Bar Association with new electronic voting solution

GuilhermeFigueiredo Ordem do Advogados

Bar Association with new electronic voting solution

The Portuguese consultancy firm AskBlue has implemented a pioneering e-voting solution for the Congressional Bar Association (OA). elections to facilitate access from any device: computer, tablet or smartphone. Therefore, it also aims to stimulate the national participation of about 30 thousand lawyers voting, since it is a process that is usually carried out in person.

The technological innovation in question is supported by the product Scytl Online Voting, an electronic voting system that has already been used in countries such as the United States of America, Canada, the United Kingdom, France or Germany.

“The use of the solution was a pleasant surprise, due to the ease and adherence registered by the electronic vote. It was an excellent experience and allowed us to prepare ourselves better so that the governing bodies’ next elections will be a success, “said Guilherme Figueiredo, OA staff member.

The platform combines seven polling stations with distinct lists of candidates, and its security is due to its patented cryptographic protocol (private digital cryptographic keys). According to Ana Rosado, an AskBlue partner, “the electronic vote has the strong potential to bring citizens and organizations closer together, contributing to more inclusive and informed societies”.

Filipe Castro, sales director of Scytl, believes that this was an innovative project “unparalleled in the legal sector in Portugal”. “We believe it is a pioneering solution and with numerous possibilities of growth in Portugal, in the most varied sectors of activity,” he added.

Through a voting receipt, voters can anonymously check whether their vote has been registered by the Scytl Online Voting system, audited and certified by several governments worldwide.

Share on linkedin
Share on facebook

Personal Data Processing is a Corporate Risk

Bandeira Europeia com cadeado RGPD

Personal Data Processing is a Corporate Risk

One of askblue’s partners has been advising several companies on how to implement the General Regulation of Data Protection. Despite having a period of two years where companies had to make the necessary adaptations, Sofia Bastos dos Santos realizes that, it was only after the second half of 2017, that there has been this sudden concern. On the other hand, companies “perceived the RGPD only as a problem of an eminently legal justice nature and of computer security”

Have companies been adapting in a timely manner to comply with the RGPD rules?
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data has entered into force simultaneously on 25 May 2016, in all Member States of the European Union. The Regulation imposes uniform discipline between the various Member States as from 25 May 2018, the date on which the transitional period of two years specified therein expires. Private and public companies and organizations will be subject to a set of obligations rules, the non-compliance of which will lead to fines of up to € 20 million or 4% of the organization’s worldwide turnover (there are two levels of application of fines see article 83). In the application of fines, a number of factors will be taken into account, but their mitigation will depend on the ability of organizations to demonstrate the application of appropriate data remediation measures. The new sanctioning framework raises the privacy and security of information regarding the treatment of personal data to a Corporate Risk, necessarily leading organizations to consider this matter in their guidelines and management decisions. We observed in the Portuguese market that organizations began in general to mobilize for the need to analyze the provisions and implications of the RGPD substantially from the end of the first half of 2017. The transitional period of two years was not really taken advantage of, in assessing impacts and investment needs, in formulating priorities and options, and in planning the actions to be undertaken.

In the first phase, we noticed that organizations perceived the Regulation to not only be a problem of a legal justice nature and, consequently, a matter to be addressed and resolved through the use of skills and means in these two fields and disciplines of intervention.

What are the main questions asked by the companies that ask you for advice on the new RGPD?
Doubts and requests for advice addressed the formal aspects of legal compliance with the provisions of the Regulation and in parallel to the identification of technological options, ie in terms of recommending software solutions, to worship in response to security measures processing of personal data. The formulation of requests for advice has often resulted in a consultation and / or request for the provision of professional services for the “implementation of the minimum requirements of the RGPD” in the organization concerned. This approach implies a common perception by organizations of the supposedly prescriptive nature of the Regulation and also of the frequent assumption by managers of the existence of “minimum requirements” for compliance. The Regulation lays down principles, sets out rules and obligations to be observed by data controllers, their subcontractors and joint controllers, but is not prescriptive as regards measures, in particular safety, technical, organizational and procedural, or procedural (article 32.0), to be implemented by organizations.It is not, nor should it be. A safety measure, regardless of its nature, is aimed at acting on an identified risk, with a given control objective, risk prevention; its elimination, or until transfer to third parties (example: insurance contract). Risks arise from existing vulnerabilities and affect an organization’s assets, which include information assets, including information that results from the processing of personal data. The risks associated with different economic activities are naturally different, although there may be some common risks. In a given sector of economic activity, operationally different organizations, in terms of their organizational model, their business processes and supporting technology (software, databases and hardware infrastructure, communications, among others), will necessarily have different vulnerabilities . The integrated risk and vulnerability assessment enables the control objectives to be defined and, depending on them, to determine the necessary security measures, which may be of different natures and typologies (organizational, procedural, technological), individually considered or combined. That said, “implementation” of RGPD compliance requirements requires prior exercise in identifying and assessing risks and vulnerabilities and management decisions of the organizations regarding the control objectives and, consequently, the actions to be taken to address them.

