The Rising Adoption of Public Cloud by Banks and its Impact on Operations

By Nadee Wije @ BlackSwan Technologies

 

Cloud adoption in the banking industry has historically lagged behind other sectors due to the sheer volume of sensitive data and money that banks hold — which gives them good reason to be risk-averse — but attitudes are shifting. In fact, a recent report by Deloitte showed a tremendous acceleration in public cloud adoption by global financial services firms over the past 12 to 18 months. 

Just last year, Capital One became the first major bank to completely transition to an all-cloud IT environment, shuttering its physical data centres and moving all of its operations into an Amazon Web Services public cloud. While smaller financial firms have deployed core banking solutions and other mission-critical systems in the public cloud, they are not alone; nineteen of the top 20 US banks have announced plans for public cloud adoption.

Regulators are also acknowledging the potential of public cloud to improve the resilience of the financial services sector. Some, such as the Financial Conduct Authority (FCA), have even migrated their operations to the public cloud.

The reality is that hybrid cloud will remain the top choice for firms — nevertheless, there has been a significant rise in public cloud adoption. So, how will this trend impact firms’ efforts to remain secure, compliant, and competitive in their mission-critical operations?

 

How Public Cloud Is Impacting Financial Services

Despite strict regulations, the acceleration of digital banking due to the COVID-19 pandemic prompted many banks to rethink their infrastructure strategy as seen in IDC’s 2020 Worldwide Industry CloudPath Survey, recognising that the benefits of public cloud may far outweigh the risks — even for mission-critical systems. While significantly reducing operational costs through economies of scale, the public cloud has enabled banks to rapidly adapt to the evolving market conditions. 

In light of this trend, cloud vendors have taken stringent measures to ensure compliance with the rigorous regulatory and security standards that banks face. Regulators have also refined their guidance around data security and privacy to assist vendors with building compliant cloud technologies, enabling financial institutions to manage risks without stifling innovation and competition. This, combined with its scalability and availability, make public cloud viable for mission-critical applications as well. 

While private cloud deployment of mission-critical applications is presumed to be more reliable, secure, and controllable, it is not without its issues. In addition to the ongoing costs for maintenance, private cloud applications pose a risk of capacity shortage. With limited capacity, private cloud lacks the on-demand scalability required to handle sudden surges in mission-critical data and workloads. 

Public cloud, on the other hand, provides firms with infinite scalability to accommodate sudden surges in mission-critical data and workloads, reducing the likelihood of availability issues and outages. And according to McKinsey, the banking industry has become more comfortable with the level of security and resilience that public cloud provides, while also benefiting from far greater economies of scale, the ability to upgrade and launch new products quickly, and better functionality compared to private cloud. 

This all makes the public cloud ideal for banks when partnering with fintech firms and other vendors, particularly when deploying data and resource-intensive applications with advanced technological capabilities such as data analytics. To demonstrate this, let’s consider a sample use case:

 

A Sample Use Case for Public Cloud: Real-time Transaction Monitoring

Many banks have successfully utilised the public cloud for advanced technological applications. In one example, a global bank struggling to meet all regulatory requirements with its transaction monitoring system was challenged with integrating and processing data from multiple systems, including internal and external sources, to more accurately identify suspicious transactions and trigger alerts. However, its legacy system hindered its ability to detect money laundering behaviours in real-time. In addition to rising costs, the increasing demand on its data systems was outpacing the system’s capabilities. 

By implementing a public cloud-based transaction monitoring solution, the bank was able to process large amounts of data from a multitude of sources using advanced analytics in order to calculate the risks associated with payments and identify suspicious transactions in real-time. With a more scalable infrastructure, the system was able to handle occasional surges in transaction data volume. And while increasing the computing performance, the total cost of ownership was lowered by moving to OpEx. Public cloud also enabled the bank to meet regulatory requirements more easily. This all gave the bank an edge over its competitors.

 

Adopting Public Cloud for the Latest Technological Capabilities

To acquire the latest technological capabilities, banks typically contract with a SaaS (Software as a Service) or PaaS (Platform as a Service) vendor, which often results in committing to the public cloud. By adopting cloud vendor-agnostic solutions, banks can run their operations with any public cloud provider with minimal disruptions. This makes it easier for banks to scale their cloud services while taking advantage of various features and price structures.

While public cloud improves the resilience of mission-critical applications, financial firms ultimately need to weigh the pros and cons to determine their ideal infrastructure strategy, combining private and public cloud resources. Nevertheless, adopting public cloud means that firms need to follow the guidance published by regulators, such as the Federal Financial Institutions Examination Council (FFIEC) and the FCA, to evaluate vendors while considering various aspects such as risk management and continuity planning.

 

 

For similar content and next part of this blog, follow us on Twitter and LinkedIn