Integrated Report 2020

Information technology and cyber security

The most challenging task in the New Technology and Cyber Security Area in 2020 was to achieve the Bank's transformation objectives while implementing changes resulting from the outbreak of the coronavirus pandemic (COVID-19).

Thanks to a smooth take-up and good coordination of activities, the planned work was carried out. In a short period of time, the possibility of remote work was made available to the Bank’s employees, while ensuring a high level of security and compliance with regulatory requirements. The banking systems were upgrade to include the possibility of handling the Government Anti-Crisis Shield.

The development activities of the New Technologies and Cyber Security Area focused on three areas:

  • Projects for business lines – as support in achieving sales targets, as part of the second stage of the Bank’s Transformation;
  • Projects related to the optimization of the Bank’s current operations, including the use of the agile approach in the organization and changes resulting from the dynamically changing reality in the field of cyber security and infrastructure;
  • Projects related to post-integration of the banks – data and resource security processes.

The most important projects delivered in the IT field within each area in 2020

PROJECTS FOR BUSINESS LINES

  • Migration of Customers and products from the previous, discontinued Pl@net electronic banking system to the modern GOonline platform. The migration carried out in phases concerned both customers of the Bank’s core business and customers of Optima and Carrefour.
  • Enhancement of the GOonline mobile application with new services for Customers, including:
    • enhancement of the GOonline mobile application with new services for Customers, including:
    • the ability to automatically download an individual tax account (as the first Bank in Poland),
    • a Simple Loan Calculator for self-calculation of creditworthiness and analysis of offers,
    • a function of verifying whether a counterparty is on the white VAT taxpayer list,
    • remote application for access to FX Pl@net that enables to conclude FX transactions
    • access to remote processing of instructions for the Allegro Renewable Limit,
    • repayment of a credit instalment from an account in another Bank,
    • support for MIFID surveys and transactions on investment funds,
    • new layout and additional information for Wealth Management clients,
    • new sales processes – account with a limit, structured deposit, brokerage account.
  • Development of GOmobile’s user-friendly mobile banking environment, by providing the ability to open an account remotely using a selfie, pay for public parking and bus passes, and increased intuitiveness for managing existing products. Providing the ability for already authenticated users to call the Infoline via the mobile application.
  • Enhancing the functionality of the platform for Bank employees to serve customers – GOone, among others, by launching a digital onboarding process in branches using QR code generation, integration with OCR and a platform for secure electronic signature – Autenti.
  • Use of an appointment-making application – Booksy – as a world first in the banking sector.
  • Implementation of mechanisms improving transaction processing – paperless in the application for handling payments in branches.
  • Extending the offer for micro and agro sector – possibility of refinancing a loan from another bank and new insurance of micro and agro loans in R@tat.
  • Continuation of the development of cooperation with car dealers – a new car loan offer for FORD brand customers.
  • Implementation of Garmin Pay and Fitbit Pay watch payments into the offering.
  • Development of cooperation with retail partners – complementing the credit offer with value-added services (Banking Services Package).
  • Launching credit moratoria as part of the Bank’s offer for customers struggling with the effects of pandemics.
  • Mortgage online – a new portal allowing independent remote generation of an individualised list of documents needed to apply for a mortgage loan and to check creditworthiness.
  • Implementation of the Bank’s new offer – a bank starter available at Shell petrol stations, enabling remote account opening and use of the Bank’s offer on preferential conditions. § Introduction of an offer (accounts, cards) and functionalities for minors „Samodzielniak”.
  • Implementation of GOinvest – a tool supporting sales and service of investment products.
  • Activities in response to or related to pandemics – participation in the ARKA project – applying for subsidies under the Crisis Shield; implementation of the possibility of granting credit holidays related to pandemic situations and their full service.
  • Implementation of the first stage of the new version of GOonline Biznes electronic banking for corporate and SME customers. Built on microservices and Open shift solutions, the platform is based on a new UX and UI, which was developed on the basis of a series of consultations with end users of the system. It includes a new user management module that allows customers to create users themselves and manage their rights in the system. GOonline Business has a developed Customer self-service zone as well as the ability to submit several electronic product applications.
  • Implementation of a new version for corporate mobile banking GOmobile Biznes, including modern biometrics, new types of payments, state-of-the-art security in the form of a mobile token (T-pro).
  • Implementation of systemic solutions handling customers' applications for grants under the PFR Shield including electronic signature, data transfer to PFR, disbursement of funds.
  • Providing customers with the ability to use the National Tax Administration’s new VAT Taxpayer List („White List”).
  • Expansion of SEPA payments with new functionalities in the European standard.
  • Enabling international payments in Polish zlotys through adaptation to the Polish Direct Debit.
  • Implementation of the SWIFT GPI service – possibility of tracking transactions by the Customer based on a new application that cooperates with the BNP Paribas Group solutions.
  • Automation of processes within the service of LORO/NOSTRO accounts.
  • Implementation of ePayment service of PayByLink type (BlueMedia).
  • Digitalization of a new onboarding and post-sales process for SME and Corporate Banking segments.
  • Development of the GOFx transaction platform to include remote onboarding for retail and micro-business customers, tenor for fx swap and fx forward transactions and 56 additional currency pairs for SPOT transactions.
  • Implementation of new product support on the FX PL@NET platform for the Bank’s Customers. Dual currency deposit as a form of investing free cash based on financial derivatives (FX options).
  • Development and implementation of a new FXPLUS application servicing foreign payments for Customers who do not have accounts in foreign currencies, including exotic ones.
  • Enabling customers to convert loans according to the NBP average exchange rate through the implementation of a new exchange rate table applicable to conversion of foreign currency loans of individual customers.
  • Implementing solutions to meet the reporting obligation implemented by the Regulation on Securities Financed Transactions (SFTR).
  • Implementation of a system ensuring the Bank’s participation in the WIBOR model quoting process.
  • Development of CRM application for Customer Advisors and Dealers, including:
    • implementation of a module enabling efficient management of users – accesses and privileges,
    • implementation of improvements for Pipeline functionality, connecting the application with Outlook mail,
    • implementation of the 360 Client view,
    • implementation of reporting tools,
    • continuation of work on the CRM mobile application, module for generating sales campaigns in a new form, connection of CRM to Call Center systems.
  • Development of systems aimed at implementing a new product in the Bank’s offer – a loan with a fixed interest rate through the use of the IR CAP mechanism.
  • Development of the Custody and Custodian systems with functionalities allowing better adjustment to market requirements and acceleration of customer service in this area.
  • Implementation of the compliance module for verification of the statutory funds limit in the system in the area of custody operations.

