The extent Automic’s group CIO goes to reconcile data

Automic is the largest listed registry provider in Australia, with an integrated cloud-native platform that manages listed registry, funds, employee share plans, and investor analytics. In addition to its technology solution, it has a range of professional services that covers company secretaries, investor and media relations, employees, environment, and social governance, among others.

On the IT front, group CIO Marcelo Dantas and his team look after technology across the entire business, which includes product engineering, service, security and infrastructure. So by virtue of such complexity, it’s essential to align with like-minded and capable partners. But hard lessons were learned early on to not only seek out the right ones, but understand that partners are needed in the first place.

“I’ve been almost 23 years in the IT industry across many domains,” Dantas says. “In the early days when I had a technology leadership role, I was in an environment where we were constrained by budget and I wanted to create a team with specialized skillsets. But investors were adamant you could build a tech company with just engineers. My vision then, though, was having roles such as QAs or business analysts, so I ended up taking over those roles myself because I wanted my developers to have unlimited runway to develop so we could deliver to the business. But that created problems because I was using all my personal time. Yet from the investor standpoint, there was no problem; he’s delivering. When I reflect on it, I should’ve had some level of controlled failure; let things fall off the tracks a bit to prove there’s value bringing in additional skills.”

Today, the approach is to find partners that are, on one hand, aligned with the company and bring a similar level of care to source code or data, and on the other, a technological capability and cultural fit. “I always say I wouldn’t select a partner if I wouldn’t recruit him as a full time employee,” he says. “So they’d go through a similar process to make sure they can work with us and thrive in our environment. My preference is always to have them work embedded in our ecosystem and not to outsource the solution to them.”

Keeping up with the technology base is one of the biggest challenges facing a modern day CIO, he says, due to the acceleration of transformative tech like gen AI, so continuously modernizing to remain not just relevant but competitive is vital. “If you don’t, you get trouble recruiting people because young talent won’t work with furniture that isn’t exciting,” he says. Another issue is talent retention. “There are lots of companies competing for the same talent in Australia, so how do you stand out?” he adds. “It’s not always about the money. If you offer more to young people but don’t give an environment where they’ll thrive, it’s likely they won’t last in your organization.”

Building trust within and among teams and promoting collaboration are integral to success. Most importantly, though, show it’s okay to fail. “If you create a culture of fear where you can’t make mistakes, it’ll prevent innovation because everyone will operate within a very strict set of guidelines,” he says. “So once you stimulate them to experiment, try different things, and then if it fails, you just pick yourself up and move on.

O’Sullivan spoke with Dantas about Automic Group’s integrated cloud-native platform, effective time management, and the transparency needed to better enable the business. Watch the full video below for more insights.

On registry services transitions: When you’re a listed company in Australia of a fund manager, you can pick who your registry provider is and you’re free to move between providers. When that happens, the former registry needs to give us all the client data in the form of their choosing. We’ve got no control over how the data is going to look, nor how it’s going to be given to us. Then we have to make sense of the data, massage it and import it in our system. Usually there are a few steps that happen during a transition. The first is to reconcile the data. Our system has a mandatory data integrity check, so if you try to import the data that doesn’t reconcile, our system isn’t going to let you, so we don’t allow any shortcuts. Also, the data can come in with poor integrity or negative balances. So depending on where the data comes from, it can be terrible or very easy and can take half an hour if you’re lucky, or the whole day if you’re not. There are other variables, like time of day when the date is given to you. After we finish massaging the data, we import it into a test system and somebody from the register operations validates the data, checks they were imported correctly, and then we’ll put it all through the production system one more time.

On cybersecurity: It has to be a foundational pillar within the business, not something of consequence. You need to plan and have it at the forefront of your mind in everything you do. It starts when you onboard an employee and ensure they have enough access to work, but not more than what’s required to perform the job. As part of their onboarding, it’s important to train them on cybersecurity and programs to help educate them. Many data breaches occur due to a lack of training, so make sure your stuff is equipped to help protect your assets. It’s the same with offboarding. When somebody leaves, you need to ensure all access is removed and everything is returned back to the business. All of this stems from understanding where your data is. You need to have a clear view of all your information assets. Then comes risk assessment and identifying risks of confidentiality breaches, or the system becoming unavailable and affecting the overall strategy. One key area often overlooked is suppliers. Once you work with a third-party vendor, make sure they have security practises at least comparable to yours, if not better. If an unreliable vendor gets hold of your sensitive data and they have a breach, then you have a breach. You may get pressured by stakeholders to get a supplier to solve a particular problem, but don’t cut corners. Once you understand the data you have and availability requirements, this starts feeding into the architecture.

On time management: We basically transitioned 185 clients, and the intention was always to do it in a weekend rather than drag it out. It’s something well known to us, but when you try to do that 185 times, time is not on your side. So it demanded a lot of planning and preparation to get across the line. The first thing is to get all the data under control to export every client. Then you just need to find and reconcile the problems. But you can’t just find the problem and fix it. You need to fix the problem in a way that’s repeatable because you’ll be doing this multiple times before actually going live. Sometimes you run the reconciliation and get 15,000 transactions that aren’t reconciled, and then you have to go back and work out what they were trying to do, and what would be the correct way to put a solution together to fix it. After getting all the data under control, we needed to test it by loading it into a test environment and give it to our register operations team to validate if it all looked correct. If so, we’re ready to go. The second question is can you do it fast enough, so there’s the human element in how long would it take my team to go through those 185 and get them all reconciled to me. So I start working from the top. We’re a cloud-native platform and we have the benefit of scaling up our infrastructure, but you can’t just scale up to infinity because you have bottlenecks at certain points and you can’t get the database to run 100% all the time. So we play with the resources to find the sweet spot and find a target to get it all imported under six hours. It was a lot of preparation with a successful transition of 1.5 million customers and more than 10 million transactions. We also fixed tens of thousands of incorrect transactions in that process as well.

On the overall business strategy: You need a good understanding of the corporate strategy. My team enables the business because it’s a technology enabled business. So I need people to understand which phase the business is set in and what our immediate goals are. When you look at strategy since I joined nine years ago, from startup to the business we are today, it’s changed considerably. The risk profile was very different to what it is now. We were willing to take more risk at the beginning because there were fewer resources, but what we were trying to achieve is grow the client base, increase operation efficiency, and mitigate risks by automating more processes. Once you get that initial view, the next step is collaborating with other executives, and mapping objects and key results. I don’t work in silos because I rely on the operations team to leverage what my team builds, and to help me guide what they need day to day. I also need input from business development and what their clients are expecting to see in our system. My team is probably one that has more dependencies because we enable the whole business to operate.