While many CIOs now find themselves in a bare-knuckle brawl with the economic downturn, some have managed to stay well clear the fray. Such is the lot of Darrell Jones, Vice President and CIO of Edmonton-based Canadian Western Bank (CWB). Rather than paring budgets and laying off staff, Jones’ main preoccupation since joining the bank last August has been reshaping the IT organization to better enable growth across the CWB group of companies.
For many years, CWB had experienced substantial growth without the need for investing heavily in technology. But for that growth to continue, it became evident that an IT overhaul was required. When Jones joined the company, his mandate was to figure out where the company needed to get to, from an IT perspective, to enable that growth, and put the plans in place to start moving that agenda forward.
“The first thing I did was perform a SWOT [strengths, weaknesses, opportunities, threats] analysis of the IT organization, and that became the foundation of our strategic planning,” said Jones. “From there, we identified a number of areas that we needed to address and we’ve now initiated projects across a number of domains that are intended to move us towards that end goal.”
Key elements of the overhaul involved establishing a more robust form of IT governance among the CWB group of companies and finding a better way of prioritizing IT and business-related projects at the bank itself. What follows is a detailed look at the company’s approach to addressing both of those needs.
Having been a partner in KPMG Advisory Services, Jones had extensive experience in performing assessments on IT processes and controls. By a combination of informally evaluating those processes and controls and applying benchmarks from Gartner, ISACA (the Information Systems Audit and Control Association) and others, the company was able to assess its level of maturity against industry norms.
“What we found was that in some cases the controls and processes were not as mature as they needed to be to support the continued growth of the organization,” said Jones. Not only were there variances in process maturity within the IT organization, there was also a lack of consistency between CWB’s various operating entities and corporate IT. For example, the firm’s Vancouver-based IT group, which looked after the trust companies, sometimes delivered solutions out to its business partners in ways that differed from the bank. That’s not to say that there was anything wrong with their approach; it’s simply that there wasn’t consistency between the two.
All of these findings argued for the adoption of an IT governance structure by the CWB group of companies, which included the bank itself, Canadian Western Trust, Valiant Trust, Canadian Direct Insurance and Adroit Investment Management.
“By formalizing a governance structure, we should start to draw some parallels and introduce some consistencies across the group, to the point where we have common governance processes even if we’re not deploying the same technology,” said Jones.
Part of the governance structure that has emerged involves Jones and his direct reports meeting in a monthly roundtable with key stakeholders across both the bank and the trust side of the business to discuss the use of technology and the risks and benefits of various IT initiatives. Though a formal executive IT governance committee hasn’t yet been created, Jones thinks that the formation of one is an important next step. The committee would have responsibility for green-lighting specific initiatives and approving the resources required for them.
Jones also meets with his direct reports on a weekly basis to make sure everyone is in the loop around IT issues and challenges, and is in step with any changes being contemplated.
According to Jones, the company’s approach to governance is something of a hybrid, borrowing generously from ISACA’s COBIT, an internationally accepted set of guidelines for the effective implementation of IT governance within the enterprise. “I’m a big supporter of ISACA and I think there’s a lot of value in the information they provide,” said Jones. “We’ve had a good experience moving towards COBIT. It’s resonated well with our IT teams. We wanted to move ourselves forward but the steps to take along the path were not always clear. Now we’ve got a roadmap to follow and we’ve gravitated towards that. Our internal audit and internal control groups have supported our move in that direction because they see value in our efforts to advance IT maturity.”
With all the change going on at CWB, Jones has a lot of balls in the air to juggle. That’s one reason why he points to prioritization as perhaps his biggest challenge.
“With all the work we have to do and all the opportunities out there, we have to figure out what should become our priority. And as those priorities shift, as they already have, how do we respond to that?” he said. Nowhere is prioritization more important than on the bank side of the business, and the company has already started looking at how to prioritize all of the bank’s different IT and business-related projects.
“When I joined the company, a project steering committee was already in existence. We started to take a good look at that and say, ‘how do we refine the process to drive increased value from it?’ So we’re looking at the project steering committee to be the executive vetting body that determines which projects will be undertaken, which will not, and which will be important to proceed with at a later time.
“What came out of that,” he added, “was the need to really look across infrastructure, applications, and our own business process within IT.”
From an infrastructure perspective, CWB has an ambitious agenda. At the top of the list is server consolidation. Some of the bank’s servers were in its data centre and many were broadly distributed across its branch network. In order to optimize usage, a project was launched to consolidate the company’s servers and implement virtualization. The initiative was especially attractive in that it satisfied all of Jones’ three key drivers: reduce risk to the bank, lower operating expenses, and improve the efficiency of the organization.
CWB is also undertaking a network redesign in an effort to identify where weaknesses might exist so that they can be architected out of the system. Another objective is to make sure that the organization has a network design that is scalable and flexible going forward, which will make potential future acquisitions and further organic growth easier to manage.
Other infrastructure priorities include an overhaul of the desktop provisioning process and implementation of a storage area network.
On the applications side, a key project is the implementation of a straight through processing system for loan origination, which will allow the company to automate much of its loan- and credit-approval process. With the existing method, when a loan is created within a branch it sends hard copy to the credit risk group for approval, which can be a time-consuming process given transit time and the manual nature of the process. The new system will help ensure consistent and automated data capture and allow for quicker turnaround; once the loan is entered into the system it will electronically advance to the credit group for approval.
“It’s a big project and one that will reach every aspect of the business – all the branches and credit risk management – so there are a lot of key stakeholders involved in its success,” said Jones. The project is in its initial design stage and is expected to roll out in early 2010. Legacy replacement is also an important part of the applications agenda, and replacing the company’s aging financial reporting system has top priority among such projects.
REVAMPING THE IT ORGANIZATION
Looking at the IT shop itself, Jones felt that it wasn’t structured to align with or serve the business as well as it could. That led down a path of redesigning IT processes, to some extent, around established frameworks such as ITIL (Information Technology Infrastructure Library).
“Not to say that we’re going to apply those frameworks fully or completely, but certainly we’re going to align with them,” said Jones. “As an example, we created a client service area which now has relationship managers in it who are the focal point for the connectivity between IT and its client partners.”
With the IT redesign still under a year old, Jones admits that it’s very much a work in progress – a lot of things are new and evolving. This is certainly the case with the relationship management function, which at this point is still largely reacting to business need.
“Eventually we’ll get to the point where we’re more proactive and we’re going to our client partners saying, here’s what we’re seeing other financial institutions doing or here’s what we’re seeing technology being capable of, and because we now know your business better, we think there’s an application for that solution within your environment. Clearly, that will be something of an evolutionary path.”
Already the relationship managers are having an impact. On the loan origination and financial reporting projects, their presence allowed IT to develop a strong connection with the business “right out of the gate”. Because of that trusted relationship, Jones believes there will be a positive impact on these projects over the long haul.
THE WAY FORWARD
Over the next 12 to 24 months, Jones wants to bring the projects and the process changes IT has undertaken to completion, and he wants to be able to demonstrate their net benefit to the organization. He’ll do that by introducing reporting rigour that will quantify the results of these initiatives.
By improving internal IT practices and starting down the road to better governance, CWB’s IT department is positioning itself as a much better enabler for the business. As it continues along this path, one of the critical challenges it will face will be managing the expectations of its client partners. “We put an aggressive change agenda in front of the organization, and it has responded enthusiastically,” said Jones. “But you can’t open the floodgates too far. Once you say you’re open for business, you better be able to be able to deliver on what you promise.”