The 2023 Gartner® Magic Quadrant for SAM Managed Services is now available. Get the Report

FinTech Provider Achieves FBA Compliance with Mature ITAM Program

(March 2024)

Company Profile

  • Industry: Financial Technology
  • Size: 7k employees
  • Revenue: $2.1B
  • Region: USA
  • Market: Mid-Market
Analysis:
20+ 
Policy Statements, Controls & Test of Effectiveness Reviewed & Contextualized

Portfolio Management for Regulatory Compliance Case Study | EXECUTIVE SUMMARY

This client is a highly acquisitive provider of financial technology solutions, resulting in a software portfolio that changes constantly, consequentially exposing a high level of risk which they proactively mitigate to protect stakeholder investments. A lack of hands-on involvement from senior management meant that the defined ITAM Program Transformation (IPT) program hadn’t fully moved into the planned operational phase. Pressure from the Federal Banking Agencies (FBA) to demonstrate effective management and visibility of their estate gave a new level of urgency for the board and executives to engage with the strategies or face potential financial and reputational damage as a result of fines for non-compliance. This change in the driver for Anglepoint’s ITAM Program Operations Service facilitated more hands-on involvement from the senior management team and expedited the required data gathering, alongside the implementation of the policies and processes needed to respond to the FBA. Anglepoint was able to provide the appropriate evidence to bring the client to a position of compliance and avoid fines that could have amounted to millions of dollars. Following this, the organization is on track to implement and roll out effective Application Portfolio Management on a sustainable and proactive basis – including ServiceNow tooling to centralize this function.

The Challenge

This financial technology provider has grown rapidly through acquisition over the last thirty years, forcing them to navigate and respond to high levels of regulatory risk from the FBA. They were coming under increasing regulatory pressure at executive and board levels as they couldn’t demonstrate the level of visibility and management of their software estate that is required by the FBA. The reputational and financial risks could be potentially damaging to the business if they were not able to provide ample information. The organization needed to be able to demonstrate full visibility of their assets and track those being retired or removed from the system, and needed to ensure there was no end-of-life hardware or software in the estate. Ultimately, they had a limited view of their regulatory compliance position and any fines that they could potentially incur would impact them through bad publicity, dropping share prices and their ability to trade. To further complicate matters, they faced a very aggressive timeline to demonstrate compliance.
The client had a multitude of tools and data sources with mountains of data, but no central source of truth. Different departments were looking after different areas of the business with their own data sets and a high level of management staff turnover meant that they were struggling to gather and consolidate the information from this data. They needed to be able to show their regulatory compliance against a table of requirements but were unable to do so due to insufficient tooling, an inaccurate CMDB, and a shortage of internal skills and resources to compile this. While they knew implementing a new tool was a priority, they were in a constant reactive state and knew they needed a rescue team to tackle the problem and move them into a proactive position. The primary focus was to pull together all the data, normalize and clean it, and consolidate it into a single pane view that would update the CMDB and feed a new tool. They had just four months to complete these tasks and demonstrate a report of their assets to avoid the fines that would ensue from the FBA.

The Solution

Anglepoint’s ITAM Program Transformation team stepped up the work being delivered and extended this to the ITAM Program Operation Service to help execute the strategy that they had been working with the client to outline. Anglepoint assessed the issue and came up with a plan that would expedite the transformation program and provide a response to the FBA’s three clear requirements:

  • Build Portfolio Management
    • Know what the organization has and that it is secure
    • Perform a software review
  • Operational Management
  • Compliance Management
    • Constant quarterly analysis

Given the 4-month timeframe, Anglepoint’s experts needed to work backward from the deadline date to define the best approach. They understood the internal stakeholder buy-in challenges that existed, so the team needed to know who should be involved from the client’s side, what data was needed from them, and how best to engage with them.  They needed to outline what the process would look like and exactly what the outputs would be to drive this buy-in. A project was outlined, and an agile working group was set up with Anglepoint’s support. This group included a project manager and the introduction of the client’s Corporate Governance Manager, securing the connection with the executive team and injecting the required accountability and transparency. Tactical group discussions were set up to outline the roadmap for the outcome and mobilize the planned strategy. These discussions highlighted some of the challenges that the organization would have to overcome. The largest challenge was the amount of data, as there were pockets of inventory everywhere. Anglepoint started off by finding out who was responsible for the data and how and where it was held, mapping the environment and building a gap analysis. The extra layer of difficulty here was that some of the acquired entities were still very segregated and running as separate entities, so the team needed to speak to all data owners.

Weekly calls were set up with the project management team and Anglepoint’s delivery team, and progress was measured against a percentage tracker of their software estate visibility. Each of the sporadic and patchy data sets were gathered from different sources and added to a catalogue. This data was cleaned, normalized, and deduped by Anglepoint’s ITAM experts and presented in a master table of accurate catalogued inventory alongside the percentage tracker, enabling them to work towards a completion percentage. This process enabled the executive team and the board to visualize the issue’s root, and the wider ITAM Program Transformation project had full support through a clear understanding of what needed to be done.

Each point outlined by the FBA was addressed with evidence to support it, and they avoided the non-compliance fines that would have amounted to millions of dollars.

RESULTS

The client can now demonstrate complete visibility of its estate. They have the accurate data and information required to help facilitate the implementation of an accurate CMDB and the planned ServiceNow tool.  Moving forward, the client will be able to manage their estate proactively.

The policies, processes, reporting, and governance are in place to maintain this position of compliance on an ongoing basis for the Operational Management piece of the goals set by the FBA. Anglepoint further developed capabilities here for pulling and managing data, and pushing it back out against different regulatory needs.

The client has achieved all three goals to an acceptable level, meaning they have avoided potential fines of millions of dollars and protected their stakeholders’ investments in shares. They continue to be supported by Anglepoint with a multi-vendor SAM managed service and are moving towards a more mature approach to portfolio management.

The organization needed to be able to demonstrate full visibility of their assets and track those being retired or removed from the system, and needed to ensure there was no end-of-life hardware or software in the estate. Ultimately, they had a limited view of their regulatory compliance position and any fines that they could potentially incur would impact them through bad publicity, dropping share prices and their ability to trade.

Right-size Your Software Estate Today

Most companies spend way too much on software licenses compared to true internal demand for software services.  Our  Optimization Assessment covers every aspect of right-sizing, including license consolidation, infrastructure optimization, contract optimization, improving documentation, license transfer, or re-harvesting.