In every essence Visa Europe is a financial services company providing a core transactional process to banks and retailers that then offer that service to their customers. “We’re a payments business,” Visa Europe states clearly on its corporate website. “We are not a bank and we don’t issue cards. Nor are we a credit card company, so we don’t lend or set the fees that the consumers pay. In fact, more than 70% of Visa’s payment transactions in Europe are on debit cards.” CIO Steve Chambers and his team spent three years developing the European-wide platform with a budget of €500 million, and another three building new value add services. The system provides European banks with a compliant authorisation and clearing settlement platform that has the speed and agility to react to changing consumer and business demands. Chambers’ CIO role has expanded to cover change and governance, and accordingly he has embedded a service framework across the whole organisation, not just IT. Since completing the implementation of the payments platform, Chambers has been in the enviable position of not having his considerable IT budget reduced. The dominant position of Visa Europe, with only Mastercard as a rival meant that the CIO100 panel felt that although Chambers’ achievements were impressive, they were not in the face of political, economic or market share competition of the top 10 CIOs, which makes Chambers a non-mover, but still very much a top 20 CIO. IT leader:Steve Chamber, Chief Information Officer (CIO). In role since:2005 – January 2013 marked eight years at the company. Reporting line:Report directly to the Chief Executive Peter Ayliffe. How often does the CIO meet with the CEO:I see him at least once a week, and if I need to see him more often I do. Technology is integral to the company and Peter understands this. He trusts me to keep the systems running, identify and implement any changes and/or investments needed. Board level seat:I sit on the Executive Management Committee (EMC) which is the leadership board of the company, and I attend and regularly present at all the Visa Europe Board meetings. It is essential that you know your audience when presenting to a board – technology investment needs have to be framed in terms of business outcomes relevant to the organisation i.e. the value the investment will bring to the business, less so the technical details. IT budget:We do not disclose our budget publicly. However, we are investing in excess of €100 million every year to realise future growth through the convergence of card payments with mobile and ecommerce. IT estate and or number of log on accounts under the control of the IT leader:3,200 users. Level of the workforce that relies on technology to carry out their tasks:100% of the workforce. IT staff currently employed:The Technology & Processing Services division is comprised of over 1,000 staff, many of whom are technology experts, and we’re always looking for the best people to plan, design, create and build services. I also strongly believe in supporting the next generation of technology talent – we have an apprentice programme, now in its third year. At the end of the programmes, the apprentices will gain a foundation degree from the Open University. Split between in-house/outsourced staff:50% of staff are permanent, the remaining 50% is split between contractors and outsourcing arrangements. IT management team and reporting structure:I have a senior team of six direct reports and an extended Senior Leadership team of 10, which includes my Communications Consultant, Senior HR support, Finance and Risk. Primary technology platforms at the organisation:Visa’s payments system is not based on one core technology or provider. Visa’s mission critical, interbank processing service is based on robust systems from established providers. Technology is Unix based plus third-party software products from a variety of providers, which are heavily customised by our own development teams. Security is paramount and we have proprietary security solutions based on an RSA product suite, amongst others. The network has to be totally resilient and we use MPLS implementation services from multiple network providers, mainly BT. Primary technology suppliers:We have a Strategic Supplier Relationship Management programme (SSRM), which focuses on a number of key companies who we build close relationships with because they have the capabilities we need and tailor their offering to us rather than just selling us “off the shelf” products. Our key suppliers are EMC, IBM, BT, Deloitte, Endava and Monitise. Our SSRM programme has resulted in a more intelligent and smarter spend of our budgets. Significant strategic technology deals struck in the last 12 months:Visa Europe has a partnership agreement with Monitise to develop and supply mobile payments services for Visa Europe’s member banks and financial institutions across Europe. In the last year we have made further investment in the company and Peter Ayliffe our CEO now has a seat on the board. Equally important has been our deal with IBM in developing our mobile wallet solution, V.me and with RSA whose fraud solutions underpin our mobile and wallet products. Digital Realty Trust have been very involved in helping deliver our new processing centre. Percentage of your applications/infrastructure run from the