For LOLC Technologies, their ground-breaking approach to innovation-driven business process reengineering (BPR) has not only changed how the LOLC Group executes core functions. It has also uplifted efficiency both locally and globally with the implementation of its paperless document management system and the integration of robotic process automation into the overarching group workflow. The brilliance of LOLC Technologies shines through in its commitment to innovation to drive greater efficiency. A deep commitment to long-term strategic thinking, prioritizing data-driven decision-making and embracing automation in the push for group-encompassing adoption.
The Paperless Future of LOLC
A business that was, initially, striving to achieve a goal of furthering the sustainability indexes of its operations by saving paper stumbled into a more significant and more functional challenge that needed to be resolved for the LOLC Group as a whole. A vast organization such as LOLC faces the necessity to accumulate an enormous volume of paperwork. This is mainly due to the many regulatory and procedural requirements of their businesses’ verticals. But the heavy reliance on paper led to a rapid rise in costs and inefficiencies across the organization.
Speaking to Arteculate, Deputy CEO / CIO of LOLC Technologies, Prasanna Siriwardena, shared, “The Central Bank has dictated that certain documents have to be securely maintained for up to 6 years. Additionally, these customers’ documents need to be referenced, stored, couriered, and vetted multiple times. Unavoidably, the reliance on paper meant bottlenecks, delays, and unnecessary experiences that inevitably trickled down to a poor experience for customers.”
Transformation through innovation
In 2017, LOLC Technologies committed resources to resolve this issue once and for all. The initial phases of the overhauling of paper usage began with the purchasing of hardware. Such devices would ensure that each branch under the LOLC outlet could carry out the necessary preliminary steps to engage with the document management system (DMS) that LOLC Technologies was adopting.
The fundamental solution of the DMS is as simple as it is powerful. All necessary documents would be scanned and uploaded to a private cloud hosted within LOLC’s data centers. Thereby, users at all levels within the organization could securely access, review, retrieve, and even approve applications irrespective of their geographical location. LOLC Technologies had a dedicated project management team driving the paperless initiative forward to accelerate its adoption across the wider group. It established open support lines, conducted workshops to fast-track learning of the DMS processes, and conducted interviews to identify and resolve any issues quickly.
LOLC Technologies carried out these efforts until the project was launched on a wider scale in 2020. What initially started with a pilot project of 5 branches has now scaled across all units on the island. Furthermore, it is also active in regional markets such as Pakistan, Indonesia & the Philippines.
The Value of BPR to the LOLC Group
While having a wide-reaching impact, the paperless project was the first step on a long journey. Building upon its success, LOLC Technologies embarked on a Business Process Reengineering (BPR) effort across the group. The goal of this endeavor was to fill the gaps in processes that were creating an unnecessary delay with the workflows from a marketing executive level to a C-level within the LOLC Group.
The way forward in the BPR implementation for the LOLC Group paved the way for further automation. The paperless protocols were made a mandatory part of the BPR. This steppingstone ensured that the overall scope acted as a mutually beneficial stress testing environment for both projects. By leveraging Robotic Process Automation (RPA) technologies, the LOLC Group could automate the workflows from client onboarding approvals to credit appraisals boosting end-to-end efficiency by 35-40%.
“With the implementation of BPR, we were able to cut down the time taken for a reconciliation filing drastically. Now, we have automated the calling of an individual’s CRIB and also track how much time they spend at a branch to ensure that all data points are being collected to optimize the efficiency of our services”, reports Prasanna.
This tremendous increase in efficiency is primarily due to the DMS and BPR introduced to the LOLC Group through LOLC Technologies. Looking beyond Sri Lanka, the BPR efforts have also extended to Zambia. LOLC’s subsidiaries now only need to go through 3 steps to handle customer onboarding, financial validation, and fund disbursement. This is currently being planned to be launched to other geographies as well.
