The social development bank for Europe

Robust business continuity planning ensured that, when the COVID-19 crisis hit, the CEB was able to continue focusing on its core business, disbursing loans for social projects, supporting borrowers and issuing bonds on capital markets.

business continuity.pngThe COVID-19 pandemic spread at overwhelming speed and enormous scale. The CEB, like most organisations, switched overnight to remote working for all required by the emergency health response to the pandemic taken by the French authorities mid-March. In fact, prior to the lockdown, fewer than half of CEB staff regularly worked remotely. 

Early action 

From the beginning of the COVID-19 outbreak in Asia, the CEB’s Business Continuity Management (BCM) actors – its Operational Risk, IT and HR divisions, and critical business lines – worked together to enhance the Bank’s resilience and prepare for outbreak possdible spread in France and Europe. While the initial focus was on equipping and supporting staff involved in critical operational functions, this was followed by ensuring that robust health and safety measures were in place. These ranged from enhancing hygiene in common areas, to travel restrictions, and continuous monitoring and communication. 

All business lines updated and adapted their pandemic plan to respond to the new BCM scenario. This focused on a rapidly evolving pandemic, a higher-than-usual contamination rate, and the risk of premises and key people being unavailable for a sustained period.

Crucial business continuity testing

The Bank’s strategy during recent years has been to perform intensive testing of business continuity plans, which has included quarterly tests for the most critical users. This has been accompanied by progressive improvements in IT infrastructure resilience, using virtual servers and implementing a solid network of independent data centres. Important investments to renew the Bank’s IT infrastructure and to deploy modern end-user equipment were also already in progress when the COVID-19 crisis hit. 

A substantial programme of IT investment implemented only a few years ago meant that key IT infrastructure elements which allowed secure remote connections were already in place too. 

Engagement, expertise and collaboration 

iStock-1213485421.jpg“In reacting to the abrupt transition to all staff working remotely, we were fortunate to rely on the full engagement and level of expertise of the IT teams and the high level of collaboration between IT and other key functions of the Bank, in particular Operational Risk and HR,” says Marco Minchillo, Head of IT Division. 

The Bank worked with IT service partners to source additional IT equipment and a dashboard of staff ready to work remotely was created as a priority. In the first two weeks of lockdown the IT Service Desk worked relentlessly to configure and deliver new laptops, and to arrange for equipment to be delivered to staff with specific operational needs. 

A bank-wide video conferencing tool, Zoom, was rolled out in record time to support decision-making and ensure ongoing communication and collaboration among staff and with external parties.

Keeping clear and coordinated communication flowing was key. The Bank’s Corporate Services Directory helped to coordinate all messages via email and the Bank’s internal communications portal, Mosaic. 

Being able to adapt to drastic change in such a short time reflects the ability of Bank staff to rapidly change their mindset. 

Each person quickly accepted and adapted to the situation. Process simplifications and digital workarounds – elements that would normally take time to gain consensus – were quickly identified and implemented due to the pressing need to find new ways of working. 

Safeguarding against cyber attack 

The Bank has increased the use of external resources in some areas such as IT security and monitoring to ensure the resilience of IT operations and to protect the Bank’s information systems from an increased risk of cyber attacks. IT, in collaboration with the Chief Information Security Officer, issued guidelines to staff and reinforced some of the Bank’s IT security platforms. 

Teams paid particular attention to ensuring an adequate internal control framework, while using workaround solutions, maintaining staff morale, and ensuring the health and safety of all staff. Key person risk was managed by close health monitoring, enhancing multi-skilling and identifying alternative sources of competencies. 

Next steps 

“The outbreak has brought digital transformation to the top of the business agenda, demonstrating that it is an operational necessity, not just a ‘nice to have’. 

"The Bank’s IT strategic objectives and work plan already reflected the ambition to create a digital workplace, facilitating mobility and collaboration. This has a strong focus on the automation of the Bank’s project cycle to enhance project quality, operational efficiency and monitoring. We will continue to pursue these goals,” Marco Minchillo says.

Based on a detailed scenario analysis, which takes into account both external and internal parameters and the best practice of the Bank’s peer institutions, there are now plans for a progressive, phased return to work on CEB premises. 

Terje Hagen, Director of Corporate Services, concludes, “It has been impressive to see how the Bank has adapted to the dramatic changes imposed by the Covid-19 crisis. It’s one thing to quickly put all in place so that work can continue, but even more important is the personal adaptation that is needed. 

I find it remarkable how well colleagues have handled the new environment and carried on working, enabling us to continue to focus on our core business. 

But we also need to prepare for a return to normal. We continue to develop scenarios so that we are as prepared as possible for a change of direction, hopefully towards a recovery in the not-too-distant future.”