We are all about financial IT solutions that are both reliable and accelerate your growth. We do the hard work so you could focus on things that matter most – making best decisions on customer service without thinking about technologies.
Since 1990, we are advancing technologies to meet the future of finance services together with our clients. Our IT solutions and services offer you a hands-free approach: from complex banking systems to simple payments – we have you covered.
The information systems operated in financial institutions collect and store particularly sensitive data, this is why supervising authorities pay special attention to their reliability and security. Quite often, financial institutions not daring to deal with the compliance challenges alone rely on third parties providing IT services. Rūta Šiaučiulytė, Head of the Division of Legal Counsel and Compliance in the Forbis Company operating in the field of banking technology for almost 30 years, advises on how to choose a reliable information technology and software supplier that would facilitate routine operations and simplify the compliance processes.
The business activities of the Lithuanian financial institutions are defined by a wide range of legal acts – starting with the resolutions of the European Central Bank or the Bank of Lithuania and ending with the GDPR (General Data Protection Regulation) and the documents defining the AML (anti-money laundering) requirements. In order to achieve the overall sustainability and reliability of the financial system, not only the direct activities of banks, credit unions or other financial service suppliers are regulated, but also there are set requirements for IT systems and management thereof, i.e. for the tools used by financial institutions in their day-to-day operations. Then again, regulatory legal acts do not usually define specific technical requirements, but identify good industry practices that should help the institution to ensure the required level of security, regardless of the scope of activities, the technologies used, and the functions delegated to third parties.
According to Rūta Šiaučiulytė, Head of the Division of Legal Counsel and Compliance at Forbis, formal compliance with legal requirements is an important, but not the only criterion for a financial institution when choosing an IT supplier. “The third parties, from which the financial institutions acquire core IT systems, are considered critical suppliers, and it is therefore necessary to comply with the legal acts that specify how to choose IT suppliers and manage the services they provide. However, our many years' experience shows that not just formal compliance is important for success: the higher the ambition of the financial institution, the higher the requirements it should have for the experience of the future partner. IT provides can prove their competence with conformity certificates issued by recognised institutions and with the customer feedback,” said R. Šiaučiulytė.
Similar to companies operating in other fields, the IT system vendors can obtain ISO (International Organization for Standardization) certificates, confirming that the companies apply good business management practices as defined by the international standards. “When working with the financial institutions of various sizes – from banks to financial technology start-ups – we are convinced that one of the main criteria when choosing an IT supplier is confirmation obtained from independent certification bodies that the company pays due attention to the service quality, risk management, and information security. Therefore, both Forbis, developing IT banking software, and Fininbox, another company of our group, providing software rental (SaaS) solutions to financial institutions, have ISO/IEC 27001 certificates regarding the international information security management. Besides, the management systems that meet the requirements of ISO/IEC 20000 service management and ISO/IEC 9001 quality management standards also help to manage Forbis business processes. Moreover, specific market standards are very important when developing IT solutions – IT developers must follow the requirements of OWASP and other IT security standards, guidelines of NIST and other organizations, constantly check the security of the developed products, and allocate sufficient resources for staff training. Only the day-to-day application of good practices and a holistic approach to the development of IT systems can make one sure that the product being created is of the highest quality and security,” commented R. Šiaučiulytė.
It is also important that the IT systems supplier not only would manufacture and implement the product, but also would guarantee that its errors are eliminated, and the product is upgraded, as regulatory or financial institution needs change. “The reliability of IT suppliers and business continuity are essential for the customers to receive all the necessary services smoothly and on time. International standards oblige us to constantly monitor and improve business processes – in our opinion, they show and establish the trend for fair, clear, and efficient activities. The market and the requirements are changing very quickly, thus, a lot of effort needs to be put into maintaining of a high level of the processes’ quality and into constant update of the certificates,” said R. Šiaučiulytė.
