A-Team Insight Blogs

Share article

By Andy Mather, European Financial Services Industry Specialist, Telstra.

The move to a ‘cloud first’ policy by financial firms is a tantalising idea. After all, which chief technology officer wouldn’t want to seriously reduce their company’s on-premise compute and storage costs, while at the same time boosting agility and ability to profit from new, innovative, scalable applications? It’s a no brainer, right?

Well, yes, but financial services firms setting their sights on the benefits of cloud first operations also need to be aware of a handful of key challenges. The reason? The heavily regulated space that capital markets now inhabit, with far-reaching legislation like MiFID II (for investor protection) and GDPR (for data protection) in force. This means cloud-based operations present technology, compliance and security challenges that need addressing if financial institutions are to safely reap their considerable advantages.

First among these challenges is for a firm to decide what exactly it should migrate to the cloud and what can remain on legacy systems. That will involve the company taking a careful inventory of its applications and data, helping it, for instance, avoid migration of legacy silos that might needlessly expose the business to compliance issues.

Deciding what kind of cloud architecture will best allow a firm the control and governance it needs over the data and applications is the next big issue. Will a public, private or hybrid cloud do the job, for instance? Each of these has its own distinct advantages. In a public cloud, all compute and server resources are provided over the internet by a third party – such as Amazon or Microsoft – and are suited to low-cost but highly scalable needs, like browser-based email, front office apps and storage.

As its name suggests, a private cloud provides dedicated hardware and software, either on premise or at a third-party data centre, and on a network that only the financial services firm itself has access to. This provides more flexible, customisable, scalable systems – and more secure ones, too. Hybrid clouds, often seen as the best option, allow players in capital markets even further application-specific customisation, by allowing a mix of public and private clouds. Hybrid also offers an easy, gradual transition to cloud ops.

To efficiently drive innovation and competitive advantage, a company will then need to modernise its existing applications to run on the chosen cloud architecture. This is where a steady migration of application functions to a microservices-based architecture is usually the best approach. By treating applications as modular combinations of different fine-grained, lightweight services that can be deployed independently on different platforms, firms give themselves the flexibility to fully leverage public, private or hybrid cloud.

All well and good, but then the next challenges raise their head: data security and data protection. GDPR enforces massive fines – 4% of a company’s global turnover – for data breaches. So the move to the cloud, and the software rewrites involved in the aforementioned application modernisation process, need to put trust issues front and centre. To do that, finance houses will need to identify the privacy, security and compliance risks their particular operation faces and come up with an operating security model that takes all threats into account.

Cloud architecture itself helps out here. Because thousands of virtual machines in a data centre can be instantly patched, there is no lag when security updates need applying, as there is with widely-distributed on-premise servers. As the hosting landscape has changed, so has security. Not only to keep abreast of the ever-changing threat, but also to cope with the geographically dispersed virtual deployment of many of today’s applications and the often mobile digital consumption of these services.

Despite the handful of hurdles, cloud first operations unchain finance firms from the constraints of the limited capacity of on-premise IT systems, fuelling new revenue generating applications that can be quickly rolled out and rapidly scaled to reach new markets, growing existing applications and responding to the changing needs of customers.

Leave a comment

Your email address will not be published. Required fields are marked *

*

Related content

WEBINAR

Recorded Webinar: Senior Managers and Certification Regime (SMCR) – challenge or opportunity?

Are you ready to meet the requirements of the Senior Managers and Certification Regime (SMCR) when it comes into force for all firms authorised by the Financial Conduct Authority (FCA) in December 2019? Have you allocated all your staff to one of the four categories available under SMCR? Has your firm prepared a ‘statement of...

BLOG

Managing Data to Deliver Quality, Meaningful Analytics and Business Benefits

Data quality is critical to meaningful data analytics, and data analytics are key to business strategy – but with increased volumes and complexity of data coming into organisations, how can they ensure data is of the required quality and analytics are adding value to the business? A panel at A-Team Group’s recent Data Management Summit...

EVENT

Breakfast Briefing: Meeting the Data Requirements of FRTB London

The Fundamental Review of the Trading Book (FRTB) Breakfast Briefing, will examine how the capital markets industry is approaching FRTB data management and will look at the implications for the ways that firms source, manage and store data for FRTB compliance.

GUIDE

Regulatory Data Handbook – Third Edition

Need to know all the essentials about the regulations impacting data management? Welcome to the third edition of our A-Team Regulatory Data Handbook which provides all the essentials about regulations impacting data management. A-Team’s series of Regulatory Data Handbooks are a great way to see at-a-glance: All the regulations that are impacting data management today...