NEWS FOR IMMEDIATE RELEASE
BITS endorses Framework for managing outsourcing Risk
WASHINGTON, DC, October 25, 2001.
BITS, the Technology Group for The Financial Services Roundtable, today announced that its Board of Directors has unanimously endorsed industry guidelines for selecting and managing information technology (IT) service provider relationships. The BITS Framework for Managing Technology Risk for Information Technology (IT) Service Provider Relationships establishes a framework that closely follows regulatory requirements and sets voluntary industry guidelines. These guidelines are critical in the current business environment, as the financial services industry increasingly relies on IT service providers and outsourcing to support the online delivery of financial services and core technology processes.Providing dimension to this dramatic growth, the Gartner Group projects that worldwide markets for outsourcing professional services will break the $1 trillion mark within the next four years. The North American professional services market is expected to grow from $229 billion in 1999 to $539 billion in 2004. Narrowing the focus to financial services, Gartner reports that the total annual dollars spent on outsourcing of retail financial services has grown from $8 billion in 1998 to a projected $22 billion in 2002. The average annual growth rate for outsourcing retail financial services is projected at 27% for 1998 – 2002.
Outsourcing is defined as any circumstance where customer information or critical company data are outside the direct control of the financial services company. There are many tradeoffs an institution must consider when making decisions about outsourcing, including cost considerations, liabilities and efficiency issues. BITS launched this initiative to help financial services companies satisfy regulatory requirements as well as identify and mitigate the risks associated with outsourcing.
The BITS Framework for Managing Technology Risk for Information Technology (IT) Service Provider Relationships is the result of an intense industry effort that required the collaboration and cooperation of numerous representatives of the financial services industry, regulators and service providers. During the development process, the document was presented to a range of audiences and submitted for public comment. The resulting Framework covers most aspects of control, design and management practices for which IT services are under consideration for outsourcing or have been outsourced. The BITS Working Group was composed of financial services companies of all sizes, and included representatives from the American Bankers Association, America’s Community Bankers, Credit Union National Association, and the Independent Community Bankers of America. Co-Chairs of the Working Group were Sharon O’Bryan, ABN AMRO, Jim Dempster, Metavante and Viveca Ware, Independent Community Bankers of America.
"Our customers rely on financial institutions to provide secure services whether they are provided by our companies or our outsourcing partners. As an industry, through BITS, we stepped up to establish a common understanding of our requirements," said James H. Blanchard, Chairman and CEO of Synovus Financial Corp. and Chairman of the BITS Board of Directors.
"BITS identified the need to understand the control, security and privacy issues related to outsourced services. The result is a framework and set of guidelines that each institution can use to incorporate regulatory guidance, establish a risk management program and evaluate service provider relationships," said Gene Miller, Chairman, President and CEO of Comerica Incorporated and Chairman of the Board of Directors of The Financial Services Roundtable.
"With the increased complexity of outsourced services and relationships, the financial services industry faced the dilemma of having to find a way to establish industry guidelines for our service provider partners," said Sharon O’Bryan, Senior Vice President and Chief Technology Security Officer at ABN AMRO and Co-Chair of the BITS IT Service Provider Working Group. "Outsourcing issues have intensified as technologies have become more sophisticated, start-up vendors have entered this lucrative market and financial regulators have increased their scrutiny of outsourced relationships."
"The outsourcing of banking products, even to the point of customer interface, is becoming ever more common in the industry, particularly among community banks. In that environment, there is a benefit, indeed a need, for financial institutions to have a framework for vendor oversight as part of their risk management programs," stated Christie A. Sciacca, Director, FDIC’s Bank Technology Group.
"Outsourcing is strategically important to community banks as they serve their customers and strive to offer access to the latest technologies and services. The BITS Framework provides an invaluable tool to assist community banks in evaluating and managing service provider risk as prescribed by federal banking regulators," said Viveca Ware, Co-Chair of the BITS Working Group and Director of Payment Systems, Independent Community Bankers of America.
