Banking and FinanceIssue 01 - 2024MAGAZINE
GBO_ Banking on Cloud

Banking on Cloud: A Deep Dive

Some of the common challenges that banks may face are customised solutions and total control over data and resources

Banks are increasingly using cloud technology to modernise their outdated IT systems and gain a competitive advantage over customers, according to a recent study commissioned by Google.

However, depending on cloud providers for essential services like finance carries a certain amount of risk. An astounding 83% of respondents to the study, which polled over 1,300 global leaders in the financial services sector, stated that their organisations were integrating cloud technology into their main computer infrastructures.

On the other hand, only 17% of businesses still primarily rely on on-premises services. Of those, respondents stated that they intend to move 40% of their workloads, on average, to the public cloud for the upcoming year. One important technology to help the banking sector prepare for the future is cloud computing. The ability to deploy infrastructure designed specifically to better protect workloads from failure is available to large-scale cloud providers like Microsoft Azure and AWS, resulting in improved operational resiliency.

In addition, the development of new goods and services, enhanced data security, and improved interoperability of legacy software infrastructure are all considered to be facilitated by the cloud. Adopting the pre-made services provided by hyperscalers could cut costs associated with technology infrastructure by as much as 50%, according to a recent analysis by the Bank of England. However, the main argument put forth by decision-makers in favour of cloud migration is that technology enables businesses to adjust to shifting consumer demands. The rise of disruptive fintech start-ups, which originated in the cloud and are now competing with established financial institutions by providing creative and adaptable customer offerings, can be connected to this.

Nearly three-quarters of financial sector executives believe that fintech will most likely disrupt consumer banking, according to PwC.

“There are almost two tiers of banks. You have traditional banks sitting on legacy technology and then the likes of Revolut and all these other banks that are starting up, that are born in the cloud and born to be digital,” Leighton James, the CTO of UKCloud, which provides multi-cloud services to public sector organisations in the UK said, ZDNet reported.

James stated that traditional financial institutions must undergo a digital transformation because they are up against more and more competition from newer players. The latest report from Google validates the trend. Even though the great majority of financial institutions have embraced cloud computing in one way or another, the study discovered that some of their primary operations are still carried out on-site. According to Google, these tasks “can and will” be moved to the cloud.

In a blog post, Zac Maufe, managing director at Google Cloud Financial Services, said, “Financial services firms should continue to maximise the potential of technology by migrating more core workloads to the cloud.”

Senior Bank of England executives appeared to support this forecast during a recent press conference. The Bank of England stated that financial institutions are increasingly moving processes that are more essential to the day-to-day operations of banks into the cloud, whereas until recently, cloud services were primarily used to run applications at the periphery of banking operations, such as HR systems.

This inevitably comes with some risks. Currently, fewer than a few very large tech companies dominate the cloud market, with the top five providers holding 80% of the market share. Microsoft Azure accounts for almost 20% of the market, with Amazon’s AWS holding 41% on its own.

There are drawbacks and advantages to outsourcing important financial services to a limited group of outside parties in terms of security. Hyperscalers can incorporate resilience into their infrastructure more effectively because they have multiple redundancy levels, but failure is always a possibility. If all banks depend on the same suppliers, this could put the system as a whole in jeopardy.

Imagine a situation where the biggest banks in the UK are all using one cloud and there is a problem, said James, “That’s a big part of our critical national infrastructure going down.”

Additionally, there’s a chance that cloud providers will start setting their terms at the expense of the stability of the financial system, just like in any concentrated market. One way they might refuse to be transparent would be to withhold their technologies from outside inspection, in this case, it would be hard to determine whether or not the providers have included enough resilience to support banking operations.

Modernisation is therefore essential, but it must be done so carefully and according to a solid plan. According to James, implementing multi-cloud configurations in the financial industry is the best course of action for distributing the risk among several providers.

Only 17% of the financial institutions Google surveyed have made multi-cloud their preferred architecture, and 28% still use a single cloud. As per the company’s statement, additional regulatory efforts are necessary to encourage financial organisations to adopt cloud computing responsibly and strongly.

“Consumers’ demand for very quick transformation is becoming overwhelming, and financial services organisations will take shortcuts to deliver on customer expectations as soon as possible. But they need to make sure it’s done right the first time,” James said.

For instance, the European Union is launching new programmes to increase cloud technology resilience. With the ultimate goal of reducing dependency on US- and China-based hyperscalers, the bloc is presently implementing the GAIA-X project, a cloud marketplace that cloud providers can join if they adhere to certain values, including data sovereignty, data availability, interoperability, transparency, and fair participation.

A cloud to call your own

A 2022 report from Bessemer Ventures claims that the use of virtual private clouds has significantly increased.

According to the report, “Packaging and deploying SaaS products inside a customer’s virtual private cloud (VPC) is becoming easier.” This is partly because Kubernetes, the cloud’s operating system, has become more standardised. Because of this, it’s now simpler for SaaS providers to cater to a larger clientele that might prefer to retain some sensitive data or apps in a virtual private cloud (VPC). This is the method that many of our customers who use the Enterprise edition of Stack Overflow for Teams choose.

Experts say, firms develop and maintain the platform for knowledge exchange and teamwork, but it’s set up in a private or on-premises setting, and the discussions regarding the proprietary code that clients talk about remain confidential on-premises.

