Information and technology governance

In 2024, Blue Label made significant strides in advancing its technology and information governance, completing Phase 3 of its Information Technology (IT) Governance Framework implementation. This phase, which focused on integrating IT process flows, reinforced our commitment to aligning technology investments with governance controls, enhancing our overall control environment.

The Executive Committee continued to oversee the execution of IT governance mandates, policies, frameworks and processes. Our integrated and collaborative governance philosophy has ensured we remain compliant with applicable laws and regulations while delivering value to our stakeholders. Blue Label maintained alignment with key governance frameworks, including:

  • Control Objectives for Information Technologies (COBIT) 2019;
  • King IV;
  • International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC) 38500:2015;
  • Information Technology Infrastructure Library (ITIL) standards; and
  • National Institute of Standards and Technology (NIST) standards.

As a result, we achieved ISO 27001 certification during the year.

We renewed our IT Governance Framework throughout the year, adapting to emerging challenges and evolving industry standards. This renewal has allowed us to maintain a high level of maturity in our governance practices, driving efficient project portfolios and systems change management.

The Information and Technology Division has been instrumental in navigating the rapidly changing technological landscape. Key initiatives in 2024 focused on enhancing operational efficiency, fostering a culture of innovation and supporting the Company's growth objectives. Notable achievements include:

  • Completion of IT process flows integration: We successfully implemented Phase 3 of our IT Governance Framework, ensuring robust process integration and alignment with governance controls;
  • Enhanced cybersecurity and fraud measures: We strengthened our cybersecurity posture through advanced threat detection and response systems, ensuring the protection of our data and IT assets. This included implementing a proactive fraud monitoring solution; and
  • Operational efficiency improvements: Blue Label leveraged new technologies to enhance operational efficiency, resulting in significant cost savings and improved service delivery. We successfully deployed our SDWAN network solution, thereby improving our customers' overall uptime.

Blue Label is committed to continuous improvement and innovation in its technology and governance practices. Our focus for the upcoming year includes further enhancing our cybersecurity capabilities, exploring emerging technologies and maintaining our alignment with leading governance frameworks. These efforts will ensure that Blue Label remains at the forefront of the industry, delivering value to our stakeholders and adapting to the dynamic technological landscape.

TECHNOLOGY AS A STRATEGIC TRANSFORMATION DRIVER

Blue Label has strategically embraced technology as a critical driver of transformation and growth in an era of rapid technological advancements and digital disruption. Our commitment to innovation and digital excellence has empowered us to navigate the complexities of the evolving digital landscape, ensuring we remain at the forefront of our industry. By integrating cutting-edge technologies and fostering a culture of continuous improvement, we have successfully reshaped our technology operations, enhanced our service offerings and delivered unparalleled value to our stakeholders. This section of the report outlines our key initiatives and achievements in modernising our applications, infrastructure enhancement, and cybersecurity, highlighting how technology continues to propel our business forward and secure our competitive edge in the market.

Fraud detection

We implemented a new fraud detection solution that deploys machine learning (ML) and artificial intelligence (AI) to enhance our fraud detection capability and automatically prevent fraud. Blue Label reduced its risk and exposure by enhancing its fraud topologies.

TicketPro ticketing platform

This is our new end-to-end ticketing system. Unreserved seating and cashless functionality are now live on the new platform. Other functions and features will be deployed in 2025.

Modernisation of our core application
In 2024, we started reimagining what our core applications could look like. We have taken a ground-up approach to building a new core technology platform that aligns with modern architectural principles and leverages the latest software design and development advancements.

Planned for release in 2025, key elements of Blue Label's new technology platform include:

  • Microservices architecture: Our new core applications are designed using a microservices architecture, which breaks down monolithic applications into smaller, independent services. Each microservice is responsible for a specific business function, allowing for scalability, flexibility and resilience.
  • API-first approach: This approach ensures that all services are accessible via well-defined, secure APIs and provides for interoperability with internal and external systems and developer productivity.
  • Cloud-native development: Our core applications are being built as cloud-native solutions for greater elasticity, resilience, redundancy and agility.
  • DevOps and Continuous Integration/Continuous Deployment (CI/CD): Blue Label's development process embraces DevOps principles, integrating development and operations teams to improve collaboration and productivity.
  • Advanced data management and analytics: We leverage advanced data management and analytics capabilities to drive data-driven decision-making and innovation, including through AI and ML integration.
  • Security and compliance: The preservation of cybersecurity remains an ongoing and critical concern, forming a substantial portion of our technology investments. Security is integrated into every layer of our new core technology platform, ensuring robust protection of data and systems.

