Balancing Compliance And Innovation With Modernization Projects

Romi Stein is CEO & co-founder of OpenLegacyleading its strategic vision of digital-driven integration for legacy systems.

Let’s start with a fact: IBM reported a 98% growth in revenue (in constant currency) from their z systems of mainframes.

IBM’s new z16 was designed to support, among other things, AI deep learning and to provide next-generation security. To quote IBM: “This innovation is designed to enable clients to analyze real-time transactions, at scale—for mission-critical workloads such as credit card, healthcare, and financial transactions… IBM z16 also is specifically designed to help protect against near-future threats that might be used to crack today’s encryption technologies.”

Another fact: Google has announced Dual Run as part of its Google Cloud Migration Services, allowing enterprises to run their workloads on both mainframe and the cloud in parallel. Right now, this is only available for testing purposes.

And one last fact: Kyndryl (which used to be IBM’s infrastructure services) and Microsoft are partnering to provide mainframe connectivity to cloud applications and workloads.

It is obvious that modernization/migration is a big thing, but I want to look at something a little less obvious: compliance and innovation. Regulation and capability. Yin and yang. Old and new.

The Balance Between Compliance And Innovation

The mainframe isn’t going away anytime soon. The cost of replacing or modernizing legacy systems is high but predictable. The cost of ensuring that new systems comply with all the relevant rules and regulations can be wildly variable, but experience shows that it will likely be more than planned.

Taking innovation and applying compliance will probably be more expensive than planned. The corollary is that some new technologies will not be able to fulfill their full potential until regulations, legislation and legal precedent catch up—think about the intersection of Big Data and data privacy.

On the other hand, taking existing compliant legacy systems and adding innovative features and functionality can be done safely and relatively inexpensively, taking advantage of the “backward compatibility” of compliance.

You can see from the examples above that the major players are trying to cover both routes. I suspect that if Kyndryl and Microsoft gain sufficient traction, we will see hybrid modernization projects grow in prevalence. I also suspect that Kyndryl may have to consider changing its revenue structure for customers who select their joint solution with Microsoft, as the number of transactions that start online and hit the mainframe will probably increase dramatically.

We are now experiencing new and unexpected challenges in navigating today’s markets. Naturally, prudence and caution must balance new customer demands and technological advances. Every new feature carries with it cyber risk, so digital future security is a requirement.

Yet, financial services and other heavily regulated industries must continue to innovate to compete and survive. The balance between caution and innovation is crucial. Of no less importance is the balance between strategy and capability.

Modernizing Legacy Systems

New competitors, be they fintechs, insurtechs or any other tech, have done their homework. Their systems were designed to accommodate the various regulatory and legislative constraints. They have hired the best and the brightest in their industry. Their online services are beautifully designed, and their user interfaces are simple to use and easy on the eyes. They have two drivers—technological ability and customer demand—and one objective: growing their customer base. But they don’t have history.

I cannot overemphasize the importance of history to big business—in this case, years of data, security protocols and robust processes. IBM is continuing to invest heavily in the z line of mainframes and have spun off their infrastructure services (including mainframes). Both Google and Microsoft are becoming serious players in the modernization field. In this context, I believe that the three market leaders are improving protection of, and access to, legacy resources with new technologies and approaches.

It’s going to get very interesting very soon. Massive economic change and the coming-of-age of politicians and legal experts who grew up in the digital age—and are acutely aware of the gap between regulation and technological capability—will make sure of that.

Market shifts will bring new sets of regulatory and compliance requirements, and cybersecurity will continue to gobble up more and more of increasingly tight budgets. Enterprises with legacy systems should protect their assets. They are a solid foundation that are likely more able to weather the market changes. They can also increase in importance as new technologies extract new value from them.

But a key element of these systems is their compliance. Legacy systems have been tested, audited and certified. This may take the new competitors time to achieve. Now is the time for enterprises to leverage their existing systems and assets with innovation as needed and continue to protect their current operations and data.

In order to innovate and comply with regulatory needs, for example, veteran enterprises should catalog their assets. A detailed data map will help an enterprise understand what they have, but can also indicate relevant and appropriate innovations, especially in relation to the current regulatory arena.

A hybrid modernization and innovation strategy will build on the advantages and benefits increased from years of compliance and regular audits. This approach can help ensure maximum flexibility in tactical decisions and minimal disruption if “course changes” are necessary.

Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?


Leave a Reply

Your email address will not be published.