How Great Eastern is transforming its IT organisation

Singapore-based insurer Great Eastern made painstaking efforts to rid itself of legacy systems and transformed its IT organisation to become nimbler by building up its cloud and DevOps capabilities

By Aaron Tan, TechTarget

To life and general insurance company Great Eastern, digitisation is more than just digitising paper forms and manual processes. Ultimately, any digitisation effort has to benefit its customers and agents – the two main stakeholders of its transformation strategy.

“If our internal teams come to us and show us 60 forms that they want to put online, we’ll ask them not to as that’s not digitisation and won’t benefit customers,” said Gary Teh, managing director of group IT at Great Eastern.

That focus has guided the insurer’s digital transformation journey, which began in 2018 when it started empowering its agents with digital tools to facilitate remote sign-ups of policies. The initiative paid off during the pandemic, as it has enabled agents to continue transacting with customers during lockdowns.

On the customer front, Great Eastern has also built an app for customers to manage their policies and premium payments, among other capabilities. Teh said a lot of effort has been put into the app to ensure it delivers a good user experience.

That includes making sure the company’s back-end infrastructure can support the front-end capabilities of its digital tools, starting with “painstaking” efforts to get rid of its legacy systems, including a general insurance core system that ran on an IBM AS/400, said Teh.

“We went through a complete core system replacement and put in a modern architecture that’s cloud-native and API [application programming interface]-enabled to support interactions with our front-end tools,” he said.

At the same time, it also modernised its ageing life insurance system by “hollowing out the core” and rewriting key processes into microservices. Teh said the move has made it easier for the life insurance system to connect with front-end applications – and most notably, enable actuaries to model new products.

He said: “We are probably one of the few insurers where our product development teams can use a product engine to model a new product and commit their models automatically to the back end with the click of a button.”

Like many financial services organisations, Great Eastern has been investing in cloud-based infrastructure and container platforms. It has built its own private cloud because of regulatory uncertainty around public cloud usage at the time when it embarked on its cloud programme.

“Everything that we have in our private cloud today can be switched over to public cloud whenever we are ready,” said Teh, noting that the company expects to operate a hybrid cloud environment in time to come.

Meanwhile, the private cloud investments have paid off, enabling the insurer to not only launch new products quickly, but also scale up its infrastructure to meet peak demand, especially for popular savings plans that could generate a multifold spike in sales volume. “With cloud, we can easily spin off more containers to capture the volume,” said Teh.

Also, Teh said the move to cloud has reduced hardware investments by 33%, accelerated software development and enabled actuarial teams to launch simple products as soon as within a week.

Great Eastern’s move to the cloud is not yet complete, however. The company is still in the process of re-platforming more than 100 applications rather than take a lift-and-shift approach, said Teh.

“The cloud programme is touching everyone in my team, and everyone is encouraged to at least bring their applications to the PaaS [platform-as-a-service] or container level,” he said. “We are taking a lot of time to do code refactoring, so this part of the journey is going to be longer.”

Amid the faster pace of digitisation, security has remained top of mind for Teh – a seasoned IT executive who is passionate about cyber security.

“As early in 2018, we knew we had to do something about cyber security when we launched all these digital tools, so we invested in things like multifactor authentication and secure VPN [virtual private network],” he said, adding that the foresight had enabled the company to support a remote workforce at the onset of the pandemic.

Secure development is also on the agenda, with security being embedded into Great Eastern’s DevOps processes. Besides deploying container security controls, the company has also implemented a cloud access security broker, as well as processes such as software composition analysis and static application security testing. Teh expects his team to be set up for DevSecOps before the end of the year.

A key part of Teh’s change management strategy is the well-known concept of two-speed IT, in which one team works on a fast track that allows agile and innovative projects to be implemented quickly, while another continues to keep existing systems stable, without disruption to the business.

But over time, most organisations will see the need to evolve to a common IT operating model, particularly with the shift to cloud. That includes not only IT, but also other business functions such as finance, which would want to know how spending on cloud infrastructure, for example, could be tracked and accounted for.

To address cloud cost governance, Great Eastern has put in place a cloud management platform that enables users to pick the cloud resources they need for their projects and the cost of the resources is charged back to each project. “With the transparency, finance was very comfortable as they would know exactly how much we are spending on each project,” said Teh.

Moving forward, the insurer will explore the use of public cloud services, particularly virtual private cloud (VPC) services offered by major hyperscalers. “We’re doing a pilot on a VPC to test the concept of cloud bursting for data modelling which requires more compute,” said Teh.

This article was first published in Computer Weekly on 23 September 2022.