newbacs technology renewal · pdf filesla management, volume growth) ... • upgrade...
TRANSCRIPT
Presentation to BCS, West London Branch 11th January 2005
NewBACS Technology Renewal Programme Tim Lambertstock Technology Strategy Manager0870 920 [email protected]
Agenda
• Business Background• Technology Renewal Programme Background• BACSTEL-IP• Programme Architecture• Programme Management• Lessons Learned so far• Summary
Page 3
An overview of Voca (formerly BACS)
Background
• Electronic Funds Transfer processing of Direct Debits, Direct Credits and Standing Orders
• Operating for 36 years
• Part of the UK Critical National Infrastructure
• Manages inter-bank network services
• Owned by the major UK banks and building societies, and the Bank of England
• Culture of high performance and always- available systems
Operations
• 4.6 billion transactions in 2004
• Over 90% of UK salaries are paid by Direct Credit
• Over 65 million items on a peak day
• Over £2,500 billion paid through Voca in 2003
• 50,000 users connect to the Voca service, including all of the FTSE 100
• NEVER lost a payment!
36 years
50 billion transactions
0 lostPayments
50,000 users connected
94%94%93%
78%77%
72%62%
50%39%
31%14%13%
96%96%97%Trusted
Efficient
Secure
Proven
Capable
Experienced
Knowledgable
Robust
Customer focused
Progressive
Technically leading edge
Agile
Bureaucratic
Expensive
Passionate
FDs & IT Directors…
Voca – trust, a key asset
Develop Best-in-Class Technological Capabilities(NewBACS, IT Programmes)
Develop Best-in-Class Technological Capabilities(NewBACS, IT Programmes)
Build a Commercially-Focussed Organisation(Organisational Transformation)
Build a Commercially-Focussed Organisation(Organisational Transformation)
Develop Partnerships and capability across Europe(ACHs, Banks, IT Companies)
Develop Partnerships and capability across Europe(ACHs, Banks, IT Companies)
Expand Business Around the Core
(Product Dev., Customised Services)
Expand Business Around the Core
(Product Dev., Customised Services)
Dev
elop
B
AC
S C
apab
ilitie
s
Capitalise on Market Opportunities
Further Improve Core Services
Delivery (SLA Management,
Volume Growth)
Further Improve Core Services
Delivery(SLA Management,
Volume Growth)
Develop New Areas of
Opportunity (New Service Lines, JVs,
M&A Activity)
Develop New Areas of
Opportunity (New Service Lines, JVs,
M&A Activity)
To be the leading provider of world class, secure transaction services
New Commercial Mandate and Mission
Programme Background
24x7 Operation24x7 Operation
Support New andSupport New andfaster clearing cyclesfaster clearing cycles
(Faster) (Faster) Time To MarketTime To Market
Offer new and Offer new and differentiated services differentiated services
Cost ReductionCost Reduction££ ££ SupportSupport
Increased VolumesIncreased Volumes(5b+ items in 2005,(5b+ items in 2005,
100m/day peak)100m/day peak)Renew ageing,Renew ageing,
outdatedoutdatedtechnologytechnology Improved SecurityImproved Security
NewBACSNewBACS
€ Support EuropeanSupport Europeandevelopmentsdevelopments
Maintain reliability,Maintain reliability,further reduce riskfurther reduce risk
(settlement, (settlement, operational, credit)operational, credit)
Drivers for Technology Renewal Programme
New Capability
Secure Infrastructure
Operational Cost
Enhanced Customer Service
Strategic Capability
Generic security infrastructure
ResilientContingencyScaleable
platform
Interoperability and Multiple formats Reduced bank
operational costs -STPReduced cost of
functional change
Service Differentiation
Web- based
services24 x 7
Flexible clearing cycles
Range of standards
Multi-currencycapability
Main Heritage Systems
ICL MainframeREFT
Spooling
Item Validation
Central Checks
Output
Central Instructions
BCOLLREMIT
BACSTEL HST
Messaging
Tandem
Tandem
Tandem AIX
SME Corporate InputLarge Corporate &
Member Input
HSTOutput
(Member In-Clearing)
BCOLLException Management
(Pre-Dates REFT)
REFT• Built circa 11 years ago• Main Processing Engine
(all STD18 Processing)• COBOL (generated)• IDMS(X) Database for
Reference Data• Items stored on disk (not
database)
REMIT• Another Processing Engine
(not widely used)• International & Domestic
Services• MT102 & EDIFACT (FIN)
Other BACS Messages (AWACS, ADDACS, etc)
AIX
BACSTEL-IP: a mission critical project
• Needed to work with 12 bank groups• Internet technology• Very large volumes• Demanding service levels• Complex security requirements• First part of wider programme• Had to deliver infrastructure for remainder of programme
BACSTEL-IP Project Overview
BACSTEL-IP went live on 28 October 2002!
