Prediction: Consumers to set SLAs, not financial institutions

I made a quick stop at the Gartner Financial Services Technology conference in Boston last week. The best session I attended was an overview of trends in the investment services industry, delivered by David Furlonger, managing vice president at Gartner. Furlonger's main point was that, as the industry consolidates, the winners will be those companies that can either operate on a massive global scale with high transaction volumes or deliver a lot of product innovation. And guess what? IT is crucial to both.

Furlonger observed that the layers of brokers in the middle who don't add enough value are getting swept away. He told of recently showing up at a bank branch at 2:59 p.m. on a Saturday to get enough cash to pay for his daughter's wedding band, only to have the door shut in his face for the 3 p.m. closing time.

"Consumers will set the SLAs, not the financial institutions," Furlonger said. "Functionality is increasingly commoditized; ... it's how you pull it together." Furlonger also advised IT shops to "build for the end-client, not the intermediary," noting that "technology can extend high touch models and sophisticated decision analytics to mass markets."

Although none of this is new, it was great to hear someone cutting through the usual straight-through processing operational jargon to talk about real customers and how they want to deal with companies. Customers want more self-service options and educational resources, Furlonger said, which means financial services IT pros must pay more attention to things such as RSS content syndication and Net-based communities.

He also noted that IT resources are being realigned, and for good reason. Seven times as much is spent on credit risk management as on operational risk management -- and that needs to change in our era of stolen laptops. Another interesting tidbit: There's been a massive increase in patent filings by investment banks over the past couple of years. "It's gone through the roof," Furlonger said. Let's hope some of those patents translate into products that somehow make our life better.

Questionable pretext department: You may have read about the "pretexting" scandal that broke last week when one Hewlett-Packard director alleged that some of HP's other directors had hired a PI firm to obtain the telephone records of still other HP directors using false pretenses (in order to track a leak) -- by calling and pretending to be those directors.

For those who watched The Rockford Files in the '70s, this concept is nothing new. Back then, when Jim Rockford would call and pretend to be someone else, it seemed innocent enough, although I don't think he ever went so far as to use false Social Security numbers. In 2006, it seems a lot closer to identity theft or spoofing -- the very security problems which HP, along with many other companies, is selling products and services to help IT professionals deter.

Leaving aside whether HP's board or its hired guns should be above this kind of behavior, the bigger question is: What laws do we need, if any, against corporate social engineering? Do we need a Sarbanes-Oxley for authentication? It will be interesting to watch the fallout.