TRANSFORMATION OF MARKET-FACING PLATFORMS

In 2024, Blue Label continued transforming its market-facing platforms by leveraging cutting-edge technologies and strategic innovations. Our hybrid cloud backbone and centralised API gateway architecture remain pivotal in driving this transformation, enabling us to integrate advanced technologies and adapt to evolving market demands swiftly. Blue Label invested in various platforms and innovations throughout the year to stay ahead in the competitive landscape.

Card acquiring

We implemented card-acquiring functionality for our merchants in informal markets. This enabled our merchants to access their wallets, transactional and account details.

Multichannel clawback for our BluAdvances offering

The BluAdvance project aims to provide advancements in electricity products to a predefined list of end users, facilitating their access to these advances. The project implemented a clawback mechanism via USSD banking, formal retail, website and petroleum channels. This enabled users to repay the advances with their next token purchase.

BluNova marketplace

Our customised WS02 API Manager provides our BluNova subsidiary with an API marketplace where developers can discover, test and subscribe to the APIs on offer.

BACK-OFFICE TRANSFORMATION INVESTMENTS AT BLUE LABEL

At Blue Label, our back-office transformation is driven by the need to refine and enhance our internal operations, systems and processes. This transformation hinges on the strategic implementation of advanced technology and automation to boost efficiency, reduce costs and elevate overall performance. Over the past year, we have directed considerable investments and efforts toward several critical areas.

Upgraded to software-defined wide area network (SDWAN) devices

SDWAN, an innovative wide-area network solution, harnesses the power of software-defined networking technology. It enables communication over the internet by utilising overlay tunnels, which are meticulously encrypted when directed toward internal organisational destinations. Through this comprehensive network upgrade, we seek to enhance availability and uptime, fortify our security resilience and augment our observability.

Blue Label Connect (BLC) cloud migration

Embracing the immense potential of cloud computing, we have launched and successfully deployed a cutting-edge cloud-based ecosystem. This monumental shift has unlocked new dimensions of scalability and flexibility and revolutionised how we deliver products and services, transforming our business landscape. All of the BLC platforms have now been migrated to the cloud.

Enterprise performance management tool

In 2024, we achieved a significant milestone by successfully deploying a new budgeting and reporting system. This advanced tool is designed to enhance accuracy, speed and productivity in our financial processes. Initially implemented and refined within Blue Label Distribution (BLD), the system is set to be progressively rolled out across the entire Group, ensuring consistent and efficient financial management throughout our organisation.

Networking and cybersecurity

Blue Label has significantly enhanced its networking and cybersecurity measures, implementing a robust zero-trust framework. These improvements have been instrumental in maintaining the integrity and uninterrupted functionality of the Company's core infrastructure and services. Through rigorous security protocols and a proactive approach, Blue Label has achieved an impressive record of 99.31% uptime, ensuring that our operations run smoothly and without disruption. This high reliability and availability are testaments to the Company's commitment to maintaining a secure and resilient environment for its customers and stakeholders. Furthermore, implementing a zero-trust cybersecurity model has played a crucial role in safeguarding sensitive data and preventing any unauthorised access or breaches.

These strategic elements are underpinned by our constant drive towards customer-centric design and user experience, which stands central to our world-class business solutions across our businesses.

RISK AND COMPLIANCE

IT Governance Framework implementation roadmap

Blue Label has approved an IT governance framework based on the widely recognised COBIT standards. By completing Phase 3 of the implementation, which focused on designing and implementing the IT process flows, this framework is now being actively implemented within our organisation. It enables us to drive control delivery through project portfolio and systems change management, ensuring our technology investments align with robust governance controls.

Cybersecurity and compliance

We recognise that cybersecurity threats pose an ongoing and significant risk to our organisation. As a result, we have prioritised substantial investments in technology to address this critical issue. Over the past year, we have thoroughly reviewed and reinforced our information and infrastructure security controls, ensuring stringent standards are in place. At the same time, we have taken significant steps to strengthen our environment's security posture. Detection capabilities and response processes have been implemented to identify and address potential cyber threats swiftly through our newly implemented Security Operations Centre (SOC). This proactive approach ensures that we can effectively safeguard our systems and data.

