In her book contribution to the second anthology on the Enterprise Transformation Cycle (ETC) describe Nico Pantelmann and Andreas Werner-Scheer a transformation in the banking sector. In this interview, the two authors provide an overview of the project and the specific requirements that IT has to meet in the banking sector. This is because the banking and credit sector is one of the most heavily regulated sectors of the economy. This brings with it specific requirements in terms of compliance.

Editor's note: Click here to go directly to part 2 of the interview "There is great potential in the digitalization of banks" - Interview with Nico Pantelmann and Andreas Werner-Scheer - TCI GmbH

Transformation in the banking sector: Specific requirements for banks

Beate Greisel (BGR): Your article in the second ETC volume is about a transformation project in a credit institution as defined by the German Banking Act. What special challenges are added to the usual factors in a transformation for this type of organization?

Andreas Werner-Scheer (AWS): Banks are among the most heavily regulated companies. Compliance is therefore of the utmost importance in all transformation projects. And this is precisely what appropriate governance and service processes ultimately pay for.

Nico Pantelmann (NPA): In my view, the cultural change required for transformation projects is often underestimated. In the banking environment in particular, traditional thinking prevails and it is often difficult to find the necessary acceptance.

BGR: The specific reason for the IT transformation was the BaFin Circular "10/2017 (BA)" dated November 6, 2017, in which banking supervisory IT requirements were defined. What was it about and how did the bank react to this publication?

NPA: The BAIT (Banking supervisory requirements for IT, specified in the BaFin Circular 09/2017, Editor's note) was developed as a concretization of MaRisk (minimum requirement for risk management, editor's note) published. In my view, BaFin wanted to make it very clear once again that IT is becoming increasingly important for banks and that banks need to think about their IT (processes) and the resulting risks. The BAIT was given special significance by the fact that it was addressed directly to the management boards or management teams.

AWS: The BAIT are a concretization of the long-standing minimum requirements for risk management in the area of IT at banks. Due to the ever-increasing importance of IT as a result of digitalization, the banking supervisory authority has reacted and set clear guidelines for banks. No bank can escape these.

Prioritization with Quick Check ensures efficient procedure

BGR: What was the concrete procedure following this decision?

AWS: Two pillars of BAIT were strengthened. The first was to specify the IT strategy and the second was to further professionalize IT processes. For the second area, the bank decided to align itself with the international standard COBIT to orient itself. As the bank also has to be prudent with its expenditure, it chose to use a quick check to identify the IT processes where there is the greatest need for action. Optimizations were then systematically defined for these processes.

NPA: The bank has anchored the COBIT standard in its banking strategies. The focus on COBIT ensures that all topics and processes are addressed.

BGR: For which areas did this result in prioritized needs for action?

NPA: Several lines of action could be derived from the quick check across all areas. For example, I would mention the processes DSS02 "Managed Service Request and Incidents" and BAI06 "Managed IT Changes".

BGR: In your experience, do these challenges and the need for action coincide with those of other banks or other institutions in Germany?

AWS: Yes, absolutely. In general, the IT service and management processes at financial service providers in Germany have a level of maturity that could be significantly improved.

NPA: Unfortunately, I have to agree with this. Financial service providers often focus on rectifying audit findings, which usually prevents holistic optimization.

BGR: Mr. Werner-Scheer, Mr. Pantelmann, thank you for these interesting insights into IT requirements in the banking sector. Next week, part 2 of this interview will focus on the digitalization of banks in general.

The interview with Nico Pantelmann and Andreas Werner-Scheer was conducted by Beate Greisel for the TCI editorial team.

"Mastering transformation projects with the Enterprise Transformation Cycle" - published August 2020

The Transformation Consulting International has been supporting national and international transformation projects in companies for many years. Based on this extensive wealth of experience in practical implementation, the second volume, entitled "Mastering transformation projects with the Enterprise Transformation Cycle: successfully planning, implementing and completing projects" published by the renowned Springer-Verlag. As a continuation of the first volume, this one takes into account further wishes and suggestions from readers and presents concrete transformation projects and action situations of TCI experts in their daily application of the ETC. The editors of this 500-page volume are Mario A. Pfannstiel and Peter F.-J. Steinhoff. You will find numerous theoretical and conceptual contributions as well as practical case studies on the "Enterprise Transformation Cycle".

(Cover image: © Hand Robot | Adobe Stock)