And the adoption of other types of solutions that the market offers?
Recommendations and/ or adoptions of software solutions, although widely advertised in the market, without proper evaluation of the organizational context in all dimensions relevant to the formation and deconstruction of the problem, may have the same effect as that resulting from the treatment of a “viral infection with antibiotics “or the treatment of “ a bacterial infection with the wrong antibiotics “. The safety measures must meet the control objective(s) of the risk(s), but their choice and implementation must be consistent.

Consistent, because the outcome of a security measure may depend on the prior implementation of another security measure or the development of a set of actions that are in themselves a prerequisite to the implementation of that measure. These variables have to be addressed through planning. Consistent, because managing and controlling risk is inevitably an exercise in economic and financial viability for organizations. Minimizing risk also means maximizing control, which presupposes investments and changes in operating costs, present and future. Thus, in order to safeguard the privacy and security of personal data, it is necessary to determine the security measures necessary for the effective compliance of the organization with the RGPD, the adequacy of security measures, financial management. Resources are always limited. Regulation does not generate business and, as such, RGPD will be a challenge to the management of organizations.

Do you believe in the good preparation of companies to comply with the new legislation after May 25?
By the end of 2018, I believe that most private sector organizations will focus and work on fully preparing themselves to respond to the formal compliance aspects of the RGPD to fulfil the Basic Principles of Treatment (Articles 5.0 to 11.0), the Rights of Data Holders (Articles 12.0 to 15.0) and the Register of Treatment Activities (Article 30). However, the complexity, effort and enormous challenge for all organizations, without exception, is in accordance with the principles and provisions set out in Articles 25 and 32 of the Regulation, aimed at promoting the accountability of organizations, respectively: the protection of data from conception and by default; treatment. Compliance with these two articles is not an action, it is a process that requires vision, resources, planning and execution time, for the reasons that I have tried to explain previously. It is an unavoidable fact that the transitional period provided for in the Regulation expires on 25 May 2018, from which it is expected that a uniform discipline will exist between the Member States of the European Union. The privacy and security of personal data information are in fact only two additional risk dimensions to be added to the global ecosystem of an organization, to be included in a “Risk Management Integrated Framework”, which requires a multidisciplinary and integral part of the disciplines internal management of an organization. This is the change in the management paradigm that is imposed on organizations in Portugal.

A practical question: how is it that a third party – without any contractual relationship with the consumer – is required to eliminate and forget personal data?
The Regulation defines two concepts, that of Data Controller, which “determines the purposes and means of processing personal data” and that of Subcontractor, which “treats personal data on behalf of the Data Controller and in accordance with his instructions “(Article 28). The Regulation introduces a new role and new added responsibilities for subcontracted entities. Subcontractors shall provide guarantees to enforce appropriate security measures to protect the rights of data subjects and may not contract subcontractors without the Data Controller’s authorization. The data subject exercises his / her rights, including the right to forgetfulness, before the entity Responsible for data processing, obviously assuming that the data processing by the Data Controller is licit under the terms provided by the RGPD. In today’s society where the data and information contained therein is transmitted voluntarily by the holders, circulating through the multiple channels and repositories of distributed data, etc., individual behaviors can lead regrettably to the abdication of rights. At this point, I believe that education is the variable that will make a difference …

What role should supervisory authorities play?
The role of supervisory authorities is key and will be a pillar of the system. The levels of experience, organization and preparation of supervisory authorities in the different EU countries is very different. The ability and effective exercise of the supervisory function depends on the adequacy of the organizational structure, the internal competencies, necessarily multidisciplinary and obviously the financial means, but in response to a strategic alignment plan with a given reference, that is, with a “model objective supervision “, technically feasible from the current starting point, and financially sustainable. In Portugal we do not need to “invent the wheel”, we have to know how to look critically at other realities, see what works and has proven to work.

