AdSysAr

Blog on software engineering

Monday, September 21, 2015


Case Study: Driving Savings With  Platforms and Architecture-Centric Approach to Systems Development
 
 
 
 
 
 
 
 
 “By far the most common mistake is to treat a generic situation as if it were a series of unique events, that is, to be pragmatic when one lacks the generic understanding and principle.”
                                                                                                Peter Ferdinand Drucker, “The Effective Executive”
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

 

Executive summary

 
In the current economic climate, most business executives are struggling with a common problem: how to produce more with less.
Senior IT executives are struggling with their own version of the same question:  how to make a greater portion of their IT budgets available for strategic business innovation and transformation.  Investing in sustainable architecture-centric platform-based approaches should allow companies to spend higher portions of their IT budgets on growing and transforming businesses rather than just on keeping businesses running.   However, building sustainable architecture-centric platforms often requires greater capital outlays up front, execution discipline, and commitment to long-term goals and vision.
 
This case study describes the operations division (the “Division”) of a major financial services firm as it was going through several successive mergers and restructurings. The Division’s leadership team was faced with a need to automate core business functions that previously had been done manually.  These functions included operationalization of risk management rules, including credit and income verification, as well as other due diligence functions[1] essential to this financial institution’s operations.  To automate these critical functions, the leadership team had two viable options: the first, while believed to be a faster way to achieve the end-goal was not based on the software industry best practices for creating architecture-centric application development platforms.  The second option, while requiring additional initial investment, was based on the existing Division’s Application Development Platform (ADP) built according to industry best practices and capable of addressing longer term business and IT concerns in addition to the immediate business problem.   The approach that did not rely on best system development practices was chosen.  The ability of the new system to accommodate some basic changes in the business process as well as capitalize on the investment already made in the Divisional IT portfolio was not given sufficient consideration as it seemed at that point a distant second priority to expedience.  Unfortunately, in the end the entire organization paid a higher price, both economically and in human capital due to this decision.
 
 
 
 


Introduction

 
“Stop Gap” IT solutions, while oftentimes meeting immediate business needs, often result in long term system misalignments and other problems. These system problems are frequently structural in nature and thus can be very costly to fix. The quick fix solutions commonly ignore a need for more resilient[2]  business systems that are enabled by proper application of software engineering best practices.  Unfortunately, the system problems introduced by the quick fix solutions are rarely traced back to the decisions that caused them, and in the absence of robust IT portfolio management that tracks long term results, the same mistakes are repeated again and again.   Resulting IT portfolios often consist of many architecturally incongruent pieces and consequently, each succeeding project is harder to accomplish as maintenance and integration costs continue to grow[3]. 
 
Unfortunately, currently there are no hard and fast rules that can guide us to the best choice in system development. Tradeoffs are numerous, often contradictory and hard to navigate.  The “right choice” depends on many factors, is quite dynamic and is never easy or obvious.  For some situations the “stop gap” is the right choice and for others the architecture-centric platform-based approach is a better pick.  This case study describes the latter situation.


 

Overview of the situation and existing environment

 
A relatively mature[4] IT organization was supporting a division (Division) in a rapidly growing financial services company (Company).
 
Over the previous three years, the Division had invested in development activities that produced the Division’s Application Development Platform (ADP). Major parts of the ADP were its architectural framework, metadata repository as well as robust set of processes including configuration management, and release management.
 
A need for an ORM system has been present for quite some time but recently became critical because the Company had significantly expanded its product/program offering[5], with a corresponding increase in variety and complexity of operational[6] rules. The existing manual processes were unable to keep up with the increased demand for operational business rules management. Earlier, a loan underwriter could review a file manually to assess the risk. But when the number of different loan programs grew, the underwriting team was not able to keep up with the different programs’ variations of rules. For instance, the rule “if secondary financing exists, the secondary financing in the system must match the Hud-1 form” was required for some products/programs but not for the others. Rules like this were hard to remember since they changed frequently and varied by products/programs. Complexity in rules management (and execution) was leading to slower turnarounds and higher error levels.  The Division Business leaders funded development of an Operational Rules Management (ORM) system with the goal of improving the Division’s operational efficiency.
 
Due to a number of factors, a decision was made by the Division leadership to allow development of the ORM system outside of the Division’s Application Development Platform.  The main driver was the assumption that time to value for the system would be shorter and the system itself would be cheaper if the development could be done outside of the Application Development Platform[7].  
 
