The Financial Conduct Authority (FCA) is establishing an enforcement team to quash what it terms as ‘problem firms’ in the financial services industry – the organisations that are not fulfilling basic regulatory standards.
Meanwhile, industry authorities, such as the Prudential Regulation Authority (PRA), are concerned that reliance on the three cloud computing providers – AWS, Microsoft Azure and Google Cloud – means that any service outage or hack could seriously disrupt the financial services, institutions and banking systems that rely on them. As such, the PRA has revealed its intention to scrutinise the cloud computing giants.
The Financial Policy Committee (FPC), an official committee of the Bank of England, voiced similar concerns about the UK financial system last year. Its Financial Stability Report cited operational risks as a focal concern and considered the dilemma of how financial services organisations can comply with regulatory changes while meeting their need for cloud computing.
The benefits and challenges of cloud technology
Being reliant on a few major cloud services providers comes with a clear risk. In a worst-case scenario, any one of them being compromised could extend to the wider financial services market and legitimately wreak havoc on the global economy.
At the same time, when we consider the rapid digitisation that has taken place over the last three years, and the impact of Brexit accelerating ever-evolving UK legislation, it’s easy to comprehend why financial services organisations have turned to the benefits offered by cloud providers.
For today’s organisations and business leaders, financial stability is at the top of the agenda with the delivery of improved compliance a key strategic aspect. As such, we’re already seeing 32% of decision-makers using data analytics to better their organisation’s approach. This also means the analytics and data management strategies adopted by financial institutions become another key risk mitigation for consideration.
In response, organisations are using hybrid, multi-cloud platforms to manage the increasingly vast volume of data received every day. In doing so, the proactive approach is enabling them to meet compliance in the face of the complex and ever-changing rules set out by regulators.
When observing the relationship between an organisation’s performance and the maturity of its data strategy, it’s here that we discover hybrid data cloud to be the dominant model. While the report identifies this as a trend seen across industries, our conversations with customers and prospects show financial service firms are no exception.
Storing data in-house reduces data flexibility and raises operational costs. The attraction of a cloud-based approach – in addition to the cost savings – is that it provides data agility, especially for traditional banks wanting to compete with their neo counterparts.
For many financial services organisations, improving data analytics means changing the way banks store and manage data. Adopting a hybrid, multi-cloud platform allows businesses to manage data across different locations. By using on-premises or private cloud, financial services companies can react as regulations change and ensure business operations stay optimised.
Harnessing these benefits means striking a balance between the evident need by the financial services sector for the provision of the technology while mitigating the danger of cloud services being in the hands of the few.
A cloud security framework based on shared responsibility
To provide a cloud security framework, the adoption of a shared responsibility model prescribes accountability by decreeing the security obligations of a cloud computing provider and its users.
The framework determines the financial institutions as in charge of the storing and processing of data, while cloud service providers (CSPs) are responsible for the security actions at the lower end of the infrastructure. Each financial organisation being accountable for its cloud system security and CSP compliance assessment means they are also responsible for ensuring the security and governance of its cloud deployment. The regulators only support by defining the rules to help curtail risk.
Fortunately, innovations in comprehensive hybrid, multi-cloud architecture are tackling many of the dangers of cloud concentration voiced by financial institutions and regulators – thanks to the development of what Cloudera calls the hybrid data platform.
Cloud computing – the next level
It comes at a good time too as evidence suggests the financial services industry is heading towards a hybrid, multi-cloud framework.
According to a report by the Association for Financial Markets in Europe (AFME), almost two-thirds (63%) of financial organisations surveyed plan to adopt a multi-cloud framework, a hybrid model approach.
With the open-source software network continuing to experience year-on-year innovation, coupled with the widespread adoption of cloud computing, increasing data volumes, greater workloads, and cross-platform security demands – the outcome is the development of today’s big data platforms.
Optimised for a holistic approach, modern hybrid data architecture unleashes the full potential of an organisation’s data. Adopting a hybrid and multi-cloud environment means all platforms have the same management capabilities and full portability of data and applications.
As such, financial institutes and banks can simplify data management, strengthen compliance via security measures, and lower costs so they can leverage the cloud more effectively. It also means they can operate more efficiently and stay competitive in today’s hyper-competitive business climate.
The architecture delivers a unified interface for data governance, covering the whole hybrid landscape, while also reducing cloud-related operational and management risks relating to governance concerns and associated transparency. Integration across the tech stack is made plain and organisations can manage varying security and governance policies for all technology solutions deployed, cancelling out the vulnerabilities that often happen at boundaries.
The avoidance of cloud vendor lock-in – when a customer using a product or service cannot easily transition to a competitor’s product or service – means financial services and banks limit the risk of their operations being disrupted by a service breach, hack, or outage. There are other benefits too, such as eliminating data silos and helping to ensure the security and governance of all data across the ecosystem. And at the same time, organisations still get to take advantage of open-source innovation.
Equilibrium through collaboration
Solving concerns about cloud concentration without foregoing the benefits afforded by cloud technology innovation requires collaboration between regulatory bodies and organisations within the financial services industry. The advancement of hybrid data architecture is helping to bring that decorum to financial services organisations, ensuring they have the means to deliver an agile and proactive data strategy necessary for ongoing success in an industry that is always evolving.