The financial sector's IT systems are stuck in the 80s

(Image credit: Image source: Shutterstock/MaximP)

IBM’s DOS operating system. The original Apple Macintosh. The Eighties were marked by huge advancements in computing and these are just two examples, there are many more. Those lucky enough to live through the eighties may also fondly recall Atari’s Space Invaders and their first Sony Walkman. 

We’ve come a long way since then. That is, except for the financial sector. The financial services sector as a whole is underpinned by decades-old, legacy IT systems which have been pulled together through various mergers over the years. But, unlike those of us with the original VHS of The Goonies or autographed Sigourney Weaver photo, they are not hanging on to their legacy systems for nostalgia’s sake.

Unfortunately, the financial services sector seems to be stuck with legacy applications which make modernising without service disruption a laborious and uncertain task. As evidenced by recent outages, such as TSB and HSBC, it is a very complex task for any bank to update and maintain their current IT infrastructure. But does it need to be?

This inherent IT complexity is leaving banks concerningly behind other sectors, some banks being nervous to touch old systems as they are desperate to not cause an outage and make the next day’s papers. In addition, interfaces for modern apps and web front ends make the systems even more complex for any individual architect to understand and make changes to.

Banks are stuck with legacy systems

CAST’s 2018 Software Intelligence Report, evaluating the priorities of IT leaders in digital transformation, found that 47 per cent of financial services organisations operate 26-50 per cent of their business on legacy systems - more than any other sector. Continuing to use these increasingly-ageing legacy systems puts them at even greater risk as 62 per cent of apps built in the 1980’s will cause very significant financial damage over and above modern apps if they fail today.

However, the very act of modernising these systems poses its own risks. A cause of TSB’s IT issues was the inability of legacy applications to work on newly-created modern platforms. This is a surprisingly common problem. Because 75 per cent of applications built in the 1980’s still have a high impact on the service continuity of today’s businesses, running behind the scenes on many operations, most IT leaders are too afraid to even touch their legacy systems because it is still entirely relied on and serves a critical function.

The risk intensifies even further when financial institutions attempt to upgrade and modernise without establishing beforehand a completely comprehensive knowledge of their software architecture. The CAST report also found 36 per cent of CIOs have only "some insight" into their software architecture. It will therefore come as no surprise that IT executives sometimes struggle to make the best buying decisions.

By gaining insight into their software structure, into the loopholes, problematic areas and vulnerabilities, banks can minimise and avoid further damages to their service and, just as fundamental, their reputation. Without such deep system-level knowledge, the risk of unexpected outages increases. You cannot hope to influence what you cannot see. In addition, of course the time and costs of issues which they entail to remedy rise considerably. However, any reputational equity lost will be far harder to gain back than any initial financial outlay.

How to modernise without risking an outage

IT leaders in the financial sector find themselves in a ‘should I stay or should I go?’ situation. Using legacy systems puts them at risk of breaches and hinders them from offering the modern services their customers demand. At the same time, replatforming and modernising their IT systems could result in a massive outage along with financial and reputational damage. Can IT systems be brought to modern times without risking an outage?

Lack of visibility and clarity around existing systems is a significant inhibitor to application modernisation. IT departments need to better understand which systems are in place and how they are being used before making any sound modernisation plans. All too often application modernisation is not a ‘clean break’ and legacy applications, some harbouring code nasties, need to be integrated. Anywhere there is ‘join’ is likely where those two codebases will break.

Software Intelligence is insight into complex software structure. It determines software health, size, flaws, blueprints and benchmarks. Software Intelligence acts as an X-ray machine, scanning software to identify potential flaws and threats. Gaining this visibility helps IT teams identify software issues before they snowball into outages, security breaches or corrupt data. It also helps architects control the software architecture and better support development teams.

Sassy SAAS or digital disasters?

Deploying a SaaS-based application portfolio analysis solution is a smart decision. Such applications can quickly provide a global view of an enterprise’s entire application portfolio and so speed up fact-based decision making. This makes for digital transformation efforts which are less risky because common software risk indicators are taken into account from the start of the process..

A fast Software Intelligence audit offers the additional benefit of adding transparency to cloud migration plans. By evaluating and identifying applications that are ready to migrate immediately, in addition to applications that require more time-intensive refactoring, an application portfolio analysis helps development teams better estimate the effort required to realise full cloud benefits.

This level of insight can also help IT leaders recognise and roll out new solutions that interact well with existing systems. If banks are able to not only test but also identify potential software issues through structural analysis, they will be able to complete digital transformation projects within budget and deadline.

The eighties were fun, but it’s time to move on. IT upgrades are very complex projects, and it’s admirable that banks are doing this to improve customer experience. To minimise risk, banks should collect Software Intelligence about their systems and agree on a migration plan. Management teams should have a fact base on which to plan and accelerate the production of reliable systems. Software Intelligence can help financial institutions quickly identify the risk they have in their IT systems and produce trustworthy software that will stand strong as banks modernise their IT systems.

Lev Lesokhin, SVP Strategy and Analytics, CAST
Image source: Shutterstock/MaximP