Jump to content
The_Phoenixed_Banker

Thoughts from an Ex-Banker-VP of Tech

Recommended Posts

Quote

Notice how cobalt developers are in such high demand. 

I hadn't until just now.

Quote

Companies are in desperate need for some young blood with COBOL knowledge.

Currently, banks and financial companies heavily rely on retirees, paying them $100 an hour to fix simple problems (for people with the right expertise).

75-year-old Bill Hinshaw, founder of COBOL Cowboys, is one of the veterans who can’t stop working. In an interview with Reuters he said that he often comes across software he wrote over 40 years ago, which shows how enduring the language is in today’s financial systems.

Quote

In 2012 the Commonwealth Bank of Australia replaced its core banking platform to modernize their system. The change ended up costing around 750 million dollars, which is why many banks have opted for trying to keep their COBOL systems going.

Yikes.

https://thenextweb.com/finance/2017/04/10/ancient-programming-language-cobol-can-make-you-bank-literally/

Share this post


Link to post
Share on other sites
On 27/10/2017 at 8:34 PM, jdimstrnate said:
On 25/10/2017 at 9:21 PM, The_Phoenixed_Banker said:
Hello Everyone,
Long time lurker and first time poster here.  I decided to make a post that I believe will help the community better understand the banking landscape.  I worked at a top financial institution for 10 years and left the banking industry close to four months ago to pursue other opportunities.  When I left the bank I was a VP of Technology that managed the overall internal IT support for vendor supplied applications and payment processing services.   A major part of my responsibilities was to ensure that all vendor applications and services that I managed met regulatory and bank defined compliance standards.  In addition to that I also led the IT Strategy and Solutions portion for the business I supported, which required me to evaluate new products and services that were being offered by our existing payment processing vendors.  I am a Ripple supporter and the points I go over below are based off my experiences in the banking industry and my knowledge of the Ripple product.  I am by no means a Ripple expert, and by no means arguing that one crypto is better than the next.  I am just an ex-banker who has extensive knowledge of the Consumer and Commercial Payment Processing world.      
Regulation - Overcoming industry regulation and abiding to bank compliance standards is the largest hurdle for any vendor that wants to do business with a bank.  I can tell you that the bank I worked for was seen as having possibly the best compliance standards in place that went far beyond the normal regulatory requirements.  To top this off, it was mandatory that all vendors had to meet the bank's compliance standards in order for business to continue.  Failure to comply within the specified SLAs opens the door to decommissioning the service and ending the relationship.  I can tell you from personal experience that I have been involved in conversations where top industry vendors were hard pressed to meet these deadlines and were ultimately informed by myself that if they did not the bank would start taking steps to decommissioning their service.   To further clarify, there are quarterly internally performed bank audits for every vendor (SOX, PCI, AML, Frank Dodd, etc.), semi- annual 3rd party audits (PwC), and annually performed ethical penetration tests performed by the bank or a bank recommend vendor.  So a grand total of 6 audits and an ethical hack, every year, where the expectation is that the vendor must attest to remediate any findings  that were found within a 6 - 12 month time period, depending on the severity of the finding.  I can also tell you that when I left my position I was immediately offered 2 positions at other large banks where they wanted to take their IT compliance in the same direction as the bank I just left.  To sum this up, in order to become a successful vendor to a bank you are literally expected to go a few steps ahead of current regulatory requirements while also allowing the bank to essentially pick apart whatever service you are offering on a regular basis.  In my opinion, the fact that Ripple has successfully signed 100 banks means that they have anticipated and sufficiently prepared for this from day one.  A bank would not sign unless Ripple passed these tests and agreed to continue to do so on a regular basis for as long as the relationship lasts.  I also want to point out that these requirements are even more stringent and bring along additional layers of audit when you are talking about cross-border payment solutions.                   
