By Cyril Tuohy
The technological infrastructure behind New York State’s $160-billion Common Retirement Fund is on the verge of obsolescence, inviting a serious security breach on the accounts of tens of thousands of state and local civil service pensioners, according to a recent report by the state’s chief pension regulator.
The accounts, held at the Office of the State Comptroller, might appear to be in serious jeopardy, but should policyholders really be all that worried?
Benjamin M. Lawsky, superintendent of financial services with the New York Department of Financial Services (DFS) and an increasingly visible presence on the regulatory scene, says yes.
“In a world of high-tech hackers and high-frequency trading, a nearly $160-billion pension fund is being managed with computer code from the 1950s and hardware from the 1980s,” Lawsky said, in a news release. His office has proposed new regulations to help protect the “millions of retirees and taxpayers who are today at risk.”
But that's not necessarily the end of the story. New York State Comptroller Thomas DiNapoli said, in a rebuttal to the Lawsky report, that account holders aren't really at risk. The state pension system is just “aging gracefully” as it undergoes a full-scale overhaul in phases.
Experts are on the case and there’s no imminent danger to the retirement system, which runs on a “secure and battle-tested system,” even if it was designed in the now-ancient COBOL programming language, DiNapoli said in a blog post.
Even if critics dismiss the DFS and Lawsky as alarmist, there’s no denying that his most recent audit has brought to light an issue that that makes the insurance industry appear outdated and the butt of many a techie joke.
COBOL is wordy and disparaged by many programmers today for being outdated, yet it remains one of the most widely used computer programming languages in the world, even if it frustrates the insurance industry and saddles insurers and pension funds with high IT maintenance costs.
David Kubersky, president of SimCorp North America, said in a recent report that the role of technology in the success of a pension portfolio often gets “little or no attention,” even as executives fret over low interest rates and public officials harp on market returns.
“While typewriters and Walkmans and VHS tapes have long been left behind, millions, if not billions, in pension assets are still managed on legacy systems that existed before Windows 1.0,” Kubersky said in the report.
Insurance and pension systems, with data going back decades, say their mainframes are generally stable and scalable. With each new generation of programming layered on to previous ones, many IT departments have been able to stretch pension computer systems far beyond the projected operating lifespans of the hardware.
While still relatively secure for the moment, pension officials recognize the need to upgrade their infrastructures and many have already done so after pushing back deadlines due to budget cuts or inertia.
Two years ago, the California Public Employees’ Retirement System, the nation’s largest, began the rollout of a $507 million upgrade to its pension IT infrastructure.
The improvements came after decades of patching and stringing together as many as 49 unrelated older computer systems. Implementation delays and cost overruns ran has high as $228 million. Completion is expected this year.
Earlier this month, the Massachusetts Teachers’ Retirement System announced that it, too, had begun a transition to a new computer system. The Kentucky Retirement Systems completed a modernization project three years ago.
In an age where consumers can buy products and services 24 hours a day on Amazon or eBay, critics say there’s no excuse for running pension systems on technology and programming language dating back to the first generation of UNIVAC mainframe computers.
“Information Technology is essential to the administration of New York’s massive pension system,” the authors of the DFS report wrote. The report also cited the antiquated core policy administration system that processes more than 1 million transactions a month, outdated operating system software that is no longer supported, inadequate disaster recovery plans and administrative foot-dragging.
“These deficiencies create serious risks for the system,” the DFS report said.
Cyril Tuohy is a writer based in Pennsylvania. He has covered the financial services industry for more than 15 years. He can be reached at [email protected].
© Entire contents copyright 2013 by InsuranceNewsNet.com Inc. All rights reserved. No part of this article may be reprinted without the expressed written consent from InsuranceNewsNet.com.