Editorial & Advertiser disclosure

Global Banking & Finance Review® is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

Home > Technology > Only 6% of firms in financial services know when their IT will reach end-of-life

Only 6% of firms in financial services know when their IT will reach end-of-life

Published by Gbaf News

Posted on September 26, 2018

3 min read

Last updated: January 21, 2026

Only 6% of firms in financial services know when their IT will reach end-of-life

Organisations face security bombshell as systems fall out of service

Majority (79%) turn to the cloud to modernise

UK financial services companies are facing a security bombshell over outdated services and applications, with only 6 per cent knowing when all their infrastructure components will reach their end-of-life date.

Cloud services provider KCOM surveyed 200 IT decision-makers in financial services, and found the average firm has 434 server-based applications either partly or fully unsupported and over 400 applications that are out of support, or which have end-of-life components.

When technology reaches the end of its life it is no longer supported by its manufacturer, and owners can no longer benefit from patches, operating system updates, or on-site visits to repair hardware. This presents serious security and compliance vulnerabilities, putting the business at risk of cyber attacks and regulatory fines – not to mention significant delays when introducing new services for customers.

The research found that only 6 per cent of financial services providers know the end-of-life dates of all their server-based platforms, while for companies with less than 500 staff the figure was just 2 per cent. Meanwhile, only 22 per cent of companies knew the end-of-life dates for the majority of their applications.

However, financial services organisations are making major investments to modernise their IT infrastructure with 79% either “definitely” or “probably” using the cloud or cloud-based services to replace on-premises end-of-life products. This includes the introduction of new value-add products and customer-centric services to ensure they stay relevant in a rapidly-changing market. To date, only 33 per cent of financial services businesses have migrated half or more of their applications to the cloud, while the rest remains running on legacy infrastructure.

KCOM’s research lays bare the effects of legacy infrastructure. An overwhelming majority of respondents (92 per cent) admitted that maintaining server infrastructure was a challenge, with 47 per cent reporting this to be ‘very challenging’. Nine in ten also said that processing bottlenecks were a major capacity challenge, 84 per cent identified insufficient test environments, and 83 per cent insufficient back-up storage.

‘Many financial services firms do not have a clear and comprehensive view of which components in their IT infrastructure need urgent attention, or where their security issues reside,” said Richard Latham, Principal Consultant at KCOM. “A poorly-planned and executed cloud migration may simply achieve the continuation of a flawed system. Migrating to the cloud presents a major opportunity for eliminating end-of-life issues and fixing the associated vulnerabilities – but only if it is managed in a holistic, carefully-planned manner.’

In light of the security concerns that come from end-of-life components, the research also asked IT directors how often they conducted a risk audit, vulnerability scan or penetration test across their server landscape. 14% of financial companies had not completed any kind of audit in the last year, and only 51% had completed the Bank of England stress test, 60% had conducted a PCI audit, 58% hold an ISO 27001 certification and 62% felt they were compliant with FCA guidelines.