Could it get even harder to create an Enterprise Architecture (EA) Function plan that supports Financial Services organizations in delivering on business objectives? It’s not enough for Heads of Architecture or CTOs to create plans defining policies to govern how their organizations adopt technologies; architecture function plans must enable agile approaches to leveraging technologies for innovation while aligning to the Federal Deposit Insurance Corporation’s (FDIC) new regulation guidelines.
The latest Federal Financial Institutions Examination Council (FFIEC) IT Examination Handbook released on June 30, 2021, sets regulatory guidelines and expectations on the integration of EA with DevOps (i.e., IT Operations and Software Development). As a result, your EA Function’s plan must both align architecture policies and practices with the new FDIC guidelines and address the shift in how EA creates business value.
This post explains the seven focus areas of a strategic EA Function plan that Banking and Financial Services organizations should develop to guide deployment of the latest technologies for achieving strategic objectives and keep regulators happy. To understand how these focus areas are essential for strategic planning, it’s first helpful to consider how new FDIC regulations acknowledge the changing role of EA.
Enterprise Architecture’s Changing Role
The latest FDIC regulatory guidance recognizes Enterprise Architecture is shifting to a partnership model that supports using advanced technologies. For example, the FFIEC Handbook lists “Reviewing existing infrastructure and operations and working with other members of management to determine the capabilities needed by IT systems to deliver on new products and services” as a responsibility of the Head of Architecture.
Therefore, EA policies and practices must effectively enable how Information Technology functions like software product development and information security innovate to achieve enterprise-wide strategic objectives. Our new brief “Enterprise Architecture: FDIC Supervised Firms,” explains the changing role of EA and reveals that “a key element of meeting the expectations of regulators is combining various architecture best practices to implement an approach that enhances financial institutions’ ability to deliver on their business goals using advanced technology.”
Leading EA function efforts to redefine the function and maintain alignment with regulatory expectations is not easy, and the seven focus areas that comprise the CIO Checklist in our brief are the keys to how the architecture function delivers value.
Strategic Architecture Plan Focus Areas
Banks and Financial Services organizations must implement EA that meets or exceeds regulatory expectations. To effectively align with new FDIC guidelines, your function’s plan should address the CIO Checklist seven focus areas that includes the required plan document and areas EA best practices are essential to enable how organizations leverage advanced technologies.
CIO Checklist
Focus Area 1: Ensure the Key Components of the Architecture Plan (document)
The FFIEC Handbook guidelines cover the required sections of the architecture plan document including the current state view, a future state target architecture blueprint, and a roadmap describing the set of initiatives to transform architecture from its current to the desired future state. Specific design aspects such as security, testing, and system reliability must be covered in the target architecture blueprint.
Focus Area 2: Design for Open Banking Architecture Principles
Architecture practices must cover Open Architecture principles because FDIC-supervised firms now use software and cloud applications from external providers to deliver services, such as payments, to their customers.
Focus Area 3: Leverage APIs and Microservices Internally and with Partners
APIs are critical to driving digital transformation because they enable financial services organizations to share data and access third-party software services. In turn, use of APIs creates additional value for customers, and how they will be leveraged should be addressed in the context of the regulation guidelines.
Focus Area 4: Incorporate Advanced Technology, Including AI and Machine Learning
AI and Machine learning is an integral area for architecture practices to combine with DevOps and help lead the digital transformation initiatives of financial services. Consequently, governance standards for processes and customer service interactions that are performed through modern applications need to be redefined.
Focus Area 5: Incorporate A Zero-Trust Security Architecture
The FFIEC handbook delineates EA must incorporate Zero Trust Architecture (ZTA) principles whereby authentication and authorization, including through cloud-based services, are discreet functions performed before access to an enterprise resource (e.g., a database) is established.
Focus Area 6: Support Agile Methodologies
The adoption of Agile Methodology is reshaping how financial services organizations use advanced technologies to deliver on business objectives and creates urgency for EA to shift from a top-down governance (emphasizing strict controls through policies) to an enablement model. This means the function has to lead the way for software development/agile teams by defining best practice guidelines for design and deployment.
Focus Area 7: Consider the Cloud
With the migration to cloud-based services for data storage and access to more capabilities like big data analytics, understanding practices deployed by cloud service providers is essential to addressing EA risk considerations, and EA practices must address how sensitive information is protected in cloud environments.
These seven focus areas of a strategic EA plan are the keys for Heads of Architecture to establish practices that align with expected standards and create value through partnering with other functions to deploy technologies in delivering the digital experience your customers expect from their financial services relationships.
An Invitation for You
This brief is the first research for Aite-Novarica Group’s new Financial Services CIO/CTO Advisory practice designed specifically for Heads of Enterprise Architecture and CTOs in FS organizations that own this function to help you make better decisions about Architecture practices and investments that drive greater business impact.
We are bringing together a select group of highly experienced architecture function leaders on October 25 (two-hour session) as Research Council members to guide us in setting the direction of the research and advisory agenda, and your perspective will be invaluable to determining what topics and challenges ANG’s new service should prioritize.
To learn more about being an exclusive Research Council member or indicate your interest in joining us as seats are filling up fast, simply respond by providing your contact details and email address. I’ll share the full brief with you and reach out to schedule an introductory conversation. We hope we can count on your input and look forward to hearing from you.
Add new comment