“We’re experiencing continual growth because users love the software.”Tony Zatelli | CTO, Strategic Risk Associates
When a Spreadsheet No Longer Cuts It
Strategic Risk Associates (SRA) had for years been trusted by numerous regional and national banks to advise them on their internal risk. As is normal in the financial industry, SRA had created their risk models for their customers within Excel spreadsheets. The spreadsheets were functional and demonstrated to SRA’s customers their deep expertise in enterprise risk management, but there was a problem.
It quickly became apparent that while the spreadsheets worked, they required a lot of hand-holding, multiplied rapidly, were error-prone, made it impossible to track versions, contained a lot of valuable IP, had no auditability, and were extremely limited in the amount of value that customers could derive from them.
In short, they just weren’t enough. They knew they couldn’t just throw their spreadsheets in a web browser, they needed to fundamentally rethink how they approached their risk management process.
Digital Product Design, UI/UX Design, Product Strategy, Software Engineering, DevOps
Reaching a Shared Understanding
Our partnership with SRA went beyond just recreating their spreadsheets on the web; together we sought to create a long-term vision of what digital risk management could be. We worked closely with SRA to create a tool that didn’t just meet the needs of their customers and regulators, but was also usable, scalable, and secure.
Through discussions and interactive sessions with SRA and their customers, we worked to identify their core users and their needs. As we quickly gained a deep understanding of their customers’ challenges and needs, we realized that our first step was to throw the whole idea of the spreadsheet out the window. Spreadsheets are useful for so many tasks, but simply recreating a spreadsheet on the web would have only shifted the location of the challenges they faced.
Turning to Simple Thread to help us execute on our vision was the best decision we made.
Prioritizing What Matters
With a much better picture of user needs, we set out to understand what features would be driven by those needs, and most importantly, how to prioritize them. We knew that in order to get the first version of their product launched quickly, we would need to understand what features brought the most value with the lowest overall effort.
What I appreciate most is their entrepreneurial spirit, across the entire team, and how they actively seek for the optimal solution in every situation rather than simply doing what we request.Niki White Chief Customer Officer, Strategic Risk Associates
Quickly Experiment, then Iterate
With a solid set of features in mind, we began to quickly sketch how the product might meet user needs while also working to understand the user’s flow through the application. By starting with sketches before progressing through to a full prototype, we were able to quickly validate design ideas and iterate on the user experience.
Designing for the Customer
While the prototype was coming together, we started to flesh out the technical design of the product. We knew the system needed to meet the basic benchmarks of scalability, reliability, and security. But that was just the start.
In order to meet SRA’s customers’ complex needs, the system itself required some inherent complexity. Customers needed to track their risk, but also needed to be able make changes to their models over time without affecting their historical data. They needed deep auditing and introspection to allow validation of the risk models they were using. Our team invested in significant planning in order to design a system and data model that could support these needs, and provide for future flexibility.
Engineering a Reliable System
If a system isn’t accessible, then it doesn’t matter how well it was designed. We all know that reliability is one of the most basic needs, So we created the system as a cloud-native application using the Twelve-Factor principles, which allowed us to deploy it to the cloud in a way that gave us the scalability, reliability, and redundancy required.
The system runs in AWS, with the environment orchestrated using infrastructure as code tooling. It is deployed by a single command, across multiple availability zones, with backups spread across multiple regions, to meet a stated goal of 99.99% uptime and a short RTO in case of a complete regional failure. In 2019, the system had just 17 minutes of downtime and supports dozens of large banking institutions.
Simple. Better. Loved.
SRA’s risk management product is creating enthusiastic fans among their customers. More than a few have sent them emails raving about how easy the system is to use, how much it simplifies their interactions with regulators, and how much visibility it gives them into the risk within their institutions. We continue to work with SRA to grow and expand their product, and couldn’t be more excited that we got to help them bring their idea to life.