Host Intro (Gene Kim)

All right, the next speaker is Jagpal Jheeta. He is Head of Regulatory Systems at the Financial Conduct Authority in the UK. I love their mission, which is to ensure that financial markets be honest, fair, and effective, so consumers get a fair deal, and to ensure that these markets work well for individuals, for businesses, and to the economy as a whole. To do this, they regulate the conduct of over 50,000 businesses.

In his role, Jagpal is accountable for the front-office product teams that are critical to the business operations of the FCA.

I love this talk for a variety of reasons. One is that most technology leaders in banking have heard countless times that their regulators would never let them do DevOps. So I love that we get a glimpse into how an organization with regulatory responsibilities is using DevOps to better achieve their mission. So take that.

Two is another reason I love this talk: Jagpal shows a path less taken within the DevOps Enterprise community. We often hear about stories where technology organizations went primarily from outsourced talent to insourced talent, but we have far fewer experience reports where high performance is created within a primarily outsourced ecosystem. And so I'm so excited that Jagpal will share not only how he's done this, but why he thinks it's so important. Here's Jagpal.

Jagpal Jheeta

Thank you. Thank you, Gene, for that wonderful welcome. It's great to be here in Amsterdam, and over the next 20 minutes I'd like to take you through how we use a largely outsourced IT ecosystem to make sure that the UK's financial services industry stays open for business, that we protect our consumers across the UK, and that we continue to drive innovation in one of the most important aspects of our economy.

I'm here to also convince you and talk about how this can work. An outsourced IT ecosystem works, and for us, over 80% of our teams are delivered through outsourced partners.

As we talk through this, there are some highlights I'm going to take you through. I'm going to give you a bit of an overview as to what the FCA is, because I recognize that there's a bit of demystifying that needs to take place as to what the regulator does. I'm going to take you through how we build a win-win culture and develop ourselves to have real successful partnerships with our suppliers, and also recognize that things don't always go to plan. Specifically, what do we do? What's our role as leaders as we're going through that journey to make sure that we do come out the other end in a better place?

So, a bit about the FCA. The UK's financial regulator is accountable for a number of strategic objectives. We're an independent public body, so we're not affiliated to the government. We're funded by the fees given from those firms that we regulate, and the FCA works to ensure that markets work for individuals, for businesses, and the economy as a whole. We have three core objectives.

The first one is to protect the integrity of the UK financial system. That's really important. And if we look at all of the macroeconomic shocks that are happening, if we look at what's happening around the world now, it's more important than ever. When things don't go right, well, we all know what happened in 2008, and that's clearly something that we need to avoid.

Our second objective is to protect consumers from bad behavior and bad conduct. We also know that in times like this there are lots of scammers out there, lots of bad actors. We know, for example, there's lots of crypto people taking advantage of those who don't know necessarily how to manage their financial affairs and scamming them. Our job is to protect the most vulnerable in our society.

The third one for us is, whilst we are absolutely a regulator and looking at how firms work within certain controls, we also do want to drive effective competition in the interest of consumers, whether that's launching new financial products, but also making sure that the UK is a hub for technology and financial innovation, FinTech across the world.

Our work includes regulating and managing the conduct of over 59,000 businesses around the world, and we set specific standards for over 19,000 firms. These are firms where if they were to fail, if there was to be a significant impact there, that could cause detrimental harm to large communities across the UK. Our job is to stop that.

So that's the FCA at a really high level. What does that mean for technology? Well, my job at the FCA is to run all of our front-office technology. That means that my teams design, build, implement, and importantly run all of our front-office technology.

I have a team of about 100 FCA people. The FCA in total is about 5,000 people. So that's quite a small number. The only way that I can deliver all of the technology that we need to build it and run it day in, day out is through outsourced partners. I have another 500 people that I have through outsourced partners, so over 80% of my teams are managed externally. When you add in the 100 plus the 500, that's 600 of 5,000, and nearly 15% of the workforce at the FCA is through my group. So that's a big, big component.

