The Financial Markets Authority (FMA) is optimistic the New Zealand Stock Exchange (NZX) is getting its technology act up to speed.
The NZX experienced an undeniably rough 2020, with volume-related technology failures followed by a protracted denial of service attack disrupting operations.
A damning review of the issues and the NZX's responses found the stock market operator did not have adequate capability across its people, processes and platforms to comply with its market operator obligations and was caught flat-footed during "foreseeable" cyber attacks.
"We spent a significant amount of time this year reviewing the cause and response for the various trading outages NZX experienced in 2020," the FMA reported today.
"We found NZX did not have adequate capability across its people, processes and platform to comply with its market operator obligations, and required it to submit an action plan for remedying these issues.
"Follow-up monitoring as part of our regular annual review has left us optimistic that NZX is on track to strengthen its technology capabilities."
It wasn't just the share market's technology receiving attention, however.
The FMA's operations and Intelligence teams pursued the FMA's goal to become an efficient and effective intelligence-led regulator by managing the development and operation of improved systems and digital tools.
This digital transformation aimed to make the FMA’s information technology functions and systems more cost-effective, agile, secure and modern through completing migration to the cloud.
"We reworked our technology around online forms, which will make it easier to deploy digital forms, and eventually lead to more streamlined and secure processes for entities to apply for licences and submit regulatory returns data," the regulator said.
"We have also improved our systems for remote working, to support our principles of flexible working, and maintained a focus on continuous cybersecurity improvement across our systems and processes."
A review of the FMA's data analytics strategy and capability, which included examination of the future use and related ongoing costs of running its existing platform, showed cloud-based analytics tools presented a better fit for the FMA’s size, budget and complexity.
The regulator's 2020 annual review by Parliament, the most recent published, noted the purchase of SAS professional services support for the SAS detection and investigation for government platform and associated existing products/capabilities that "will not be replaced as part of the current analytics implementation".
The shift, however, came with a significant one-off cost.
"The decision to move to more cost-effective cloud options means we have made significant ongoing operational cost savings. However, the value of the upfront capital investment of the existing tool was not fully realised, and this has resulted in an impairment of this asset of $850,000 in the 2020/21 financial year."
The FMA's review also noted it was replacing its financial management information system, Sage, and a locally developed integrated timesheet/project system.
Among other projects was one described as an "Azure IaaS lift and shift " initiated at the request of FMA's audit and risk committee in response to concerns over cyber security.
Know contracts awarded include one called "build – cloud infrastructure and security and managed support services", which went to The Instillery in January 2020 and the FMIS replacement, to Fusion5 in June 2019.
Last September, after balance date, the FMA also appointed a new CEO, Samantha Barrass, to replace Rob Everett.