by CIO Staff

CIO roundtable: Clearing the business rules clutter

Sep 27, 20136 mins
Big DataBusiness Process Management

Organisations answer thousands of questions every day. These may range from how to determine how much to charge a customer for a service, what processing fee needs to be applied to a particular transaction, or whether to deny or approve an insurance claim.

Unfortunately in many cases, manually answering all of these questions to make the right business decisions is a time-consuming process that can negatively impact results and take attention away from increasing profitability and gaining a competitive edge.

IT leaders from various industries gathered at two CIO roundtable events in Sydney and Melbourne in July and August to discuss the latest thinking around business rules management and how it can potentially benefit their organisations. The event was sponsored by Progress Software.

All attendees, many from the financial services industry, viewed business rules management as a fundamental task.

At the same time, they felt it’s important to strike a balance between the need to automate business rules and still allow individuals to change some processes manually.

Decision and business rules systems are vital for Allianz Australia Insurance, according to head of IT and business alignment, Nagib Kassis. “Rating and underwriting in insurance rely heavily on having adequate business decisioning and rules,” he says.

“The differentiator we are seeing at the moment is how technology is empowering the business to have more control and flexibility in making changes without having IT involvement in the change.

“In addition, this increases the focus on what skills are necessary on the business side that will allow them to make those changes, as opposed to traditionally logging a request and getting IT to make that change.”

Allianz has built business rules as a service ‘outside’ of its policy administration system. “At the same time, there are business rules built from years of insurance experience and that’s intellect you can’t let go of,” says Kassis. But the organisation has had to “undo some of this bad complexity and build new and tidier rules”.

“If there is demand for a new product, we simply use and reuse Web services – tapping into the same decisioning and rules engine to minimise the disruption, which is important because services need to be available around-the-clock,” he says.

One CIO says his organisation recently migrated to more up-to-date systems with new functionality, but reports challenges around documenting and managing change. “When there is an issue, people think it’s a technology problem but it’s often triggered by a business change,” he says.

“Business rules are embedded everywhere – they are in product platforms, servicing, acquisition and risk decision systems. They are complex and not particularly well understood.”

Lack of organisation

Another roundtable attendee didn’t believe organisations are particularly organised around how they manage business rules.

“Historically on legacy platforms, business rules were hard-coded into the application – so technology had to manage that, and people had to do the business analysis through coding and testing,” the CIO says. “As we have moved on and started to deliver platforms with more flexibility – people haven’t necessarily said: ‘We need to have a whole change function to do this’.

“Regulation is going up and interestingly, at the same time, there’s a lot more flexibility around how you manage change. The regulators are getting much more interested in operational risk and how to constrain that.”

CTO at Melbourne Health, Andrew Oldaker, says there are plenty of business rules inherent in many healthcare systems but not a lot of linkage between them.

“That’s one of the biggest issues and there’s a lot of regulatory requirements in health in relation to rules,” he comments. “It’s around enforcement more than anything else. Access to a lot of health systems is somewhat archaic and modernisation is an important aspect.

“Healthcare, like a lot of industries, is fairly conservative and a lot of the architectures we have in place are old… so the de-coupling of rules from the product is not easy to do.”

Another CIO adds a lot of business logic sits in his organisation’s systems and one of his goals is to make these systems more rules-based.

“Uniting the business logic with the rules is our challenge,” he says. “We are looking at months of development effort to make a software change that we could make over a weekend by creating business rules – we’re not quite there yet but we are going in that direction pretty quickly.

“Our systems might run 2000 to 3000 transactions per second across 5000 products – so you are looking at a lot of volume you need to monitor. Building algorithms that react quickly enough to catch or reject customer orders is challenging.”

Relinquishing control

The IT department at financial services organisation, Pepper Group, creates standard business rules around data management but enables line-of-business users to write their own reports based around these rules, says its CIO, James Henshaw.

“This ensures IT doesn’t become a bottleneck and the processes are not IT-centric – it’s about empowering users to be able to do those things,” he says.

“Technology is now at a point where it empowers organisations like ours to do more. Our IT department is prepared to relinquish some control while putting trust in people to do the right thing based on the business rules we have put in place.”

Peter Fuller, MD for Progress Software A/NZ, points out many businesses have ‘citizen developers’, writing code to be used by others across their organisations. “Product providers say ‘don’t worry about the IT guys, they’re holding you back and the business can do it all’,” he says. “However, on the other side of the coin, you have business users creating applications they expect IT to support. There’s a very fine balance.

“I guarantee you have applications running today you didn’t even know about. It’s about accepting that nowadays the business does want to change business rules or develop their own applications, and organisations need to work out a way to control the chaos.”

Bettina Wilcox, head of IT and projects at RAMS Financial Group, adds it really is about trust and building relationships. “One of the great things about working in a small organisation is that most of us work on the same floor and we have a fairly flat operational structure,” she says.

“This makes it easier to have very direct and often informal conversations to build very strong interpersonal relationships. In large organisations where people are in multiple locations you can still build that trust but it’s a different level of complexity and always a work in progress.”

An organisation’s culture can also stand in the way of attempts to automate business rules, says Yoav Hammerman, an IT operations manager at a large financial services organisation.

“There are people that know the processes and everyone relies on them, so automating many different tasks is a challenge from a cultural point of view,” he says.

In addition, a “zero tolerance policy for system errors” drives the need to manually validate certain transactions. Despite this, Hammerman sees an opportunity for automation in some areas in the future.