A-Team Insight Blogs

Share article

By Andy Mather, European Financial Services Industry Specialist, Telstra.

The move to a ‘cloud first’ policy by financial firms is a tantalising idea. After all, which chief technology officer wouldn’t want to seriously reduce their company’s on-premise compute and storage costs, while at the same time boosting agility and ability to profit from new, innovative, scalable applications? It’s a no brainer, right?

Well, yes, but financial services firms setting their sights on the benefits of cloud first operations also need to be aware of a handful of key challenges. The reason? The heavily regulated space that capital markets now inhabit, with far-reaching legislation like MiFID II (for investor protection) and GDPR (for data protection) in force. This means cloud-based operations present technology, compliance and security challenges that need addressing if financial institutions are to safely reap their considerable advantages.

First among these challenges is for a firm to decide what exactly it should migrate to the cloud and what can remain on legacy systems. That will involve the company taking a careful inventory of its applications and data, helping it, for instance, avoid migration of legacy silos that might needlessly expose the business to compliance issues.

Deciding what kind of cloud architecture will best allow a firm the control and governance it needs over the data and applications is the next big issue. Will a public, private or hybrid cloud do the job, for instance? Each of these has its own distinct advantages. In a public cloud, all compute and server resources are provided over the internet by a third party – such as Amazon or Microsoft – and are suited to low-cost but highly scalable needs, like browser-based email, front office apps and storage.

As its name suggests, a private cloud provides dedicated hardware and software, either on premise or at a third-party data centre, and on a network that only the financial services firm itself has access to. This provides more flexible, customisable, scalable systems – and more secure ones, too. Hybrid clouds, often seen as the best option, allow players in capital markets even further application-specific customisation, by allowing a mix of public and private clouds. Hybrid also offers an easy, gradual transition to cloud ops.

To efficiently drive innovation and competitive advantage, a company will then need to modernise its existing applications to run on the chosen cloud architecture. This is where a steady migration of application functions to a microservices-based architecture is usually the best approach. By treating applications as modular combinations of different fine-grained, lightweight services that can be deployed independently on different platforms, firms give themselves the flexibility to fully leverage public, private or hybrid cloud.

All well and good, but then the next challenges raise their head: data security and data protection. GDPR enforces massive fines – 4% of a company’s global turnover – for data breaches. So the move to the cloud, and the software rewrites involved in the aforementioned application modernisation process, need to put trust issues front and centre. To do that, finance houses will need to identify the privacy, security and compliance risks their particular operation faces and come up with an operating security model that takes all threats into account.

Cloud architecture itself helps out here. Because thousands of virtual machines in a data centre can be instantly patched, there is no lag when security updates need applying, as there is with widely-distributed on-premise servers. As the hosting landscape has changed, so has security. Not only to keep abreast of the ever-changing threat, but also to cope with the geographically dispersed virtual deployment of many of today’s applications and the often mobile digital consumption of these services.

Despite the handful of hurdles, cloud first operations unchain finance firms from the constraints of the limited capacity of on-premise IT systems, fuelling new revenue generating applications that can be quickly rolled out and rapidly scaled to reach new markets, growing existing applications and responding to the changing needs of customers.

Leave a comment

Your email address will not be published. Required fields are marked *

*

Related content

WEBINAR

Recorded Webinar: An update on data standards and global identifiers

The importance of data standards and global identifiers continues to be emphasised by both capital markets participants and their regulators. But how much progress is actually being made in developing and implementing standards that will improve data quality for better business decisions, provide regulators with a clearer view of systemic risk, and ensure more stable...

BLOG

FINOS Releases Version 1.0 of the Financial Desktop Connectivity and Collaboration Consortium Standard

The Fintech Open Source Foundation (FINOS), a non-profit organisation promoting open innovation in financial services, has released version 1.0 of the Financial Desktop Connectivity and Collaboration Consortium (FDC3) standard. Founded and contributed to by OpenFin, the initiative brings connectivity and standards to the financial industry’s desktop applications. Gabriele Columbro, executive director of FINOS, says: “The...

EVENT

Data Management Summit London

Now in its 8th year, the Data Management Summit (DMS) in London explores the shift to the new world where data is redefining the operating model and firms are seeking to unlock value via data transformation projects for enterprise gain and competitive edge.

GUIDE

Practical Applications of the Global LEI – Client On-Boarding and Beyond

The time for talking is over. The time for action is now. A bit melodramatic, perhaps, but given last month’s official launch of the global legal entity identifier (LEI) standard, practitioners are rolling up their sleeves and getting on with figuring out how to incorporate the new identifier into their customer and entity data infrastructures....