Joanna Ricketts, Head of Platform, Efficient Frontiers International
As the world begins to settle into its post-global pandemic chapter, a new technology landscape has emerged. The tech-celeration of 2020 and 2021 has enabled digital journeys that had long been a distant dream on business’ roadmaps. However, this lurch towards digital adoption has come with a significant challenge – cyber criminals are rubbing their hands in glee. It’s no secret that banks spend significant chunks of budget on protecting the integrity and safety of their client data and those financial institutions that are some way along their cloud transformation journey will be recognising that they have a significant advantage when it comes to remaining one step ahead of the opportunistic Covid criminals.
Let’s think about a bank’s traditional data centre, rows and rows of servers in a 24/7 air-conditioned building with bandwidth determined by the CFO’s commitment to hardware spend. On the flip side of the coin, a challenger bank may have almost limitless processing power due to the capacity it buys from cloud service providers. Only one of these organisations has the bandwidth to operate sophisticated machine learning software that runs on a huge scale across the customers’ transaction activities identifying, at a rapid pace, anomalies in any given account or customer spending profile. And it’s not the one whose data processing capacity is dependent on the number of servers it owns.
There is really no doubt about the opportunities afforded to banks and other financial institutions in utilising cloud technology – rapid development and deployment of new tools, scalability, enormous processing power to support spikes in customer activity, cost-reduction – there are many more. However, the biggest challenge facing the decision makers who remain, on the whole, on a relatively slow journey to cloud adoption, is how to mitigate the undeniable associated risks.
Regulation and security
Whilst that limitless bandwidth affords an institution the luxury of sophisticated, leading-edge technologies to identify criminal activity across its customer accounts it also comes with a valid cyber security challenge of its own. The risk of cyber-attack remains a concern for banking executives and regulators alike and the skill set and expertise of technology staff is key to mitigating this risk. Deep in-house knowledge of managing cloud services is critical to support:
- fundamental cloud migration programmes;
- ongoing KSOR (Keep the Show On the Road) activities in a rapidly evolving environment; and importantly
- close work with regulators to help enhance their understanding of cloud technologies and ensure continued alignment between the industry and its governing bodies.
Legacy systems and data challenges
Complex legacy infrastructure and disparate, disconnected data sources are common-place in financial institutions that have been around for any length of time. There are continuous programmes to refine and replace these legacy systems. It’s no surprise that this modernisation requirement is considered one of the biggest challenges to overcome and presents reputational and operational risks to institutions.
There’s considerable effort required to move data into a cloud data repository and itis imperative that the appropriate level of knowledge is available to ensure the review and restructure of the data before the move to enable a successful migration. Equally important is to understand the value of the organisation’s data, so that the benefits of combining data and enabling activities such as big data processing and real-time analytics can be articulated.
Additionally, some of the operational risk associated with attempting to pick up and drop legacy systems from on premise to cloud provides an excellent opportunity for review and improvement – if the commitment to investing time and not simply taking the lowest cost route, is supported. Cloud architecture can offer a wealth of efficient re-use and ‘multi-purpose’ functionality options. Investing in an appropriately deep piece of analysis, identifying the shift in functionality and feature requirements since the application was developed and considering a modularised approach supporting the full utilisation of each component not only mitigates the ‘legacy system in a new environment’ risk but extends the lifespan of the product.
Cost and skills
Yet another biproduct of the pandemic is the unprecedented demand for technical skills – it’s quite simply through the roof! For banks and financial institutions, the practical experience and in-depth knowledge of their workforce is critical to successful delivery of cloud migration programmes. Firms need to be fully prepared to negotiate with candidates to ensure they are recruiting the very best available in the industry. The cost of recruiting best in industry staff is not the only cost institutions will face on their cloud journey. Whilst the long-term return on increased efficiency and reduced data costs is unquestionable, the upfront costs required to re-architect, upskill end users and support staff and fully understand the scope of the cloud’s capabilities as well as implementing them in the right way for the organisation cannot be ignored.
As we come towards the end of Quarter 1, organisations will be well into their delivery plans for 2022 and no doubt cloud migration activities will feature on those plans. There is undoubtedly a fine balance between committing the right amount of time and budget and opening doors to accessing new solutions, software and services to enable digital transformation. Organisations that get the balance right can go from strength to strength!
EFI’s top 3 tips for institutions migrating to the cloud
- Invest in skilled resource who can demonstrate a full understanding of cloud service provider capabilities and have experience implementing them.
- Get to know your data! Understand the gaps and weaknesses, work to remediate them before you migrate.
- Commit to the journey. This is not a programme of work that can be delivered off the side of someone’s desk and requires absolute buy-in across the organisation.
