About a-team Marketing Services
The knowledge platform for the financial technology industry
The knowledge platform for the financial technology industry

A-Team Insight Blogs

Addressing the Challenges and Realising the Benefits of a ‘Cloud First’ Policy

Subscribe to our newsletter

By Andy Mather, European Financial Services Industry Specialist, Telstra.

The move to a ‘cloud first’ policy by financial firms is a tantalising idea. After all, which chief technology officer wouldn’t want to seriously reduce their company’s on-premise compute and storage costs, while at the same time boosting agility and ability to profit from new, innovative, scalable applications? It’s a no brainer, right?

Well, yes, but financial services firms setting their sights on the benefits of cloud first operations also need to be aware of a handful of key challenges. The reason? The heavily regulated space that capital markets now inhabit, with far-reaching legislation like MiFID II (for investor protection) and GDPR (for data protection) in force. This means cloud-based operations present technology, compliance and security challenges that need addressing if financial institutions are to safely reap their considerable advantages.

First among these challenges is for a firm to decide what exactly it should migrate to the cloud and what can remain on legacy systems. That will involve the company taking a careful inventory of its applications and data, helping it, for instance, avoid migration of legacy silos that might needlessly expose the business to compliance issues.

Deciding what kind of cloud architecture will best allow a firm the control and governance it needs over the data and applications is the next big issue. Will a public, private or hybrid cloud do the job, for instance? Each of these has its own distinct advantages. In a public cloud, all compute and server resources are provided over the internet by a third party – such as Amazon or Microsoft – and are suited to low-cost but highly scalable needs, like browser-based email, front office apps and storage.

As its name suggests, a private cloud provides dedicated hardware and software, either on premise or at a third-party data centre, and on a network that only the financial services firm itself has access to. This provides more flexible, customisable, scalable systems – and more secure ones, too. Hybrid clouds, often seen as the best option, allow players in capital markets even further application-specific customisation, by allowing a mix of public and private clouds. Hybrid also offers an easy, gradual transition to cloud ops.

To efficiently drive innovation and competitive advantage, a company will then need to modernise its existing applications to run on the chosen cloud architecture. This is where a steady migration of application functions to a microservices-based architecture is usually the best approach. By treating applications as modular combinations of different fine-grained, lightweight services that can be deployed independently on different platforms, firms give themselves the flexibility to fully leverage public, private or hybrid cloud.

All well and good, but then the next challenges raise their head: data security and data protection. GDPR enforces massive fines – 4% of a company’s global turnover – for data breaches. So the move to the cloud, and the software rewrites involved in the aforementioned application modernisation process, need to put trust issues front and centre. To do that, finance houses will need to identify the privacy, security and compliance risks their particular operation faces and come up with an operating security model that takes all threats into account.

Cloud architecture itself helps out here. Because thousands of virtual machines in a data centre can be instantly patched, there is no lag when security updates need applying, as there is with widely-distributed on-premise servers. As the hosting landscape has changed, so has security. Not only to keep abreast of the ever-changing threat, but also to cope with the geographically dispersed virtual deployment of many of today’s applications and the often mobile digital consumption of these services.

Despite the handful of hurdles, cloud first operations unchain finance firms from the constraints of the limited capacity of on-premise IT systems, fuelling new revenue generating applications that can be quickly rolled out and rapidly scaled to reach new markets, growing existing applications and responding to the changing needs of customers.

Subscribe to our newsletter

Related content

WEBINAR

Recorded Webinar: How to gain operational efficiency in corporate actions processing

While the risk associated with corporate actions is well established, many financial institutions continue with manual processing in the back office. More often than not, corporate actions information is manually keyed in and event processing lacks automation. This results in operational inefficiency, and financial risk due to missed events or simply getting it wrong. These...

BLOG

Best Practice Approaches to Trade Surveillance for Market Abuse

Market abuse is a problem, a very big problem for financial institutions that fall on the wrong side of regulation. Penalties include eye-watering fines, reputational damage and, ultimately, custodial sentences of up to 10 years. Internally, market abuse triggers scrutiny of traders and trading behaviours, a lack of trust and the potential need for significant...

EVENT

TradingTech Summit London

Now in its 13th year the TradingTech Summit London brings together the European trading technology capital markets industry and examines the latest changes and innovations in trading technology and explores how technology is being deployed to create an edge in sell side and buy side capital markets financial institutions.

GUIDE

Regulatory Data Handbook 2023 – Eleventh Edition

Welcome to the eleventh edition of A-Team Group’s Regulatory Data Handbook, a popular publication that covers new regulations in capital markets, tracks regulatory change, and provides advice on the data, data management and implementation requirements of more than 30 regulations across UK, European, US and Asia-Pacific capital markets. This edition of the handbook includes new...