About a-team Marketing Services
The knowledge platform for the financial technology industry
The knowledge platform for the financial technology industry

A-Team Insight Blogs

Addressing the Challenges and Realising the Benefits of a ‘Cloud First’ Policy

Subscribe to our newsletter

By Andy Mather, European Financial Services Industry Specialist, Telstra.

The move to a ‘cloud first’ policy by financial firms is a tantalising idea. After all, which chief technology officer wouldn’t want to seriously reduce their company’s on-premise compute and storage costs, while at the same time boosting agility and ability to profit from new, innovative, scalable applications? It’s a no brainer, right?

Well, yes, but financial services firms setting their sights on the benefits of cloud first operations also need to be aware of a handful of key challenges. The reason? The heavily regulated space that capital markets now inhabit, with far-reaching legislation like MiFID II (for investor protection) and GDPR (for data protection) in force. This means cloud-based operations present technology, compliance and security challenges that need addressing if financial institutions are to safely reap their considerable advantages.

First among these challenges is for a firm to decide what exactly it should migrate to the cloud and what can remain on legacy systems. That will involve the company taking a careful inventory of its applications and data, helping it, for instance, avoid migration of legacy silos that might needlessly expose the business to compliance issues.

Deciding what kind of cloud architecture will best allow a firm the control and governance it needs over the data and applications is the next big issue. Will a public, private or hybrid cloud do the job, for instance? Each of these has its own distinct advantages. In a public cloud, all compute and server resources are provided over the internet by a third party – such as Amazon or Microsoft – and are suited to low-cost but highly scalable needs, like browser-based email, front office apps and storage.

As its name suggests, a private cloud provides dedicated hardware and software, either on premise or at a third-party data centre, and on a network that only the financial services firm itself has access to. This provides more flexible, customisable, scalable systems – and more secure ones, too. Hybrid clouds, often seen as the best option, allow players in capital markets even further application-specific customisation, by allowing a mix of public and private clouds. Hybrid also offers an easy, gradual transition to cloud ops.

To efficiently drive innovation and competitive advantage, a company will then need to modernise its existing applications to run on the chosen cloud architecture. This is where a steady migration of application functions to a microservices-based architecture is usually the best approach. By treating applications as modular combinations of different fine-grained, lightweight services that can be deployed independently on different platforms, firms give themselves the flexibility to fully leverage public, private or hybrid cloud.

All well and good, but then the next challenges raise their head: data security and data protection. GDPR enforces massive fines – 4% of a company’s global turnover – for data breaches. So the move to the cloud, and the software rewrites involved in the aforementioned application modernisation process, need to put trust issues front and centre. To do that, finance houses will need to identify the privacy, security and compliance risks their particular operation faces and come up with an operating security model that takes all threats into account.

Cloud architecture itself helps out here. Because thousands of virtual machines in a data centre can be instantly patched, there is no lag when security updates need applying, as there is with widely-distributed on-premise servers. As the hosting landscape has changed, so has security. Not only to keep abreast of the ever-changing threat, but also to cope with the geographically dispersed virtual deployment of many of today’s applications and the often mobile digital consumption of these services.

Despite the handful of hurdles, cloud first operations unchain finance firms from the constraints of the limited capacity of on-premise IT systems, fuelling new revenue generating applications that can be quickly rolled out and rapidly scaled to reach new markets, growing existing applications and responding to the changing needs of customers.

Subscribe to our newsletter

Related content

WEBINAR

Recorded Webinar: Best practices for eComms and multi-channel surveillance

Surveillance of multi-channel communications is a moving target as financial institutions continue to add conversational streams, in many cases mobile applications previously banned from the trading environment. With more eComms channels comes more data that must be managed, retained, and ready for regulatory compliance. For many firms, the changing shape of surveillance is a complex...

BLOG

Automation Adds Efficiency to Corporate Actions Processing, But is Not a Sole Solution

Corporate actions processing is challenging, raises prospects of financial and reputational risk, and can be extremely time consuming. Getting it right is key to financial institutions and their clients, so how can these challenges be overcome? Is automation the solution or are there also more nuanced approaches that will help firms achieve not only accurate...

EVENT

TradingTech Briefing New York

Our TradingTech Briefing in New York is aimed at senior-level decision makers in trading technology, electronic execution, trading architecture and offers a day packed with insight from practitioners and from innovative suppliers happy to share their experiences in dealing with the enterprise challenges facing our marketplace.

GUIDE

Regulatory Data Handbook 2023 – Eleventh Edition

Welcome to the eleventh edition of A-Team Group’s Regulatory Data Handbook, a popular publication that covers new regulations in capital markets, tracks regulatory change, and provides advice on the data, data management and implementation requirements of more than 30 regulations across UK, European, US and Asia-Pacific capital markets. This edition of the handbook includes new...