BITS offers this Framework in the full spirit of the Federal Financial Institutions Examination Council (FFIEC) Guidance on Technology Outsourcing, which is characterized by the Council as intended for consideration in conjunction with an organization’s overall risk management program, rather than as a prescriptive measure. The BITS Framework for Managing Technology Risk for Information Technology (IT) Service Provider Relationships can be obtained at the BITS website, www.bitsinfo.org. Please send comments or questions to Faith Boettger, BITS, faith@fsround.org.
About BITS
BITS, The Technology Group for The Financial Services Roundtable, was created in 1996 to foster the growth and development of electronic financial services and e-commerce for the benefit of financial institutions and their customers. Throughout its work, BITS seeks to sustain consumer confidence and trust by ensuring the security, privacy and integrity of financial transactions. BITS works as a strategic brain trust to provide intellectual capital and address emerging issues where financial services, technology and commerce intersect. Major areas of emphasis are security, privacy, standards, leveraging industry infrastructure and e-commerce market development. BITS' Board of Directors comprises the Chairmen and CEOs of some of the largest U.S. financial services holding companies as well as representatives of the American Bankers Association and the Independent Community Bankers of America.
For additional information, contact:
Cheryl Charles, Senior Director, BITS, (202) 289-4322; cheryl@fsround.org.
BITS IT Service Provider Working Group
Co-Chairs: Sharon O’Bryan, ABN AMRO; Jim Dempster, Metavante; and Viveca Ware, Independent Community Bankers of America
Participating Institutions
ABN AMRO North America, Inc.
Allfirst Financial, Inc.
America’s Community Bankers
American Bankers Association
AmSouth Bancorporation
AMCORE Financial, Inc.
Associated Banc-Corp
Bank of America Corporation
BANK ONE CORPORATION
BB&T Corporation
Capital One Financial Corporation
Centura Banks, Inc.
Charles Schwab Corporation, The
Citigroup, Inc.
City National Corporation
Comerica, Incorporated
Compass Bancshares, Inc.
Cullen/Frost Bankers, Inc.
Credit Union National Association
Edward Jones Investments
Fidelity Investments
First National Nebraska, Inc.
First Tennessee National Corporation
First Union Corporation
First Virginia Banks, Inc.
FleetBoston Financial Corporation
Ford Financial Corporation
Fortis, Inc./ Assurant Group
Goldman Sachs Group, Inc.
Harris Bankcorp, Inc.
Hibernia Corporation
Home Street Bank
IBJ Whitehall Financial Group
Independent Community Bankers of America
KeyCorp
M&T Bank Corporation
Mellon Financial Corporation
Mercantile Bankshares Corporation
Metavante Corporation
Nationwide
Northern Trust Corporation
PNC Financial Services Group, Inc.
Regions Financial Corp.
State Farm Mutual Insurance Companies
SunTrust Banks, Inc.
Synovus Financial Corp.
The Chubb Corporation
Wachovia Corporation
Whitney National Bank
Zurich U.S.
Participating Associations
American Institute for Certified Public Accountants (AICPA)
Association for Financial Technology (AFT)
Bank Administration Institute (BAI)
International Security Trust & Privacy Alliance (ISTPA)
Information Technology Association of America (ITAA)
National Automated Clearing House Association (NACHA)
Securities Industry Association (SIA)
Participating Service Providers
Alltel
Arthur Andersen
AT&T
Axys Solution
Checkfree
Computer Sciences Corporation
Compuware
Counterpane
Digital Insight
DynCorp Information Systems
EDS
EMC Corporation
Ernst & Young
First Data
Fiserv
Gartner Group
Grant Thornton
IBM
Intel
Intrieve
ISS
Jordan & Jordan
KPMG
LegalNetworks
McGriff
Metavante
Online Resources
PricewaterhouseCoopers
Smartpipes
Spherion
TPI Sourcing
Unisys Financial Services
Vigilinx
Wave Systems