Originally Broadcast June 13, 2009
Welcome to The Business of Government Hour, "A Conversation About Management with a Government Executive Who is Changing the Way Government Does Business." The Business of Government Hour is produced by the IBM Center for the Business of Government, which was created in 1998 to encourage discussion and research into new approaches to improving Government effectiveness. You can find out more about the Center by visiting us on the web at businessofgovernment.org.
And, now, The Business of Government Hour.
Mr. Morales: Welcome to another edition of The Business of Government Hour. I'm Albert Morales, your Host, and Managing Partner of the IBM Center for the Business of Government.
Against the backdrop of one of the tumultuous years in the U.S. financial history, the Office of the Comptroller of the Currency continues to perform its primary mission of examining, supervising, and chartering national banks.
For OCC responding to the challenges of this economy requires a workforce with the right skills, motivation, and experience. It also requires a sound information technology strategy and an adaptive information technology infrastructure because failures in technology or technology related controls can jeopardize a bank's safety and soundness, as well as its ability to comply with laws and regulations.
With us this morning to discuss the IT strategy of his Office is our very special guest, Bajinder Paul, Chief Information Officer at the Office of the Comptroller of the Currency. Bajinder, welcome to the show, it's a pleasure having you here.
Mr. Paul: Well, thanks very much, Al, and it is a pleasure to be here this morning with you.
Mr. Morales: Also joining our conversation is Roxanne Aldrich, Partner in IBM's Treasury Practice. Roxanne, welcome, good to have you.
Ms. Aldrich: Good morning. Nice to be here.
Mr. Morales: Bajinder, let's start by providing our listeners some context about your organization. Could you take a few minutes and provide us an overview of the history and the mission of the Office of the Comptroller of the Currency, otherwise known as OCC?
Mr. Paul: Absolutely, and by the way that's an excellent question to start with. Just to give your listeners some background, some context about the OCC, or the Office of the Comptroller of the Currency, the OCC was established in 1863 as an independent agency of the Department of the Treasury. Now, the OCC is really the primary regulators of the national banks in this country. The OCC charters, regulates, and supervises all of the national banks in the U.S. and, in fact, in addition to the national banks we also supervise and regulate Federal branches of foreign national banks, as well.
In terms of the metrics, the overall metrics, the OCC manages close to or regulates about 1,700 national banks, 50 branches of the foreign national banks.
In terms of the assets, this is important when you talk about the mission of the OCC, the OCC regulates or supervises close to about $9 trillion in commercial banking assets, so that sort of gives your listeners the magnitude of the mission of the OCC.
And really an executive summary, the mission of the Agency is to really ensure the safety and soundness of the national banking system. The OCC has close to about 3,100 employees throughout the country. We have four district offices, 17 field offices throughout the country, and the majority of our workforce is in the field, examining the national banks. Some of these banks include, for example, some of the largest banks in the country, the Bank of America, the Wells Fargo's, the JPMorgan Chase, as well as many midsized and community banks throughout the country. So that's what really what we are at the OCC in terms of the mission.
Mr. Morales: Great, so with a mission that broad and 1,700 national banks, I think you mentioned, and $9 trillion, can you put a little bit of a finer point around how OCC is organized to meet all these various missions, and tell us maybe a little bit more about the geographic footprint in terms of district offices or where people reside within the organization?
Mr. Paul: Absolutely. If you look at the broader perspective in the organization, the OCC consists of really two primary business units, or what we call the supervision as a line of business and non-supervision line of business
Supervision includes supervising the large banks, the midsized community banks, and the national banking examiner that sets the policy in place to regulate and supervise the national banks.
The non-supervision components are your traditional, typical organization components, like for example the General Counsel, the Office of Management, and the Office of the CIO.
The cool thing at the OCC is that the heads of all these units report directly to the Comptroller. I, as the CIO, am privileged in that hierarchy to report directly to the head of the Agency, Comptroller John Dugan.
Ms. Aldrich: Okay, Bajinder, with this overview, could you give us a little bit more insight as to your area and your specific role within the Department? Your specific responsibilities and duties as OCC's Chief Information Officer? And could you tell us how your area is organized, the size of your staff?
Mr. Paul: Absolutely. Roxanne, I'm glad you asked that question. As the Chief Information Officer for the Agency, my responsibilities, my duties really are at the enterprise level. We provide IT services that encompass application delivery to our lines of businesses. It also includes providing infrastructure services.
For example, application hosting, disaster recovery, network services, client side desktop, desk side technology modernization. It also includes information security, as well as capital planning, IT investments, so it's a broad range of IT services for all of the users throughout the Agency, including the field, as well.
Ms. Aldrich: Regarding those responsibilities, what would you view as your top three challenges that you face in your position and how have you addressed these challenges?
Mr. Paul: Clearly, there are many, many, many priorities but if I had to name the top three, number one, IT being a strategic enabler to the business, I think is very important for the CIO to not be sort of in a silo and manage simply the IT resources. The CIO has to be a key strategic enabler to the lines of businesses. That means that the CIO and the CIO's organization need to understand the business, of the Agency first and foremost, and align IT to those priorities. So that's number one.
