We talk a lot about how the evolution of technology is changing the role of Operations. But the other side of the coin is equally important: the role of the Technology function. What are the priorities and responsibilities of IT leaders in today’s world where transformative technology has a low barrier to entry?
We were delighted to sit down with Alastair Angus, Chief Information Officer (CIO) at CIBC Mellon, to get his thoughts on all this and more. Angus’s background runs across finance and capital markets technology in New York, the UK and Toronto.
CIBC Mellon is Canada’s leading asset servicing provider, and have been a Duco client for several years.
Angus kindly joined our Chief Product Officer (CPO), James Maxfield, on stage at our Innovation Day: New York event in front of an audience of industry leaders.
Here are the key talking points from their conversation.
The CIO perspective on innovation
Innovation is a word that gets used a lot in our industry. But what does it mean to a Technology leader like Angus?
Angus views innovation through a pragmatic lens, rather than the pursuit of the latest tools for novelty’s sake. "Innovation isn't experimentation for the sake of, 'We've got a new tool and we want to play with it,'" he explained. To him, the true essence of innovation is simply "about doing things differently and better".
The journey toward improvement, however, doesn't start with a solution; it starts with a question. Angus emphasises that the process must begin with a clear understanding of the hurdle at hand. "Do we have a good sense of what problem we're trying to solve? What is the challenge we’ve struggled to address in the past that we may now be equipped to tackle?”
These challenges, he noted, often persist not for lack of desire, but due to structural friction. Sometimes "responsibility [for a solution was] fragmented across silos", while other times the necessary technology simply didn't exist yet.
Angus was particularly wary of the "tech-first" trap, noting that while he leads on a technology front, it can be "the wrong starting point" for a meaningful discussion.
“It's about connecting ideas with the people who understand the process deeply and may have approached it differently in the past. There's the degree of doing it at scale and doing it with resilience, but that still comes back to [finding the person] who knows the process well enough, who knows the governance well enough."
"Maybe they ask the question again that we've asked in the past: ‘How do we improve this process? How do we remove cost from the operation? How can we do something new for our clients here?’”
Ultimately, Angus describes innovation as a "real-world outcome" achieved by approaching an old problem with a "fresh mindset". For CIBC Mellon, innovation is found in the willingness to ask if a solution is possible now, even if it failed in the past, by harmonising people, processes, and technology.
The evolving relationship between Technology and Ops
Traditionally, the relationship between Technology and Operations is built around ‘requirements’. Ops have an issue they need to solve, so they document their requirements and pass these extensive lists onto Technology to develop.
But, as Maxfield said, reflecting on his previous career in Ops, knowing what you want and documenting it correctly are two different things. This can create all kinds of friction, and ultimately tends not to lead to innovation. Problems don’t get solved, because Ops can’t articulate the issue properly and all Technology can do is deliver what’s in the requirements document, regardless of whether it’s an effective solution.
For Angus, a big reason this way of working exists is because of the Sarbanes-Oxley regulation. This 2002 act in the United States enforced stricter accounting, auditing and governance rules to protect investors from fraudulent reporting.
Unfortunately, the rules were widely misinterpreted, “there was a view that if you wrote the specification, you couldn’t code it; if you coded it, you couldn’t test it; and if you tested it, you certainly couldn't deploy it,” Angus explained.
The impact of this was that Technology became a “subservient function”, more removed from Operations and taking on a less collaborative role.
“It pulled us all apart, really to our detriment. And it's taken [the industry] the best part of 20 years to work out that that wasn't actually what the regulation required.”
Instead, Angus said, the point of the regulation was “operate in control, operate with audit”. This has allowed Technology and Operations to rethink their relationship again. It’s no longer that Ops must have their specifications fully mapped out before they “enter the technology floor”. Instead, the focus is on “conversations with the right people in the room”.
One key win of this approach is that the speed of change has accelerated dramatically.
“I've led technology teams in the past that have been making changes to client facing systems six times per day per developer, straight into production."
