This post is the third part of a series exploring the cloud in Asia Pacific. It covers the current cloud situation across the region, how is the cloud being used, what is holding back further adoption, and how the cloud can be used for innovation. It will also examine the cloud in the FSI sector.
FSI’s main currency is trust. Without trust, financial institutions will not be able to conduct their business. Over the years, a lot of regulations and legislations have been added to fortify this trust and ensure that the end clients are not short changed. And resulting restrictions on data exchange and data privacy concerns have seen many financial institutions reluctant to move from their on-premise platform to public cloud infrastructure.
There are three main hurdles that have hindered FSI cloud adoption:
In Asia and around the world, significant data security and compliance requirements hinder financial institutions from going to the cloud. Essentially, financial data has to be secure and access controlled, as set out by legislation like Sarbanes-Oxley and the Gramm-Leach-Bliley Act in the US and the Data Protection Act in the UK. Local regulations also require customer data to be stored in country. Unless regulations change, processes that touch customer data will not be able to be easily migrated to the cloud. However, many financial institutions are already evaluating the use of cloud for those processes that do not touch customer data, while others are looking to use cloud as test beds, service delivery and innovation. So cloud adoption will eventually increase but at a very cautious rate as regulations and compliance activities remain a key concern for many.
Perception of insecurity
For banks, who are often seen as treasure vaults, security is paramount. Although clouds are secure when architected correctly, perceptions about the insecure Internet and regular articles on Internet attacks often keep many financial institutions on the sidelines. These perceptions will eventually change, but it will be sometime before end customers get comfortable with a cloud-based bank. In the meantime, many financial institutions are already building private clouds that offer some of the flexibility and cost savings of public clouds but are designed to be more secure.
Cost of Migration
Financial institutions cannot afford down time. Every second of down time means millions lost, reputations tarnished and loss of would-be clients. And every time a financial institution becomes unavailable over the Internet, it becomes a headline. Migrating to the cloud is a huge endeavor, and obviously many financial institutions are wary about the risks it entails. The use of legacy systems and reams of data (kept for compliance reasons) make it more complex. In addition, banks cannot fully migrate all their applications and processes onto the cloud due to regulations. This means that they need to examine which processes that can be migrated and maintain a secure and highly reliable link to their current data center. To successfully mitigate them, financial institutions need a well-planned plan executed in phases. Migration tools are getting better and more comprehensive, making this possible. More forward-looking financial institutions are using clouds as test beds, to ensure migration occurs smoothly.
As a result of the three points above the shift toward cloud has been largely a private affair for many financial institutions. This shift to private clouds has been driven by FSI institutions seeking new ways to reduce costs, as governments increase minimum capital requirements and compliance costs increase. Using private clouds are helping many to achieve these, while dealing with dynamic business demands.
In my next post I’ll outline the five key ways the FSI industry is using cloud across APAC.