In the following article, Brad Steppig, Director, Technology and Management Consulting at RSM explores how a 3-year technology plan helps control risk and drives growth.
Regulators have required financial institutions to develop technology plans for several years. Unfortunately, many financial institutions have viewed this as primarily a regulatory compliance exercise and simply took an existing technology plan template and put their name on it. This satisfied regulatory compliance, but offered little value to the organization.
The lack of a true long-term strategy has become a bigger and bigger concern, especially as information technology (IT) spending continues to increase due to regulatory pressures and competitive necessities. For many financial institutions, IT spending has increased more quickly than profit margin growth, making it the largest budget line item for most financial institutions; nor is an increasing budget a board’s only IT concern. Regulators expect boards to provide educated and active oversight over all areas, including IT. In addition, board members now face civil and criminal accountability regarding cybersecurity. Boards must now be more directly involved in IT planning to effectively address these risks and concerns, but it can be difficult for a board to meet these oversight expectations if the board is not tech-savvy, or doesn’t understand their role in the technology management process.
Why develop a 3-year technology plan?
Financial institution IT leadership often struggles on how to educate the board on information security demands and on how IT aligns with and helps to drive the institution’s strategy. If the board does not understand the business case for new technology initiatives, it can be a battle to get necessary IT spending approved.
Establishing a meaningful three-year technology plan can provide three key benefits for your institution:
- It provides the necessary business case for your technology spending, which helps prevent budget battles with your board.
- An educated board is more likely to provide effective governance and oversight.
- Better alignment between financial institution leadership and the board minimizes risk for the financial institution as a whole.
Why a three-year plan? A three-year plan helps address both your current and projected needs. The goal is to move past looking at IT initiatives on an ad hoc basis and instead to help push the financial institution toward an integrated technology approach that is focused on long-term strategy instead of short-term needs.
In order to ensure buy-in and support for the final document, engage your board during the creation of the plan. Keep the plan simple and don’t make assumptions about what the board knows or understands. Technology definitions and explanations should be included to prevent unnecessary push back and establish a more productive conversation.
About RSM US LLP: RSM US LLP (formerly McGladrey LLP) is the leading provider of audit, tax and consulting services focused on the middle market, with 9,000 people in 90 offices nationwide. It is a licensed CPA firm and the U.S. member of RSM International, a global network of independent audit, tax and consulting firms with more than 41,000 people in over 120 countries. Read more here.