Number two, clearly, there's always important, especially in times of economic difficulties and disruptions that we have to be very cognizant and make sure that that IT costs are being managed well, they're being reduced over time, and while at the same time the level of services to our businesses are being provided in a better sense, they're improving. So reduced costs, total cost of ownership and improved services.
And, number three, my perspective as a CIO is really from a business standpoint, and I think customer satisfaction, customer outreach, to make sure that IT is providing the right sort of services at the right time. So those are really in a broad sense, are the three key priorities for me at the OCC.
Mr. Morales: Now, Bajinder, I understand that prior to coming to OCC you had spent some time at HUD, as well as the Department of Justice and at ATF. Can you tell me a little bit about your career path, and how did you get started in Government service?
Mr. Paul: Absolutely. Originally, I'm from India. I came to the U.S. back in 1970, '71 timeframe. So I had the unique privilege of going to high school and going to college here. And what I recall, as I was growing up in the U.S. was that message from my parents, that "work hard and the possibilities in the U.S. are limitless. This was the best country in the world."
And, you know, my life is an example of that. You know, I clearly remember when I was growing up in the U.S., upstate New York; I had a number of mentors who taught me English, who helped me through school. The only language I spoke was really sort of mathematics and science, and everything else had to be taught.
When I was ready to go to college it was a natural choice for me to be in the engineering field, so I did my undergraduate in electrical engineering from Cornell, and then I began to work in the private sector. For many, many years I worked in some of the top Fortune 500 companies. I reached a point in my professional career that I felt with full conviction that that -- you know, it's time for me to give back to the country that gave me so much. That I thought clearly that it was time for me to serve the public.
And so that was my really, the driving reason to come to the Federal Government and be a public servant, and it's been a fabulous ride. I mean I came to the Federal Government in 1992. I was in the Department of Commerce. And then, yes, over time took on more responsibilities. I worked at the ATF managing software development for the Agency. And that at HUD I was the Deputy CIO for IT operations, and then eventually I came to the OCC in 2007. So really in a nutshell that's sort of my pathway and career.
Mr. Morales: That's a wonderful story.
So, Bajinder, as you reflect back on your career, what have been perhaps some of the experiences that have influenced your management approach and what lessons have you learned through your career that perhaps you're bringing that to OCC?
Mr. Paul: There are many things I can contemplate and reflect back on. I think clearly one is mentorship. You know, I achieved a level of success not because of my own doing, all of my doing. I mean I had good people to help me along.
I can still remember people; I remember back in high school, I remember the name of my math teacher who took the time to teach me English. Now, she didn't have to, Mrs. Mann. I remember when I was in GE, I remember my manager who taught me some management skills and human relationships. So mentorship is very important to me, and I try to emulate that, as well. I try to emulate others in my profession, as well. I think that's number one.
And, number two, I think the importance of teamwork, the delivery of information technology is a highly complex undertaking. What one has to recognize in a leadership position is that that no one person has a complete solution. It takes a team of people to deliver, successfully deliver information technologies. So I think teamwork is extremely important.
And I think the number three is really the respect of diversity. I think it's important to have differences in opinions. I think different opinions and ideas really are sort of the foundation of optimizing an organization's way of doing business.
So those are some of the fundamental principles.
Mr. Morales: Excellent. What about OCC's information technology strategy? We will ask Bajinder Paul, CIO at the Office of the Comptroller of the Currency, to share with us when the conversation about management continues on The Business of Government Hour.
Mr. Morales: Welcome back to The Business of Government Hour. I'm your Host, Mr. Morales. And today's conversation is with Bajinder Paul, CIO at the Office of the Comptroller of the Currency. Also joining us from IBM is Roxanne Aldrich.
Bajinder, we talk a lot about technology on this show. So could you give us a brief outline of OCC's information technology vision and strategy? Specifically, how does your roadmap to infrastructure optimization maturity fit into your overall IT approach and align with both OCC's and Treasury's business objectives?
Mr. Paul: Absolutely, Al. In fact, a great, great question. This is actually a very exciting time for information technology at the OCC. Clearly, it's a very challenging time from a business perspective. The national economy and the financial disruption that's taking place across the markets, however unfortunate that might be, it is a great time for information technology to really add value to the mission of the OCC.
So last year we began with the information technology modernization roadmap. And really and in a broader context there are five major components to that information technology modernization program.
One is what I call "infrastructure optimization." What that means is that as our business is emerging through a variety of disruptions we constantly have emerging needs by the business. So we need infrastructure that is flexible, that is agile, that is able to meet the demands and the needs of the business at any given time. That means that having the ability to provision, performance, capacity, or system applications, on demand without a lengthy period of time is extremely important to us.
So we began the modernization of our infrastructure, so that included, for example, virtualization. That included cloud computing, so that the information technology would be available on time, on demand, as needed by the business.
