The leading knowledge platform for the financial technology industry
The leading knowledge platform for the financial technology industry

A-Team Insight Blogs

Is Cloud Computing an Answer to Risk and Reference Data Storage?

This week’s FS Club debate on cloud computing suggested that despite all the confusion around the exact definition of a cloud, what it does represent is potential for the future in terms of data storage. Nick Davies, chief technology officer for Lombard Risk Management, suggested that a private cloud could be used for purposes such as enterprise risk management and a public cloud could be used for reference data storage. Of course, not everyone agreed with Davies…

To begin with, panellists spent a fair amount of the evening discussing the vastly different definitions of cloud computing that are circulating in the industry and whether it really represents outsourcing in disguise. Chris Skinner, chairman of the FS Club and consultant, provided a brief overview of his recent research in the area, The Impact of Cloud Computing on Financial Services, which indicates that there are many different attitudes to cloud computing out there.

“Some view it as the next big thing in technology, some see it as a method of accessing hosted software via the internet and others think it’s merely software as a service by another name,” said Skinner. His report, which is based on interviews with 235 individuals across the financial services markets, highlights the rising interest in the area of cloud computing, especially within the capital markets. But what exactly can it be used for?

Panellists decided that the most appropriate definition of cloud was an on demand, scalable, hosted service that is managed by a provider and accessed via the internet. However, Skinner added that this did not necessarily mean that a cloud had to be provided by a third party and thus drew a distinction between a public cloud and a private cloud, which is hosted in-house rather than in the public domain.

Once these definitions were established, the panel then debated the varying areas in which a cloud solution could be put to use. Skinner and Davies both used reference data as an example of an area that would benefit from such a solution. Skinner indicated that his research highlighted both enterprise risk management and enterprise data management (EDM) as middle office areas in which respondents would consider using a cloud solution. “In terms of EDM, a firm could use a cloud as a method by which it could convert between internal and external file formats,” he explained.

Skinner’s idea for EDM was based on the premise of a private cloud but Davies instead suggested that a public cloud could be used to maintain industry reference data. “This would be a utility-based service that is appropriate to be tackled in this manner. It is commoditised and not competitively focused so firms could plug into the utility and leverage the same set of data,” he contended.

Davies used the ever-popular example of legal entity data tracking in relation to the Lehman Brothers collapse as an example of where this type of utility would make a difference. However, although this idea is great in theory (the European Central Bank (ECB) has certainly been keen on a utility), it is not feasible without some level of standardisation being reached first.

Fellow panellist Andrew Douglas, Swift’s head of industry initiatives, added his perspective: “Swift has been looking at this area for a long time and we are not alone, as the ECB’s proposals are also tied to this area. The one big problem is that this has been a problem for a long time; just look at the events surrounding Long Term Capital Management’s collapse in 1998. In order to introduce a utility, you would need a level of harmonisation of data formats that just isn’t out there in the market at the moment.”

Douglas suggested that as the ECB’s plans stand, they’d need an “intergalactic sized computer” in order to be able to deal with the current level of data disparity in order to achieve the goal of a utility. “There have been lots of good intentions in this space before but invariably they have all ended up on the ‘too hard’ pile,” he added.

Davies rebuffed this idea and talked about what he called the “power of the ecosystem” to be able to standardise this data. Although it wasn’t quite clear about how he thought this would work in practice, the idea was seemingly based on the notion of a Wikipedia style data repository that could be edited by each user. This is similar to the EDM Council’s approach to its semantics repository, which seems to work in that context.

However, the problem with this idea in relation to reference data is that this data is not actually static and in order to prevent data inaccuracies from being maintained, someone would need to take ownership of its upkeep. This again brings the issue into a political dimension and until this has been solved, no significant progress can be made.

Moreover, if even the idea of a private cloud approach to EDM is controversial due to concerns around data security, what hope would a public cloud have in gaining the industry’s trust?

Davies also suggested that anti-money laundering (AML) and KYC data could be shared in a public cloud, but again this would be subject to the resolution of serious industry concerns about security.

To illustrate these persistent concerns, Douglas referred to a recent Swift survey on cloud computing that indicated only 3% of its capital markets respondents were interested in investing in a cloud solution over the next two to five years. “There are significant concerns about control and a dependency on both the internet and other parties and the potential increase in risk due to issues around identity, confidentiality and availability of service,” he explained. “Cloud computing is relevant for the future but serious risk related weaknesses need to be addressed first.”

For now, there may be a lot of hype around cloud computing but it has a long way to go before the industry is ready for it to be used in an industry-wide risk or reference data context.

Related content

WEBINAR

Recorded Webinar: The post-Brexit UK sanctions regime – how to stay safe and compliant

When the Brexit transition period came to an end on 31 December 2020, a new sanctions regime was introduced in the UK under legislation set out in the Sanctions and Anti-Money Laundering Act 2018 (aka the Sanctions Act). The regime is fundamentally different to that of the EU, requiring financial institutions to rethink their response...

BLOG

How to Manage Dual Sanctions Compliance Post Brexit Addition of UK Regime to EU Regulation

Brexit created a number of regulatory compliance challenges for financial institutions in the UK, not least a change to sanctions regulation that is set out in the Sanctions and Anti-Money Laundering Act 2018, and is fundamentally different to EU sanctions regulation. If your organisation falls within scope of the new UK sanctions regime or both...

EVENT

Data Management Summit London

The Data Management Summit Virtual explores how financial institutions are shifting from defensive to offensive data management strategies, to improve operational efficiency and revenue enhancing opportunities. We’ll be putting the business lens on data and deep diving into the data management capabilities needed to deliver on business outcomes.

GUIDE

Entity Data Management Handbook – Seventh Edition

Sourcing entity data and ensuring efficient and effective entity data management is a challenge for many financial institutions as volumes of data rise, more regulations require entity data in reporting, and the fight again financial crime is escalated by bad actors using increasingly sophisticated techniques to attack processes and systems. That said, based on best...