"Each one of those changes is tiny, but if any of those go wrong, or they didn't solve the problem, we'll roll them back and it wouldn’t be a big deal. We only lost a couple of hours’ productivity.”
Not just for IT – how to create a company-wide innovation culture
It’s not just a reinterpretation of regulation that is changing how Operations and Technology work. Technology has changed a lot in recent years, giving Ops the kind of self-sufficiency they’ve always dreamed of.
“We've got such incredible tools,” Angus said.
“You wind back 10 years, and [by comparison] what end-user-driven platforms like Duco can do is infinitely more powerful now. It's not practical to use the operating model of, ‘IT will build it.’ It's not necessary. You can look at tools like Duco that are no-code. They're incredibly accessible.”
And, of course, there is the proliferation of artificial intelligence. Teams across the business are more empowered than ever to solve their own problems. So, how does a CIO ensure that innovation is a company-wide initiative?
“Technology now is an enabling function,” Angus said.
“IT is no longer defined solely by building technology. IT’s role is to enable the organisation to build the right solutions, using the right technology. IT isn't going to be the bottleneck to building what you want [and] solving your problem.”
Instead, the Technology function is there to provide subject matter expertise that gives other teams the understanding of what tools are available and how they can solve their problems.
Sometimes it can be tricky to foster this kind of curiosity. Angus shared an example from a previous bank where they generated interest in robotic process automation (RPA) by hosting walk-in sessions in a meeting room next to the trading floor during lunchtimes. Over time, a steady stream of people would come to ask questions about how RPA worked and what problems it could solve.
The free pizza and sodas the team offered as incentive probably helped as well.
How do you make teams feel safe to innovate?
You’ve successfully communicated to the organisation that innovation is their responsibility too. There’s just one problem - people are scared to try.
Many people in Operations are being told to use AI, but are worried they’ll get in trouble. They are concerned about the consequences of an agent doing something it shouldn’t have, or that the IT department are “going to march down here and tell me that I've done the wrong thing and I shouldn't have done that, [that it] wasn't mine to do.”
The solution to the fear around the consequences of unrestrained AI is fairly simple, Angus said: communicate that you have guardrails in place. “We're not being reckless with the tools that we put on your desktop. We’re putting guardrails in place so that the downside risk is contained.”
The second key message is that innovation happens side-by-side with Technology. “Engage your IT partners at the start,” Angus said.
“Do a little bit of experimentation yourself. If you need help, [or] if you think you've created something of value, speak to your cybersecurity person, speak to your operational risk individual, for their perspectives.”
He shared some examples of the interesting work CIBC Mellon is doing around strengthening their AI guardrails for their teams. There are different levels of “safety for different modes of operation or for different horizons of AI capability”.
For example, a productivity tool that automates or optimises a task for an individual needs little governance beyond the general controls already in place. “Don't worry, we've put the guard rails in place to keep you safe and to limit the damage that could possibly happen with that”.
There are more governance steps for AI tools that get shared with colleagues or the wider organisation. “Maybe you have to register it in a repository. Maybe we have to be clear with you that you're the owner of that ‘recipe’. And that comes with a few obligations. You're the go-to person if people have questions. You've got to monitor its performance over time. If one of its dependencies changes, it's on you to go and update it.”
And, of course, there is another level of sophistication again when it comes to guardrails around developing agents. “Maybe you come to a review board first to say, ‘Here's what I'm planning to do with a group of SMEs. What should I take into account before I do that?’”
These controls are still being developed and refined, but the ultimate aim is “to outline it's okay to innovate. And not just that we actually want you to try things – we want you to try things out there in the open.”
That openness is very important. Many organisations are full of end-user computing (EUC) solutions; applications or processes that are built without the knowledge of IT. A classic example is a reconciliation built using Excel macros, often created due to the inflexibility of legacy technology. “We're trying to encourage away from that environment.”
Part of that, Angus explained, is ensuring that Technology isn’t viewed as the department of ‘no’.