Interoperability - From an IT Strategy and Solutions perspective Ripple has the edge on everyone.  Why?  For one, their primary focus was to start off by focusing on areas where the most cross-border transactions and remittances are processed.  So what does this have to do with Interoperability and the hidden gem that it appears so many missed during Swell.  Well, when banks look at new services they are not only looking at the component that the new service replaces they are also looking at all upstreams, downstreams, and sidestreams because they want a solution they can literally forklift in with little to no disruptions across their organization.  This is where the importance of interoperability comes in and the siloed Ripple vision needs to be expanded.  Every line of business is a like a spider web that is interwoven into many other businesses within an organization.  What you may think is a non-impact could very well be an impact that needs to be addressed, even if this impact has nothing to do with the service that is being implemented.  Having a solution that is interoperable with other  blockchain solutions reduces the amount of customized work that Ripple would have to potentially complete in order to onboard a bank.  It is not a partnership, it is an understanding of the services offered by others in the same space and seeing where both solutions can overlap through compatibility, ultimately helping out both companies and delivering the solution that the client wants.  At a time like this, when blockchain technology is becoming more mainstream, it is important to understand that you cannot spend three or four times your normal implementation time for each client as that limits you to the opportunities you can capitalize on during such a critical time.  Ripple clearly understands this and has successfully communicated their thoughts on interoperability during the Swell conference.  
Stellar Lumens - The IBM relationship was definitely a big win for them.  Regardless of the length or any other stipulations in place.  I say this because most if not all financial institutions still rely on mainframe technology.  Notice how cobalt developers are in such high demand.  Mainframes process 90% of transactions in the world currently so a partnership with IBM essentially gives Stellar a foot in the door.  Commercially this will help them, however, from a financial institution perspective I can say from experience that all the points I noted in the regulatory section above apply to technologies offered by existing vendors.  What this means is that if IBM (or MasterCard) went to a bank and said "we can now do everything Ripple can through Stellar and build on our existing relationship", the bank would say "well before we commit to onboarding this new tech we need access to the system backend, permission to hack it, check it against all regulations and whatever is found would need to be fixed before we can even consider it, oh and we got to audit it 6 a times a year, hack it once a year, need you to attest that you agree with all this and that all remediation's are done within a specified timeframe and that going forward if you ever fail to comply we will decommission your service and end the relationship with no penalty."  My overall opinion here is that for one the space is large enough for both to be successful and for two I cannot really see Stellar being as successful as Ripple in the financial institution space.  IBM can guide Stellar through all the regulatory and auditing requirements of banks but in my opinion by the time they are ready to move forward Ripple would already be five steps ahead.  I do think Stellar will be successful, just in their own way.  To put this in perspective, I have seen industry leaders take anywhere from 1-3 years to get their new, non-disruptive service approved and implemented.  A new vendor in this space could easily take 3-5 years, since Stellar probably has IBM guiding them I could see 2-4 years.  This is where Ripple shines, with 100 banks already signed they clearly anticipated this hurdle.  It would really not surprise me to find out that they invested more into compliance than into product development.  In short, it does not matter who, why, when, where, and in what circumstance bank data or processes around bank data are touched.  As soon as it is touched in any way shape or form it is subject to all the compliance points I listed above.  
In closing, Ripple is a marathon crypto, and I truly believe the overall success will be a slow and steady one, which is good.  I normally never, ever post on forums and this will literally be the second or third time that I have.  I only did so because I felt my experience would help everyone understand what it truly takes for a new piece of technology to be adopted by a bank.  My personal opinion on this entire landscape is that I believe Ripple, Stellar, and OmiseGo will all be successful.  Ripple in my opinion is the current front runner because they have already signed 100 plus banks, meaning they have already cleared these compliance hurdles and already have a process in place that can continuously deliver the same results.  I would be very curious to see how long it takes for a headline to appear stating "Stellar signs X bank through IBM".  My opinion is that this will not occur for at least another year or two.  If requested, I can certainly validate my experience through a trusted source such as Hodor, Dre Ventures, Joel Katz or any other respected community member.  Thanks, I hope this post helps. 

