Did you hear about the summer intern at IBM last year that invented a box-in-a-box idea for data encryption? The breakthrough was so extraordinary; it reportedly solves a riddle that has baffled mathematicians the world over for 30Ys. IBM calls the box-in-a-box concept "homomorphic encryption." If it as is billed (we won't see a commercial application for a few years at least), it will forever change online banking and e-commerce in general and keep the crooks at bay. As long as we are on the subject of technology, there has been a lot going on in the banking industry as well.
Sure, the asset quality guys steal the show right now, but technology geeks everywhere are quietly working along in the meantime. Technology spending for internal use at banks, for example, is expected to grow by 5% in the next 2Ys. Of particular emphasis, technology professionals will be modifying, enhancing and increasing risk management applications. The credit crisis has taught us all that risk management properly applied protects everyone and improves performance.
Given the stress in the lending area, look for IT resources to shift to branch investment and cost containment. A drive to improve the customer experience, boost productivity and save costs throughout the bank is taking hold and being embraced across organizations. Saving money and improving efficiencies throughout the bank are critical at this juncture.
Another area expected to see ongoing growth is online banking. Today, 7 in 10 households pay bills online on a monthly basis and within 5Ys, that number is expected to jump to 63mm households. Bankers are spending technology money to beef up the online platform because customer demand keeps getting stronger and stronger.
To have a strong IT group, bankers need to ensure spending does not outpace revenues. Studies find banks that use peer benchmarks to build budgets underperform those who build IT spending around services that will have the greatest business impact. If you are going to try and use a benchmark to manage IT spending, try focusing on averages and multiples. Follow that up with periodic targeted reviews of project performance and you are well on your way to superior performance.
Another focal point for IT is related to security. However, because the most damaging threats are found to occur from internal sources in study after study, make sure you are doing all you can to protect the bank. Conduct robust background checks, monitor internet usage, email and text messaging. One way to ensure you have a robust program is to conduct annual IT audits and network vulnerability assessments. These should be performed by outside experts independent of the technology group and reports provided to the Board.
Finally, monitor your customers. A new study of small businesses finds risks that can hurt the bank (given that so many customers come in through online channels these days). The data shows about 50% of these customers do not have active antivirus and antispyware protection; 47% have no desktop backup or recovery; 42% have no anti-spam filter installed; 35% have reported stolen data; 25% have had deliberate employee sabotage and 42% do not have a dedicated IT team.
We don't know if the box-in-box encryption thing will really work, but it does sound interesting. For banks, a more immediate need is to understand security vulnerabilities, while IT teams leverage technology spending to produce revenue or reduce costs during this period of industry stress.