The Hierarchy: How State Street Made 11,000 Decisions

Ask for a definition of IT governance, and as likely as not you'll get a description of its components - a group of things that, together, add up to governance. At State Street, those components are a group of committees through which decisions cascade as strategy generates policy, which is then executed. And migrating 11,000 Deutsche Bank client portfolios was going to take a lot of execution.

At the top of State Street's governance pyramid is the Operating Group, which consists of the CEO, vice chairman, CIO, CFO, the head of human resources and the three heads of the major business lines: custody, asset management and global markets. This is the group that green-lighted the Deutsche Bank acquisition. It meets weekly to discuss strategy. A subgroup of this committee, called the Executive Steering Group (with nearly the same roster), meets once or twice a month to talk specifically about IT and operations.

The next level down is the IT Council, composed of Antonellis and his six direct reports. This group convenes twice a month to discuss IT best practices, cross-enterprise projects and IT change management.

Below that is an Office of Strategy and Governance, made up of IT and product managers from each of State Street's three business divisions, which reviews and studies new technologies, establishes the enterprise architecture blueprint and maintains the systems development methodology.

Finally, an Integration Project Management Office, established for the Deutsche Bank acquisition, functions as something of a fractal of the whole structure, with managers from each discipline - including IT, sales, human resources and client services - working out the various and sundry details of each component of the integration.

The rule of thumb at State Street is that any decision involving up to $US5 million goes up to the IT Council. Decisions that involve up to $US10 million rise to the Executive Steering Group. Decisions $US10 million or more are handled by the Operating Group. Strategy trickles down.

"At the very top of the house, there's an expectation of cost reduction. And the way to achieve that is to make sure that you have synergy with your applications and your platforms," Antonellis says about the Deutsche Bank integration. "You drop down to the IT Council, the first level, and they said: 'Let's go out and inventory everything we have.'" From there, the business experts in the Integration Project Management Office compared and contrasted specific Deutsche Bank features against what State Street already had, looked for redundancies and decided when a Deutsche Bank functionality should be brought over and built into State Street's product set.

Before former State Street CIO John Fiore started to wrap his arms around IT governance in 2001, decisions were made "in each business silo", says Antonellis, who was executive vice president and head of Institutional Investor Services before becoming CIO. "There was little integration. Redundancy. Too many platforms. You interacted with staff based on personal relationships. If I happened to know that my brethren over in global asset management were utilizing some software, I would pick up the phone. Now it's much more prescribed. There's a certain amount of flexibility, but now we have standards."

Not that IT governance is all about standardization and centralization. "You have to be careful," Antonellis warns. "You can't be too structured and too rigorous or you'll stifle innovation, and then you won't be nimble." The point of all these committees isn't to determine that the company should, for example, standardize on IBM's WebSphere for Web services, he says. It's to have processes in place to decide if the company needs a standard. And if so, who will choose it (that is, decision rights).

One size does not fit all. "Depending on your organization, you create the framework for IT governance - how centralized you want to be, how many standards and requirements you want to impose on people, and how [IT] interacts with the business units," Antonellis says. The structure needs to be created based on the culture of the company. For instance, he says, "some people would never impose IT on the CEO, but our CEO loves it. He used to be an assembler programmer in his first job out of college. He wants to be involved in IT decisions."

Weill agrees that there's no one right way to do governance. "The structure is not important," he says. "What you really care about is decision rights: Who has the right to make decisions?"

In the Deutsche Bank acquisition, State Street had a ready-made governance model: its own. Because it was acquiring a business unit (not merging with another business), and because the CIO of the acquired business unit was staying at Deutsche Bank, it was clear from the get-go whose governance model would prevail (Antonellis's). With clearly defined decision-making committees in place, and clear criteria for how decisions moved up and down the hierarchy based on the expense involved, State Street executives already knew who would be making the critical decisions and how they would be making them. Now they just had to do it.