Meet our customer hero
The company is currently undergoing exponential development and recording 20 to 30 percent growth per year. SYNEDIS illicado has thus grown from being a very small company to a medium-sized enterprise, which has led it to recruit new staff accordingly. In 2022, almost 60 new employees are expected to join the company.
Faced with this development, it became essential for the company to adapt its information system. Today, SYNEDIS illicado relies on a Sage solution for its accounting and Salesforce for its customer relationship management. It also has about 50 major applications that generate nearly 400 workflows.
“These workflows can be those of our customers or of our CRM tools. They can also be catalog workflows, distributor workflows, etc., says Olivier Huleux, Head of Information Systems at Synedis. For each of these workflows, we need to indicate the criticality, the periodicity, the applications and the activities slowed down as well as the impact on our turnover in case of proven risk, and the service level agreement (SLA) to be implemented. To this end, we needed to be able to rely on a solution that would enable us to map all the business processes linked to our applications and the resulting workflows to allow us to identify the risks and their impacts, particularly on our logistics or our accounting department. The ARIS business process management and analysis solution from Software AG met these requirement specifications.”
At the same time, due to its activities and future status as an electronic money issuer, SYNEDIS illicado has to comply with legal and regulatory obligations, particularly in terms of financial security.
“For our B2C activities we essentially have to ensure that the value of the cards sold does not exceed €150. We will be regulated by the Autorité de Contrôle Prudentiel et de Résolution, the French banking supervision authority, which has led us to set up a Compliance and Internal Control department to identify and manage the risks inherent in our issuing activities,” explains Olivier Huleux. “The management and control of these risks also required a solution that would allow us to map and monitor them.”
Until 2021, SYNEDIS illicado's IT department was already using a solution to map its applications and workflows. “We were not, however, completely satisfied with this tool,” says Olivier Huleux. “On the one hand it was not adapted to our monitoring and control of regulatory risks. In fact, it was at the request of our Compliance and Internal Control departments that we decided in 2021 to implement a solution capable of meeting the expectations of both the IT department and those of Internal Control.”
Already a user of Software AG's webMethods application integration platform, the choice of Software AG’s ARIS business process management and analysis solution was not difficult to make. “A choice endorsed by the capacity of ARIS to equally meet our needs for mapping applications and workflows, as well as for risk management and control.” says Olivier Huleux.
The ARIS solution is hosted on a Software AG server in the cloud. The Software AG consultant configures the tool according to the needs of SYNEDIS illicado. In particular, the company requested that all functions not needed be removed from the tool and voluntarily reduced the scope of information to be entered.
Internal Control is in charge of modeling each of the company’s business processes, mapping the risks and defining the associated control measures. The IT department and the CISO in turn identify the risks related to identity theft, gift card values, etc. “For each business process of an application or workflow, we enter a certain number of indicators in the tool: the person responsible for the application (the product owner), the services that sponsor it, the application bricks and their criticality, the documents linked to the applications, the external contacts such as those of the editor concerned, explains Gauthier Desomer, Technical and Architecture Manager at Synedis illicado. “Thanks to ARIS we are becoming more professional in mapping business processes, applications and workflows, and allocating the inherent risks to them.”
In September 2021, the Internal Control and IT departments had each already mapped 80 percent of their business risks and workflows. This set-up phase, on which two people work one day a week, will be completed by the end of the year.
From now on, each new workflow or application will be mapped in ARIS even before it goes live. This mapping complements SYNEDIS illicado's documentation and will enable the company to present reports demonstrating that its IT system is under control in the event of an audit. “For example, we can extract reports showing that the value of the gift cards we sell does not exceed the legal amount," explains Gauthier Desomer. “In this way, we are preparing ourselves for future periodic controls that will be carried out on our activities. This is serious proof of our professionalism.”
illicado also verifies that each workflow that may present a risk is closely monitored. “In the next quarter, once the risk has been identified, we will assign alert sensors,” continues Gauthier Desomer. “Their purpose will be to check that the data flow between two applications is correct and to alert us if necessary.”
As part of its development strategy, SYNEDIS illicado also intends to digitize all its internal processes and strengthen the use and analysis of its data. This project requires the use of more applications, business intelligence and data science. “We will centralize our data in a data lake, including data from our OuiCSE and Platine platforms," explains Olivier Huleux. “We will therefore have at least fifty additional workflows to model and map. This can then be done faster and more easily with ARIS. Ultimately, we will be able to further improve the management of our application portfolio and our sales staff will have the necessary levers to improve their work.”