Transforming Identity Management: How a Leading NZ Bank Automated IT for Greater Efficiency

How Activate reduced new user provisioning from 5 days to less than 10 minutes.

Overview

A leading New Zealand bank with over 7,500 employees partnered with Activate in 2007 to transform their internal IT operations. Facing growing complexity in managing user access and manual processes, the bank sought an automated, scalable Identity and Access Management (IAM) solution to drive efficiency, security and compliance.

The Challenge

All access and account changes for the bank’s 7,500+ employees were managed manually by a centralised request team, often taking several days to process. These manual workflows were inconsistent and error-prone, placing additional strain on the service desk to resolve avoidable issues.

Active Directory served as the core system for authentication and access control across applications, software, Secure Folders and Distribution Lists. However, over time it became increasingly unmanageable, with duplicate groups, unclear ownership and limited visibility into usage.

User accounts were created, modified and deleted manually, without clear linkage to individual employees. This resulted in a growing number of legacy accounts, making it difficult to verify whether they were still required or in use.

The bank needed a solution that would:

  • Automate user account provisioning, updates and de-provisioning to eliminate delays and reduce manual effort
  • Improve accuracy and consistency in handling access requests to reduce errors and service desk load
  • Establish clear links between user accounts and employees to improve identity visibility and lifecycle management
  • Streamline and standardise Active Directory management, eliminating duplicate groups and clarifying ownership
  • Enhance security and compliance by reducing the number of unmanaged or orphaned accounts and ensuring access was appropriate and auditable.

The Solution

Activate was selected to automate the bank’s internal IT and Identity Management processes. In the initial implementation phase, several high-value processes were prioritised and automated.

User Onboarding and Offboarding: An integrated Identity Management provisioning process was introduced to automatically create, update, move, and de-provision user accounts as staff joined or left the organisation.

Role Management: Department and location-based roles were synchronised directly from HR data into a structured hierarchy aligned with the bank’s organisational model.

Service Definitions: All existing Active Directory groups and applications were mapped to Activate ‘Services’. Approximately 1,500 services were identified and created from day one through group discovery.

Role Entitlement Discovery: Activate’s role discovery process mapped default entitlements to roles. Smart heuristics (best practices) were applied to assign services when the majority of users in a role shared the same entitlements.

Securing and Automating High-Value Applications: Critical systems were brought under automated control, including:

  • Retail Banking Teller System
  • Customer Relationship Management (CRM) System
  • Contractor, vendor and non-employee accounts.

Implementation of Additional Activate Modules

  • Distribution List Management
  • Folder and File Data Management
  • Self-Service Password Reset.

The bank has remained a customer since 2007. With growing emphasis on operational efficiency and security, Activate has remained a foundational tool in the bank’s continuous improvement efforts. Key automations have included:

  • Induction and Pre-Termination Processes
    Automated workflows covering everything from onboarding to pre-exit risk assessments
  • Role and Application Review
    Scheduled reviews of roles, users and application access by business and service owners.
  • Mobile and Phone Extensions
    Full automation of mobile phone provisioning from request to deployment, including telco setup.
  • Governance and Mandatory Leave
    Automatic enablement and suspension of accounts based on governance policies and mandatory leave requirements. 
  • Privledged Account Management
    Automated control of privileged accounts, including service, administrator and vendor access.
  • Service Catalogue items
    Today, over 6,000 services are in active use, with more than 90% fully automated through Activate.
  • Shared Mailbox Management
    Creation and ongoing management of Shared Mailboxes and their data.
  • Automatic Out of Office
    Out-of-office messages in Exchange are automatically applied and removed based on HR leave records.

~32,000+

Automated Service Requests per month.

~64,000hrs

Time Savings per year.

<5min

New user accounts are available versus 5 days.

The Result

Activate has enabled the bank to automate more than 380,000 changes annually, with over 900,000 user-service relationships under management.

Key outcomes included:

  • New user provisioning reduced from 3–5 days to under 10 minutes
  • From day one, more than 80% of all requests were fully automated. Today, this has increased to over 90%
  • Monthly requests grew from 5,000 to over 32,000 without additional manual overhead
  • Estimated cost savings exceed NZ$9 million annually (the cost of performing these requests manually would be over $9M per year at $20/ticket).

Activate continues to be a cornerstone in the bank’s drive for operational efficiency, enabling users with self-service, reducing IT load and ensuring access governance and compliance at scale.

See Activate in action.

Book a no obligation demo and discover how Activate can help your team.

Button Text
Book a demo
Onboarding, offboarding and everything in between.
HomeSolutionsCase studiesAbout usFAQs

Book a demo

Contact usLog in / Support
LinkedIn
Level 1, 2 Heather Street, Parnell, Auckland 1052Call: +64 9 846 1300
T&CsPrivacy Policy
© Activate. 2025. Activate SC NZ. All rights reserved