“We’re working to become the function that says, ‘That’s a strong idea. Have you considered this? Let me help you. Let’s build it properly.'”
The earlier that partnership begins, the easier it is to ensure innovation happens in a way that can scale across the enterprise while the correct ownership is in place.
“It comes back to a culture of: ‘yes, we feel safe to do this because we know the IT department are going to be there to help us, not to come and rap us on the knuckles.’”
Avoiding the AI point solution problem
Maxfield reflected on the fact that, 25 years ago, everyone built their own tooling in-house. The result of this is a huge network of point solutions, which is a problem Technology teams are still trying to tackle today.
“You bring in a new platform and find one process that massively benefits from it,” Angus said. “And then the advocate for that platform moves on to something else. And you do that 1,400 times [across an organisation]. And of course, some of them are using one communication standard and one paradigm, and some are using a different data model and a different paradigm.”
It’s a big challenge for the industry; one with “no silver bullet”. Angus explained that CIBC Mellon is focussing on platform consolidation – and on establishing good practices to ensure the problem doesn’t compound in the future.
This is important, because AI threatens to create the same issues again. Firms could easily end up with hundreds of different AI solutions, “which would get us back to 100 different ways to solve the same problem, which is analogous to where we were with access databases and EUCs.”
One way CIBC Mellon are looking to prevent this is by establishing an “AI blueprint library”. This allows teams and individuals to see what solutions already exist for business problems. It means that they can see what’s available, rather than starting from scratch every time.
“It's about embedding the new discipline as we take our legacy systems out and replace them with our AI empowered systems and our AI agents. If we do that well, we become more self-correcting going forward.”
What CIOs should look for in new tools
Finally, Maxfield wanted to know what was on Angus’s shopping list when it came to new technology. Rather than features, Angus stressed that “the most critical thing” is the relationship CIBC Mellon can have with the vendor. He wants to ensure a truly bilateral conversation with a vendor who values working with him as much as he feels the value of their platform.
“Is it somebody that we know will take our call and are interested in what we're building with it? With Duco, amongst others, we've been very successful in that regard.”
On top of this, it’s important to have a view of the product roadmap and to be able to influence the platform’s direction.
Beyond the relationship with the vendor, there are some practical concerns. Versatility is high on the list; Angus wants platforms that are broad enough in their applications to handle multiple use cases. “I've been in organisations where we have six or 700 different vendor products, and that's in capital markets alone, which is too many.” This is a product of the past drive for best-of-breed platforms – the point solutions referenced in the previous section.
Yet too much ubiquity is equally problematic, particularly from a risk perspective. Firms don’t want to concentrate everything onto just a few platforms.
“It's finding that balance with vendors [that have] no lock-in risk for us, but are versatile and featureful enough that provide really good value in multiple different problem sets.”
Conclusion
The conversation between Angus and Maxfield showed that Technology functions are in an exciting period. They’re able to act as innovation partners, enabling the wider organisation to achieve transformative outcomes with new technology. The view that IT is the ‘department of no’ is outdated. Instead, here is a function of subject matter experts ready to help Operations overcome long standing blockers.
To summarise:
- Innovation ultimately relies on getting the right subject matter experts together to truly understand the problem you’re solving for.
- Technology leaders need to make the rest of the organisation feel safe to innovate. Communicate the guardrails you have in place, let teams know what their responsibilities are, and act as their innovation partners.
- Ensure that your guardrails are right for the type of technology; individual AI projects limited to a single person require fewer controls than, say, the development of a new autonomous agent.
- Lay the groundwork for AI best practice now to avoid ending up with a new deluge of point solutions in the future as has happened with previous technologies.
- Choose new tools based upon the relationship you can have with the vendor. On top of this, look for solutions that strike the right balance between being broadly applicable and concentrating too much into one platform.
Want more great insights from CIBC Mellon? Check out the best takeaways on automating EUCs from Vice President of Operational Transformation and Excellence Jeremy Hulme.