Number two, what I call the "mobile computing." Two-thirds of the OCC workforce is highly mobile. I mean imagine these examiners throughout the country, traveling in teams, conducting financial examination and risk examination of the national banks in the banking systems throughout the country.
We have large teams of examiners physically residing in the Bank of America, the JP Morgan Chase's, and so forth. So they depend on robust, reliable information technology solutions to be able to conduct the business. And, as you can imagine, especially in the current climate with all the financial disruptions, having timely information, secure information is extremely important. So the concept of secure access to OCC information anytime, anywhere, using any platform is at the heart of our modernization program for mobile computing.
And, number three, is what I call the "enterprise system modernization." We have to be able to look across from a business standpoint and understand some of the business processes and identify efficiencies or opportunities where IT can add value, and retire some of the legacy applications. By that, we can then provide a common set of services to all of OCC users, retire our legacy system, reduce the total cost of ownership, and improve how our workforce is using information through technology. So that's the third component.
Number four, is what I call "business intelligence, data analytics." At the end of the day, the OCC manages, uses, consumes lots and lots of data, and whether it's mortgage metrics, or share national credit, or credit card information, to assess the risks of a particular bank or banking system.
So how we process that information, how we process the data, you know, this is the cool part. I mean information technology can really add value through business intelligence and data analytics, and we can be very proactive from an IT perspective and give the necessary tools and technologies for our examiners to have sort of a forecasting, predictive information so that in the future we can be much better positioned to assess some of the risks, impending risks in the banking system. So that's number four.
And, number five, is what I call "information sharing and collaboration." At the end of the day, our mobile workforce in the field and also our workforce in headquarters, we share information, we share document, we also share document and information with our regulatory agencies, like the Federal Reserve Bank, FDIC, the main Treasury, and also the TARP. So it is about collaboration and information sharing. And, my gosh, this is -- information technology can add so much value to that, so that's the fifth leg of our modernization program.
But at the end of the day, all of this is really geared to improving, also, reducing the cost, improving services, bringing the right innovation through these technologies, and safeguarding our sensitive information. So this is in a nutshell is really what the OCC ITT modernization strategy is all about.
Mr. Morales: So, Bajinder, I want to go back to the first element that you described around your strategy, and that's around infrastructure. And you mentioned virtualization. First of all, what is virtualization? And tell me a little bit about how it makes OCC more flexible and adaptive, and perhaps you can describe some of the benefits? But, more importantly perhaps, what are some of the challenges that you see in implementing this strategy?
Mr. Paul: Virtualization is really a fancy name in my opinion for server consolidation. Clearly, there are many, many, many benefits to server consolidation. One is obvious, you reduce the physical footprint of the data center, therefore, you have less number of resources, physical resources to manage. There's a power consumption. Going green has become a huge issue for the industry, so by reducing the physical count of the number of servers at the data center has a huge impact on the power consumption.
But, more importantly, we need to be able to provision what I call "capacity" and "performance on demand." What that means is that when it comes to application hosting and the capacity that is needed on the server side, we cannot contain them in sort of silos; they ought to be available at the enterprise level. Same thing at the storage area network level, we need to be able to tap that storage capacity on demand as needed by the business.
The overall affect of virtualization is that by having that performance and capacity available on demand we can provide quicker and agile solutions for the business. And I'll give you one example of where actually we did that.
So recently, for example, working with our large bank supervision business unit, they had a need where they wanted to be able to automate how they launched, allocated, and deployed their examination resources throughout the country. Now, this is large bank supervision.
Obviously, in today's environment there are huge sort of challenges in examining banks, like the JPMorgan Chase or the Bank of Americas and all that. And here we were able to provision technology, using a virtualized environment where we deployed a fully automated system, within six months, on time, that meets the performance requirements of the users. And we were able to launch a capability where now the large banks supervision business unit is able to an automated fashion launch and deploy their resources throughout the country. And that was using a virtualized environment. So it has many benefits.
The fact that that capacity was available, we could quickly allocate that to business needs. The fact that we were able to reduce the physical footprint in the data center and be efficient in terms of public consumption and truly have a framework moving toward a more green data center. So all of these components are really powerful virtualization scheme.
Ms. Aldrich: So staying on this theme, Bajinder, you mentioned cloud computing, could you talk a little bit more about to what extent cloud computing is a natural extension of virtualization? And, if I may, if you could tell us about the differences between sub enterprise and enterprise level?
Mr. Paul: Cloud computing is just a natural extension to virtualization. It's somewhat of a new concept now in the IT industry, but at the OCC we began implementing cloud computing many months back.
First of all, let me make a distinction between the sub enterprise level cloud computing and the enterprise level cloud computing. I consider virtualization within the OCC as a sub enterprise level cloud computing. By that what I mean is that cloud computing, the concept or the idea behind cloud computing is that one can provision system resources at the enterprise level on demand.
Well, by virtualizing we're able to provision resources across the OCC enterprise, and the example I gave earlier in a business application for launching and deploying examination resources for examining large banks, that system is known as "STARs," by the way. We deployed that using the sub enterprise cloud computing, within six months, on time, you know, within budget, within performance level metrics. So that's the sub enterprise.
