Dr Fatemi Ardakani is one of the leading figures of the Iranian banking and payment industry. Almost two decades ago, he co-founded a start-up that ultimately revolutionised the country's banking software industry in the face of sanctions imposed on Iran at that time. After a successful track record at Tosan, he joined the board of the directors of the Bank Melli Iran. BMI is the first national bank and one of the most influential banks in Iran.
Bank Melli Iran had fallen behind the technology curve compared to its competitors, a situation many attributed to a very traditional leadership approach. Since Ardakani joined BMI it has undergone many changes including largely closing the earlier tech-gap. SC's Ali Taherian caught up with Ardakani to discuss some of the specific problems currently faced and how they are being dealt with.
Ali Taherian: How does technology reformation occur in an old-fashioned organisation?
Dr Fatemi Ardakani: “I believe that we cannot start a technology reformation without revolutionising processes and procedure, and human resource. A holistic approach to change in organisations which encompass all the success elements in a portfolio is highly important. Human resource is extremely critical and essential resource should be allotted for their development.
“Previously, overestimation of the security threats in BMI hindered the development of systems tuned to the needs of the customers. Sadly, that has resulted in an era during which a portion of our customers left and the new generations became less willing to bank with us. To solve the issue, we have revised our risk appetite and tolerances to try and provide services that meet the needs of our customers, accepting a higher level of risks and incrementally improving the security posture of the bank. We believe that customers should not be affected by security threats and we try our best to protect them.”
AT: What factors have had the most positive influence on communicating your drive to reform information technology in BMI?
FA: “Articulating technical issues and initiatives into understandable business language has had a wonderful outcome. In addition, trust is a chief factor in the effectiveness of our communications. Furthermore, applying the incremental approach towards the desired changes and managing the related risks is of the highest importance.”
AT: How do you evaluate the business acumen and in particular the role of an MBA in the effectiveness of technology or InfoSec managers?
FA: “Personally, I have enrolled in some of the MBA modules and I want to emphasise on this important fact, that lack of business understanding of a technical manager eventually leads to misunderstandings and lack of appreciation from the business managers. A solely technology-based approach to change would not be able to get the attention and support of the top management. An MBA is a helpful tool when we need to fill the gap in communications with the business managers who have an economics and finance background.”
AT: Innovations have been changing the face of banking worldwide. In which areas do you think we need more innovations?
FA: “The combination of technology and business should manifest itself in useable technologies in the banking industry. Nowadays, business, technology, and risk managers work together to draw a different future for customers. It is our job to ascertain consumer's behaviour and enter those areas affecting how customers use banking services. Users' behaviour is important to achieve our goal and we have been trying to increase our understanding of our customers through different methods including social networks to extract patterns of acceptable user behaviours.
“Additionally, I think we need to have clearer definitions between privacy, security, and trust. A mix of these areas can be a great place for innovations. Identification and authentication are two particular areas that lots of innovation can happen. User experience and ease of use are highly important for us and we want our customers to trust us and have a deeper and more loyal relationship with us eventually. Biometrics - either physical or behavioural - provide users with ease of use without any additional extra efforts. It is part of who we are (finger print, iris) or what we do on a daily basis (typing aka keystroke dynamics). They are going to be one of the most effective methods of authentication.
“We need a good identification of our customers to be able to drop the traditional authentication methods. We need to identify and authenticate our customers more effectively and our information system needs to benefit from a mixture of these methods of user identification to succeed.”