You are here:Home/Blog/Business/Billion Dollar Business Runs Agile Risk & Compliance PoC
How a Billion-Dollar Business Ran an Agile Risk & Compliance PoC as a Managed Service
Note: This is the 2nd article a 4 part series. You can read part 1 here.
Is your business subject to constant regulatory reviews? Do these keep you awake at night? Where are your gaps? With hefty fines for breaches (up to $120k per day, per breach?!), the urgency for financials to be proactive when it comes to compliance is ever increasing.
Recently, Starboard IT were engaged to host a data analytics application proof of concept for one of the top four Australian banks, which helped them to ensure their compliance, specifically around KYC (Know Your Client) regulations. Obviously, the bank has plenty of IT staff they could call on to build this platform so it begs the question: with much at risk, why engage Starboard IT?
The reality is CIOs are under more and more pressure these days. They must increase the pace at which innovation is rolled out within their business. They must drive business opportunities that deliver a competitive business advantage. They must align technology needs with those of the business. Oh and of course all while delivering zero downtime!
But in context, just recently I have heard two esteemed and trusted colleagues recount some of their experiences with two of the other top four banks:
The first took eight months to stand up a single virtual machine. By the time they were notified of completion, the project had already been closed for four months;
The second was in relation to the running of a ghost project (with literally no deliverables) with the sole purpose of understanding the true cost of their project governance overheads. $10 million in case you were interested?!
So back to the question: why Starboard IT?
Put simply, Starboard IT were engaged because we could reduce the bank’s time to value.
1. We are agile.
Instead of 8 months to provision a single VM, we had successfully sourced servers and storage from our friends over at HPE, sourced firewalls and switches from Cisco Meraki, arranged 90 days hosting and WAN connectivity from Equinix all within a couple of days.
In fact, the whole environment was built, configured and production ready, primed for data ingestion within just 48 hours from receiving a signed order form yet still delivered 99.99% availability for the duration of the PoC. Bear in mind this environment was also built to meet the security requirements of most internet banking platforms.
2. Our architecture provided flexibility and options beyond the immediate business need.
As the volume of data to be ingested and analysed was not known at the commencement of the engagement, aside from over provisioning of course, Starboard IT implemented a design which facilitated easy upgrade options for both compute and storage, future proofing the environment.
Whilst the bank was only performing a PoC for one department, we ensured the network and hypervisor configuration supported the provisioning of additional PoC’s which could be run in parallel on the same underlying infrastructure, ensuring operating costs would be kept to a minimum.
Provisioning of the environment was also largely scripted meaning additional PoC’s could be spun up quickly and cost effectively too.
3. Outsourcing offered an operational expenditure model.
As all IT staff know, provisioning of equipment like servers, storage and network infrastructure usually takes several weeks. To offset this, the bank opted to use Starboard IT’s private cloud model, resulting in a shorter lead time whilst providing a more scalable solution than an on-premises or co-located alternative.
Further, there was no large capital expenditure of the bank. This meant the costs for the environment fell within the delegation of authority, thereby bypassing tedious business case justifications and financial approval processes.
Leveraging Starboard IT’s services helped achieve meeting all success criteria of the PoC within 30 days (rather than the allotted 90 days). Our counterparts in the bank were then able to spend the balance of that time pushing the boundaries of the platform, finding new and interesting ways to leverage the system as well as perform additional demonstrations to senior management.
Commercial conversations are now taking place to perform identical PoCs for 5 other business units.