At the enterprise level really looking at the department wide, you know, are there sort of technologies that can be shared across the department or the other agencies. Or, by the way, are there external cloud computing that is available that can be leveraged.
So, for example, in our security posture, we actually deploy for our network scanning IP addresses, we use an external cloud as a leveraged infrastructure services, and that allows the OCC not to have to manage the infrastructure, itself, but rather the data, data that is specific to OCC. So that's an example of really the enterprise level cloud computing that we, at the OCC, began implementing last year. So having those two contacts really allows us to manage the scalability, if you will, of cloud computing.
Ms. Aldrich: There's obviously a lot of discussion visioned around green computing, which you briefly mentioned. Is OCC moving in this direction? And how does your IT infrastructure modernization strategy facilitate this effort? Does it include a move to a thin client environment?
Mr. Paul: Green computing is really a one key or simple part of our modernization strategy. We talked about the virtualization. Clearly, I mean that is central to going green. The fact that we can consolidate anywhere from 10 to 1 or 15 to 1 consolidation of servers, whether it's on the application side or the database side, we are seeing significant reductions in the footprint, and that's having a very positive impact on the power consumption.
And clearly, I mentioned earlier that we are highly mobile workforce, that means that we need to be able to apply secure access to OCC information anytime, anyplace, any platform. That implies thin client.
All of these things, the thin client, mobile computing, virtualization is sort of leading to sort of the green computing, if you will, and that's something we pay very close attention to. In fact, beyond just the application and database server consolidation we are also virtualizing our storage network, as well. So the total environment is now virtualized on the back end and on the front end. We have a very sound methodology for managing the migration to green computing, and it's working quite well for us.
Mr. Morales: As we talk about how technology has enhanced our ability to share information, it's also made organizations more vulnerable to unlawful and destructive breaches, the whole issue around security.
Without giving away too many trade secrets, can you tell us a little bit about your Department's efforts to improve IT security and controls? And what remains to be done to remedy this overall challenge?
Mr. Paul: Clearly, Al, I mean we manage, we share or we use sensitive information across the Agency and we share that with other agencies, regulatory, as well. Clearly, security is at the central part of our IT modernization.
So this is what we do, we don't look at security strictly as a compliance component. We build our security in the life cycle of our information technology development. So, for example, in our SDLC, System Development Life Cycle approach, security is weaved throughout all the phases in the SDLC, from requirements development, from business proposition, to requirements development, to testing, to development, and in production deployment.
Our infrastructure implementation, same thing, in all aspects of the life cycle implementation security is central to that. In fact, at the OCC we have a different connotation or context for security; we call it "risk information management." It's really looking at the business risk, it's looking at the IT risk, identifying that as early as possible, and taking proactive measures to make sure that the security issues are addressed upfront.
Another example for security is that all our assets are fully encrypted. So, for example, our laptops, our desktops, our wireless devices, our GSS infrastructure is fully encrypted and enabled.
So we have a risk profile that is really weaved throughout the life cycle implementation. And so far, so good, but security is something that obviously keeps me up late at night, so it's something that we can never be complacent about. We always have to be vigilant, so we're doing that.
Mr. Morales: Now, one of the focal areas and there's been quite a bit written about this, coming from the MIT Sloan School of Business, is around this issue of IT governance, specifically, it being key to an organization's ability to respond quickly and effectively to changing needs. And you talked a little bit about that earlier in the first segment around some of the economic issues facing our country.
Can you tell us a little bit about IT governance at OCC, specifically, what are you doing to foster this enterprise view of technology as opposed to the sort of more traditional stovepipe view of IT?
Mr. Paul: I think governance is a part of the overall picture. I think it's about balance. Clearly, I think leadership is a critical part of managing change, and having the governance to facilitate the change, if you will, is important.
The governance at the IT consists of a number of things. Clearly, in terms of release management, there's a discipline that we apply. In terms of IT investment management, there's an enterprise architecture that guides our IT investments. There's a governance there. Clearly, in terms of how we manage our infrastructure.
So a broad perspective throughout the system development life cycle from managing IT investments to managing change, there are sort of disciplined approaches where the different components of IT, whether security or IT operations or application development, they have to be in constant engagement in terms of the checks and balances in managing change.
But I think ultimately it's the leadership, the executive level, it's partnership with the businesses, it's partnership with the customers, that can �
Mr. Morales: Welcome back to The Business of Government Hour. I'm your Host, Mr. Morales. And with me today is Bajinder Paul, CIO at the Office of the Comptroller of the Currency. Also joining us from IBM is Roxanne Aldrich.
Bajinder, given the recent financial crisis, which we've talked about, I'm sure that OCC has had to respond to many evolving and emerging issues affecting the banking system. With programs, such as TARP and the like, how has your organization had to change to meet some of these new demands and, more specifically, what role does your IT organization play in assisting OCC and broader Treasury in managing and monitoring some of these new programs?
