Integrated Report 2021

IT and cybersecurity

The year 2021 in the Area of New Technologies and Cyber Security was a year of dynamic changes – the most challenging task was to achieve the Bank’s agile transformation objectives while implementing changes resulting from the outbreak of the coronavirus pandemic.

2021 was also a year of design and preparation for large-scale investments to be made in the coming years and aligned with the Bank’s strategic priorities.

In 2021, in response to the prolonged coronavirus pandemic, a number of actions were taken to:

on the independent NIST scale and increasing compliance with BNP Paribas Group standards,

responding to the migration of customers to digital channels, while providing a best-in-class user experience for business customers,

on which all the new applications being deployed and the entire GO ecosystem run,

for selected non-production environments to ensure maximum levels of automation and access to the latest services,

through the continuous evolution of digital working environment solutions and the hot-desk model.

The most important IT projects completed in each area in 2021


  • Developing the GOmobile application and the GOonline environment with new functionalities and services:
    • myID – possibility to confirm identity online, including creation of a Trusted Profile
    • possibility to repay loans from an account in another bank
    • self-service functions such as generating bank confirmations
  • Development of the GOone application supporting customer service at Branches and Contact Centres with new capabilities such as:
    • mechanism for digital signing of bank documents
    • Mobile onboarding process for new groups of customers
    • GObetter – a new system for handling bank complaints
  • Digital Product Center – expansion of functionality for GOonline customers in relation to regulator requirements: PFR Financial Shield, 500+ and Good Start applications
  • Launch of GOinvest system to support advisers in the digital handling of investment products for clients
  • Implementation of new electronic banking GOonlineBiznes and GOmobileBiznes
  • Credit Process – implementation of a new eTermsheet application for the SME segment, which automates the drafting and approval of credit decisions, preparation of credit documentation and monitoring of contract terms and conditions
  • Onboarding and post-sales services – implementation of a solution for handling the beneficial owner’s VAT documents
  • Syndicated loans – launch of a new tool to automate syndicated loans
  • Continuous development of FX PL@NET with new functionalities, such as:
    • 24/7 functionality
    • notifications on limit utilisation
    • Multiforward transaction
    • presentation of exchange rates for customers without a bank account
  • Development of the GOFx trading platform – new functionalities: faster access to exchange rates, ability to split transactions
  • Development of the FXPLUS trading platform to support foreign payments for clients without accounts in these foreign currencies, including exotic ones
  • Implementation of a new product – Fixed Rate Loan – through the use of the IR CAP mechanism, customers have the opportunity to hedge loans against interest rate increases


  • BigData – development and improvements of the Hadoop platform, including optimisation of DSA (Data Storage Area) data management processes allowing for a 30% reduction in storage occupancy
  • Implementation of central SMS integration – a set of services was made available allowing for comprehensive handling of the Bank’s communication with customers via SMS
  • SWIFT complaint analysis – shortening the SWIFT complaint handling time by 80% thanks to the use of AI and Big Data algorithms automating the process of analysis and verification of complaint notifications – the system analyses SWIFT messages on a daily basis, indicates the path for their handling on an ongoing basis, and handles and closes some of them on its own
  • Implementation of a new mobile application to support HR processes in the Bank
  • New hardware platform for banking systems – modern, virtualized, automated and scalable
  • IT monitoring – increase the number of applications covered by IT monitoring
  • Optimisation of the database refresh process on test environments
  • I can do IT – training programme for workers 50+
  • Coordination of the Bank Security Committee’s activities related to crisis management during the COVID-19 pandemic and ensuring maximum protection for the Bank’s employees and clients
  • Secure ICT environment adjusted to the possibility of remote work in continuous mode for all Bank employees
  • ISO27001 certification in the area of Security – confirmed by a supervision audit
  • Enhanced security monitoring of SOC for Linux servers and databases
  • Improving security in the software development cycle
  • Extending the scope of privileged identity management in the CyberArk system
  • Red Teaming exercises proving aspects of physical security and social engineering methodologies
  • Continuation of the campaign addressed to the Bank’s employees concerning phishing, i.e. a fraud method in which an offender impersonates another person or institution in order to extort confidential information (e.g. log-in details, credit card data), to infect the computer with malware or to persuade the victim to perform certain actions
  • Building awareness of cyber security threats and solutions among Employees and Customers:
    • As every year, the organisation of the Cybersecurity campaign, which aims to raise awareness among Bank employees on security aspects
    • A series of webinars for Bank employees from „sensitive population” groups,
    • Webinars for Bank employees on security in cloud computing
    • Customer awareness „red light” campaign on Facebook – 10 videos and educational articles
    • Call centre workshops on handling e-banking fraud scenarios
    • E-learning training session „How to be safe in the Bank”

Search results