Unfortunately, in addition to creating another redundant and non-integrated source of system development life cycle (SDLC) information as well as business metadata in the Division, non- ADP-based SDLC processes were used for the ORM system development. This was a completely avoidable problem that has aggravated overall predicament.  Using these ad-hoc processes yielded a stand-alone system that was expensive to align and integrate with the rest of the Division’s IT assets. While some attempts to use existing metadata information were made, the lack of a consistent development platform-based approach, as well as the absence of a minimum set of required framework artifacts, resulted in development of proprietary rules taxonomy and related data models.  Since this proprietary taxonomy was developed in isolation from the ADP, it not only lacked some of the information necessary for its future integration with the ADP, but even the information that was present did not lend itself well for the automated systems integration with the ADP.  
 
The end result was an ORM system that was implemented on technology not supported by the ADP[8] and initially contained roughly 600 rules. The implementation effort took approximately seven months and was successfully deployed to the business unit users.
 

A New Twist -- Merger

 
Shortly after the system was deployed, the Company went through a merger. As a result of this merger, another 500 operational rules needed to be added and the user base had to be increased three-fold.  At that point, it became obvious that the system, if scaled up accordingly, would become increasingly unreliable. A decision was made to port the system to a more scalable technology.  The analysis of the additional rules and development effort took three months, during which time the existing production system was unable to meet the scalability demands of the increased number of users, especially at peak times.  The business losses in productivity due to ORM’s inability to meet deadlines during this period were hard to estimate precisely. However, the approximated cost was comparable to all the additional cost of the development required for ADP compatibility[9].
 
When the new more scalable version was finally deployed three months later on a new platform, it contained only 300 of the required new 500 rules; the analysis of new rules was moving forward extremely slowly.  In the absence of common domain information and process models, it was very difficult to correlate the new rules to the existing base.
The process was also extremely laborious and error prone, and took another two months to complete.  Simple work breakdown analysis suggests that if the ADP-required models existed at the time the merger took place, the development cycle could have likely been cut in half due to the significantly reduced analysis phase. In addition to the extra analysis and development cost, two separated views of the data and thus operational rules were required to coexist within the Division for longer time, creating major inconveniences for the staff often resulted in significant rework and thus low morale.
 
 
 

Sarbanes-Oxley Effect

 
By the time the new system version was under development, the Sarbanes-Oxley (SOX) compliance team became an increasingly important stake holder in the operational rules management process and thus in the ORM system. This development led to a situation wherein every time the SOX or Operations teams needed to update the SOX controls and/or the rules respectively, a manual process had to be executed to reconcile these changes.  The cumulative cost of these manual steps over time also became comparable to the cost of all additional modeling and development had the system been built using architectural framework.
 
Had the ORM system been integrated with the ADP’s metadata repository, the validation against the SOX requirements would have been just a matter of writing a handful of metadata management rules against the existing repository information. Minimal additional cost would have been incurred for incorporating the SOX vis-à-vis operational rules reconciliation requirements since the SOX attribute flag has been part of the architectural metadata repository design from the very beginning.
 

Organizational Restructuring Effect

 
Following the merger, major restructuring led to the split of the centralized business operations team (originally responsible for support of multiple channels) into three separate teams, each dedicated to its own sales channel. In the absence of a robust metadata management repository, it became increasingly difficult to maintain one common set of operational rules for all channels. This in turn led to more redundant activities between the channels. Further, the degree of management activities’ automation started to drop and operations became increasingly manual; additional staff was hired to keep up with the demand.   Although financial information is unavailable, it is fairly obvious that due to the new organizational structure, the cost of manual reconciliation of the SOX controls to the operational processes view (in each of the channels) likely increased at least in direct proportion to the number of operational teams and the number of business staff needed to execute the reconciliation. 
 
 
 
 
 

Conclusion

In the case described above, the additional cost of an architecture-centric solution development (roughly $150,000) would have been recovered in approximately three or four months (please see Figures 1 and 2). Most of the additional cost for the ADP-based architecture-centric solution would have come from work done by IT staff. As one can see from the numbers in “Comparative cost of two development approaches” below, the return on the additional investment turned out to be at least 200% and this is according to a very conservative estimate. 
 
However, ADP would have been used not only by system developers every time the system needed an upgrade and modification thus continue to save valuable resources and shortening time to value, but also for creation of training documentation and by operational staff for actual loan reviews as well as by business knowledge workers[10] in operational support area to answer questions that would cover potentially much broader area than just operational rules execution.[11]
 
It is obvious that there are inherent risks in comparing actual results to a “would be” scenario. However, even admitting that this comparison is retroactive and the author has the benefit of hindsight that enables him to fairly accurately pinpoint savings and other benefits that are advantageous to his viewpoint, it is a reasonable approach since we all know that that unexpected changes are the only certain component of any business this day and age.  Sometimes quick fix solutions are the best way to address an immediate business problem.  However, commonly it is not the only available approach as it was in the case described above since the robust analytical and architectural foundation has been already funded and successfully created.
 