You make me want to buy more

A great piece of technical analysis, which will help Crypto-investor like me to a larger extent. I hope Ripple team will might take some advice from this article, if they are missing out anything in the journey of Ripple. Would appreciate if you could put some light on usage of XRP in this process of Banking and how investor like me will stand to benefit or loose.

Share this post


Link to post
Share on other sites
49 minutes ago, rainbowhunter said:

Hi @emelen73 no offence, but have you just woken up from a coma? :girl_hospital:

lol.. no.. although compared to some on here.. yes..

a link to this was posted on twitter and i followed it here.. i've since retweeted the link so more comments may follow..

Share this post


Link to post
Share on other sites

I used to work on PeopleSoft, an ERP from Oracle.   I can attest to the cobol programming because it used it for some of it's programs.   I've been wondering when the next thing was going to come along to replace all this old cobol stuff for years because it's a bleeding technology just looking to be replaced.  Getting off mainframes is a huge goal for a number of organizations.

And on a sidenote, I just want to intern at ripple for a year for free doing the simple IT work. lol

Share this post


Link to post
Share on other sites
10 minutes ago, emelen73 said:

lol.. no.. although compared to some on here.. yes..

a link to this was posted on twitter and i followed it here.. i've since retweeted the link so more comments may follow..

It is still valid today as when it was first posted. The site used to have many such worthwhile contributions - I think they are still there just harder to find because there is so much activity, generally about price and lambos, although the Urus  SUV is launched shortly.

Share this post


Link to post
Share on other sites
On 10/28/2017 at 6:17 PM, expireD said:

Lol.

I'm sure "cobalt" was inserted by a spell "helper." I got my MSCS in '88 and COBOL was considered an "old" language even then amongst current software developers. The spell helper probably doesn't even have it in its dictionary.

Share this post


Link to post
Share on other sites
On 10/26/2017 at 2:51 AM, The_Phoenixed_Banker said:

To put this in perspective, I have seen industry leaders take anywhere from 1-3 years to get their new, non-disruptive service approved and implemented.  A new vendor in this space could easily take 3-5 years

I can second the time frames mentioned. I worked in a second tier bank in australia 10 years ago and migrating our transaction switch from base24 dinosaur tech to postillion was a three year project, and we had both systems running in parallel for 6 months at the end. 5 years after that i went to THE big 4 bank who was still using base24 on the back end. The biggest fi's wont dive in to new technology until its proven to be stable, compliant and profitable by other smaller players over a long time. This is a 10 year hodl in my book.

Edited by Rob_long

Share this post


Link to post
Share on other sites

This is actually a great post to re-visit.  It reminds us all of the key elements (interoperability and regulation) which must come into play in order for XRP to be used at scale. 

This was first posted in Oct '17 - and that now seems like light years ago.  So much has happened since then, at increasingly frequent speed, regards awareness and implementation in the payments space.  The race is most definitely on for institutions globally!  No doubt as we proceed in 2018 that it will be THE year in which regulation and interoperability get installed within governments, banks, and FI's. 

There may be quite a bit of good news between now and that time, but for the true play, as always, XRP seems to be ready to blossom later in 2018 and early 2019.   Nothing new there.   The story has never changed, but I suspect somewhere along the lines of Dec/Jan our collective expectations may have. 

Continuing to hold with confidence. 

Edited by xrphilosophy

Share this post


Link to post
Share on other sites
On 10/25/2017 at 9:51 AM, The_Phoenixed_Banker said:

Hello Everyone,

Long time lurker and first time poster here.  I decided to make a post that I believe will help the community better understand the banking landscape.  I worked at a top financial institution for 10 years and left the banking industry close to four months ago to pursue other opportunities.  When I left the bank I was a VP of Technology that managed the overall internal IT support for vendor supplied applications and payment processing services.   A major part of my responsibilities was to ensure that all vendor applications and services that I managed met regulatory and bank defined compliance standards.  In addition to that I also led the IT Strategy and Solutions portion for the business I supported, which required me to evaluate new products and services that were being offered by our existing payment processing vendors.  I am a Ripple supporter and the points I go over below are based off my experiences in the banking industry and my knowledge of the Ripple product.  I am by no means a Ripple expert, and by no means arguing that one crypto is better than the next.  I am just an ex-banker who has extensive knowledge of the Consumer and Commercial Payment Processing world.      

Regulation - Overcoming industry regulation and abiding to bank compliance standards is the largest hurdle for any vendor that wants to do business with a bank.  I can tell you that the bank I worked for was seen as having possibly the best compliance standards in place that went far beyond the normal regulatory requirements.  To top this off, it was mandatory that all vendors had to meet the bank's compliance standards in order for business to continue.  Failure to comply within the specified SLAs opens the door to decommissioning the service and ending the relationship.  I can tell you from personal experience that I have been involved in conversations where top industry vendors were hard pressed to meet these deadlines and were ultimately informed by myself that if they did not the bank would start taking steps to decommissioning their service.   To further clarify, there are quarterly internally performed bank audits for every vendor (SOX, PCI, AML, Frank Dodd, etc.), semi- annual 3rd party audits (PwC), and annually performed ethical penetration tests performed by the bank or a bank recommend vendor.  So a grand total of 6 audits and an ethical hack, every year, where the expectation is that the vendor must attest to remediate any findings  that were found within a 6 - 12 month time period, depending on the severity of the finding.  I can also tell you that when I left my position I was immediately offered 2 positions at other large banks where they wanted to take their IT compliance in the same direction as the bank I just left.  To sum this up, in order to become a successful vendor to a bank you are literally expected to go a few steps ahead of current regulatory requirements while also allowing the bank to essentially pick apart whatever service you are offering on a regular basis.  In my opinion, the fact that Ripple has successfully signed 100 banks means that they have anticipated and sufficiently prepared for this from day one.  A bank would not sign unless Ripple passed these tests and agreed to continue to do so on a regular basis for as long as the relationship lasts.  I also want to point out that these requirements are even more stringent and bring along additional layers of audit when you are talking about cross-border payment solutions.                   