What challenges does blockchain technology bring to data protection legislation?
Blockchain technology is something still very new, with a potentially vast application spectrum. Disintermediation in economic and social life may be at the total limit, with an impact on society, as we know it today, which is not yet foreseeable. I do not have a formed opinion, I have only reflections, the same ones that make me think that the internet enabled the same social networks that allowed the “Arab Spring” and Cambridge Analytics. Technological evolution will determine the need for constant revision of regulation. Faced with blockchain technology, we certainly will not be talking about the future of the RGPD, but about any other regulation.

What about artificial intelligence? 
On the contrary, artificial intelligence is already a reality, but it is still a very expensive technology, hence its application being restricted for the time being. With artificial intelligence, software has the ability to learn from human behavior. The easiest and most intuitive example is autopilot cars. These cars exist because the software was programmed from reading the driving mode of humans “good drivers”, that is, mathematical algorithms in artificial intelligence are developed from the simultaneous interaction with human behavior, meaning that, with artificial intelligence software algorithms incorporate human behavior. Now the behavior is a unique code of its holder, and being a “good behavior” is an asset of its owner, because it started to have market value.  I believe that in Artificial Intelligence what is in question under the law is not the protection of the personal data of the holders, but rather the “incorporation of rights” in the construction of the software by the owners of “good behavior”. If the owners of the “good behaviors” are the human beings, clearly it will have to be the specific and differentiated taxation the route of resolution of the incorporation of Human Rights in the software with artificial intelligence. For this the economy developed in the past the “Theory of Externalities”. On the other hand, economic activities with negative externalities are subject to increased taxation. On the other hand, economic activities with positive externalities must have benefits or tax reductions. Artificial intelligence applied to health has social value, in other cases it will cause negative social impacts and unemployment is at stake. Artificial intelligence will force societies to rethink taxation, which will have to fulfill its redistributive function. Economic theory exists and is old, its application will be a political issue. This is the key role of information systems: to make innovative forms of interaction and management possible, with more and more detailed information about customers, with the possibility to personalize offers at the individual level and to monitor the evolution of the business in real time. And, fundamentally, making it possible for any entrepreneur with vision and boldness, to launch their project on a global scale.

Share on linkedin
Share on facebook

Askblue scored 4.7 million in 2017

Equipa Askblue

Askblue scored 4.7 million in 2017

The consultancy firm extended its activity to the Insurance sector, Health, distribution, Public Administration and utilities.

AskBlue recorded a turnover of 4.7 million euros in 2017, part of which has already been achieved in other sectors of the banking sector. During the past year, the consultant has expanded its activity to the insurance sector, healthcare and distribution, public administration and utilities segments.

During the past year, the company has developed, among others, projects in the areas of mobility, application excellence, digitalisation and automation of business processes, according to a statement. To sustain the growth of the business, AskBlue’s team of professionals, with a predominantly senior profile, grew to a total of around 150 consultants.

Lastly, continuing the strategic commitment made in the previous year, 2017 also allowed for deepening and broadening partnerships established with companies such as OutSystems and Computer Associates. “We have strengthened the partnerships established following the strong growth in 2016, and we have laid a solid foundation for sustained growth in the coming years,” said Peter Nicolau, CEO of AskBlue.

The consultant’s stake in these partnerships is part of its strategy of growth and internationalization, with the potential to contribute to creating a “solid base of entry into competitive foreign markets”, aiming at “exporting specialized resources” in partner technologies.

AskBlue wants to strengthen the teams of consultants’ internal skills, investing in the hiring and training of recent graduates.

Currently, the consultancy firm specializes in three business units: business consulting, technology consulting and specialized outsourcing. This structure operates on the basis of commercial and technical skills, seeking to create synergies in skills and providing the most specialized and efficient service to the client.

According to the company, its priorities for the current year are to remain focused on quality of service and grow in all business units. “To achieve this, the company will strengthen the internal skills of the teams of consultants, engage in recruitment and training of recent graduates through a successful internship program and maintain investment in tools and methodologies to support projects,” according to a statement.

