can result in interruptions of service and-in some cases, depending on the nature and adequacy of backup systems-even the loss of critical information. Penetration by hackers often leads to extortion demands. In addition, identity theft is a growing concern for e-finance service providers. Its growth has been rapid. One of the most important links between e-finance, e-security, and risk is the systemic impact that the associated risks can have on the related payment systems through interaction with compromised networks.
Appropriate security should be proportional to the value of underlying transactions.
A final form of risk associated with the delivery of e-financial services and security relates to the risks introduced when a brick-and-clicks or wholly Internet-based bank fails. Here is the process of closure itself is difficult to define and even more difficult to implement if the entity has its servers in offshore centers. Closure in this case would require extensive cross-border coordination among authorities in what could be numerous disparate jurisdictions. Cooperation, and thus closure, may not be feasible with the speed that can be applied in the case of a non-Internet-based bank.
What is your company currently offering in India?
There are two issues that we identified, i.e. The business user is not always equipped to document requirements and there is an inherent conflict of interest when the software developer is asked to test the product they have created.
We process a framework in software development, which minimizes the involvement of the business user, thus freeing up their time for their core business, and separates the software development and testing functions. Standardization and updating the IT infrastructure would ensure that data coming in from different sources is meaningful when it is moved into different data repositories. The IT department has an important role in the cleansing, standardization and organization of data, and making sure that it is available for audits and other regulatory compliance purposes.
Looking back 3 decades, what do you think your company did right and where it went wrong?
The best thing we did and are still doing is to continue to remain specialists. Even during worst downturn of the industry we did not waver from our business model convinced that clients will buy into this model once they see value.
We focused on building our client base on large global financial giants who are fairly mature in outsourcing and realized the need for independent testing services.
We also realized early in our business that we need to have diversity in our teams for specific domain skills and focused part of the hiring to recruit banking professionals.
But we were so confident about our domain strength that we offered fixed price contract to clients without realizing that the market is not ready for such contracts in this area.
After couple of bad projects we quickly changed our pricing model to reduce such risks and it is working since then.
We did not focus on building our sales network earlier to support the growing business. We have increased the sales presence considerably in the last 2-3 years.
In what way are the needs and challenges of the BFSI sector different from others?
The main challenge faced by BFSI is to handle attacks by hackers. Thus, to maintain the trust of its customer, it is most important for the BFSI sector to give top priority to data protection and security. Security continues to be a basic requirement for all banks as customers expect their investments, personal information and credit details to be secure. The majority of fraud is currently related to cards and payments; however, identity theft and account breaches are also on the rise. As a result, banks are not about to lay back and relax in this issue. Companies in the BFSI sector would want to use an SOA and Web services framework to leverage existing IT investments and create a more nimble infrastructure. SOA coupled with standards-based Web services is helping companies to free components and functions from the constraints of their original applications.