Mr. Paul: Well, clearly, I mean this is, as you mentioned, a tumultuous time for the country as a whole. Obviously, the disruptions in the financial markets are causing a lot of hardships for our citizens.
At the OCC information technology has a critical role in helping the mission of the Agency in terms of managing the risk and supervision of the National Banking System. In that sense, it's a pretty exciting time for information technology, meaning what I call the "strategic business enabler," to find the right solutions so that we can respond to the emerging business needs of ensuring the safety and soundness of our national banks quicker, faster through information technology.
I mentioned earlier that that part of our modernization strategy includes having infrastructure that is flexible and agile, that can meet the demand of the business, so I'll give you one example of that.
Outside of TARP, and I'll get back to TARP in a minute, the OCC actually manages what I call a "national helpdesk," so if, for example, a citizen has a problem with a bank, a particular bank, a national bank, they can call the OCC, and the helpdesk is located in Houston.
The good old way of calling the OCC and registering an inquiry or complaint was, one, you pick-up the phone and you talk to someone. The other person on the phone would write things down or enter the information, or I could e-mail my complaint inquiry or I could fax the inquiry or I could write a letter and so forth. And that process would take days and weeks for the OCC to respond to.
Well, information technology obviously can play a critical role in sort of streamlining that process, so that ultimately we could respond to the citizen in a much faster fashion. So, sure enough, I mean working with our Office Ombudsman that manages the National Helpdesk, we -- information technology deployed internet based, web based solution, where anyone who has access to the internet is able to securely file their inquiry online.
And the cool thing was that in information technology the application, the system that we deployed has enough data validation checks upfront so if a citizen made an error, let's say misspelling a bank name and so forth, the application would correct that or flag that upfront so it could be corrected by the user real-time. The end result was that that inquiry would be filed so much faster and OCC could respond to that inquiry in an expeditious manner. And we did that.
So this was an example of using information technology, responding in this critical environment to help the citizens of this country. And it's kind of interesting, we're still collecting metrics but some of our backlog, for example, of inquiries, and we get about 70,000 inquiries a year nationally. Our two-month backlog has now dropped down to 20% now; by 80% we have reduced the backlog within two months.
So it's -- I mean some of the metrics are just immense. All of the data validation, data checks and so forth, they are done upfront by the system so that there's no lag of days and weeks and so forth, so we can respond to the citizen much faster.
Similarly, you mentioned TARP, clearly this was an opportunity for information technology at the OCC to be a strategic enabler, so that we could work jointly with the Federal Reserve Bank, FDIC, with the TARP Office Main Treasury, and provide a collaborative environment where an application for relief program could be processed and shared by the -- all the respective agencies in a much more expeditious way.
Information technology at the OCC was able to deploy a secure, sort of a private cloud network for collaboration that allowed all of these agencies to share TARP applications and processes applications. So absolutely, so we play a critical role across the mission of the Agency, at the TARP and in the delivery of services to our citizens.
Mr. Morales: Now, Bajinder, I've been reading a lot about something called "XBRL," which stands for the extensible business reporting language. What is XBRL? And how does it simplify the exchange in use of business and financial performance data?
Mr. Paul: XBRL is, think of that as a like a standard, it's a protocol for sharing information, financial information, and why is XBRL important? Well, it's important because we share information with other banks, and we're talking about thousands of banks across the country. Not only OCC shares information or data with the banks, but other agencies, other regulatory agencies, like FDIC and OTS, for example, or the Federal Reserve Bank.
The idea behind XBRL is that if you have a common standard for data exchange, a common protocol, then the accuracy of data coming in from the bank could be in a common format, you would spend less time validating the information and more time using and analyzing that information.
So just to give you an example, there's something called a "call data report," or CDR. This is a quarterly report mechanism where more than 8,000 banks file in their quarterly information to OCC, FDIC, and OTS. And about two years back this program went through a major modernization where XBRL became sort of the standard mechanism to exchange information.
The data validation before and after, there's a tremendous difference. I mean the number of hours that the agencies would spend before the XBRL modernization used to be in days. And now it's been reduced to hours.
So what that means is that now the examiners are spending more time analyzing the data as opposed to validating the accuracy of the data coming in. So XBRL, having that sort of standard format, the standard protocol allows the agencies to accurately share the information, spend less time on data validation, and more time on analyzing the information.
Ms. Aldrich: Okay, Bajinder, I'm going to change gears just a bit and ask if you could tell us about your efforts to assist OCC's large bank supervision department in modernizing its strategic resource planning. And also if you could tell us how the strategies and resources application, also known as STARs, which you mentioned previously, how that works to eliminate duplicative reporting processes and ease administrative burdens?
Mr. Paul: STARs has been a huge, huge success at the OCC. It was really one of many enterprise solutions that we deployed, and it was a value proposition. As I mentioned earlier, that the large bank supervision, they examine the largest national banks in the country, there are roughly about 18 of those largest banks, and in this difficult time the large bank supervision business unit needed an efficient way of identifying a set of resources or examiners that that can be deployed or launched at a particular bank, depending on the particular need.