Every project undoubtedly has unique nuances, and this case study presents a view of only one particular set of events.  While expected savings will vary by project, it is very reasonable to expect proportionally similar savings in much larger IT budgets. Choosing platform-based, sustainable, architecture-centric development approaches over more simple and seemingly less expensive solutions may lead to significant cost savings in the longer term if the proper balance between short and long term objectives is achieved. 
 
 


 
Activity
Actual
ADP--based Approach
Difference
 
Initial system development -- 600 rules and 6 users
 
Duration
28 weeks
28 weeks
 
 
Cost
$476,000
($150,000)
 
 
 
 
 
 
Porting to SQL Server and adding 300 rules and 10 users after the merger
 
Additional rules analysis
 
Duration
13 weeks
6 weeks
 
 
Cost
$130,000
$60,000
$70,000
 
 
 
 
 
 
Migration to SQL Server, updating existing models and components
 
Duration
13 weeks
2 weeks
 
 
Cost
$143,000
$32,000
$111,000
 
 
 
 
 
cost
Manual execution of rules management process
 
Duration
13 weeks
6 weeks
 
 
Cost
$130,000
$30,000
$100,000
 
 
 
 
 
 
Additional 200 rules after the merger
 
Duration
8 weeks
4 weeks
 
 
Cost
$80,000
$40,000
$50,000
 
 
 
 
 
 
Manual execution of rules management process
 
Duration
8 weeks
None
 
 
Cost
$40,000
$0
$40,000
 
 
 
 
 
 
SOX Review Process
 
Duration
Year-round (2)
None
 
 
Cost
$124,800
$0
$120,000
 
 
 
 
 
 
Total Cost
$1,123,800
$802,000
 
 
 
 
TOTAL SAVINGS
~$322,000
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Figure 1. Comparative cost of two development approaches.
Figure 2. Comparative cost of two development approaches as a graph


 




[1] Product, Program & Commitment review rules, Legal review rules, Servicing Rules, etc.
[2] I prefer this term to a more commonly used “flexible”.
[3] For in-depth discussion of the issue please see:  “The Trouble With Enterprise Software”, Cynthia Rettig, MIT/SLOAN Management review, October 1, 2007.  http://sloanreview.mit.edu/the-magazine/articles/2007/fall/49101/the-trouble-with-enterprise-software
[4] CMMI level 3.
[5] The company was initially offering close to 30 different financial products in 6 different risk groups (primarily based on the FICO score of the potential borrower). Those 30 financial products were produced by different combinations of the following characteristics: fixed or adjustable rate, different maturity payment options (5-1, 7-1 balloons, etc), maturity period 10, 15, 20, 30, 40 years, line of credit (LOC), etc.  Additional products came from more rare combinations and options: interest-only loans, payment option adjustable rate mortgages, etc. These new combinations have created approximately 20 additional products.  Each of these products has different operational business rules.  For example, some rules categories are: Appraisal Rules, Credit Rules, Compliance Rules, Legal Rules, Servicing Rules, Product, Program & Commitment, etc.
[6] By operational in this specific case I mean the rules that guide the Division’s operations and established and managed mainly within the Division itself as oppose to rules that may be established at the enterprise  (corporate risk department) or even industry (legal and regulatory compliance) level.  Though separate and distinct these operational rules are frequently derived from the corporate rules and policies.  See footnote 5 above for examples of the rules categories.  
[7] A very important factor in this decision was the presence of the rogue IT team within the business unit itself. This team has no interest in reducing Division’s IT costs and supporting ADP-centric development, since the increase of the ADP role would highly likely reduce the very need in the rogue IT team existence.
[8] The choice was determined mainly by the skillset of the developers working in the rogue IT team managed directly by one of the Division’s business team.
[9] See more financial details in the Figure 1 “Comparative cost of two development approaches” below.
[10] Training business knowledge workers to use robust modeling techniques is an interesting and extremely important topic. However, this topic deserves its own discussion far beyond the limits of this article. 
[11] The rules management is probably just a tip of the iceberg in costs if compared to the benefits of the actual rules execution during the loan reviews and the operational support that is required to maintain such a complex process.