Technology at DTCC: A Special Two-Part Series - Part II

By Helen Cunningham

In the article that follows, William B. Aimetti, DTCC's COO, talks about how DTCC has positioned its technology organization to meet the industry's continually expanding requirements. Part I in the series, an interview with DTCC President and CEO Donald F. Donahue about the 2007 Development Agenda, appeared in the February issue and is available at www.dtcc.com under Newsletters.

This second article in a two-part series about technology at DTCC is an interview with Chief Operating Officer William B. Aimetti, who talks about DTCC's approach to meeting the industry's continually expanding technology requirements.

How has DTCC evolved its Information Technology (IT) organization to meet the industry's increasingly diverse and complex technology needs?
Over the past five years, we have fundamentally transformed our IT organization. That transformation is grounded in the adoption of technology-industry standards that have brought a new level of discipline to how we develop applications and manage the infrastructure that supports those applications. For customers, the benefits of this standard-ization drive include lower costs, fewer defects, improved speed to market and better service.

On the software development and testing front, we rely on a methodology called Capability Maturity Model Integration, or CMMI, which originated at Carnegie Mellon University. CMMI has five levels of certification that companies obtain based on their development capacity. DTCC now has Level 3 certification for six CMMI practices and, in 2007, we will add two more categories. In 2004, we obtained Level 2 certification in all CMMI disciplines. These accom-plishments put DTCC in an elite class, especially among financial services firms.

On the Infrastructure side of our IT organization, we have a comparable initiative. We are implementing standards to achieve process improvements, based on a model called ITIL, which stands for Information Technology Infrastructure Library.

What is DTCC's approach to outsourcing as part of the overall technology strategy?
We have had an outsourcing program in place for several years. In prior years, we called it "consulting help," which was used to augment our full-time staff when our demand for labor was greater than our supply. The difference now is that we are able to obtain resources from locations outside the United States at more economic rates. This staffing strategy allows us to ramp up our resources quickly, enabling DTCC to meet its technology development commitments.

To create this program, we researched top-tier outsourcing firms, invited five of them to make presentations to us and whittled the list down to three organiza-tions based in India: Tata Consultancy Services, Cognizant and Polaris. Then we went to India to do our due diligence, which included evaluating each firm against a detailed questionnaire as well as physical inspections of their facilities.

Ultimately, we entered into strategic partnerships with all three firms, negotiating service agreements that include a series of safeguards. For instance, we built in protection against rate increases. For the first two years, our rates were frozen, with subsequent increases indexed to the U.S. consumer price index. We are also protected against foreign exchange risk.

Having multiple partners in India also gives us flexibility, as well as a form of checks and balances. For instance, we might use one firm for development and another for testing.

We also decided to diversify geographically to avoid having too much work concentrated in one country. Now we have a strategic partnership with IBM, which has an outsourcing facility in Brazil, and we are looking to diversify into Canada, as well.

How does DTCC manage potential security risks associated with outsourcing?
All the people from outsourcing firms who work for DTCC go through a rigorous screening process, managed by our Internal Security department, which works closely with local authorities on background checks. And from an information security standpoint, none of the offshore developers has access to DTCC's production systems; they can only access our development environment, which is completely isolated from the production environment.

What is DTCC's approach to partnering on technology initiatives?
We are firm believers that DTCC does not have to invent all its technology solutions. We are always looking to team with companies whose expertise is complementary to our own. The goal is to establish partnerships that help us roll out solutions faster and at lower cost.

Business continuity is a good example of this approach. When we determined that we needed to accelerate the replication of data among our multiple processing sites, which are thousands of miles apart, we entered into a partnership with EMC Corporation. We developed a significantly faster replication capability and successfully implemented it last year. Now we move information among our data centers in less than two minutes, compared with 30 minutes previously, which represents a huge gain for the industry's resiliency.

In other cases, we look to leverage off-the-shelf software packages. If a firm has software we need, we'll acquire it, custom-ize it where necessary and then implement it. As I mentioned previously, we have strategic partnerships with several out-sourcing organizations, and we also con-sider Verizon and AT&T strategic partners. We review our strategic directions with these providers and brainstorm how they can help us achieve our objectives.

You have talked about outsourcing; now let's turn to insourcing. Could you describe the benefits of the SIAC (Securities Industry Automation Corporation) insourcing project?
Our primary goal with insourcing, which entailed moving NSCC and FICC applications and network connections from SIAC into DTCC, was to strengthen business continuity by providing out-of-region data recovery for these subsidiaries. That was a multi-year initiative completed in 2005.

On top of the continuity benefits, the project presented an opportunity to significantly cut the industry's overall operating expenses by leveraging DTCC's infrastructure and processing capabilities, and the industry is now realizing those financial benefits, as well.

In 2003, the year we began insourcing, we were paying SIAC approximately $60 million a year for its services, includ-ing people, computer power, software, etc. Now our total cost for those same services is approximately $20 million - which is a $40-million-a-year savings.

So insourcing has helped DTCC cut overall expenses and was one factor that enabled us to reduce customer fees in 2006 and again this year. Those savings also free up capital for DTCC to invest in non-traditional product areas, such as Deriv/SERV and the Global Corporate Action Validation Service.

In the 2006 Customer Satisfaction Survey, DTCC posted improvements in all questions pertaining to technology. To what do you attribute those ratings?
I think the positive scores reflect many of the things we've talked about: strengthening business continuity; putting standard processes and disciplines in place; knowing when partnerships will deliver the best result; deploying an outsourcing strategy; seizing every opportunity to reduce costs.

However, although all these are very favorable factors, the most important aspect is systems reliability. Our Infrastructure organization is dedicated to ensuring that all our applications are available to customers for their use, nearly every minute of the business day. This reliability, coupled with outstanding business continuity execution, creates tremendous credibility and trust with our customers.

Lastly, the survey scores are directly attributable to the caliber of our people. At DTCC, we have a tremendously talented and dedicated IT group. And we have a track record for retaining good people. We invest in them and develop their skills, which further benefits the organization.

How do you plan to make further cust-omer satisfaction gains in 2007?
We have two main areas of focus in the technology organization this year.

First, we will be rolling out internal service level agreements [SLAs] for most product areas. These are agreements between IT and DTCC's product areas that monitor the performance of our networks and software. They clarify customer expectations and provide accountability by tracking items that are important to customers, such as the timeliness of input and output, schedules for systems availability and timeframes for resolving customer queries.

The SLAs both support and reflect our commitment to use metrics to assess performance, which dovetails with our second area of focus, which is to expand the use of Six Sigma within IT. We will be introducing new metrics to measure performance on the premise that you can't improve unless you know where you stand, and you don't know where you stand unless you can measure it. So we will deploy the Six Sigma methodology more broadly to establish the criteria we need to measure, and then set targets with the goal of continually improving our processes. @