The good old-fashioned way of doing was that it would be done quite manually. Each set of examiners or the sub business units had their spreadsheet and they would manually go through the process of identifying people and resources and strategies, and that took weeks and at times even months to assemble a team and launch a team.
While the STARs Program, this is where the CIO, myself, and the head of the large bank would team as partners in understanding the business needs, and from there we'd develop an IT strategy.
And sure enough we were able to establish what I call the "IPT," which is the integrated product team, which consisted of IT experts, business users, on the large bank side, and jointly we went through a development process where we used a commercial off-the-shelf solution, COTS package, and it was incredible, within six months we had a solution for the deployed, fully tested, by the users, and it's actually being used now to help the large bank supervision in identifying, launching, and deploying their resources.
And we're still collecting metrics, but clearly we have gone from the era of where we take days and months possibly in launching resources, to really a matter of hours and a day at the most, for example. And that's important, because I mean the important mission that that OCC is involved in, which is to manage the risk for large banks. STARs has been a huge success.
Ms. Aldrich: In some quarters there's a perception that Government lags behind the commercial sector in technology innovation. So I have a two-part question, essentially. First, do you think this perception is accurate? And, second, how do you think Government could enhance its position to become a leader and driver for leveraging technologies?
Mr. Paul: I wouldn't generalize that perception. I think maybe in some of the agencies that perception may be reality, but my experience has been back when I was in the Department at justice, at HUD, and clearly at the OCC, these agencies are really lock-in step with the private sector, and we're pushing the envelope in many of the cases.
For example, we talked about virtualization. We talked about cloud computing. I mean cloud computing, for example, has become the latest topic, and it's a great thing that we, in the Federal Government, ought to be doing, but at the OCC we began using the cloud last year. So really we are at sort of the leading edge, if you will.
Agencies need to focus on innovation. A number of agencies are clearly at that level. OCC, the fact that we are using the cloud to leverage our infrastructure, which I call the "on time delivery," the fact that we are using thin client, mobile computing, business intelligence, data analytics. You know, that's tremendous sort of capabilities in terms of the innovation of using technology in a way that really enables the business.
So I mean I think that's the perception that the Federal Government lags behind private, I think that's a fast perception, it's too generalized. My experience has been there's a good partnership and the agencies are pushing the envelope and they're using leading technologies.
But I think at the end of the day it is truly about partnership between the public and the private sector, and I do want to make a plug in here that, indeed, I think the private industry also has a set of responsibilities in not only looking at technology for the sake of technology but really coming to the agencies and talking to the leadership and understanding the mission of the agencies. And I think once the technology service providers understand the mission then they can also talk about the right technology.
And, clearly, at the OCC we do that all the time and that's why we are able to leverage the state-of-the-art technology, and I think we need to do more and more of that across the Federal space.
Mr. Morales: So along this same theme of partnership and collaboration, Bajinder, what kinds of partnerships are you developing to improve IT operations or outcomes? And how do you think some of these partnerships are going to change or evolve over time?
Mr. Paul: I think partnership is critical, it's central, and there are different levels of partnership clearly. There's a partnership that I leverage within the OCC. I think it's important, as I mentioned before, that the CIO has to be seen as a business enabler.
So I have to have a strong partnership, a trust with my counterparts within the Agency. They have to be able to see that, indeed, as a CIO I am lock-and-step with them in delivering a set of capabilities that will enable their business or their outcome, their mission, and so forth. So that's one level of partnership.
The other level of partnership, which is extremely important, is really at the Department or the Federal Government level. We need to be leveraging solutions and technology that can be leveraged, that is available across the Federal Government, so that, for example, at the CIO counsel level there's a level of partnership there.
Third, which I think is extremely important partnership, that's between the public and the private sector. Recently I spoke at the Industry Advisory Council, IAC, in Washington, D.C., and my entire focus was on partnership.
I think it's extremely important, when I meet, for example, with the technology service providers, I ask them, I say, "When you come and meet with me demonstrate to me that you understand the mission of the OCC, demonstrate to me that you really understand when we talk about supervision or regulation of national banks that you, indeed, understand some of the challenges."
And when we have that discussion in that context it is amazing the synergy, the partnership that can be achieved, and that's something that I'm constantly speaking about in my meetings, in my presentation. In fact, some of the initiatives that you might have seen that's coming out of OCC, there's a technology refresh initiative coming out. Before that, we were consolidating our application contracts and so forth.
And one of the things that we did was we put out RFIs, request for information, and that was really to engage the industry and get their best practices, ideas, and so forth so that as we -- ultimately, when we sent out the RFP our RFP would reflect those best business ideas and so forth.
So partnership works at multiple levels but it's an important part of CIO in functioning and providing the best solution.
Mr. Morales: So, as you mentioned, really the key here is that it's -- there's layers of collaboration and partnerships, and those are very important, but at the end of the day they need to be aligned around the core business of the OCC and the understanding of the business.
Mr. Paul: Absolutely, absolutely, yes.
