Deploying new applications on the cloud is now the default. The question is not if applications should be built in the cloud or existing workloads should be migrated, but how fast can financial institutions (FIs) remove traditional IT constraints in the age of digitalisation.
In the race to innovate, FIs are already missing opportunities to capitalise on data-led decisions for trading, risk management, fraud surveillance, and even mergers and acquisitions. Here is where the cloud can play a significant role.
Big data capabilities enabled by the cloud have transformed decision-making from a guessing game into a science, unveiling a potential for front- and back-office functions to be more agile, powerful and secure – all of which help position FIs for long-term growth. For one of the most heavily regulated industries in the world, cloud computing eases compliance by meeting FI needs to process a massive, but fluctuating amounts of data to meet tight regulatory deadlines. Finextra spoke to John Kain, worldwide business and markets development for capital markets at Amazon Web Services (AWS), about how firms can engineer their infrastructure to address the complex mix of regulatory requirements and market conditions while keeping an eye on business growth.
Increased efficiencies and transparency
Kain highlights that risk management and regulatory reporting are variable workloads ideally suited for the cloud. A successful example is the Financial Industry Regulatory Authority’s (FINRA) platform, which adapts to changing market dynamics and provides analysts with tools to interactively query multi-petabyte data sets.
FINRA is dedicated to investor protection and market integrity, as it regulates a critical part of the securities industry: brokerage firms doing business with the public in the United States. FINRA relies on AWS to instantly react to ever-changing market conditions. During the week of May 28th, 2018, FINRA handled a record-setting 101.1 billion messages on its platform, over triple the average daily volumes of 2017. Not only was FINRA able to leverage operational benefits from the cloud, but it also dramatically reduced operating costs by only paying for the services used, resulting in over a 30% cost savings.
Spanish bank Bankinter similarly used cloud computing to run credit risk simulations in 20 minutes, cutting the time down dramatically from a staggering 23 hours, while DBS Bank forecasted an initial 70% reduction of grid infrastructure costs followed by a further reduction to 90% after migrating to an AWS installation of Murex’s risk management platform in 2018.
Because of these cloud-enabled successes, Kain believes “we will continue to see firms leverage the cloud to address their risk and reporting needs, since existing and evolving regulations require FIs to manage capital and risk with ever-greater transparency.”
Shared responsibility model
Where does the responsibility for security lie? While cloud solutions can handle the data and necessary scale that comes with volatile markets and a myriad of requirements, what happens if something goes wrong? Kain advises that a shared responsibility model advances cloud security: AWS manages and controls the components from the host operating system and virtualisation layer down to the physical security of the facilities in which the services operate, and AWS customers are responsible for building secure applications.
“First, AWS customers can build upon one of the most secure cloud computing environments today. Secondly, our customers can tailor the use of tools and services AWS offers to meet their own security requirements,” Kain says. Additionally, this gives AWS customers ownership and control over their content, and they determine where the content will be stored, how their content will be secured in transit or at rest, and tools to manage access to AWS services and resources.
This means that AWS customers retain control of the security and compliance programmes they choose to implement – no differently than they would for applications in an on-site data centre. Like security, compliance is a shared responsibility between AWS and its customers. AWS manages security of the cloud by ensuring that AWS infrastructure complies with global and regional regulatory requirements and best practices.
Kain explains: “AWS environments are continuously audited, and our infrastructure and services are approved to operate under several compliance standards and industry certifications across geographies. Customers can use these certifications to validate the implementation and effectiveness of AWS security controls as well as to build on traditional programmes for establishing and operating in a compliant manner.”
Pioneers are taking a cloud-first approach
Although moving personally identifiable information (PII) to the cloud is usually reserved for the end of a migration, the recent shift in Open Banking regulations has increased the number of born-in-the-cloud challenger banks entering the market and traditional banks launching digital spin-offs in the cloud. Kain shares: “Being 100% cloud- and mobile-based enables Starling Bank, operating out of the United Kingdom, to have a cost basis that is much lower than traditional financial institutions. Robeco Direct N.V., a Dutch bank, moved its entire retail banking platform to the cloud, reducing complexity and costs while improving agility by leveraging a cloud banking platform from Ohpen, a banking technology provider based in Amsterdam. Openbank, a subsidiary of Santander Group, runs on AWS to innovate quickly and more frequently on behalf of its 1.3 million customers in Spain.”
He adds that this trend can also be seen in the capital markets arena, where there has historically been more comfort with all-in cloud strategies. For instance, Robinhood, a U.S.-based broker dealer, is using AWS to offer its customers the ability to open a brokerage account in less than four minutes and $0 commission trades with an easy-to-use mobile trading app.
AI and ML drive innovation
“Beyond the development of new applications and the modernisation of existing systems, we see firms leveraging their data to create next-generation analytics solutions,” Kain states. Traditionally, FIs have found making effective use of artificial intelligence (AI) and machine learning (ML) models challenging, but today they are using the cloud to optimize existing processes and extract deeper value.
For instance, Amazon Macie uses ML to automatically discover, classify and protect sensitive data in AWS. It recognises sensitive data such as PII or intellectual property, giving customers visibility into how their data is being accessed or moved. “This June, we announced the general availability of AWS Security Hub, a single place that aggregates, organises and prioritises security alerts or findings from multiple AWS services and 3rd-party services,” Kain shares. “In addition, the AWS Partner Network (APN), which is our global community of partners, offers hundreds of tools and features to help customers meet their security objectives, ranging from network security and configuration management to access control and data encryption. Many of our APN Partners have achieved Financial Services Competency and/or Security Competency, which means they have deep industry expertise, solutions that align with AWS architectural best practices, and staff with AWS certifications.”
Risk management and regulatory reporting represent an important signal in how the financial services industry is transforming on cloud by proving that that even cost-of-doing-business functions can become competitive differentiators. Moving to the cloud eliminates traditional IT constraints so that FIs can innovate in a more agile, powerful, and secure environment.
Part of the AWS Cloud Series: providing visionary insight and practical guidance for financial institutions moving to the cloud.