Federal export insurer fails to recognize own risks

IT-Rechenzentrum mit Servern
Replacing the IT landscape is always a major project. (Symbol image: Taylor Vick / unsplash)

Switzerland’s export risk insurer, SERV, has already botched its IT transition twice. The Swiss Federal Audit Office (SFAO) attests to a disaster for a company that actually wants to manage risk.

The auditors of the Swiss Federal Audit Office SFAO once again had a sharp nose when they singled out an IT project for inspection.

For the second time, they rushed to Switzerland’s state export risk insurance company, SERV, and unearthed unbelievable abuses.

No more support

SERV’s IT disaster occurred as follows, according to an SFAO report Thursday: The well-known core application Navision has been in use at SERV, with some in-house developments, for about 17 years.

However, since 2015, it no longer had vendor support for the core application.

To replace it, SERV has already tried two approaches. First, it wanted to redevelop the existing Navision application with a service-oriented architecture approach.

Explosion of costs

This resulted in a landscape with around 23 applications, but it was not possible to replace Navision. In the end, this application landscape was no longer manageable for SERV in terms of operations and costs. 

As a basis for deciding how to proceed, SERV and a consulting firm conducted a market analysis together.

It became clear that there was no standard application for SERV’s specialized business. Therefore, the Swiss state-owned company decided to build its own standard application, together with a French partner.

Scheduling and quality problems

This was also intended to transfer product responsibility to this partner so that SERV’s resources could be focused on the core insurance business. However, SERV abandoned this attempt following problems with deadlines and quality and the threat of cost overruns. 

As a consequence, SERV has taken product responsibility back into its own hands and chosen an approach that can be implemented step by step.

To this end, SERV, which administers risks amounting to several billion Swiss francs, loosely awarded a contract worth 148,000 Swiss francs. However, due to the previously unrecognized complexity, it had to increase this to around 257,000 francs.

Another outdated program

However, after several years, SERV now has a manufacturer-supported product once again. Bizarrely, support for this 2014 version will already expire again shortly in October 2023.

Still, the state insurer took a significant step toward ensuring its ability to do business, financial auditors judged amid all the confusion.

Furthermore, the state-owned company must now make the planned software upgrade to the current 2019 version in a timely manner, the auditors warned.

15 million more

SERV wants to take on the new product responsibility together with two external technology partners. It has put out to tender the services required for the main project and the subsequent utilization phase in an open procedure.

This involves Microsoft Dynamics 365 Business Central (MS BC) with a procurement volume of around 10 million Swiss francs and Java with a procurement volume of around 5 million Swiss francs. Both procurement procedures had been largely completed at the time of the audit.

SERV made a loss of 82 million Swiss francs in 2020. In 2021, it reported a corporate profit of 88 million Swiss francs.

Failure to recognize risks

Finally, the auditors were positive in their assessment that SERV’s specialist and IT departments showed a high level of commitment to implementation. The quality and risk management processes were also actively practiced.

Nevertheless, significant risks arising from the lack of basic principles were not identified until the independent quality and risk manager was introduced, they said critically. This is actually an indictment for an insurer, because managing risks is actually part of daily business.

Planning imperative

However, according to the SFAO, milestones with the necessary prerequisites for operation in the new operational structures were neither defined at the control level nor taken into account in the planning (“critical path”). This critical path planning would now have to be urgently elaborated by the SERV as a steering instrument together with the implementation planning.

Both the federal government’s export insurer and the responsible State Secretariat for Economic Affairs (SECO) have issued statements promising improvement in the future. They also say that the assessments of the financial auditors are correct and that some of the recommendations have already been implemented.

It probably wouldn’t be a bad thing for Switzerland if the SFAO were to visit the disastrous SERV IT project for a third time.

02.02.2023/kut./ena.

Federal export insurer fails to recognize own risks

Leave a Reply

Your email address will not be published. Required fields are marked *