Another fabulous SIBOS session was all about clouds, and titled: cloud computing – dark clouds on the horizon?
That sounded ominous to start with, as does the description of the session:
Has this mega-trend met its match? Can cloud data really be private? Who actually owns it? What do governments have to say about ownership? And what if a cloud is broken into? Learn how to balance cloud benefits with privacy, sovereignty and security.
Hmmm … I am surprised at such a title and description as cloud computing has been around for years now. It’s not new and, for many banks, it is just a part of their core business. So why the questions? After all, it’s just another form of outsourcing isn’t it?
For this session, the speakers were:
- Mohamed (Moe) Abdula, Vice President, Cloud Foundations Strategy, IBM
- Hauke Stars, Member of the Executive Board, Deutsche Börse Group
- Steve Ellis, EVP and Head of Wholesale Services, Wells Fargo
with Shafqat Azim, Senior Managing Partner at Gartner, as moderator.
Again, the session used audience polling to spur the debate, and the first question asked of the audience was: What is the biggest hurdle to cloud adoption. Interestingly over half of the audience (53%) said it was related to security and liability for exposures whilst a quarter (24%) felt it was all to do with the challenges of compliance and regulation.
As the panel noted, it is not surprising that these are the top two, as these are the issues being debated generally. They are not specific to cloud. However, it was surprising that vendor management is not higher – only 9% of the audience voted for this one – as this is a key challenge in long-term relationships downstream.
Another question is whether these are real hurdles or perceived ones. For example, no bank is going to put everything in the cloud and vendor’s need to have realistic expectations. They need to be practical, and not bring big blue sky thinking (or, as we say, pie in the sky). Equally, they need to be proven offers and not bleeding edge. Too often vendors try to push innovative untested solutions upon the banks, and that’s not going to work. There is also a concern about vendor lockin, which banks want to avoid (with technology firms, not with their clients).
Banks also need to educate regulators more in how this works. Banks need to show the regulators how cloud can integrate into the bank’s back office services and how the governance works in a multitenant environment (CBA is a good case study on this). Without that dialogue, cloud will be a no go from a regulatory and compliance point of view.
The audience were then asked: How much of your business will be running in the clouds in five years’ time?
Most of the audience (56%) felt it would be less than 25%. A quarter (23%) thought up to half might be, and only a few thought more than half.
Gartner pointed out that most organisations they are talking with believe the majority of their infrastructure will run on cloud in the future, so this is surprising that banks do not believe this. But you have to bear in mind that most banks are heavily mainframe based in their back office, so that’s not moving to cloud. CRM, printing and stuff like that can move out to the cloud, but the core has to remain inside until banks offload the last COBOL program, which is some way away. Banks have so much legacy to deal with, that most banks need to resolve and sort this before they can move to cloud based services. Therefore, you’ll see the fringe things moving to the cloud but not the core services.
You also have to remember that cloud threatens people. Not everyone gets it and quite a few executives are very nervous about it. That’s not a vendor capable solution, but one that banks have to deal with internally through dialogue.
In particular, banks like SaaS (Software as a Service), that works, but they are less confident about PaaS (Platforms as a Service). If banks could find a partner that could provide that securely and with resilience, they would be interested. Either way however, the vendor will need to work with the internal organisation to educate the management team on how this works in practice, and to reassure them that it is the right thing to do.
This involves recognising that there is no single cloud provider of solutions however. Vendors, and banks, need to work together to see that this is a collaborative, community delivery. It requires hardware, software, network and development providers to combine to deliver the needs for SaaS or PaaS or any other area of cloud delivery.
This may also be a community cloud, e.g. a cloud for KYC. For example, Deutsche Bourse is working with IBM on Analytics-as-a-Service as a community cloud. This is based upon encouraging brokers and analysts to share their data in this cloud, so that we can all enrich the knowledge base about companies and investment portfolios. We don’t know if it will work, but it’s worth a try.
Equally, the concept of a community cloud that could perform the heavy lifting services in banking – such as cross-border transaction processing – would be of interest. Right now, they do that through correspondent banks and SWIFT but, over time, a remittances cloud could take over that space (isn’t that firm out there already? They’re called Currency Cloud?).
Ah well, now off to hear about disruption …