Mr. Morales: Great. So I want to go back to I think one of the critical dimensions of OCC, and this is the issue of your mobile workforce, the fact that you have I think something on the order of about 40% of your workforce is deployed, as you described, at a bank, in the field, doing their supervision and their operations. So tell me a little bit more about how you support these folks that are outside of the four walls of the OCC?
Mr. Paul: Really in OCC we use the expression, "business first, customer always." It is business and there's -- it is all about serving the customer, that's really our motto in terms of the IT services. What's really important for me is that we understand what's working in the field or what's not working, and we capture that information and make sort of decisions on an ongoing proactive basis.
So, for example, I have a number of resources, staff in the field, you know, district offices, field offices, and they have established what we call the "centers of excellence." Different areas, regional areas, have a different set of expertise or technical expertise that's needed by the examiner. So our workforce in the field has established these centers of excellence, they focus on, for example, information collaboration, office productivity, remote access solutions, application development, training, and so forth.
So the idea there is that there is a set of expertise available in the field as needed by the examination workforce, so if someone has a need for setting up a collaboration site or if someone has a particular need about remote access for an application, that these resources are available on demand as needed in the field, and that's working well.
And I like to gauge that, I like to collect information. So, for example, we use a system for helpdesk tickets, and every morning I come into my office, I look at the dashboard. That dashboard I can tell what's going on in the field office, in the district offices. I can see trend analysis, and I can see where are some of the pain points, whether it's the network or application performance issues and so forth. And within the first 10 minutes I can make a quick set of decisions, and I can pick-up the phone and call the person in the field and find out what's going on. So this is what I call "data driven management," I look at the data and I use that to drive the management of satisfying the customer.
The other thing that we do within OCC is I have customer satisfaction surveys, that's a leading indicator of what's going on. In fact, recently we conducted one and, my gosh, I was quite pleasantly surprised that our customer satisfaction was close to 90%. So that information is very helpful, and the majority of the information comes from outside of the four walls, if you will.
So I use that information to constantly, proactively understand what the priorities are, what the pain points are, and then proactively address those needs.
Mr. Morales: Great, excellent.
What does the future hold for the Office of the Comptroller of the Currency? We will ask its CIO, Bajinder Paul, to share with us when the conversation about management continues on The Business of Government Hour.
Mr. Morales: Welcome back to our final segment of The Business of Government Hour. I'm your Host, Mr. Morales. And today's conversation is with Bajinder Paul, CIO at the Office of the Comptroller of the Currency. Also joining us from IBM is Roxanne Aldrich.
Bajinder, given the critical role IT plays in mission and program delivery, could you give us a view on how the role of the CIO has evolved but more importantly, what are some of the key characteristics of a successful CIO going into the future?
Mr. Paul: Absolutely, Al, and that's a very important question. The role of the CIO has changed and it must be changed. The CIO can no longer be the manager of what I call "IT resources." The CIO no longer can be seen as a techy, and exist in his own silo. And the CIO's new role has to be a business enabler. The CIO has to be at the table with the heads of the other business units, and has to understand the business first and then align information technology to those business priorities.
The CIO has to maintain the level of transparency, focus on reducing the cost of IT, focus on innovation. But, more importantly, aligning information technology to the business priorities of the agency.
Ms. Aldrich: Along these lines, Bajinder, what are some of the major opportunities and challenges your organization will encounter in the future? And then how do you envision your office will evolve over the next three to five years?
Mr. Paul: Yes, I mean I think there are many, many opportunities that we're looking forward to, as well as challenges. Clearly, all of you can understand that with all the disruption in the financial markets the challenges are immense. But at the same time I tend to see the glass as half full, as opposed to half empty.
And so I see lots of opportunities in information technology. I described my -- the information technology roadmap earlier. I think the business intelligence data analytics is going to be a huge enabler for the business of supervision and regulation of the national banks.
At the end of the day it is all about how we manage and process data to proactively take corrective actions, so I think technology will play a key role. I think cloud computing is going to be tremendous. I think we need to tap into the cloud and really, truly provide on demand solutions to meet the business needs. So I think those are some of the key opportunities.
And, again, the challenges for OCC, at the OCC, is that there would be constantly emerging business needs as we go through the financial disruptions and so forth, and the environment becomes more stable, the IT has to remain very agile and be flexible.
Ms. Aldrich: Bajinder, you mentioned a lot previously about how important team effort is, both within your organization and government, overall. Having said that, could you elaborate on your approach to empowering your employees? How do you lead change and enable your staff and those within the organization to accept the inevitability of change and make the most of it?
Mr. Paul: That's a very important question, by the way. I mean I think the human capital is probably the most precious sort of resources that any leader can have, and motivating and leading that -- those resources is really the key.
Yes, as I mentioned earlier, I think teamwork is of the utmost importance in any endeavor, especially in information technology. From my leadership standpoint, I believe in mentoring. I believe that all of us if we provide the right set of resources in a team environment that we can rally uplift our employees, and we do that.
