The leading knowledge platform for the financial technology industry
The leading knowledge platform for the financial technology industry

A-Team Insight Blogs

Addressing the Challenges and Realising the Benefits of a ‘Cloud First’ Policy

By Andy Mather, European Financial Services Industry Specialist, Telstra.

The move to a ‘cloud first’ policy by financial firms is a tantalising idea. After all, which chief technology officer wouldn’t want to seriously reduce their company’s on-premise compute and storage costs, while at the same time boosting agility and ability to profit from new, innovative, scalable applications? It’s a no brainer, right?

Well, yes, but financial services firms setting their sights on the benefits of cloud first operations also need to be aware of a handful of key challenges. The reason? The heavily regulated space that capital markets now inhabit, with far-reaching legislation like MiFID II (for investor protection) and GDPR (for data protection) in force. This means cloud-based operations present technology, compliance and security challenges that need addressing if financial institutions are to safely reap their considerable advantages.

First among these challenges is for a firm to decide what exactly it should migrate to the cloud and what can remain on legacy systems. That will involve the company taking a careful inventory of its applications and data, helping it, for instance, avoid migration of legacy silos that might needlessly expose the business to compliance issues.

Deciding what kind of cloud architecture will best allow a firm the control and governance it needs over the data and applications is the next big issue. Will a public, private or hybrid cloud do the job, for instance? Each of these has its own distinct advantages. In a public cloud, all compute and server resources are provided over the internet by a third party – such as Amazon or Microsoft – and are suited to low-cost but highly scalable needs, like browser-based email, front office apps and storage.

As its name suggests, a private cloud provides dedicated hardware and software, either on premise or at a third-party data centre, and on a network that only the financial services firm itself has access to. This provides more flexible, customisable, scalable systems – and more secure ones, too. Hybrid clouds, often seen as the best option, allow players in capital markets even further application-specific customisation, by allowing a mix of public and private clouds. Hybrid also offers an easy, gradual transition to cloud ops.

To efficiently drive innovation and competitive advantage, a company will then need to modernise its existing applications to run on the chosen cloud architecture. This is where a steady migration of application functions to a microservices-based architecture is usually the best approach. By treating applications as modular combinations of different fine-grained, lightweight services that can be deployed independently on different platforms, firms give themselves the flexibility to fully leverage public, private or hybrid cloud.

All well and good, but then the next challenges raise their head: data security and data protection. GDPR enforces massive fines – 4% of a company’s global turnover – for data breaches. So the move to the cloud, and the software rewrites involved in the aforementioned application modernisation process, need to put trust issues front and centre. To do that, finance houses will need to identify the privacy, security and compliance risks their particular operation faces and come up with an operating security model that takes all threats into account.

Cloud architecture itself helps out here. Because thousands of virtual machines in a data centre can be instantly patched, there is no lag when security updates need applying, as there is with widely-distributed on-premise servers. As the hosting landscape has changed, so has security. Not only to keep abreast of the ever-changing threat, but also to cope with the geographically dispersed virtual deployment of many of today’s applications and the often mobile digital consumption of these services.

Despite the handful of hurdles, cloud first operations unchain finance firms from the constraints of the limited capacity of on-premise IT systems, fuelling new revenue generating applications that can be quickly rolled out and rapidly scaled to reach new markets, growing existing applications and responding to the changing needs of customers.

Related content

WEBINAR

Recorded Webinar: Getting ready for Sustainable Finance Disclosure Regulation (SFDR) and ESG – what action should asset managers be taking now?

Interest in Environmental, Social and Governance (ESG) investment has exploded in recent years, bringing with it regulation and a requirement for buy-side firms to develop ESG strategies and meet disclosure obligations. The sell-side can help here by integrating ESG data with traditional financial information, although the compliance burden remains with asset managers. The EU Sustainable...

BLOG

NeoXam Partners Market Data Consultancy MDP to Extend Reach of DataHub

Paris-based data management platform provider NeoXam has forged an alliance with market data consultancy MDP to extend the reach of its DataHub platform in the DACH region comprising Germany, Austria and Switzerland. The initiative will focus on helping clients deal with market and reference data challenges such as costs, multi-vendor strategies, reconciling data sources and...

EVENT

Data Management Summit USA Virtual

Now in its 11th year, the Data Management Summit USA Virtual explores the shift to the new world where data is redefining the operating model and firms are seeking to unlock value via data transformation projects for enterprise gain and competitive edge.

GUIDE

ESG Handbook 2021

A-Team Group’s ESG Handbook 2021 is a ‘must read’ for all capital markets participants, data vendors and solutions providers involved in Environmental, Social and Governance (ESG) investing and product development. It includes extensive coverage of all elements of ESG, from an initial definition and why ESG is important, to existing and emerging regulations, data challenges...