Written by Justin Quillinan
Banks were slow to adopt Internet technology and it's still necessary to make some financial transactions physically – hence the need for helmeted security guards moving money around in steel boxes.
Not long ago, NatWest boasted about its Internet banking services, but they still required customers to upload software onto computers rather than a direct online download. That has changed, but it is still difficult for customers to manipulate their accounts during weekends and Bank Holidays.
Legacy computer systems are abound within the finance sector, but times are changing with mergers and acquisitions – think Santander and its takeover of the Abbey – and new boys on the block such as Tesco and Metro banking services. Newcomers such as these can start afresh, but the more entrenched members of the finance community are rapidly catching up.
Regulations, too, are accelerating the process. Basel III is on the horizon as a result of the credit crunch, and even before it comes into force critics claim that the prospect of
tighter regulation is already constraining the banks' ability to make loans to businesses. This is because the new rules on the amount of capital that must be held to prevent future market crises are dragging on lending as the finance sector becomes more risk averse.
In today's climate the importance of Business Intelligence and a fleet of back-office functions has never been greater. So open – but secure – source coding has come to the fore because it's cheaper, more efficient and more flexible than proprietary coding.
If 'choice' there be, the issue is still a muddled one as highlighted by recent headlines when an ex-Goldman Sachs programmer was found guilty of stealing certain source codes to use for his new employer's benefit.
The guilty party, Sergey Aleynikov, was accused of copying large portions of Goldman
Sachs' high frequency code days before he left the company. His lawyer claimed that he only planned to use the open source – or public portions – of the code because Goldman's systems 'weren't very good'. Prosecutors dismissed the open source argument as a 'distraction' and Aleynikov was jailed for up to ten years for stealing the bank's proprietary code.
Well-known finance blogger, Deeptaman Mukherjee, says the fact that Goldman was using open source coding at all “raised a few eyebrows”.
"It is known that financial institutions are laggards when it come to using open source code because of security and accountability issues and the fact that they don't give one institution an inherent advantage over another,” he writes.
He points out that the recession has forced the finance sector to cut costs as a result of damage to IT budgets, and many institutions have plumped for open solutions from the likes of Linux, Apache and MySQL.
Controversially, however, he adds a warning: "Let me assure you that there is nothing wrong in financial firms using open source, however they are better off sticking to proprietary software systems that guarantee benefits like security and accountability."
Not all in the trade agree with him – predictably the open source software vendors such as Talend, Sourcefire, Pentaho and Jaspersoft, to name some of the market leaders.
For and against
There are fierce arguments for and against open source. For example, Bertrand Diard, CEO of Talend, has slammed Steve Chang, the chairman of Trend Micro, for his recent attack on the open source movement – particularly Android – for its alleged lack of security. "Open source products have been clearly demonstrating that they are on par with proprietary software and this includes the security element. There is no reason why open source should not be considered amongst all software solutions."
He goes on to argue that open source provides greater flexibility and is “substantially” more cost effective than proprietary solutions. He argues that security can in fact be enhanced because it enables many third party developers to review code and identify vulnerabilities much sooner than in closed systems.
"There is no doubt that open source will always co-exist with proprietary solutions. Available to deploy before you buy and based on a subscription model it brings a number of benefits that simply couldn't be achieved otherwise," he adds.
Vinay Joosery, a vice president at Pentaho, broadly agrees. "Open source business intelligence is big news in finance because more decisions need to be made, more rapidly by more staff.
"Proprietary systems made this prohibitively expensive, typically charging on a per-user basis. The financial crisis has been a catalyst for institutions to be pragmatic and now a new generation of IT professionals, who grew up with open source, realise there is a better and more cost-effective option."
The company's European financial customers include Close Brothers and Mainzer Bank, and according to Joosery the “future is looking bright for open source in the financial sector”.
Across Europe, however, there has been a spat between the Free Software Foundation Europe (FSFE) and the European Commission itself over the issue.
The FSFE accuses the Commission of intending to spend EUR 189 million on proprietary software over the next six years “in direct contradiction to its own decisions and guidelines”.
The organisation's president, Karsten Gerloff, comments: "This is a rough deal for Europe. Instead of coming up with a strategy to take advantage of free software and become independent from (proprietary) vendors, the EC is digging itself deeper into the vendor lock-in hole."
His comments sparked a rapid response from Francisco Garcia Moran, the director general of the EC's informatics organisation called DIGIT.
He takes issue with the fact that the EUR 189 million mentioned by Gerloff doesn't just relate to the Commission itself, but also covers the needs of 36 other EU institutions, agencies and other bodies.
"The contract in question does not only cover the acquisition of proprietary software but also of open source software (OSS) and related services, and includes high level support of OSS products from, for example, Red Hat, Atlassian, Balsamiq Studios, Adaptavist and others."
His comments are borne out by Dominic Storey, technical director at Sourcefire, which has developed an OSS solution called Snort.
Storey points out that the EC has around 800 Web servers, 350 Linux boxes – the open source alternative to Microsoft – and 2,000 developers on 600 open source projects, adding that every single desktop in the EC has an open source browser on it.
He quotes the European Interoperability Framework (recommendation 22), which states that when establishing European public services, administrators should prefer open specifications.
"It's clear from their documentation that they advocate being 'open' when you can to give you the chance to buy or use the best software." Sourcefire's product, Snort, is now ubiquitous, claims Storey, because it has been deployed by more than 80 independent software vendors and has been downloaded 300,000 times. "Open source is not about giving things away – it's about having the ability to make changes and adapting things to your own usage."
He believes that accusations of the banking industry being “laggardly” in the adoption of new technology is unfair and the industry is, in fact, “incredibly sophisticated” when it comes to dealing with security threats from both outside and inside the organisation.
"About 50 per cent of threats are from inside the organisation. One large global bank with more than 30,000 employees told me that there would be a murderer or two, a couple of rapists and a few tax dodgers on the payroll because a big workforce tends to reflect the population at large.
"Apart from the logistics, there's stupidity and accidents to take into account because human beings will always make mistakes."
Despite the various arguments for and against open source, analysts at Accenture predict that the OSS market has reached a turning point with organisations in the UK, the US and Ireland now committing to clear strategies and policies.
In the finance sector, 60 per cent of respondents to their survey say they are 'fully committed' and already using OSS, compared to 38 per cent in the public sector. More than two-thirds of organisations surveyed anticipate increased investment in OSS, with more than an third expecting to migrate mission-critical software to open source very shortly. The survey included key decision makers within the finance sector.
"When it comes to the banks, the driver for change is mostly down to compliance," explains Ben Wilson, head of financial services programmes at trade association Intellect. "In 2011 we're just starting to see some of the legislation brought in as a result of the financial issues we've had over the last few years.
"I'm not coming down in favour of open source or proprietary software, but the facts speak for themselves that open source does offer a lot in terms of cost savings."