PROJECTS RELATED TO THE BANK’S DAILY OPERATIONS

  • Implementation of the Artificial Intelligence Lab platform, with over 13 analytical models performing optimization tasks in CRM processes.
  • Implementation of a new Big Data platform enabling the offering of new services requiring the processing of large sets of information.
  • Implementation of RADAR (Risk Data Aggregation and Risk Reporting Program) – adjustment of the reporting model to the BNP Group standards resulting from the BCBS (Basel Committee on Banking Supervision) regulations.
  • Further development of Corporate Data Warehouse – application of agile approach, implementation of new governance. Application of Data Vault 2.0 methodology to build a new generation scalable data warehouse combining relational data with unstructured data.
  • Continuing to work on increasing the use of the agile approach in new projects and within current operations. Implementation of agile approach for IFRS9 development in response to new market challenges.
  • Implementation of e-signature for individual and corporate clients.
  • Implementation of a new Farmer rating system integrated with banking systems (Venus, Cash for BIK) combined with implementation of new scoring algorithms for the Farmer segment.
  • Continuous development of the functionality of the Customer Relationship Management system – CRM, including the provision of a reporting module.
  • Implementation of improvements in end-of-day processes and a solution to implement changes in repositories without technical interruptions in the main banking system.
  • Migration of employees to the formula of remote work – provision of equipment, implementation of RemotePC access, optimisation of solutions for effective work (development of VPN solution).
  • Preparation for adoption of cloud solutions: conducting a dedicated training program, investment in tools, analytical work on planning migration to the cloud.
  • Raising the standards and efficiency of working environments (migration of operating systems, mailboxes).
  • Update and expansion of the ServiceNow platform supporting IT and business processes in the Bank.
  • Unification of Sharepoint environment – migration to a new platform version.
  • CMDB database automation – integration with tools in the area of hardware, middleware and databases.
  • Commissioning of the new Bank’s headquarters fully equipped with modern technologies (workstations, LAN, and WiFi).
  • Coordination of the Bank Security Committee’s activities related to crisis management during the COVID-19 pandemic and ensuring maximum protection for the Bank’s employees and clients.
  • Introduction of a secure ICT environment adapted to the possibility of implementing remote working on a continuous basis for all Bank employees.
  • Confirming the quality and cyber resilience in line with the standards of the regulator and BNP Paribas Group by obtaining positive assessments from the audit of KNF and BNP Group.
  • Maintenance of ISO27001 certification in the Security area confirmed by a surveillance audit.
  • Preparation of a series of BNP Security Talks webinars and e-learning trainings for Customers and the Bank’s employees.
  • Organisation of physical security / anti-terrorism trainings for the Bank’s employees.
  • Enhancing security in the software development lifecycle (Secure development lifecycle in DevSecOps organisation) by applying a set of modern tools (including Sonatype IQ/SonarQube).
  • Reorganisation of the security patch and vulnerability management process, including revitalisation of the Nessus system.
  • Implementation of Secfense solution (system under industrialisation) for two-factor authentication (2FA).
  • Significant reduction of manual operations in Security Operating Centre (SOC) team processes thanks to the implementation of the SOAR automation and response platform.
  • Convergence towards Elastic Search from the costly security log collection and storage tool in use.
  • Automation of the business continuity management and risk analysis process with the BCM Logic platform.
  • Definition and testing of the Critical Assets Recovery (CAR) process.

OTHER

  • Continuation of work related to the integration of the Banks in the post-integration phase in terms of securing data from exRBPL systems. Selecting the target architecture and starting the process of withdrawal of selected systems:
    • completion of data archiving for decommissioned applications,
    • consolidation of post-integration infrastructure,
    • unified network for wireless and wired access to laptops.
  • Unification of the card operations processing service – one service provider for all cards issued by the Bank.

Search results