Connect with us

Banking

Do banks like public clouds?

Do banks like public clouds?

Xavier Bellouard, Managing Director, ActiveViam

In the past, banks have not been eager to adopt public clouds, with security issues topping the list of potential risks to the biggest financial institutions in the world.

However, things are now moving forward, with the European Banking Authority issuing guidelines on how to outsource and supervise public cloud environments effectively.[1]

At ActiveViam, we wanted to know how interested banks now were in public clouds, commissioning a report titled “Are Banks Really Ready for Cloud?”.Within this report, we explore four key areas:

  • Budgets and the number of public cloud projects going on
  • The sticking points preventing public cloud migrations – what is the main obstacle?
  • Which use cases should be moved to public clouds
  • If jobs are at risk as a result of public clouds

In speaking to some of the world’s biggest banks and their consultants about these topics, we now know the state of play for public clouds in banks.

Here are some findings.

Public cloud budgets are on the rise

Xavier Bellouard

Xavier Bellouard

Banks are indeed ramping up their use of public clouds in 2018. Interestingly, budgets are increasing by up to 70% in the next two years to cope with the initial spin-up fees. Up until now, many banks have not catered for public cloud usage within IT budgets, meaning the demand is initially high for hardware rental, as certain public cloud projects get underway.

The pace at which public cloud projects are going on varies across the bigger and mid-size banks. Each bank is doing something different. On the whole, respondents believe IT budgets for public cloud projects will rise by 6 to 10% in the next two years.

 GDPR and general compliance will cause a slowdown in public cloud migrations

The risks posed by data leaks and general compliance challenges, including complying with the General Data Protection Regulation (GDPR) are highlighted as the main things working against public cloud projects, with over half of interviewees stating compliance.

But the GDPR does offer some solace. If there is a data breach and unencrypted PII should leak under the GDPR, local data protection regulators need to determine where the fault lies: at the bank, the vendor, or the vendor’s subcontractors. With the GDPR coming into force, there is just as much penalty emphasis on the vendor (the “data processor”), as there is on the “data controller” (the bank). This has not been the case previously: the bank would be fully liable. Because of this change to how data privacy regulations work in Europe, there are now equal incentives for banks and their cloud providers to prevent data breaches.

All of this makes using public clouds more appealing.

Risk use cases are a popular public cloud guinea pig

Recently, the European Banking Authority (EBA) released Recommendations to banks for supervising outsourced cloud projects, including guidance on data processing and auditing.[2] The one issue banks are still struggling to determine, despite the guidelines, is which use cases are suitable for public cloud. In our survey, 64% of respondents believe we will see more risk-related use cases migrated to public cloud from the banks, such as Market Risk and Counterparty Risk.

Conversely, 40% respondents believe there is no use case just suitable for private clouds, which opens up more opportunities for use cases involving Personally Identifiable Information (PII) and sensitive company information.

 Public clouds do not mean job losses, just a skill adjustment

If more public clouds projects are in play, banks need less people in the traditional installer roles. These individuals are likely to be swallowed up by the cloud vendors to help manage the big customer accounts if they don’t adapt their skills to the changing climate. Instead, banks need more coders, information security specialists, and individuals with service management backgrounds.

Over the next few years, you will see more ‘baby steps’ while banks get to grips with their compliance challenges. In the interim,there will be more use cases in public clouds that do not involve certain data types. These use cases will be prioritised as the perfect ‘guinea pigs’ in the next two years, until banks are ready to embrace public clouds fully.

[1]https://www.eba.europa.eu/documents/10180/1712868/Final+draft+Recommendations+on+Cloud+Outsourcing+%28EBA-Rec-2017-03%29.pdf

[2]https://www.eba.europa.eu/documents/10180/1712868/Final+draft+Recommendations+on+Cloud+Outsourcing+%28EBA-Rec-2017-03%29.pdf

Editorial & Advertiser disclosure
Our website provides you with information, news, press releases, Opinion and advertorials on various financial products and services. This is not to be considered as financial advice and should be considered only for information purposes. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third party websites, affiliate sales networks, and may link to our advertising partners websites. Though we are tied up with various advertising and affiliate networks, this does not affect our analysis or opinion. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you, or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish sponsored articles or links, you may consider all articles or links hosted on our site as a partner endorsed link.
Global Banking and Finance Review Awards Nominations 2021
2021 Awards now open. Click Here to Nominate

Recommended

Newsletters with Secrets & Analysis. Subscribe Now