Share on linkedin
Share on facebook

Askblue predicts revenues of 6 million in 2018 and looks at internationalization

Pedro Nicolau CEO Askblue

Askblue predicts revenues of 6 million in 2018 and looks at internationalization

The Portuguese consultancy firm AskBlue expects to grow 30% in turnover in 2018 and plans to take the first steps in the international market this year.

The Portuguese company AskBlue, a business and technology consultancy firm, expects to grow close to 30% and achieve revenues of six million euros in 2018, the year in which it will take the first steps in the international market. Pedro Nicolau, the consultant’s chief executive, said in an interview with Dinheiro Vivo that Central and Northern Europe are AskBlue’s focus on internationalization, not excluding the opening of an office abroad in the future.

After 2016, the consultant had doubled in the number of employees and turnover – to four million euros -, last year was to improve the company’s efficiency and consolidation. “The year 2017 was a year of consolidation. And even so, it was a year in which we grew 20% and, we are preparing, for, in 2018, to continue to grow in turnover and number of people, “he said in an interview with Dinheiro Vivo. “We have good prospects for 2018. The month of January was the company’s best month in terms of turnover. Our goal is to reach six million euros in 2018. I would say that, from what we saw in January, it will not be a very difficult goal, “he said. AskBlue closed 2017 with a turnover of around 4.7 million euros and 130 employees. The consulting firm created in 2013 by four partners – Pedro Nicolau, Sofia Bastos Santos, Rui Couto and Ana Rosado – currently employs around 150 employees and has had positive results since the year 2014. In addition to providing business and technological consulting services, it also provides specialized outsourcing, which is the area which most contributes to AskBlue’s revenue.


The year 2018 will be marked by the expansion to other markets. “This year we are going to take the first steps and we would already like to do some projects in the international market and in 2019 we will certainly develop the international market,” said Pedro Nicolau. The internationalization will be done hand in hand with partners, but also with the offer of the consultancy itself, which has partnerships with companies such as Computer Associates, Workfusion and Portuguese OutSystems.

The consultancy firm has the privilege of having three of its founders experienced in the consultancy sector. In the case of Pedro Nicolau, he worked at Deloitte and Reditus Consulting. AskBlue has about 20 clients, mostly in the financial sector, and in particular a project developed for Banco CTT. However, it has expanded its area of ​​activity and now has clients in the area of ​​distribution and health, as well as in the insurance sector and public administration. “The evolution this past year has been in extending to other sectors and other customers, and in registered growth, in people, partnerships and projects. And maintaining an excellent retention rate for AskBlue’s team members, a fact not very common in the industry, “he said. We have already had companies interested in acquiring the consultancy, but the goal of AskBlue is to continue to go ‘solo’. “We ended up not showing any interest (in being acquired), because we believe we are well alone, we can grow alone and it is important to have Portuguese companies in this sector,” said Pedro Nicolau.

Share on linkedin
Share on facebook

Askblue doubles revenue in 2016

Gráfico de Crescimento Asjblue

Askblue doubles revenue in 2016

The Portuguese consulting firm ended the year 2016 with an approximate turnover of 4 million euros, which represents double the growth in relation to the previous year.

According to AskBlue, the good results reflect the competences and quality of the team, as well as the strategic investment in partnerships and entry into new business areas.

In 2016, the company developed projects in the areas of mobility, operational efficiency, information analysis and software quality, among others, and opted for new partnerships with Outsystems, Qlik, Computer Associates and Workfusion.

In addition to the revenue, the consultancy also grew regarding the volume of business, obtaining new clients and consolidating the growth of its commercial offer. All this has meant that the team has also increased, consisting of 120 professionals.

“We have been growing steadily since the creation of the company, and last year represented an important milestone in the development of our operation, with the entry of new partners and the expansion of offers, which will allow us to face next year with certainty and optimism, “Pedro Nicolau, CEO of AskBlue, said in a statement.

With regards to 2017, the company’s prospects are of continued growth in turnover concerning all business offers.