The project of c.20,000 mandays, with a team peaking at 150 people, was delivered:
On-time (on the date set a year before!)
To specification
5% under approved budget
In October 2001, BACS Board authorised funding for BACSTEL-IP
It is the first Phase of the Technology Renewal Programme
The BACSTEL-IP projects started in January 2002
Payment Submission Capture
On-Line Validation
Safe-StorageOn-Line
ReferenceData
ExistingPayment Processing
Reports
Output & Settlement
Bank
On-Line Payment Submission & Confirmation
On-Line Customer Data Updates &
Registration Sec
ure
Chan
nel
-B
AC
STEL-I
POn-Line
Reports & Payment Tracking
On-Line Information
Bank-Issued PKI Smartcard
Business Customer
BACS Payment Services
BACSTEL-IP - What is it?
Customer Benefits
• Large files can now be submitted faster• Single secure connection for submission and reporting
• Everything now on-line - eliminates paper-based processes and reduces costs
• Increased control and end-to-end automation• All interfacing software now Voca approved • Enables Straight Through Processing
Positive Customer reaction
“So simple - just smart card and PIN and you’re in.”"From the word go it proved simpler than the old system. With a constantly changing weekly payroll submission, rapid same day online reports are of great benefit as is the flexibility of access whenever and wherever we choose."Katherine Egerton, EuroCentres Language Schools
Programme Architecture
Technology Principles
• Single, shared, modular, re-usable architecture for all services
• Remove duplicated processing and reference data maintenance
• Standards-based, “buy not build”
approach where feasible
• Scalable to meet future demand• Upgrade existing delivery channels to take account of internet technologies
• Move to industry approved security model• Facilitate regular enhancement to platform by evolution, not repeated major investment programmes
Leading Edge Technology Stack
Solaris 8
Application Server
Database
Server
Operating System
Storage
Network
Sun StorEdge™ 9980
Sun Fire™ 15K server
Why this stack?BEA WebLogic decision taken first in late 2001:
• Market leader in Application server space• Most EJB implementations use WLS• Better J2EE support and compliance with Java standards• Better clustering and high-availability features
Oracle decision taken soon afterwards:• Market leader in high performance enterprise databases• Existing skills available within BACS• Best support for high-availability between Data Centres• Excellent support for Java, XML and WLS
Sun decision, primarily cost-driven but also:• Market leader• Best available support for WLS and Oracle• Excellent support for clusters and high-availability
Technical Infrastructure
Internet DMZ
BACS TRUSTEDDOMAIN
Extranet DMZProxy Server
ClusterProxy Server Cluster
Firewall Firewall
Firewall
Load Balancing
Hardware Failover
WebLogicServer Instance
WebLogic Server Cluster
Load Balancing
Hardware Failover
Oracle Real Application ClusterDatabaseInstance
Sun ServerDomain
Sun Server Domain
Sun ServerDomain
Sun Server Domain
High speed connection to Second Data Centre
Network Network
Load Balance
Load Balance
DatabaseInstance
WebLogicServer Instance
BACS Users & Members
Sun F15K• 16 CPUs *• 16 GB Memory *• Can grow to 72 CPUs• Weight = 1 Tonne!
