By Jeff Axelrad, Worldwide Financial Services Compliance Lead at Amazon Web Services

COVID-19 has disrupted the normal course of business for financial consumers and institutions, each of whom bears a unique set of concerns and requirements they need to address. Financial consumers are focused on access to capital, where time is critical in determining the viability of businesses and continuing their ability to meet financial commitments. Financial institutions, including consumer and challenger banks, are focused on safety, security, resiliency, scalability, and the continued health of their operations. Financial regulators are focused on economic recovery, making capital accessible to those who need it, and ensuring the stability of national and global financial systems.

These heightened concerns and requirements translate into increased burdens on the financial system from a technology perspective. The pandemic is challenging legacy applications and infrastructure in their ability to support both the immediate shift to primarily digital engagement with consumers and the extraordinary volumes and volatility that are challenging global markets.

While using the cloud to innovate is one thing, is it feasible in a highly regulated industry such as financial services, and in the midst of a pandemic? The short and definitive answer is yes.

Confidence in the cloud

Financial institutions are working to enable secure and agile operations during a time of extensive operational challenges such as bank branch closures, spikes in call-center volume, extreme trading volatility, and shifts to large-scale remote-work environments.

AWS is working with financial institutions and government and regulatory agencies around the world to help tackle the challenges to the global economy that COVID-19 presents. From enabling remote work, maintaining the operational resilience of mission-critical applications, scaling global market systems to process exceptional volumes, we’re supporting our customers such as to keep the people and systems that run the global economy working.

For example, Barclays a 329-year-old bank, answering to five regulators worldwide, must constantly evolve to keep its customers satisfied while also keeping the bar high for the services it provides consumers. When COVID-19 began, Barclays rapidly and securely modernized its contact centers by moving its 25,000 agents to a work-at-home model in just six weeks using the cloud. Barclays is also looking to the cloud to help simplify its multi-channel customer engagement to serve 80% of inbound voice interactions by 2022 while also saving nearly 50% over time.

Tech-enabled Compliance
At AWS, we take security and privacy extremely seriously, and our customers always own their data, and maintain the ability to encrypt it, move it and delete it. We constantly monitor a fluid regulatory environment, working with regulators globally to monitor for upcoming rules and changes to guidelines that have the potential to impact our customers.

We also enable customers to meet their specific vertical security and compliance needs, and constantly look into other certifications that will define the future. AWS regularly achieves third-party validation for thousands of global compliance requirements that we continually monitor to our customers meet security and compliance standards.

Solarisbank AG, Europe’s leading Banking-as-a-Service platform, was the first bank in Germany to fully migrate to the cloud and included all of its core banking systems, digital products, and databases. The migration from the on-premise datacenter to the cloud took one year and was completed in November 2020. The move to the cloud enabled the company to lift technological and regulatory barriers for its business partners by offering financial services to third parties through its German banking licence and application programming interface (API) services. This in turn enabled them to remain compliant while enabling their partners to offer financial services products to consumers quickly and seamlessly. The cloud migration was a key part of Solarisbank’s strategy of building a product and tech platform that ensures the best possible conditions for scale and automation, in order to accommodate the growing customer bases of its partners.

Additionally, newer technologies such as continuous monitoring help institutions to appropriately manage the operational risks within their cloud environment and ensure they have sufficient processes and security measures in place to support encryption, authentication and reporting.

We expect to see more automation in security with infrastructure and application checks that can help enforce security and compliance controls continuously while reducing human configuration errors. These processes allow financial institutions to maintain the confidentiality and integrity that their customers demand, while maintaining timely and accurate reporting required by industry regulators.

Architecting for resilience
We encourage all financial institutions to create a toolkit that monitors their cloud environment from end to end, enabling them to identify and analyse risk events such as unencrypted data or an unsecured third-party service. With global regulations related to data privacy on the horizon, financial institutions must carefully consider how to manage data and security to ensure they are well positioned to remain compliant, while minimising risk and keeping an eye toward innovation.

The application programming interface-driven infrastructure of the cloud enables organisations to automate the development and operation of their application infrastructure. At AWS, we also take active measures to minimise the impact of potential events and maintain our security and resiliency through a variety of ways. For example, we build our cloud infrastructure in diverse geographic regions with multiple availability zones per region. This diffuses the potential for systemic risk in any industry or location.

The Road Ahead

While we work with our customers including Global Payments, HSBC, JP Morgan Chase, Itaú Unibanco, and Standard Chartered to focus on the tasks at hand, we also recognize that the lessons we learn from this extraordinary moment in history will shape the future of our industry. What lies ahead is an agile, powerful, and secure opportunity to use technology to invent and reinvent the way organisations are able to act, preempt disruption, and think about the future of the financial services industry.