Bradd Lewis, Managing Director & Global Lead, Financial Services Transformation, at EMC
Cloud computing is a topic which has been at the heart of IT discussions in recent years across the market. Industries of all shapes and sizes have made strides into using public cloud to benefit from greater access from different devices, lower costs and improved collaboration. Yet in financial services (FS), the challenges presented by using public cloud services are still a major barrier to benefiting from its promise. In fact, at a recent meeting with IT leaders at UK and international banks, we discovered that the use of public cloud is being held back by a variety of reasons. So what’s happening and how can we work together to overcome these challenges?
The reality is that most organisations are already using public cloud services, either approved by IT or put in place by business units to support their own agendas or specific use cases.. However, to ensure effective operations and service delivery, IT departments should be positioned at the heart of these discussions, managing the intersections between business units and their technology needs, particularly around cloud implementations and the threats that these can pose when not introduced properly.
As we know, managing requests from the business is a challenge, and one which is getting increasingly complex. We’re seeing far more sophisticated access management scenarios and access to services, meaning the risk and compliance teams must increasingly be involved in the work of the IT team. What’s essential is that the IT team develops a reputation for working with these teams. This will help to create an environment where they are the go-to consultants for any implementation, particularly cloud. Educating the broader team as to the challenges and threats of implementing their own technologies also has a role.
From a risk perspective, the exponential growth and fourth party use of cloud can present a huge headache too. Whereas traditionally run in the supplier’s datacentre (such as HR or service management tools), when you examine them, you may often discover that they’re actually running on AWS or Azure. This means that you are a further step away from protecting your own data. From a risk and compliance perspective, this certainly isn’t a comfortable position for those in financial services, particularly given the increasingly high pressured regulatory environment.
Speaking of regulations, many of the IT leaders we spoke with commented on the challenge of regulation and how the industry hasn’t adapted quickly enough to develop the contracts and templates to support the new world. So despite the fact that the senior team may encourage innovation and cloud usage on the one hand, the regulatory environment can quickly stifle further discussions on the subject. What’s essential is that the IT team and regulators work together to ensure that the same precautions are in place, to support the cloud opportunity. When we consider the differences in regulation across countries, this can add further complications. In order to make progress, it’s the responsibility of banking organisations and regulators to come together to drive change in the market.
Further to this, there are additional challenges around people and budgets. Firstly, people can have a significant role in inhibiting innovation. Banking organisations must create teams made up of problem solvers, with the right frame of mind and stamina to drive progress. Not only this, but they must engage with wider business leaders and decision makers and be able to clearly articulate the opportunities from any cloud implementations. This discussion also falls to budgets too; the reality is that they are under scrutiny and the first priorities must always be that the bank runs smoothly. The tough conversations are around the need to spend money to ultimately save money in the long run. To deliver agreement on this in the business will take senior buy in and the strength to see the plan through, without wavering.
What we must remember at all times is that technology is a small, though essential, part of the chain. The real challenge is the chain of events, across vendor management, user access, financials, risk management etc. From the nuts and bolts up to senior discussions, it’s essential that the full team has a consistent objective and drive to achieve innovation. Before any implementation can be considered in detail, it’s essential to secure senior team buy in and put in place the processes to respond to requests from the business, whilst developing innovation through a well thought through cloud plan. It’s all about making it work, rather than finding reasons not to, and having the right team with the right mentality is the only way to deliver change. It has to happen, but teams just need to get organised. The good news is that, working in a highly regulated environment, you’re probably already more organised than you think!
To take the next step towards incorporating public cloud into the FS environment, organisations must look at how they can use public cloud services with private cloud attributes. To make significant progress this process must be developed closely with the compliance and legal teams.
In my next article, I’ll consider the steps which need to be kept in mind to get a cloud implementation off the ground in FS. In the meantime, I’d love to hear about your experiences and whether you have any advice for others in the market.