Banks have started a process of reinventing their value proposition as a highly automated and integrated platform for a continuously innovating portfolio of financial services. Payment is key to this and in the same time under threat by external market entrants.
This article looks at the drivers for change and their impact on the banks’ IT and crypto architecture. It suggests 6 crucial technical features required by the crypto architecture as key enablers for a successful transition.
We have dedicated several blogs on disruptive changes driven by regulations and compliance (e.g. PSD2 or PCI PTS HSM v3), technical innovation (such as cloud computing, blockchain or Quantum secure cryptography (PQC)) and enforced competition through new market entrants.
Another driver is the customers’ demand for innovative, sophisticated added-value services - spoiled by the digital economy and its sheer never ending supply of new services.
The need for Platform Innovation
Put under severe pressure by non-banking entrants & Fintechs into the payment market and following the example of IT companies, banks are embracing the idea of platform innovation as a source for new service generation.
In a survey conducted in the Global Transaction Banking Sector by McKinsey and published 2020, 89% of the respondents see platform innovation as a key to build competitive advantage. 95% want to target their investment towards the creation of customer experience [1].
50% of the banks interviewed allocate an IT investment budget exceeding 100 Million € to reach this goal [1].
Let us just revisit the term platform innovation. It is the creation of a fertile environment, allowing for internally and externally (ecosystem)-driven innovation through free access to the available (virtualized) services. The services can be orchestrated to new, value-adding composite services, driven and complemented by unleashed internal value creation and external ecosystems. If managed properly, it can incite an emerging process of continuous value creation [3].
Going digital and generating automated straight-through processes
Interestingly, the focus on Cybersecurity (which has been evaluated as AA use case by 75% of the respondents for current projects) is losing importance. For future projects, only 25% consider it highly an AA use case [1].
Digital services embracing analytics and process automation are considered critical now. Examples are liquidity forecasting, exposure management and even chatbots for customer service automation [1].
Drivers of Platform Innovation
How is platform innovation accomplished?
There are three enablers for platform innovation:
- Internally driven innovation (Organic Innovation)
- Innovation generated through Mergers and Acquisition (External Innovation)
- Open Innovation, enabled through opening the banks’ APIs to external service providers (Open Innovation)
Consequences for IT
Automation
Digitizing services demands automated end-to-end processes. Monolithic isolated applications and infrastructures are major disturbances in this quest.
Integration
Internal services are increasingly integrated, to consolidate the data (needed for analytics), but also to generate new meta services.
Internationalization of services fuses formerly autonomous banking entities into an integrated service landscape.
Mergers and acquisitions are the 3rd driving force for integration. Historically disjunctive infrastructures and services have to be brought together for efficient consolidated operations and data integration.
Open API
We keep on speaking about ecosystem innovation. This requires opening up the formerly closed banking infrastructure to external service providers. At least in Europe and driven and regulated by the PSD2. Regulation, infrastructures need to open up and embrace external services.
In conjunction with new security regulation this creates a perfect storm
The above described factors led to a “strategic trend” to phase out legacy frameworks [1].
Security-oriented regulations like PCI PTS HSM v3 and FIPS 140-2 do their part to accelerate this process.
It appears that the seemingly immortal good old mainframes finally reach the end of the line now.
How can crypto reduce TCO and still be a key enabler for innovation?
Total cost of ownership of cryptography needs to be brought down to be able to cope with the increasing competition in the payment segment.
At the same time availability of many new services as well as the opening of the bank's APIs increase the security requirements from the infrastructures and the demand for coping with this broad variety of services (from data-center-based to the cloud).
The answer in business terms is to provide a better and all-embracing crypto architecture, which at the same time reduces the overall cost-burden.
An important step is to upgrade and consolidate to newer, more secure HSM infrastructures that are able to handle more banking services concurrently. This is a realistic and accomplishable goal. But the following six technical features need to be considered when upgrading the current infrastructure:
- Move to partitioned HSMs
- Delegate banking applications partially to the cloud and manage crypto from a secure location (BYOK)
- Turn the overall crypto architecture less complex and more straightforward and get rid of disturbing parallel structures
- Merge payment and general purpose HSMs
- Make the crypto architecture flexible and crypto-agile
Current legacy architecture does not need to be thrown overboard immediately, but can be phased out gradually. A good crypto infrastructure shall be able to handle
- The old legacy systems as well,
- The transition process in an agile way with limited effort.
The article “7 Steps to Reduce Total Cost of Ownership Around HSMs to Gain Force in a disrupting finance market” (in publication) provides a closer look at the six technical features addressed above. And our series on TCO dives into each aspect separately, providing the technical information needed by CISOs and IT change managers in financial institutions, to conduct a successful upgrade towards a future-oriented, flexible and value generating service platform.
References and Further Reading
- [1] McKinsey on Payments (2020), by McKinsey Company
- [2] Winning in a world of ecosystems (2019), by McKinsey Company
- [3] Platform-based innovation management: Directing external innovational efforts in complex self-organizing platform ecosystems (2010), by Simone Scholten & Ulrich Scholten
- Global Banking Practice - The ecosystem playbook: Winning in a world of ecosystems
(2019), by McKinsey Company - The power of many: Corporate banking in an ecosystem world (2019), by McKinsey Company
- Platform-based Innovation Management: Directing External Innovational Efforts in Platform Ecosystems (2011), by Simone Scholten & Ulrich Scholten
- Composite Solutions for Consumer-Driven Supply Chains (2010), by Simone Scholten, Ulrich Scholten and Robin Fischer. In: Bogaschewsky R., Eßig M., Lasch R., Stölzle W. (eds) Supply Management Research. Gabler
- Banking-as-a-Service - what you need to know (2016), by Ulrich Scholten
- Banking as a Service – The bank’s perspective (2917), by Gaurav Sharma
- Digital Bank: Strategies to launch or become a digital bank Kindle Edition (2014), by Chris Skinner
About the author
Ulrich Scholten ist ein international tätiger Unternehmer und Wissenschaftler. Sie hat einen Doktortitel in Informationstechnologie und besitzt mehrere Patente für cloudbasierte Sensoren. Seine Forschung zum Thema Cloud Computing wird regelmäßig in renommierten Zeitschriften und Konferenzbeiträgen veröffentlicht. Von 2008 bis 2015 war er wissenschaftlicher Mitarbeiter am Karlsruher Service Research Institute (KSRI), einer Partnerschaft von KIT und IBM, wo er gemeinsam mit SAP Research Netzwerkeffekte im Zusammenhang mit Webplattformen erforschte.