During 2015, the Organisation carried out important projects that contributed to making processes more efficient and streamlining the Bank's entire regulatory framework. Specifically, the Organisation:
- defined the taxonomy of the Bank's processes, dividing them into three areas—“Governance”, “Business”, and “Support”;
- set out the internal disciplinary framework, which distinguishes between rules concerning planning—characterised by “Guidelines”, “Organisational regulations”, and Policies—and those concerning operations, which consists of “Organisational procedures” and “Operational notes”;
- launched a plan for updating the Bank's internal rules, in light of the specific changes introduced by the revised supervisory framework, and reviewed the “General Rules”;
- together with the ICT and Administration departments, built the Bank's new accounting platform, which contributed to making the processes concerned more efficient and the reconciliation between operational, accounting, and supervisory data faster.
In the final quarter of 2015, Banca IFIS created an Operations department in order to review and innovate its operating model, with a focus on digitisation. The new department manages and coordinates the following organisational units: ICT, Operations Management, Digital Factory, Process Engineering, Privacy & Security Management.
The department's first projects focused on analysing operating processes in order to identify potential improvements by overhauling the activities of specialist operating groups, automating some operating stages, and introducing digitisation platforms.
In addition, in the final quarter of 2015 Banca IFIS also launched important Fintech initiatives (the bank will invest significantly in this area over the coming years), promoting the use of advanced technology to support innovative business models (for instance, it started creating a marketplace dedicated to digital lending to SMEs). The initiatives, which aim to achieve strategic goals in the short- and medium-term, focus on the following topics:
- digital disruption: providing “digital native” solutions based on simple processes, 100% digital, and with advanced recognition tools. By focusing on the “user experience”, the Bank aims to ensure an immediate exchange of information across all channels, boosting efficiency and reducing operating costs. This requires digitising all operating and loan origination processes with digital signatures;
- analytics at the centre of the Business; introducing big data tools and solutions, developed on SAS platforms, capable of analysing massive data sets in real time so as to support decision-making and risk control processes, striving to make reporting processes consistent, reliable, fast, and high-quality;
- evolution of specialist systems: enhancement of Factoring and Non Performing Loan solutions to improve the time-to-market, making processes more efficient and raising service levels;
- time to Compliance and evolution of Conventional Banking systems: streamlining “core banking” components to react faster to regulatory adjustments and enhancing the level of integration to support the business's growth;
- technological update: continuously strengthening technological infrastructure and services.
As for ICT governance and security, risk and compliance management, the main initiatives carried out in 2015 concerned:
- preparing the ICT Strategic Plan, in accordance with the prudential supervisory provisions for Banks;
- implementing the method for analysing IT risks, pursuant to the relevant Group Policy and in accordance with regulatory provisions, as well as the resulting plan of mitigation actions identified;
- consolidating the documentation for ICT Processes and Information Security, by outlining the relevant procedures in accordance with the Group's Information Security management Policy;
- starting a series of projects aimed at bolstering the information security of IT systems and the network, including through periodic security tests and the ongoing monitoring of vulnerabilities and threats;
- updating the Business Continuity Plan, in light of organisational changes, and the Disaster Recovery Plan, in the wake of the strengthening of the main data centre. The Business Continuity and Disaster Recovery of the Bank’s ERP systems underwent the standard architectural and applicative tests during 2015. The tests were carried out in the presence of the Internal Auditing.