Now, the FCA is really proud of the fact that we are one of the first regulators in the FS industry worldwide to be fully cloud enabled. That means we have no on-premise software. That's both a blessing and a curse: a blessing because we can pivot and change, a curse because we've got to constantly and continuously invest in our people, but also take our business through that change journey so that they know how they can exploit that.

It's also worth recognizing that the FCA is primarily accountants and lawyers. There are over 3,000 of them in our group who are not digitally native by design. So my job as a leader is to make sure that we're taking our suppliers on that journey, but also working with our other leadership teams, making sure that we're increasing our digital knowledge across the group as well.

Changing behavior is really hard, and I am going to talk about some of the pitfalls later. But I think we all recognize transformations and making change is a big, important part in how we communicate and take people on that journey so that we all reach the next phase, the next milestone, the finish line together. It is something that we are all absolutely focused on.

So how did the FCA's journey begin? Like anything, it started with a crisis, and the saying is, you never let a crisis go to waste.

Back in 2013, when we had traditional technology, we had big, massive projects of work that took multiple years and cost millions and billions of pounds to deliver. There was a challenge set by our board, which was to deliver consumer credit regulation within nine months. At that time, our technology leadership team recognized that we could not deliver it with the way of working that we had. Specifically, they brought together some of our business folk alongside technology folk and decided to take a completely different approach, using a software-as-a-service outsourced provider that delivered.

What that meant was our board saw that there's a different way to do things, and that started to lay the breadcrumbs for our journey. So that was back in 2013. Now, over the next 10 years, fast-forward to 2023, we're in a position where, as I said, we're the first regulator, everything is in the cloud, fully software-as-a-service. We've changed our organizational model. Our teams are fully product-orientated, and that works.

But in this wheel, I try to describe some of the key ingredients and how we make sure that continues to work today, tomorrow, and in the future.

Starting with segment number one, my job is to make sure that we are incentivizing our partners. It's really important that my success is measured on building and running great technology capability. I am not here to run contracts and be a contract manager. I'm here to build and deliver great technology.

That means I've got to incentivize both the account teams for our suppliers and also make sure that our teams are talking to the individual engineers who could be 5,000 miles away working with product owners here in the UK. So we've always got to be selling and exciting and motivating our teams.

We've got to be really clear and transparent as to what are the outcomes, and let our teams have a relationship where they feel that they can input into how we're going to build software and ultimately drive and deliver better value faster for the FCA.

The third one you'll see: I talk about getting the business on board. Personally, I loathe the term "the business." Very often I've worked in organizations where the business sees technology as someone who they go to, an order giver and an order taker. I'm really, really keen that actually I always talk about how I get a paycheck from the FCA, and just like everyone else in the FCA gets paychecks from that same organization. So I use the term front-office business, but I'm really clear and keen to call out what their part in the relationship is, as well as my part and my partners', my suppliers' relationships are as well as you work through this wheel.

Again, I'm very, very keen to make sure there's an open, honest dialogue with our partners as well. In segment number five, I talk about growing our own: knowing where the handoffs are, the RACI model, the responsibility and the accountabilities of the FCA versus our suppliers is really important. Ultimately, if anything goes wrong, it's on my job. It's my team's responsibility to make sure things don't go wrong.

The FCA, and we heard from HSBC just before, sets really, really high standards for operational stability for the firms that we regulate, and we expect the same of ourselves. So knowing where those handoffs are and making sure that everyone is aware of those and aligns to those is really important.

As I work through these, number seven is about having an open dialogue with our teams. It's really important to recognize that when you are working with outsourced providers, what you say and what you hear are two different things.

I think English is a wonderful language. However, it's very subjective, and that's where the use of DORA metrics comes in. Actually, through that and through common sets of metrics, and we don't change this in any way, the metrics we use within all of our teams are exactly the same. So we speak one language: How long does it take to deliver a piece of value? How long does it take us to get through our backlogs? But also positive metrics like mean time to restore really change the narrative because everyone's part of that. You build it, you run it, you own it.