cloud:Less than 10%. Given the high scale and performance requirements of a transaction processing business very few of the core systems are sourced from the Cloud. Support systems such as HR and payroll are cloud-sourced. Major technology or transformation project recently completed and how did it transform operations, customer experience or the organisation:Major technology projects have include the construction and migration to a new data centre. This encompassed the movement of Visa’s core processing systems as well as creating a new agile operations capability to better serve the less predictable scalability requirements of consumer facing services. Other significant transformation activities have been in the project governance arena where the overall change model has been significantly adapted to promote more granular service ownership from the supply side (e.g. software development) as well as the introduction of agile methods across the whole Visa organisation. Did the above project reach its cost, timing and transformation objective:Yes. Business transformation programme – beyond technology – that the CIO owns or is a major contributor to:I have been working on our service framework and management. We have created a set of disciplines that ensure that before we embark on building new technologies, we have clarity on what the end service we will offer is. This can be applied across the business and ensures we are not duplicating technology we have already developed or introducing unnecessary complexity to our systems. It is my role to ensure we have clarity of purpose when undertaking any significant project and to ensure that there is clear accountability for how it will be delivered. Success is dependent upon these two factors. As a business we do not struggle to come up with new service ideas, however their introduction ultimately depends on IT systems. It is important to ensure that all stakeholders are in agreement about the transformation strategy and the value it will bring before undertaking changes. This helps clarify and buy into the end goal. I am also a big advocate of a “build once, use many” approach because it delivers technology stakeholder value. When developing new systems I want to ensure we are building something which fits well within our existing technology and that we are likely to be able to use again and again. As CIO it is important I ensure the business leads with technology and that I point out opportunities to use our technology across the business, for example, during the development of our mobile offering. Strategic aim of the CIO and IT operation for the next financial year:My aim is to ensure we make the most of the strategic advantage that Visa’s structure and processing capability gives it over new entrants, as well as continuing to deliver the best possible service to our partners, members and other key stakeholders. Our members are able to rely on Visa for payments technology requirements because: They know the end product Visa develops will be interoperable between banks. Products have scale through the banks’ customer base . Visa’s membership structure means that banks own the new technologies Visa develops. Members know that Visa systems have a track record of reliability and speed which is crucial to generating trust amongst users. Payments using Visa systems are also subject to Visa’s operational procedures which give members and consumers alike certainty and protection. Significant steps have been made with the introduction of Visa Alerts and Mobile Person-to-Person personal payments. There has been a good deal of interest from our members so far and I want to increase the speed of product roll out. Strategy in the use by employees of their own technology, use of mobiles and how social networking is impacting operations, customer experiences or the organisation:As an addition to work technology, there is no problem at all, but I do not believe it should become a replacement for work equipment. I may use my iPad and my own phone, but my company laptop will always remain my primary method of connecting to the network and working on. Social networking has an important part to play in networking and ideas sharing across the technology community – we are looking to introduce new technologies to help us do this, but we’re also very supportive of LinkedIn and other valuable sites. A number of my senior team regularly blog directly to our membership on issues such as conferences and articles of interest, upcoming activities or information about our service and successes. Strategy for dealing with shadow IT and BYOD including influence and engagement with executives, to place the right controls around employee choice:I’m not a fan of buying devices and giving them away. Not from a financial perspective, more from a control and security perspective. Security is our number one concern, and so any new technology must be tested before it is approved to log onto our network. Being fully PCI DSS compliant is very important to us, as are the other security measures that we guard our systems with. The main point is that whilst it may be more convenient for teams to use their own technology – it’s not always the safest option. Transformational inspiration sources:I try to “think simple” as complexity brings risk and cost and I encourage my staff to do the same.