Our commitment to maintaining high-security standards is reinforced through regular internal and external audits. These audits ensure compliance with industry regulations and best practices, helping us identify and address any security gaps promptly. We have expanded our training programmes to include advanced threat awareness and response strategies. This ensures our workforce is well-equipped to recognise and respond to potential security incidents. In 2024, we made further investments in the right vulnerability tools and we continuously evaluate our systems for vulnerabilities and potential exposure risks. We maintain unwavering vigilance in protecting our digital assets by implementing comprehensive risk prevention, assessment and education programmes. As a testament to our dedication to security, we have thoroughly reassessed and enhanced the authentication processes for our core AEON platform. Significant improvements have been made to the authentication mechanisms for our devices and kiosks, ensuring a robust and secure environment that mitigates potential risks and reinforces customer trust.

Blue Label also achieved ISO 27001:2022 certification in 2024. Clinching this ISO certification provides commercialisation benefits and elevates our security maturity levels as an organisation. It also offers enhanced assurance to our customers, business partners and third parties we engage with, demonstrating the Group's commitment to robust information security practices.

IT risk management

IT risk management at Blue Label is a core component of the Company's Enterprise-wide Risk Management strategy. Our governance and operational controls are meticulously designed to support responsible risk management, recognising its crucial role in value creation. Risk management is seamlessly integrated into our decision-making processes and daily activities, ensuring that the organisation remains risk-aware while pursuing its strategic objectives.

The Group's IT risk management in 2024 included the following key components:

Governance and compliance
The Group Risk function has established comprehensive risk governance frameworks to facilitate effective organisational risk management. These frameworks are rigorously applied and adhered to by Group IT, ensuring consistent risk management practices across the organisation.

Enhanced monitoring and collaboration
Key risks are continuously monitored through a robust risk management system that involves coordinating our three lines of defence. This collaborative approach ensures that risks are managed effectively and in alignment with our strategic goals.

Digital transformation of risk management
In the past, Blue Label's risk management and tracking relied heavily on manual processes, necessitating extensive engagement with risk action owners for updates and progress on risk mitigation strategies. In 2024, the Group revolutionised its risk management practices by implementing a new digital risk management platform. This automated and integrated tool significantly enhances our ability to manage risks proactively and robustly across the organisation.

Streamlined risk tracking and reporting
The new digital platform facilitates streamlined risk tracking, reporting and analysis, supporting effective decision-making and improving overall risk governance. By automating these processes, we can obtain real-time insights into risk status and mitigation progress, allowing for more responsive and informed risk management.

As we move forward, we will focus on enhancing our IT risk management practices to ensure they keep pace with the evolving risk landscape. We are committed to continuous improvement and will invest in the latest risk management technologies and methodologies to maintain a high standard of risk governance. By doing so, Blue Label will continue to safeguard its assets, support strategic objectives and create value for all stakeholders.

LOOKING AHEAD

As we look to the future, we will focus on advancing our cybersecurity measures and maintaining our rigorous standards. We are committed to investing in the latest security technologies and practices to protect our systems and data, ensuring that Blue Label remains a trusted leader in the industry.

At the same time, we will drive continuous improvement and innovation within our back-office operations. For example, in 2025 we aim to complete the first phase of our new enterprise resource planning (ERP) solution by deploying it in BLD. We will continue to invest in cutting-edge technologies and process optimisation initiatives to ensure that our internal functions support our broader business objectives and deliver exceptional value to our stakeholders.

We will further enhance our API capabilities, continuously evolve our market-facing platforms and rebuild our core technology platforms. The Group will also continue investigating and implementing AI capability within our core products and business to improve speed and productivity and enhance the customer experience, including deploying AI capability within our call centres.

As we continue to build and refine our new core technology platform, our focus remains on delivering innovative solutions that meet the evolving needs of our customers and stakeholders. By embracing modern architectural principles and leveraging the latest advancements in software design, we are well positioned to drive sustained growth, enhance operational efficiency and maintain our competitive edge in the dynamic telecommunications industry.