Just to go back in terms of the open dialogue, one of the things that we are really keen to do is understand for all of our teams, and specifically those that are based in India, what motivates them? One of my suppliers has 300,000 engineers working for them around the world. The teams that work for me get lost in the rounding, right? It's a blip. But why do they want to work for the FCA?

So we do lots of things. We make sure that post-COVID, we go out and visit their teams. We make sure that the teams from India come and visit us in the UK, but we also make sure that we heavily lean in and invest on key events. So Diwali, for example, back in November, we made sure we had a big town hall. We let two of our suppliers run it together, and we even had our CEO join it and speak at that event.

There aren't many customers that my suppliers have where the CEO talks to them directly about the work they do. The amplification effect, the emotional loyalty that buys is phenomenal. Again, this is all about building and creating that ongoing win-win situation.

So having one global language is really important. In this circle, I talk about how we initiate work together to make sure that we are not creating that order-taking relationship with our suppliers. Whenever we start a new piece of policy, a new piece of technology capability, my teams that are based offshore or onshore join with our frontline business teams to understand: What's the business challenge? What's the policy? What's the change we're looking to make? How can we go about it and approach it, and how can we make sure that we are delivering value again on a sprint-by-sprint basis?

My job is to make sure that we are inspiring suppliers to want to work with us. We all know that last year, with a digital expansion and all the funding that got released post-COVID, there's a huge amount of work going on. So how do I make sure that the FCA and suppliers want to work together, that they want to work with the FCA? That part of my job is almost selling it to them.

We have daily standups. We make sure that those don't change. I think everybody does that. But more importantly, I make sure that with senior leadership teams for my suppliers, where we have those gnarly, complex, must-do deliverable programs, we have either a weekly or a fortnightly cadence call with either the regional or EMEA heads for those organizations, so that we all are on the same page. We are all delivering the FCA's objectives, and importantly, there's no backbiting between my suppliers as well. We're all in this together.

There are some quotes I'm also going to give you that didn't quite make this slide. One of the quotes is from an engineering manager who's based offshore, and he said by the changes that we've seen over the last few years, he really feels not only is he working for the FCA, but he has a seat at the table. That seat enables him to challenge positively, enables him to bring forth backlog items that are going to make sure that our stability increases, but also that we are delivering exactly what our business customers want.

We have sponsors in the FCA who ultimately go and get the capital to build new functionality. One of the quotes I've had from them is that we're reducing the number of surprises that they have every day. That's really important, because as a regulator, we are very, very focused on risk. Reducing surprises, reducing risks, means that we are connected to the language that our business is talking about.

Finally, there is a quote from one of our ExCo members who says that they know that we are now delivering with certainty. Delivering new features with certainty: that's a great tick in the box. But more importantly, we are reducing our technical debt and we're improving our operational stability. As I said earlier, we are measured by the standards we set of our firms for operational excellence, and we apply those to ourselves. So if we can make sure that every new piece of technology capability that we release into production increases our operational stability, that's a great thing for the FCA.

So there are some of the things that we go through to make sure that we're all talking about one global language, that we're all on this journey together. And as I said, if my suppliers fail, I fail. If I fail, the FCA fails. If the FCA fails, the UK financial services industry fails. So we all have to win together.

That's fine when things are working, but as we all know, we all have scars. Things don't go to plan. Last year we had to pivot because of Ukraine. We also had to pivot because of the cost-of-living crisis and inflation running far, far higher than it has been. So what do we do to make sure that we don't revert to old behaviors?

My job as a leader within the FCA, as a technology leader, is to make sure that we are absolutely focused on the mission of delivering, but also how we deliver. I make sure that we are boosting agility, that we are removing blockers, that we create an open culture where all of the developers, and I think it was just said in the talk before, we are removing all the blockers, the barriers, and getting out of people's way so they can deliver great, great software every single day.

Building that confidence in the teams takes time, and trust is a really key element. When I joined the FCA back in February 2020, there was a program I inherited, as most people do when they join an organization, that was bright red and on our critical path for our data center exit. I turned that program around. I turned it around because I worked with people like Ben Grinnell here in the audience joining me, and we took the same team that was failing.