Share on linkedin
Share on facebook

Askblue doubles its growth from last year and reaches profit of 4 million euros

Askblue doubles its growth from last year and reaches profit of 4 million euros

With the successful start-up, AskBlue is now moving on to another stage of growth and expansion of the operating areas. Satisfied with the pace of growth, the consultancy also puts internationalization on the agenda.

Revenues from AskBlue technology and business consultancy nearly doubled last year compared to 2015, reaching 4 million euros, company CEO Pedro Nicolau told Jornal Economico.

Pedro Nicolau says that these results translate to a “strong growth” of the operation.

In 2016, the partnership with Banco CTT was highlighted. AskBlue’s involvement went from business and operational consulting services to consulting in information systems to ensure that the operation works, and also, operationalization of backoffice processes.

About 2017, the person in charge states that they have been growing in a consolidated way and wishes to extend the operation. “We foresee the continuation of the trend of growth in turnover in all business ventures”. As a result, he adds, the team of consultants, with a predominantly senior profile, has grown to a total of 120 professionals.

Still about the short-term future, Pedro Nicolau clarifies that Askblue was not born only for Portugal. “It is only natural that, as a result of the evolution of the business offers and of the clientes with which we have been working, new opportunities for growth and projects will emerge, also in international markets. This is clearly a goal for the current year and also for 2018, “he adds.

Askblue was born in 2013 with offers in three areas: Business, IT and Specialized Outsourcing. These three areas were delineated from the beginning of the company’s activity and are led by each of the other founding partners: the business area is led by Sofia Bastos Santos, IT by Ana Rosado and Outsourcing Specialized by Rui Couto. To justify this option, the respective partner emphasizes that they are complementary areas, with synergies between them. “We can start the relationship with a client by the area of ​​business, for example in a diagnostic project of compliance with the new regulations of data protection and, in a second phase, support the client with projects of technological transformation, requiring the involvement of the areas of IT and Outsourcing, “he explains.

Share on linkedin
Share on facebook

CTT Bank is ready to face Fintech

Banco Ctt

CTT Bank is ready to face Fintech

Starting without legacy systems is a clear advantage, but not without the challenges of creating a new structure without re-use the old, explains Pedro Nicolau, AskBlue’s CEO.

AskBlue was one of the consultancies involved in the implementation of Banco CTT’s information systems. In a “technological and operational” partnership, it has placed a multidisciplinary team of consultants with skills in technologies and processes, serving a project to create a “digital bank from scratch”.

Although in a project free of old and inadequate systems, underlying almost all the challenges were the requirements to safeguard the simplicity of solutions, such as account opening processes and client registration.

They had to be close to customers, easy to understand and use, and the obligatory cost-efficient efficiency. But in addition, the operationalization of the back office processes is a critical factor, Pedro Nicolau, the consultancy’s  CEO, explains in an interview.

Computerworld ‒ What were the main challenges you had to solve while implementing the project of a new information system in a bank?

Pedro Nicolau ‒ A project which develops the core information system of a new bank has very significant challenges, because it starts from scratch. Everything has to be decided, designed and implemented. There is no reuse of applications. These projects always have a very important business component.

Before starting to configure/ develop a new system, it is necessary to have a well-defined product and service offer, backoffice / agency processes, system functionalities, regulatory requirements and information flow with other entities, namely SIBS . In order to be able to incorporate all these specifications into the new information system, it is necessary to have a multidisciplinary work team with in-depth skills, be it in the banking business or the technical level of software applications.

CW ‒ The fact that there are no legacy systems is already an advantage, but how have the bank’s systems been prepared to face the fintech competition?

PN ‒ The non-existence of legacy systems allows the design of a new system with no start restrictions. Obviously, it is necessary to always make management choices and evaluate the respective cost versus benefit in the balance sheets, but the fact that there is no history makes way for a new system to be built in the future and not dependent on past options.

New technologies are now available at lower costs, with other capabilities and more flexibility. The challenge of fintechs goes a long way towards digitizing and dematerializing many processes. By being born as a digital home bank, Banco CTT is prepared to respond to these challenges.

CW ‒ From your point of view, what are the main advantages of the bank’s information systems, in generic terms? What technologies support these advantages?

PN ‒ We do not comment on the information systems options of Banco CTT.

CW ‒ How can the operation of back office processes generate competitive advantages in a bank at the moment?