The compliance expert encourages financial institutions that are now considering what supplier to choose, to pay attention to the company's history: duration of the activity, the implemented large-scale or complex projects, and the customer feedback, which will best reflect how the supplier's customer service team will work after entering into the agreement, whether deficiencies will be eliminated promptly, and what solutions the company will be able to offer in non-routine situations.
The success of any IT project largely depends on how carefully it is planned. Head of the Project Management Centre of the Forbis company-developer of banking IT systems, dr. Miroslav Švabis shares his experience: what to consider when planning IT projects and what mistakes to avoid in the course of their implementation.
A successful project starts to become such already before it begins
According to M. Švabis, the success of an IT project largely depends on careful planning already before the start of work. He states that the first thing to do is to stipulate and clearly align with the customer all the business needs alongside with functional and non-functional requirements
“When aligning both business needs and functional and non-functional requirements, it is especially important to set measurable goals. Without specific, clearly measurable goals, it is unclear when the project can be considered completed, there may arise problems due to business of the team working on the project, or due to the exceeding of the budget, or due to unfulfilled customer expectations,” said M. Švabis.
Not less attention must be paid to thorough planning of the scope of work. M. Švabis notes that in order to design a successful IT project, a number of crucial questions need to be answered for identifying future time and labour costs.
“Will the project demand writing a specification for the customer? Will the assistance of a business system architect or analyst be required? What programming language will be used? Who will create a testing plan and who will carry out the testing? What documentation should be provided to the customer? Have the project-closing conditions been discussed with the customer? Only by answering these and other similar questions specific to your project, you will be able to determine what specialists and what workload will be needed,” stated M. Švabis.
After having predetermined the guidelines for the future IT project, take up careful planning. Almost all planning methodologies recommend splitting the work into the smallest steps possible: thus, you will clearly see what resources will be needed to implement each work, how long it will take, and what will happen next.
“When planning new projects, I divided their implementation into phases. Analysis is a phase when a specification is prepared; Architecture is a phase when a detailed design report is got ready; Production phase involves carrying out of the programming work; during the Internal testing phase, there are prepared test cases, scripts, test plans for carrying out of the testing; Implementation phase involves project handing over to the customer. Every project is different, but this planning methodology can be applied as universal guidelines to almost all IT projects,” said M. Švabis.
A common mistake that can appear to be very costly is the lack of the detailed arrangements in terms of the customer actions. It is important to agree in advance not only on what is expected of you, but also what the customer is committed to doing. Maybe the customer will need to create a testing environment on the local infrastructure or maybe some integration with a third party is needed. Finally, it is necessary to schedule when the customer will conduct the project acceptance testing and have your team members reserved for that time. Do not rush to involve the team into other projects until the current project is officially completed.
Management of terms and expectations
One of the biggest mistakes that the IT project managers make is overly optimistic time planning. Naturally, you want to complete every project in the shortest time possible, however, often such an approach does more harm than good.
“Experienced project managers know that it is necessary to get ready for unforeseen circumstances. That is why, when scheduling the project implementation deadlines, I always extend them by fifteen or, if the possible, even by thirty percent, certainly after aligning this with the customers. Communicate frankly with the customer, and if your relationship is particularly good, openly share your thoughts on possible project implementation scenarios. Every customer appreciates openness and will be pleasantly surprised when you finish the project earlier than planned,” said M. Švabis
Last but not least, never promise what you will not be able to accomplish. When managing IT projects, it is especially important to remain objective and honest with yourself, with the customer, with the project team, and with the management of your company. A successful project manager, facing any pressure to perform tasks that in their opinion are unachievable, must communicate this openly and justify their position.
“Having faced seemingly unrealistic expectations, the most important thing is to identify for yourself and the others, why you think this is not possible, and to openly look for solutions. Often, stating specific reasons leads to finding solutions. If you nevertheless see that the goal you want to achieve is not realistic, you may find a compromise with the help of open communication – and this will be a fair agreement and a solution being sought for,” M. Švabis reasoned.