We started to unpick what were some of the challenges they were having. We then got a real sense for how fast can the team deliver, what are their blockers, and then based on their real achievability, and breaking things down on a sprint-by-sprint basis and shouting about them, we got some really good positive traction and turned that program around. In the end, that program delivered, and it delivered to the FCA's core technology strategy, an overarching strategy as well. So that's a great success story that, again, we live together to tell.

Some other things for us: ways of working continue, and it is a journey. It never ends. For us, we've got to constantly go back and educate and communicate. We will have communities of practice at the FCA that are very, very focused on making sure that all of our teams, be it through our suppliers and our technology teams, are all talking one language and upskilling. But then our technology teams and our frontline business teams are also working together to remove governance, to try and be faster, and also make sure that we are reducing the time it takes to deliver software and capability, to make sure that it's embedded at a pace that the organization can use it as well.

Trust is the most important thing here. As part of our planning process, we make sure that we all have one plan. We're all looking at the same set of metrics. I talked about the DORA metrics before, and part of my mission over the next year or so is to make sure that we continue to refine those and actually work with business metrics that they're embedding them further as well.

The final piece here is around culture. There are three things I'd like to call out here. Number one is success. Success stories, be they small in your daily standups or in sprint reviews, right through to our town halls, are so, so important. Everybody likes success, and that should absolutely be shouted about. I make a point of doing that at our standups, at our SLTs, and our wider FCA forums because if we don't talk about it, nobody else will.

The second thing is we shout about our near misses. Lots of the time I hear about silent running. It's a term I loathe. Silent running doesn't happen by itself. It happens because of all the great work our DevOps teams do every single day. So we again shout about that, say this didn't happen because we did this before. I think that's really valuable.

The third one is when you have failures. We have a healthy culture where when things do go wrong, and they do go wrong, we try to inspect them, we analyze them, and we learn from them. Again, we share those as well because that's the only way that we all improve. Ultimately, as I said, we're all in this together, and if my suppliers win, I win and therefore the FCA wins. So that's something that we're very, very focused on, the culture across all of our teams.

As I look ahead, our change agenda, Nikhil Rathi as CEO has stated that he wants the UK to be the leading data and digital FS regulator in the world. We've set a really, really hard bar for ourselves, and we continue to grow as an organization. We are going to have a multi-partner landscape, and over the next year we're going to look at changing some of our suppliers, and that's going to create an amount of change within our teams as well.

We're going to look to reduce our supplier concentration risk and also use tooling wherever possible. We all know that we've got to reduce those single points of failure.

Another example is last year, as we all know, there was a huge amount of attrition globally in the digital space. One of our suppliers was seeing 35% attrition. Because we'd developed this healthy culture of recognizing risks and issues, we talked about succession planning, what we do at the FCA for our key people, and we applied that same process with our suppliers. The outcome is that we are actively investing in making sure we don't have single points of failure, but also reeducating in the culture of using tooling and patterns to make sure that we're automating wherever we can.

Finally, it's to continue to refine and educate metrics wherever we can, to move away from the subjectivity that comes with language.

So I've got four asks that I'd like to make of you. Number one is, as a regulator, I'd love to speak to those of you who we regulate, certainly the technologists in the room, but also hear about some of your success and war stories. So that'd be great.

Number two is I'd like to hear about how you are growing and retaining your internal teams as well. Again, we're on this journey. We're looking to grow. We are looking to grow across the UK. So what are you doing, and how do you retain teams?

The third one has to be around some of the great success stories that you've had. And the fourth one for me is around, as a technologist, I want to hear about some tooling and methods that you've deployed specifically. If you've got any silver bullets, I'd love to take them back in my hand luggage back to London as well.

So look, I'm going to be around over the next couple of days. It would be great to interact, and if you do have any questions, we are really happy to talk with you offline as well. But thank you. Thanks, Gene.

Host Outro (Gene Kim)

Thank you. Thank you, Jagpal. By the way, usually the words "your regulator would like to speak with you" is not the thing you want to hear, but what a lovely invitation.