Folksam: Enhancing Compliance, Risk Management, and IT Efficiency

Fragmented IT Landscape, Compliance, and Data Transparency

With over 100 years in business, Folksam is one of Sweden’s largest pension and insurance providers. 

Decades of IT evolution and acquisitions meant they were now facing several key challenges:

• Large and Complex IT Landscape: As an early adopter of technology, Folksam had some systems dating back to 1956. Almost 70 years later and several acquisitions later, their tech stack had grown increasingly fragmented, complex, and difficult to manage.
• Siloed Architecture Information: IT documentation was scattered across disconnected systems, making it hard to have a clear overview of all their applications.
• Outdated and Unreliable Data:  Inconsistent, manually updated architecture data hindered strategic decisions.
• Regulatory Compliance Pressure: Compliance is particularly critical and time-consuming for financial services companies like Folksam. On top of this, they were facing increasing scrutiny, particularly from EU regulations like DORA, which required greater transparency and control. Manual reporting would take too much time, so the team working on DORA needed a better, faster approach. 

How Ardoq Helped Them To Increase Agility and Improve Decision-Making

Folksam wanted an EA platform that would work not just for the architects but also for the wider organization. They found Ardoq to be data-driven and simple to use, with a low barrier to begin working with, a perfect fit for their needs.

With Ardoq's out-of-the-box solutions, Folksam was able to build a real-time, integrated view of their IT landscape, increase agility, and improve decision-making. Key initiatives included:

• Application Portfolio Management Solution: Quickly establish a centralized repository of all applications, eliminating manual tracking.
• Regulatory Compliance (DORA): Mapping applications from their CMDB, integrating infrastructure data, and linking processes from their business processes tool in Ardoq to demonstrate resilience and compliance.
• Risk Management: Developing a transparent quantitative risk model in Ardoq to measure inherited vs. actionable risk, reducing IT vulnerabilities.
• 90% Automated Regulatory Reporting: Ardoq's built-in survey capability eliminated manual compliance reporting, saving time and effort needed to collect and maintain data from across the organization.
• Process Optimization and Rationalization: Connecting applications to processes revealed redundancies and inefficiencies, leading to cost-saving improvements.
• Application and Technology Lifecycle Management Solution: Gaining better control over software versions, end-of-life planning, and technology evolution.
• From Strategy to Execution: Planning to integrate strategic objectives into Ardoq to track progress and alignment.

Key Outcomes With Ardoq: Improved Compliance, Risk Reduction, and IT Efficiency

• 📊 90% Faster Regulatory Reporting: Automated compliance tracking significantly reduced reporting efforts.
• 🛡Proactive Risk Management: Developed a more quantitative risk model in Ardoq that enabled them to see risk levels on individual applications as well as connected business processes. This real-time overview helps teams see when risk levels are too high on business-critical processes and empower system owners with the actions they can take to address the risk. This newfound transparency has helped improve the prioritization of risk mitigation across the organization. 
• 📈 Enhanced Compliance Posture: Improved readiness for DORA and other financial regulations.
• 🚀 Greater Operational Transparency and Efficiency: Mapping applications and processes meant being able to see the potential business impact of IT system failures. Insight into processes helped them reduce costs through process optimization and rationalization of redundant applications. 
• 🤝 Increased Engagement and Adoption: Ardoq's user-friendly interface empowered business users and IT teams to self-serve insights and proactively work on risk mitigation instead of waiting for directives from above. Folksam's Architecture also nurtured engagement with other teams by showing them how much more useful and efficient Ardoq could be with data collection compared to static spreadsheets.
• 🔍 Clearer IT Roadmaps: Better control over application and technology lifecycles for future-proofing IT investments.

"EA data quality improved, and more and more requests for reports and visualizations came from people outside of IT. Today a lot of our business teams rely on Ardoq."
- Alexander Halldén, Enterprise Architect at Folksam

Top Takeaways for A Successful EA Practice in Financial Services

• Start Small: Begin with critical capabilities and nurture ambassadors within the organization.
• Align EA With Business Needs and Demonstrate Business Value: Enterprise Architecture and architects should support growth, compliance, and efficiency—not just IT management. It's important to be able to show this in a simple way so that even people not working in IT will understand. 
• Prioritize Real Data Over Diagrams: A data-driven approach is more reliable, efficient, and value-creating for the business than traditionally static and manual architecture practices.
• Leverage Automation for Faster, Effective Compliance: Regulatory tracking should be real-time, not a reactive, manual effort.
• Simplify the Stakeholder Experience: Making EA accessible to business and IT users ensures broader adoption and engagement. The organization's choice of platform makes a critical difference here in whether business users will engage with EA or not.
• Embed Risk Management: A transparent risk-scoring model helps align security and compliance efforts.

About Folksam

Folksam is one of Sweden's largest insurance companies offering a wide range of insurance and savings products. Customer-owned Folksam focuses on long-term sustainability and providing security for individuals and families, covering areas like home, car, and life insurance, as well as pensions and investments. They emphasize social responsibility and ethical business practices. Their vision is that their customers should feel secure in a sustainable world. 

With Ardoq, Folksam successfully transformed a legacy IT challenge into a strategic asset, improving compliance, risk management, and operational efficiency. Their journey highlights how data-driven EA enables financial institutions to navigate regulatory complexity while driving business value.