Interoperability - From an IT Strategy and Solutions perspective Ripple has the edge on everyone.  Why?  For one, their primary focus was to start off by focusing on areas where the most cross-border transactions and remittances are processed.  So what does this have to do with Interoperability and the hidden gem that it appears so many missed during Swell.  Well, when banks look at new services they are not only looking at the component that the new service replaces they are also looking at all upstreams, downstreams, and sidestreams because they want a solution they can literally forklift in with little to no disruptions across their organization.  This is where the importance of interoperability comes in and the siloed Ripple vision needs to be expanded.  Every line of business is a like a spider web that is interwoven into many other businesses within an organization.  What you may think is a non-impact could very well be an impact that needs to be addressed, even if this impact has nothing to do with the service that is being implemented.  Having a solution that is interoperable with other  blockchain solutions reduces the amount of customized work that Ripple would have to potentially complete in order to onboard a bank.  It is not a partnership, it is an understanding of the services offered by others in the same space and seeing where both solutions can overlap through compatibility, ultimately helping out both companies and delivering the solution that the client wants.  At a time like this, when blockchain technology is becoming more mainstream, it is important to understand that you cannot spend three or four times your normal implementation time for each client as that limits you to the opportunities you can capitalize on during such a critical time.  Ripple clearly understands this and has successfully communicated their thoughts on interoperability during the Swell conference.  

Stellar Lumens - The IBM relationship was definitely a big win for them.  Regardless of the length or any other stipulations in place.  I say this because most if not all financial institutions still rely on mainframe technology.  Notice how cobalt developers are in such high demand.  Mainframes process 90% of transactions in the world currently so a partnership with IBM essentially gives Stellar a foot in the door.  Commercially this will help them, however, from a financial institution perspective I can say from experience that all the points I noted in the regulatory section above apply to technologies offered by existing vendors.  What this means is that if IBM (or MasterCard) went to a bank and said "we can now do everything Ripple can through Stellar and build on our existing relationship", the bank would say "well before we commit to onboarding this new tech we need access to the system backend, permission to hack it, check it against all regulations and whatever is found would need to be fixed before we can even consider it, oh and we got to audit it 6 a times a year, hack it once a year, need you to attest that you agree with all this and that all remediation's are done within a specified timeframe and that going forward if you ever fail to comply we will decommission your service and end the relationship with no penalty."  My overall opinion here is that for one the space is large enough for both to be successful and for two I cannot really see Stellar being as successful as Ripple in the financial institution space.  IBM can guide Stellar through all the regulatory and auditing requirements of banks but in my opinion by the time they are ready to move forward Ripple would already be five steps ahead.  I do think Stellar will be successful, just in their own way.  To put this in perspective, I have seen industry leaders take anywhere from 1-3 years to get their new, non-disruptive service approved and implemented.  A new vendor in this space could easily take 3-5 years, since Stellar probably has IBM guiding them I could see 2-4 years.  This is where Ripple shines, with 100 banks already signed they clearly anticipated this hurdle.  It would really not surprise me to find out that they invested more into compliance than into product development.  In short, it does not matter who, why, when, where, and in what circumstance bank data or processes around bank data are touched.  As soon as it is touched in any way shape or form it is subject to all the compliance points I listed above.  

In closing, Ripple is a marathon crypto, and I truly believe the overall success will be a slow and steady one, which is good.  I normally never, ever post on forums and this will literally be the second or third time that I have.  I only did so because I felt my experience would help everyone understand what it truly takes for a new piece of technology to be adopted by a bank.  My personal opinion on this entire landscape is that I believe Ripple, Stellar, and OmiseGo will all be successful.  Ripple in my opinion is the current front runner because they have already signed 100 plus banks, meaning they have already cleared these compliance hurdles and already have a process in place that can continuously deliver the same results.  I would be very curious to see how long it takes for a headline to appear stating "Stellar signs X bank through IBM".  My opinion is that this will not occur for at least another year or two.  If requested, I can certainly validate my experience through a trusted source such as Hodor, Dre Ventures, Joel Katz or any other respected community member.  Thanks, I hope this post helps. 

Thanks for the great post. I ran across some tweets by a Michael Dowling at IBM that also had some very nice things to say about Ripple and like you say's there is plenty of room for both and Stellar and Ripple both benifit each other. https://twitter.com/michaeldowling/with_replies?lang=en

Share this post


Link to post
Share on other sites

×
×
  • Create New...