Configured as 2 Systems• Application Tier contains the Business
Logic• Database Tier runs the Database as a live-
live cluster
Main Servers
SUN F15K
Disk Subsystem
Database Server
Solaris
Oracle
Application Server
BEA WLS
Solaris
DB I/O
DB I/
O
* Now being doubled for rest of programme
Full Infrastructure Architecture
Site BSite ADisk Subsystem
DB I/O DB I/O DB I/O
DB I/O
Oracle Data GuardArchive Logs
Oracle Online Log(sync Replication)
DiskSubsystem
SyncReplication
F15K
APP
-D
B
DatabaseServerSolaris
ApplicationServerSolaris
F15K
APP
-D
B
DatabaseServerSolaris
ApplicationServerSolaris
Firewall
Firewall
NetraProxyServerSolaris
NetraProxyServerSolaris
Load Balancer
F15K
DatabaseServerSolaris
F15K
DatabaseServerSolaris
Firewall
Firewall
NetraProxyServerSolaris
Load Balancer
NetraProxyServerSolaris
Application LayersIntegration
LayerFramework
Layer
Role Based Access Control
Profile & Management
Audit & Logging
Frameworks
Reference Architectures
Common APIs
Common Third Party Utilities
PKI Security
Legacy Platforms
SettlementSystems
MIS Information
ExtendedServices
Business Services LayerRepresents an aggregated business view of the various BACS
technology aspects i.e., Payment Service, Processing & Exception Management, Extended Formats Service, Advices
Workflow Management LayerEnsures the consistent integration of business processes
internal and external (White Label customers) to the BACS Domain
Business Logic Layer
ReceiveReceive ValidateValidate RouteRoute Warehou se
Warehou se
ReleaseRelease
Data Layer
Reference Data
ManagementInformation
Processing History
Presentation Layer
Submissions Monitor/ Control
CustomerView
MemberBank
Systems
Challenging Security requirements
• Highest levels of authentication and auditability
• Smartcard-based digital certificates• Digital signing of critical transactions• Certificates issued by customer’s bank• Need to accommodate different trust
schemes, including Identrus• Need to work with smartcards from
different vendors selected by banks
Authentication Solution
• Voca set out common requirements in Trust Services Code of Conduct
• Thales SafeSign Authentication Server at heart of technical solution
• Certificates validated in real time according to requirements of each bank
• Tamper-proof audit trail of all transactions• Works with smartcards from multiple vendors without
the need for low-level programming by solution suppliers
Programme Management
Major Culture Change
• Technology - Mainframe/Cobol to Internet Technology/Java• Ways of working - Waterfall to OOAD• Approach - Needed to adopt delivery focus (no major new
system development for 10 Years)• Management - Tight Budget and Deadline• Partnering – needed to work effectively with external
partners • Risk – had been very risk adverse, needed to be willing to
take risks when appropriate
Recruitment and training of staff
• Needed to continue to support existing systems as well as develop NewBACS
• Core team of about 10 senior Voca IT staff (Project Managers, architects and business analysts) had been engaged from early 2001
• About 30 Voca developers and designers were introduced into mixed BACS/external teams from early 2002
• Their roles were back-filled with contractors• BACS staff had training in RUP/UML and Java where
necessary and a NewBACS induction programme
Methodology (Prince 2 & RUP)
Programme Planning & Monitoring
Directing a Programme
ProgrammeStart-up
Close aProgramme
ProgrammeDefinition
ProgrammeBrief
ProgrammeStructure
ProgrammeBudget
ProgrammeResources
ProjectBrief(s)
End ofProgrammeAssessment
ProgrammeClosureReport
InitiateProject(s)
Project Planning & Monitoring
Directing a ProjectProjectStart-up
ProjectInitiation
Closea Project
Controling a Stage / Managing Stage Boundaries
Project InitiationDocument
ProjectResources
Project Budget
Project Plan(Top-Level/Stage)
End of Stage / InterationAssessment
End ofProject
Assessment
ProjectClosureReport
End of Stage / InterationAssessment
RUP Phases
RUP Iterations
DisciplinesBusiness Modelling
RequirementsAnalysis & Design
ImplementationTest
DeploymentConfiguration &
ChangeManagementEnvironment