Tom Limoncelli, a technical product manager, has strong opinions on this trend. Here’s what’s happening, he said, “Running your datacentre encourages bad practises due to lack of governance and other reasons. The cloud forces/encourages better practises, such as strict governance, infrastructure as code, and fully automated CD/CD pipelines. People are building on-prem clouds, which emulate those best practises because they got a taste of the cloud. Another way to say that is, people aren’t returning to the datacentre; they’re returning to on-prem clouds because datacentres can be frustrating.”

Bridge between public and private clouds

A second new technology trend that combines on-premise data with cloud adoption is mentioned in the Bessemer report. Data can now more easily access the power of the cloud, no matter where it is, thanks to emerging middleware platforms. The emergence of contemporary fintech infrastructure has facilitated the establishment of connections between legacy banking systems and the cloud, as evidenced by the financial services industry. To extend the cloud’s power to on-premise data sources, comparable bridges are being constructed in other sizable industries, such as supply chain, logistics, and healthcare.

Determining the precise meaning of “middleware” is crucial in this context. The term “buffer” originally referred to code that sat between the application logic at the top of the pyramid and the assembler/compiler at the base, as noted by Red Hat, during a 1968 NATO conference on software engineering. Middleware is the term for an advanced form of this concept in the context of hybrid clouds.

“Mega clouds that provide infrastructure as a service (IaaS)-enabled middleware capabilities via APIs, which have become the new DLLs. So, for example, message queues, storage and security policies are open for developers to consume in applications running on the IaaS (Infrastructure-as-a-Service),” Asanka Abeysiinghe, Chief Tech Evangelist at WSO2 explains in a blog.

“Kubernetes addresses the issue of cloud lock-in by bringing an open standard to the cloud-native world, and it enables basic middleware capabilities as components. In addition, the Cloud Native Computing Foundation (CNCF) brings a rich set of Kubernetes-centric middleware, and you can find them in the CNCF technology landscape. However, if the middleware capabilities provided by Kubernetes and the CNCF are not enough for your application development, you can add custom resources by defining them in a custom resource definition (CRD) because Kubernetes is built using open standards,” he added.

Challenges banks may face using cloud computing

Some of the common challenges that banks may face are customised solutions and total control over data and resources. For banks, customised solutions are common. Internal systems provide the flexibility to modify technology stacks to satisfy these particular needs, something that is challenging to accomplish on the cloud. Also, by using an internal platform rather than relying on external servers, banks can have total control over their data and resources.

Data residency and sovereignty are challenges that banks face. Cloud providers with international data centres may find it difficult to store sensitive financial information and certain other kinds of data within the borders of their home countries due to legal requirements. Also, cloud providers may not always support the highly specialised regulatory requirements that the financial services sector has, such as those for specific data encryption standards or transaction handling protocols.

On the other hand, banks have unique security procedures that are primarily designed to meet their needs and comply with regulations. The process of adapting these protocols to a cloud environment is intricate and necessitates close coordination between the cloud provider and the bank. It can occasionally become a bottleneck. With in-house solutions, banks can lower their exposure to external vulnerabilities by implementing customised security measures and maintaining total control over their data.

Also, moving legacy systems to the cloud can be a challenging and complex process, particularly for banks that are used to on-premise data. However, with the help of in-house solutions, banks can seamlessly integrate these legacy systems, guaranteeing business continuity without interfering with migrations. Similarly, one of the most important steps in obtaining the most out of cloud computing is to optimise applications and workloads for the cloud. To fully utilise the cloud’s services, workloads must be rewritten, refactored, or re-architected to be cloud-native; otherwise, the cloud’s potential may go unrealised.

The specific needs of an organisation, the regulatory landscape, the level of risk tolerance, and readiness all play a role in the decision between on-premise and cloud solutions. While some banks might choose to go fully cloud or hybrid, others might stay on-premise. Financial institutions will prioritise data security, compliance, and business continuity regardless of the option they select. For most banks, on-premise solutions continue to be the best choice because data security concerns continue to be the main concern.

Banks prefer staying on-premise

By combining various data sources, experts can build cohesive data platforms that facilitate analytics, artificial intelligence, and machine learning—all of which are necessary for banks to make data-driven decisions. Banks can obtain a comprehensive picture of their clientele by merging their data sources. This helps lower risk, find new business prospects, and enhance customer support.

Banks can also modernise outdated technology. They need to stay ahead of the curve and make sure their systems are dependable and safe. Banks that modernise their technology can benefit from the newest features and capabilities, like self-service reporting and Analytics.

Banks can also develop and integrate frameworks to support on-premise cloud computing (AWS, Azure, Snowflake). As banks consider implementing hybrid cloud solutions, this is becoming more and more crucial. Without transferring all of their data and apps to the cloud, banks can benefit from the flexibility and scalability of cloud computing by developing or integrating a framework to support on-premise cloud technology. Encouraging banks to create and execute data governance policies and procedures is crucial to preserving data security and compliance.

Related posts

Terrifying truth behind supercomputers

GBO Correspondent

Fraud analytics: What the banks need

GBO Correspondent

Growth dilemma of US energy sector

GBO Correspondent