IT migration - procedures for introducing new core systems at financial service providers

The reason for carrying out software migrations is often the obsolescence of the software, its historically grown complexity or that the existing legacy system is no longer able to meet new hardware and software requirements, including current regulatory requirements to IT governance. There is also a lack of suitable IT specialists for older software and support from relevant software or development platform providers is only guaranteed to a limited extent. Overall, development and maintenance costs are also increasing uncontrollably.

A typical example: The existing, self-developed core system of a bank, insurance company or KVG/KAG is no longer meeting the current requirements from a professional, technical and regulatory perspective due to its obsolescence. Further development is no longer guaranteed due to the lack of appropriate IT resources. The bank's IT strategy therefore envisages introducing a new core system. To do this, it is necessary to replace all existing and all new requirements and functions in the backlog with the replacing software.

From our experience, the IT strategy often aims to replace an existing, primarily self-developed legacy system with comprehensive package solutions such as SAP, SimCorp, GuideWire or Avaloq.

In the course of mergers, pure data migrations can also occur if the contracts and data sets of an acquired institution are transferred to the system of the acquiring institution in the medium term.

From our perspective, the following points are important when it comes to migrations:

• Migration planning taking into account the cut-over vs. parallel operation scenarios and, in particular, go-live vs. roll-back
• Setting up a production-like test environment including all delivery and evaluation systems, with a particular focus on all customer interfaces
• Test planning and execution with a very high level of test coverage before migration, including an end-to-end test to check system integration
• Production control after migration with a decision template for or against the go-live
• Production operation or go-live or rollback

In order to carry out a migration, it is also necessary that all requirements and functions are documented (see also supervisory requirements according to BaFin such as MaRisk , BAIT , VAIT and KAIT as well as according to the ECB and EBA such as EBA Guidelines on ICT and security risk management ) and on the other hand, appropriate transformation rules are defined for data migration, e.g. for customer master data, transaction data, business data, etc.

An incorrect migration can often lead to disruptions in day-to-day business. This can have significant consequences in terms of reputation and business partner relationships.