Financial institutions that are agile and quick in how they respond to fast-changing customer expectations will ultimately beat their competitors. Last month the EBA – European Banking Authority published a Report on the Prudential Risks and Opportunities Arising for Institutions from Fintech. It provides an analysis of the risks and opportunities relating to the adoption of new innovative technologies. There are seven Fintech use cases. One of these is focused on outsourcing core banking and payment systems to the public, hybrid and private cloud.
The report looks at how cloud computing is being leveraged by financial institutions to deliver innovative financial products and services. There is increasing interest from institutions in working with cloud service providers. That interest began with migrating non-core applications to the cloud. It is now about how to migrate core mission critical systems to the cloud. Additionally, the report talks about how flexibility, scalability and agility are seen as the main benefits of public cloud. The standardisation of cloud services allows those services to automate and scale up to support a large number of customers.
The underlying concern, of course, is that in such a security‑intensive and highly‑regulated industry, no one size ‘cloud’ fits all. This means that cloud providers standardising on very high service standards is not enough. Those who also provide specialised service offerings and keep themselves open to individual use cases and customers’ requirements – e.g., for mission critical workloads ‑ clearly have an edge. This is precisely what Virtustream was built for. It uses a very high level of automation to reduce human intervention in the most complex IT operation processes. This delivers increasing efficiency and lowers risk exposure.
The EPA report goes on to outline two main criterion that need to be met to ensure financial institutions are making the move to cloud correctly. These include “choosing the right cloud service partner (CSP) on its journey”and “ensuring the internal organisation can meet the needs for this transformation alongside its CSP partner”.
Choosing the right CSP
Financial institutions must carefully select the CSP that is right and suitable for their needs. This will depend on several criteria:
- The project in question: What is the goal of the project? Who is it aimed at – private customer, commercial customers or internal staff? Small projects are easier to implement and show benefits rather than large complex projects.
- The institution’s overall strategy: Is this part of a wider plan to reduce cost and improve performance? Will it integrate with other projects?
- Regulatory requirements that the organisation must meet: The CSP must also demonstrate an understanding of compliance and have relevant standards certifications.
This is where the CSP must have the deepest and broadest expertise on what it takes to migrate complex mission critical systems to the cloud. Virtustream has undertaken thousands of such migrations. This includes the creation of an L3 extension of users’ private data centres into cloud nodes. Customers have also integrated their existing system monitoring and management tools via a broad set of APIs.
A robust methodology and operating model essential
It is really important that the CSP also has a robust methodology and operating model. At Virtustream we deliver advisory services to customers. We also take a greatly optimised approach to cloud onboarding, migration and operation that includes:
- Assessment – Identifying all workloads across the application landscape, in order to analyse system configurations and interdependencies with an estimate of initial cost benefits.
- Onboarding – Project planning and management, documentation of all applications and workloads, determination of the move sequences and thorough testing in order to identify any risks and issues, in order to finalise a full cutover plan.
- Migration – The actual migration of production systems, technical checks for data consistency, conversion to production operations. GoLive™ migration checks, handover and transition to steady-state.
- Managed Services – A range of flexible choices which include infrastructure managed services and application managed services. We also have expertise in a wide variety of databases, these include physical‑to‑virtual and virtual‑to‑virtual migrations, and database management.
The role of IT teams
The EBA report outlines how the role of IT staff in financial institutions can undergo a significant transformation with increased cloud outsourcing services. Roles convert into support and consultation for cloud service selection, engagement and management. This is where the adoption of an enterprise‑class cloud provider with managed public cloud services that deliver private cloud attributes is really important. This strategically enables a new operating model for IT; one that is based on business outcomes and has close alignment between IT and the business.
An operating model that delivers the ability to quickly implement new ideas enables an organisation to tap into new revenue streams and acquire new customers. This model lowers complexity and – with that ‑ actively improves the risk posture.
Adopting a cloud operating model across all areas of the business is probably the most difficult part of the transformation. It means the CSP should work more closely with the business. This means adopting an IT operating model that is services and software product-oriented, not technology or project-oriented.
Looking to the sky
Cloud services have become more integral to the whole organisation. CSPs are going to quickly become part of the financial/banking infrastructure. However, the risks involved in outsourcing data to the cloud carry wider potential consequences for any financial institution. It is important that regulatory bodies such as the EBA respond to changes in the use of cloud. They should continue to place strict compliance requirements on financial institutions and their partners.
To their credit, many CSPs have started to accept this as part of their ‘joint responsibility’ when they engage with a financial institution. As cloud adoption continues to grow, financial institutions will need to carefully plan for and monitor their compliance. CSPs must look to provide an adaptable framework – one that is agile and able to flex to meet the ever-evolving needs of the finance industry. If you are interested in reading the full report, you can download it here: Report on the Prudential Risks and Opportunities Arising for Institutions from Fintech
Virtustream, a Dell Technologies business, is the enterprise-class cloud company that is trusted by organisations worldwide to migrate and run their mission-critical applications in the cloud. For enterprises, service providers and government agencies, Virtustream’s xStream® Management Platform and Infrastructure-as-a-Service (IaaS) meets the security, compliance, performance, efficiency and consumption-based billing requirements of complex production applications in the cloud – whether private, public or hybrid.