The financial-services industry would just as soon forget the past year. Investment banks had to defend their analysts against charges of hyping technology and telecom stocks. Amid a general economic slowdown, lenders faced the bankruptcies of huge clients. And, most dramatically, Sept. 11 and the war on terrorism had both an immediate impact and long-term effects on how the industry uses and invests in technology.
This is an industry that's long known it's a target for terrorists wanting to disrupt the U.S. economy. But the attacks on the World Trade Center increased the attention on the security of the infrastructure and technology that runs the nation's monetary system. In the past year, companies revisited their plans to guard against and recover from physical and electronic attacks. The USA PATRIOT ACT, passed by Congress last Oct. 26, required banks to do more to help the government track money launderers who might be funding terrorist organizations. Those issues alone added up to a lot more responsibility for IT departments.
Spending more on security, disaster-recovery systems, and government requirements increases the pressure on IT departments and the overall business, says Cathy Allen, CEO at BITS, which as the technology arm of the industry-lobbying group the Financial Services Roundtable, works closely with industry CIOs and the government to address technology issues. It's an investment that doesn't increase revenue or improve daily customer service. "There are still other projects out there, and we have to balance these investments in the short term without hurting the long-term competitive advantage of the institutions," Allen says.
Financial-services companies on the InformationWeek 500 are among those that have found this balance. One thread binds them: They're addressing the adversities posed by current events without losing their focus on the need to continually innovate, manage IT budgets, and keep customers satisfied.
At Citigroup Inc., the impact of Sept. 11 was felt across the entire company. Citigroup lost six employees in the attacks, as well as its offices in the collapsed 7 World Trade Center. Several other buildings in downtown Manhattan were affected to a lesser degree. That experience prompted the company to update its business-continuity plans. In addition to more-detailed evacuation and relocation action plans, the updated strategy also includes remote access for more employees so they can work either in backup facilities or at home should they be displaced from their offices. To ensure no disruption of business, Citigroup is mapping each employee function and reassessing whether they need remote network access and what type.
Other companies are using the events of Sept. 11 as motivation for assessing the strengths and weaknesses of security and business-continuity planning. PNC Financial Services Group has long made risk management a top priority. Since the attacks, it has reemphasized that focus. John Ericksen, PNC's head of technology risk management, says his group looks at every application in terms of the value it provides and the problems it causes if it's unavailable, whether due to a cyber or physical terrorist attack, a natural disaster, or even an employee mistake. "We have to look at possible single points of failure throughout the company so we can mitigate any impact and respond quickly to continue to meet customer needs," he says.
Like many companies, PNC's security investments include an increased focus on consolidating network access. In essence, it's requiring everyone to come in through the front door, so that anyone entering the network in any other way is assumed to be breaking in. PNC also is in the midst of updating its disaster-recovery plan. "We're making additional investments in our dual-site strategy so that we have the ability to recover up to the point of the disaster rather than the prior day's completion," chief technology officer Gene Lupia says. That project should be finished by the first quarter of next year.
The increased emphasis on security has forced some projects that are deemed less strategic, such as an internal employee portal and an account-aggregation initiative, to be put on hold. "That gives us the opportunity to invest in infrastructure initiatives so that when the market changes, and we can focus more on growing the business, we'll have the infrastructure in place to support that," Lupia says.
J.P. Morgan Chase & Co.'s IT group has had to deal with turmoil from internal as well as external threats. In the days following Sept. 11, J.P. Morgan quickly wired an entirely new trading floor in its midtown Manhattan offices and moved hundreds of employees out of the financial district. The bank pulled this off without any service outages to customers, except for the industrywide stock market closing that lasted until Sept. 17.
Even before the attacks, the company was in the thick of post-merger integration, following J.P. Morgan's $36 billion merger with Chase Manhattan Bank finalized in late December 2000. IT teams in 50 countries were building an integrated technology and operations platform to support 145 critical application suites and 2,000 applications across 90 data and processing centers, 3,200 servers, and 90,000 desktops. The most difficult element was project management -- making sure the integration of one application wouldn't disrupt the operations of any others. In addition, the IT group wanted to make the systems better, rather than just connect them. "We started out with a fundamental principle that this was our merger, not our clients," says Thomas Ketchum, vice chairman with responsibility for technology. "We wanted to minimize any disruption to client relationships and get out of the merger the best of both companies. In technology terms, that meant making sure we chose the best of breed of all applications so that one plus one was better than two."
The integration steering committee for technology and operations has identified about $1 billion in savings by eliminating redundant processes and less-efficient technologies, a significant portion of the total merger savings goal of $3.5 billion. The goal is to "wage a war on complexity so we can deliver one firm to our clients," Ketchum says.
J.P. Morgan isn't alone in addressing integration and cost-cutting issues. Many financial-services companies have been grappling with how to provide consistent customer service across all units and at the same time bring down expenses, increase productivity, and boost revenue.
The goal of reducing complexity for customers is a common theme for banks as they grow in size and try to offer more services. One major cost-cutting initiative at PNC in the last year has been Project Genesis, an employee-facing customer-service and sales-management system for PNC's retail bank. The company made its distribution channels -- branch banks, ATMs, and telephone centers -- accessible via the Web so every customer-contact point feeds data into the appropriate customer-relationship management system and data warehouse. The result is a single "customer folder" that's accessible to service representatives on the desktop, so an agent will know instantly all of a customer's interactions with the bank. "We've been building a wealth of knowledge on our customers and that information is being used to drive sales opportunities and to understand what our customers want," Lupia says.
At State Street Corp., which serves institutional investors and is among the largest foreign-exchange traders, the focus during the past year has been on building Global Link, a network on which more than 400 asset-management clients can do research and build portfolio strategies. It includes foreign-exchange trading capability, and the company is expanding the project to include assets such as money-market accounts and equities, says Joseph Antonellis, State Street's executive VP and CIO. "We have a unique ability to provide more macro research information that expert traders are interested in viewing, and that's the draw for them to use it," he says. "Global Link is the platform that will carry us into the investment manager shop."
Antonellis' team will work on that project through this year and into next year. Making Global Link the single stop for trades and exchanges is key in the company's strategy to enrich relationships with existing clients and grow investment research and trading services. In general, State Street's strategies are closely mapped to IT initiatives, something Antonellis guarantees through monthly meetings with the company's chief operating officer and vice chairman. "Out of that process, we identify the direction of IT spending," he says.
Financial-services institutions have proven they can stand up against adversity. The pressures will continue this year, with IT playing a vital role to protect the security of their own and the world's financial infrastructure.
For more information, including charts on financial service IT budgets, visit: www.informationweek.com/story/IWK20020919S0018