At the OCC we use what we call "IPTs," which are the integrated product team. A typical team consists of employees from security, infrastructure, application, and from the business side. And each team member has roles and responsibilities. And it is interesting that when you induce that cross-communication and in a team setting the employees feel empowered, they feel as though they're no longer locked in their own little silo, but they're actually communicating and they're understanding and they're learning more.
And then, number two, is the recognition. It's very important that we recognize employees. At the OCC I make it a huge thing to recognize our employees. For example, even small things, like on a weekly basis, every Monday morning I send out an organization wide e-mail recognizing the contribution, no matter how big, no matter how small, but that an employee or a set of employees have made.
And it's just amazing, I mean the feedback that I get. I do simple things like, for example, having brownbag lunches with the CIO, and we have employees that come from all over the organization within IT, and it's an opportunity for them to have an informal conversation.
And so all of these things, there is no one silver bullet, but I think recognition, teamwork, IPTs, having an opportunity for informal discussions, ideas. We have boxes where throughout the hallways where the people, you know, employees can put in their ideas and so forth. And we talk about those ideas, so it's those type of recognition which at the OCC have been really central to the success of information technology.
Mr. Morales: So it's really tapping into the power of the masses?
Mr. Paul: Yes, absolutely, absolutely, yes.
Mr. Morales: That's great. Now, Bajinder, I understand that you are a recipient of the Federal 100 Award. That's just fantastic, so I have to take this opportunity to tap into you and ask you, aside from things like cloud computing, which you've talked about, what are some of the other emerging technologies that you think hold promise for improving Federal IT as you look into the future?
Mr. Paul: Well, I think we need to leverage the internet more and more. Web 2.0 I think is huge. I think we need to be paying particular attention, also, to social networking. I think mass collaboration will be huge. Again, the idea would be, is that we are to be able to communicate, share information from anywhere throughout the country anytime.
So I think leveraging the internet, Web 2.0. I think looking at mass collaboration technologies. I think business intelligence. I think data analytics is huge because most of the agencies process and consume and use data to make sort of decisions, so I think that those technologies are to be paid particular attention to. So those are some of the technologies I think we need to be focusing on.
Mr. Morales: That's great. Now, at the start of the Show, you told us just a wonderful story of how you got started in Federal Government. So I'm curious, what advice might you give to someone out there who may be thinking about getting into Federal Service?
Mr. Paul: You know, I mean I get very emotional about public service because I mean there's a deep conviction within me that drove me to become a public servant, and that conviction comes from the fact that I fundamentally believe that is my way of giving back to the country, to the citizens of this country.
And really I mean that's why I left the private sector. It's not about making money; it's really making a positive impact to the nation, to the society. And I think that conviction has driven me to work hard in the Federal Government, and all of these achievements that we have talked about, the Fed 100 and so forth, I mean I'm humbled by those, but I think my perspective always has been grounded in the fact that it is my responsibility and duty to serve the public. And that's why I'm in the public service arena.
So my advice would be, look, come to the Federal Government. The Federal Government needs your talents and we need to serve the public, but come with the conviction that it is about serving the public, it is about serving the country, it is about serving the citizens. And once, if you have that conviction, my gosh, I mean Federal Government, we have so many opportunities to make a huge impact.
And I'm a living example of that. I mean I came from a very humble beginning, and only in this country can someone have such opportunities through hard work. So that's -- that would be my advice.
Mr. Morales: That's a wonderful perspective. Thank you very much. Bajinder, unfortunately, we have reached the end of our time. I want to thank you for fitting us into your busy schedule, but more importantly, Roxanne and I would like to thank you for your dedicated service to our country across the many roles that you've held in Federal service.
Mr. Paul: Well, thank you very much, Al, and thank you, Roxanne. This -- I really enjoyed today's discussion. It was my privilege and honor to be here with all of you.
I just wanted to say that for you listeners if you would like to more about OCC please go to occ.gov, the website gives lots of information. And I look forward to future conversations.
Finally, I do wish to recognize my staff, some of the successes that I've talked about, you know, I'm just the mouthpiece, if you will. The hard work really comes from my staff, who are a dedicated set of men and women who work hard behind the scenes, and I just want to recognize them. They are making a huge impact to the business and the mission of the OCC, and I'm very proud of my organization.
Mr. Morales: Great, thank you.
This has been The Business of Government Hour, featuring a conversation with Bajinder Paul, CIO at the Office of the Comptroller of the Currency. My Co-host has been Roxanne Aldrich, Partner in IBM's Treasury Practice.
As you enjoy the rest of your day, please take time to remember the men and women of our armed and civil services abroad who may not be able to hear this morning's show on how we're improving their government, but who deserve our unconditional respect and support.
For The Business of Government Hour, I'm Albert Morales. Thank you for listening.
Announcer: This has been The Business of Government Hour. Be sure to join us every Saturday at 9:00 a.m. And visit us on the web at businessofgovernment.org. There you can learn more about our programs, and get a transcript of today's conversation. Until next week, it's businessofgovernment.org.