Staying on par in Network Security & Global Operations
The age-old adage that prevention is better than cure is undoubtedly an ethos firmly embedded at the very core of LOLC Technologies. They have mainly been a pioneer in the industry for over a decade. It was the first company in Sri Lankan financial sector to achieve and hold the ISO 27001 standard for information security over a decade ago in 2011, well before any banks on the island. Furthermore, LOLC Technologies achieved the ISO standards in Service Delivery (ISO 20000) 2016, Service Quality (ISO 9001)-2015, and the PCI DSS in 2021, making them a uniquely positioned ICT unit in the regional landscape delivering an unprecedented amount of trust.
COO of LOLC Technologies, Parakum Pathirana, added, “Cybercrime has become the greatest threat to any company, any industry or any profession in the world. LOLC Technologies identified information security as a crucial element, more than a decade ago and this was a strategic decision made by our chairman. Information security plays a pivotal role in any project we execute, and our investments in the domain are second to none and industry-leading in many instances in Sri Lanka and the region. In addition, we have implemented virtualization and a cloud-first approach well in advance with full leadership backing.”
In terms of its global operations, LOLC Technologies acts as the security hub for all entities and has enabled its branches in Cambodia to achieve the ISO 27001. When it comes to the security of their global entities, security measures are allowed starting from a minimum requirement. These are then built upon on a bottom-up basis to ensure that the varied needs of their respective jurisdictions are met alongside the standard protocols expected of an entity under the LOLC Group.
Another remarkable achievement of the foresight of LOLC Technologies and its management was the embracing of cloud computing. This allowed them to be readily prepared to face the struggles of the pandemic that impacted the world in 2020. As many businesses across the globe scrambled to switch to the work-from-home model, LOLC as a group had already established the building blocks for this transition by having moved all their computers into a wireless and laptop-based workflow and being able to instantly switch to working using the cloud, without any lag.
Proactive measures to ensure information security and compliance
Information security has been a priority of the LOLC Group for over a decade. To that end, a separate functional unit known as INFOSEC was established. Its purpose is to oversee information security and compliance-related matters across the group. Since its inception, INFOSEC has undertaken several initiatives to enhance and ensure the security of the organization’s critical information. Some of these initiatives were industry firsts, which were adopted by other financial institutions later. Further, these efforts greatly assisted the LOLC Group’s digitalization drive as the core security infrastructure was already in place.
This robust infrastructure was put to the test during the early days of the COVID-19 pandemic. Strict lockdowns meant allowing the group’s workforce to work remotely and securely. Thus, it had adopted a Zero Trust approach to securing its data. The key philosophy of a Zero Trust approach is, “trust no one.” Any user, whether they be within or outside the organization, was required to be authenticated, authorized, and continuously validated for security before being granted access to applications and data. Such an approach ensured enhanced security while allowing the employees to carry out their daily tasks remotely.
Additionally, an internal Security Information and Event Management (SIEM) solution has also been in operation for almost a decade. The system is a proactive step toward preventing cyberattacks by carrying out real-time logging, monitoring, and generating alerts of any suspicious activity. LOLC Technologies is now committed to building upon these efforts to ensure the safety and security of the data, and critical infrastructure across the wider group. Elaborating on these efforts, Parakum shared, “We are currently evaluating the possibility of implementing a group-level Security Operations Centre (SOC). This will take the current SIEM to the next level by introducing analytics, correlation, and predictive capabilities which would help better protect the organization as well as be better prepared against any attacks that may come through.”
Foresight and execution by LOLC Technologies
It is fair to say that the combination of foresight and execution is a hard formula to muster. However, LOLC has achieved this need with grace and effectivity. Since 2006, their innovative thinking coupled with the board-level support has elevated LOLC Technologies and the entire LOLC Group into one of the most outstanding conglomerates on the island.
Their plans for the future do not stop there either, with hopes to launch a cutting-edge new banking solution, on cloud-based architecture, mobile-enabled, with next-generation analytics-driven encompassing information security controls at the very core. LOLC Technologies is constantly pushing the envelope of what it truly means to be a technology-driven organization in the coming decade.