PN ‒ Operating back office processes in an optimal way and minimizing operational risk is a critical success factor for banks. It is through an adequate operationalization of the processes that are able, on the one hand, to achieve excellent levels of customer service and, on the other hand, reduce operating costs, allowing banks to position themselves in the market in a competitive way.

Once again, it is important that, in the design and implementation phase of the processes, technical experts with technical knowledge and banking business are involved in order to make the right decisions.

Share on linkedin
Share on facebook

Askblue announces technological and operational partnership with Banco CTT

Askblue announces technological and operational partnership with Banco CTT

AskBlue, a technology and business consultancy, announced that it has partnered with Banco CTT to create a technology and process approach for the institution’s launch. The collaboration between the two organizations allows the bank to provide its customers with a simple, transparent, proximity and quality banking service.

The Bank CTT is a new and differentiating project in the national banking system because it was created to think about the new technologies and does not have the “inheritance” of old and inadequate processes and systems as mentioned by Dr. Luís Amado, Administrator with the Information Systems department of Banco CTT. “This project is born from scratch, without legacy in both its offering and the systems it has been implementing. From the outset, it aims to provide customers with simple and easy-to-understand and easy-to-use solutions and a leadership in efficiency, translated into highly competitive costs. It is based on a value proposition of simplicity, transparency and proximity and continues to provide innovative technological solutions that allow a distinctive quality of service in the market. “

The consultant, who began operations in 2013, was one of the entities selected as a partner to advise on the implementation of the project, both as a business and operational consultant, and as consultant in information systems to ensure its operation and, lastly , the operationalization of backoffice processes,

“Participation in this project was a challenge that we gladly accepted, not least because there is no financial project of this size and ambition in Portugal in recent times. AskBlue is a young company, but with a very strong experience of its teams in the financial sector, and we will continue to bet on the excellence, quality and accountability of our teams to merit Bank preference “, said Pedro Nicolau, CEO of AskBlue.

To respond to this challenge, AskBlue has created a multidisciplinary team of consultants with the skills in key technologies and processes for a digital bank, including traditional client and account opening processes, framed in the digital reality of the bank.

Share on linkedin
Share on facebook

CTT Bank chooses Askblue to implement technological project

CTT Bank chooses Askblue to implement technological project

AskBlue, a technology and business consultancy, is responsible for implementing Banco CTT’s technology project based on current technologies and current society

Without any track record in the financial sector, Banco CTT opted for simplicity and opted for a technological approach, seeking to allow the quality of service of desired excellence.

“This project is born from scratch, without legacy in both its offering and the systems it has been implementing. From the outset, it aims to provide customers with simple and easy-to-understand and easy-to-use solutions and a leadership in efficiency, translated into highly competitive costs. It is based on a value proposition of simplicity, transparency and proximity and continues to provide innovative technological solutions that allow making way for a distinctive quality of service in the market, “said Dr. Luís Amado, administrator  at Banco CTT’s Information Systems Department.

AskBlue, a technology and business consultancy with a team experienced in the reality and needs of the national financial system, was one of the entities selected as a to be partner to assist in the implementation of this project. The commitment of Askblue’s teams and the demonstrated ability to meet the demanding requirements of this project on time and on budget were other fundamental aspects in the analysis carried out and in the attribution of these projects, which included, in addition to business and operational consulting, consultancy in information systems to ensure its operation and, finally, the operationalization of the back office processes.

“Participation in this project was a challenge that we gladly accepted, not at least because there has not been any financial project of this size and ambition in Portugal in recent times. AskBlue is a young company, but with teams with a considerable amount of experience in the financial sector, and we will continue to bet on invest in the excellence, quality and accountability of our teams to merit the Bank’s preference “, said Pedro Nicolau, AskBlue’s CEO.

AskBlue has created a multidisciplinary team of consultants with the necessary skills in key technologies and digital bank processes, including traditional client and account opening processes, which fit the digital reality of the bank.

CTT Bank was born from the natural evolution of the financial services already provided by CTT and brings with it a history and experience of more than 500 years. It was launched on March 18, 2016, based on values ​​of trust, solidity, proximity, simplicity and innovation. Banco CTT is for all Portuguese and intends to innovate by offering simple and competitive products. Currently, it has 100 agencies and is expected to reach 200 agencies by the end of the year.

Share on linkedin
Share on facebook