ElaborationStage 2
ConstructionStage 3
TransitionStage 4
Elab#2
Elab#3
Const#1
Const#3
Const#2
Trans#1
Trans#2
Elab#1
Const#4
Inception
Initial
New Production PhaseNew Disciplines: Security, Member Engagement, Infrastructure & Operations
Project Best Practice
Quality Component-Based Software Produced
• Establish milestones and dependencies
• Identify key-risks • Prioritise and schedule
activities of team• Actively manage and
motivate team
Project successfullycompleted
UML and Code
Industry Standard Design Models
Clear and Transparent Code
and Designs
Quality-AssuranceProven Project Methods
Time-Frame and Risks Managed
Project Management
Artifacts
Design and Coding Artifacts
PRINCE2 and RUP Code and Design Best Practice
Risk Management & Mitigation
Project Success
How we handled this complexity made the
difference
VALUE DELIVERED
Modular Design
Avoiding Common Pitfalls
Identified Business Opportunities Enabled
• Small self- contained pieces
• Flexibility• Scalability• Open
Standards• Low risk
• Industry leadership
• Handling change
• Future proofing
• Reduce cost of operation
SUCCESS FACTORS
Define ObjectivesMulti
Million
Partners PracticesTechnology
Planning Product Selection
Cost Controlled Objectives
MetQuality
Maintained
Programme Risks
Reduced
Managing Risk
People• Capabilities, Knowledge & Skills
Process• Project Management, Development, Risk Management,
Controls & Communications
Tools• Planning, Development, Deployment & Documentation
Technology
Payment Submission Capture
On-Line Validation
Safe-Storage
On-LineReference
Data
ExistingPayment Processing
Reports
Output & Settlement
Bank
On-Line Payment
Submission & Confirmation
On-Line Customer Data Updates &
Registration Sec
ure
Chan
nel
-B
AC
STEL-I
POn-Line
Reports & Payment Tracking
On-Line Information
Bank-Issued PKI Smartcard
Business Customer
Migration strategy is designed to reduce risk
Legacy Mainframe System
Lessons Learned and Summary
Look to Use Again
• Break up big projects into several smaller ones and manage as programme
• Organisation Structure and Controls• Identify risks and seek to address them early• Select technology that really does work together• Select partner with the right Skills, Knowledge &
Capability • Develop iteratively and take releases right through
testing and deployment early on
Look to Improve
• Agree Ways-of-Working upfront• Don't change everything at the same time unless you
have to• Don't underestimate culture change• Get technology vendors to underwrite what you are doing,
both technically and contractually• Deploy Configuration & Build tools and pipe clean early• Understand the Legal changes you need to make and
start them early• Tight Contract and Supplier Management
Best use of B2B e-Commerce
Innovation Category and
Overall Winner 2003
e-Business Project of the Year
Technology Award for Services
The programnme has won many awards
Award for Excellence in Secure Electronic
Business 2004
European Banking Technology Award for
Outstanding Achievement of the Year
Summary
• One of the largest J2EE business applications in the world
• Available over Internet, BACS Extranet (supporting different connection speeds) and SWIFTNet
• BACSTEL-IP supports both browser-based and application-to-application interfaces
• First integrated use of digital certificates issued under multiple trust services
• Unique interoperability with PKI smartcards from multiple vendors with different signing software
• Successfully integrated PRINCE 2 Project Management with RUP Software Engineering ensuring delivery on time and under budget
But this is only the beginning….
• BACSTEL-IP is a solid foundation for the rest of the Technology Renewal Programme
• We are looking to leverage the security capability to provide authentication services to others
• Voca launched an EBPP service last year and is looking to launch a number of other new ventures this year
• This new capability and technology is attracting interest from around the world
• Voca is increasingly playing a role on the European stage
Any Questions?
Tim LambertstockVoca [email protected] 920 8554www.voca.co.uk