Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on globalbankingandfinance.com is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies Sponsored Posts etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at globalbankingandfinance.com with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. Globalbankingandfinance.com also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites. Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. A very few articles on our website are sponsored posts or paid advertorials. These are marked as sponsored posts at the bottom of each post. For avoidance of any doubts and to make it easier for you to differentiate sponsored or non-sponsored articles or links, you may consider all articles on our site or all links to external websites as sponsored . Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.

Don’t panic, it’s on the mainframe: financial services and cloud computing

By Richard Whomes, director, Rocket Software

Regulators on both sides of the Atlantic are becoming increasingly wary of the extent to which banks rely on the cloud to manage customer data.

The Bank of England, for example, is reportedly considering a test on the resilience of banks this year, exploring what would happen if cloud access were interrupted. The United States Office of the Comptroller of the Currency is also analysing the relationships between banks and third-party vendors, including cloud providers.

These concerns are partly caused by the involvement of Microsoft, Amazon, Google and others, who often act as the providers of these cloud systems. The idea of third-party tech titans taking control of such sensitive data could seem a worrying prospect to financial service regulators, as things could feel as though they were slipping out of their control. However, they need not panic. In reality, there are many ways banks can incorporate cloud technology without ripping out their trusted and secure mainframe and midrange systems.

A hybrid model: APIs

Richard Whomes
Richard Whomes

Moving an entire database onto the cloud may not be the best option for financial institutions, but there are many ways in which they are already integrating cloud technology into their businesses. As Don Duet, former head of the technology division at Goldman Sachs has stated, banks are shifting towards having cloud platforms and mobile platforms for customers to access their accounts. This approach sets the stage for a hybrid model that blends the security and processing power of the mainframe with the potential accessibility of the cloud. With customers wanting to access banking services and solutions online, banks are increasingly using application programming interfaces (APIs), which form the bridge between the two and provide the services customers want.

APIs connect mobile devices to a mainframe depository via the cloud. This data is not actually stored in a cloud database but remains safely on the mainframe. APIs can be used to access the information remotely, modify it and perform financial transactions without the data ever leaving its silo. The process retains the security of the mainframe while enabling banks and financial service providers to give their customers access to online banking and other functions on their mobile devices.

A bridge over troubled waters

Using APIs to link cloud infrastructure with mainframe databases brings a number of advantages. Firstly, it avoids the creation of any copies since the information itself never leaves its storage space. This, in turn, makes it easier for financial institutions to comply with data protection laws and avoid the sting of the GDPR. It also helps to allay the concerns of regulators, keeping customer account information safely out of the hands of third parties. While it is true that much of the cloud infrastructure used by banks is provided by the likes of Amazon, Microsoft and Google, it would not be true to say that they are being entrusted with all data on their cloud servers.

No clouds forecast… yet

Financial regulators are right to monitor use of cloud technology in the banking industry and beyond. When much of this technology is provided by third-party companies and in an atmosphere of heightened cyber warfare internationally, it makes sense to be cautious about how new technology is implemented. However, with an increasing number of new online banking platforms such as Monzo coming onto the scene, banks need not avoid the world of cloud computing. APIs provide the perfect platform for banks to provide secure, modern banking for their customers. With these tools also leaving customer data safe in the hands of the mainframe, regulators can rest easy, too.