Could IT Have Saved Citigroup?
It was not uncommon to hear CEOs of big banks talk about the importance of information technology to their operations, back in the recent past when banks still had operations worth talking about.
They hired the best CIOs in the business, integrated them closely with the business, and paid them salaries commensurate with most CFOs. And why not? The core services that banks offer involves pushing electronic representations of money around the world via lightning fast-networks and powerful computers, calculating risk, interest, and profit with every transaction. In this way, financial services firms sometimes resemble IT companies with a clever marketing twist.
So you have to wonder: if IT was so important, was IT part of the problem? Could better IT have saved the likes of Citigroup, the financial-services supermarket that's now being sold off in parts? And in the bigger picture, could technology have made the difference for any of the other banks and Wall Street firms that have gone so wrong?
At Citigroup, many blame former CEO Sandy Weill for inadequate tech spending and less-than-thorough integration of acquired companies. And the issues go beyond routine business performance. "Information technology by itself could have done nothing," says Douglas McKibben, Research Vice President of Banking at Gartner Industry Advisory Services. "But IT plays a very important and proactive role in risk management, and supports the business efforts to understand risk exposure."
At this point, of course, the Citigroup logo is pictured in textbooks next to the definition of "risk exposure."
Citigroup is descended from a bank founded nearly 200 years ago, but in the last decade it has been on a merger and acquisition tear, aided by the gutting of old regulations spearheaded by its recently-resigned director, former Treasury Secretary Robert Rubin. Traveler's Group, Smith Barney, Salomon Brothers, and countless other domestic and international acquisitions came together to form what is, for the moment, a $160 billion global behemoth.
But the information systems that manage the many arms and legs of the company have never been properly or sufficiently integrated. Citigroup CEO Vikram Pandit himself admitted that each of the businesses was operating with its own back office. According to an article by Bloomberg, Pandit told investors and analysts last May that Citigroup had "140,000 people in IT and operations...16 database standards...25,000 developers. This results not only in waste but doesn't give us any opportunity to leverage our organization."
There are a couple of different things Pandit probably meant by leveraging the organization. For one thing, Citigroup failed to achieve the coveted "single view of the customer," with which all of its far flung branches and businesses could have bundled and cross-marketed products and services. But Pandit was also likely referring to achieving the slightly less well known "single view of the operational risk profile for a humungous global bank investing in complex financial derivatives."
A comprehensive view of risk across the entire Citigroup enterprise could have raised the necessary red flags for bank leadership to take corrective action. In this way, it is not unreasonable to think that information technology could have at least mitigated the damage. However, for that risk analysis to make a difference, decision makers inside the bank would have to trust it and act on it.
"If the data isn't dependable or reliable, how effective will it be for predicting problems?" asks McKibben. "You could argue that some of these banks ignored what was right in front of their faces."
It's the old garbage in, garbage out problem. Whether bankers ignored the mounting risks willfully or they didn't believe in the data they were looking at is open to speculation (and possible shareholder lawsuits.) But without consistent, reliable data that pulls information from across the organization, the IT department would certainly lack the credibility to alter Citigroup's course of action.
McKibben believes that process and operations on Wall Street are more to blame for the financial meltdown than information technology. Indeed, the decision to trade risky mortgage-backed securities in the first place had little to do with IT systems. It had to do with a failure of operational oversight. But going forward, IT will have a critical role to play in preventing this kind of widespread failure from ever happening again.
For one thing, practicing good enterprise risk management means having a holistic view of the enterprise. Standardized data input from across business lines and geographies is critical for any global business. In this way, IT can force fiscal rigor by requiring that each transaction include complete data that passes a certain risk threshold. Linking risk data with other information, like compliance, revenue, and customer data, is also important.
Perhaps nothing could have saved Citigroup, once it joined the feeding frenzy that drew in so many other banks. But with better visibility and reliable risk data, perhaps we won't have to feel this kind of pain again for at least a few years.
The Role of Standards in Cloud Security
Security is often cited as a primary cause for concern...Watch Now
Ensuring Resources for Mission Critical Workloads
Application workloads can thrive in cloud environments,...Watch Now
Improving Security in the Public Cloud
One of the main concerns about moving data to a public...Watch Now