The Cloud Presents New Risks for Financial Services
The world’s major financial institutions know the winds of change are here. They are well aware that if they stick to traditional banking methods underpinned by decades-old technology they will be blown away by more agile, innovative digital start-ups. We are entering the era of banking in the cloud. Two of the banks’ biggest challenges are ensuring regulatory compliance and protection of customer data privacy. This explains why as of today, only a small proportion of banks have moved their core systems into the cloud. To overcome such risks banks and their development, partners are working on secure ecosystems combining virtual private networks (VPNs), encrypted Application Program Interfaces (APIs) and remote identity management technologies.
Case for Cloud
Cloud computing has a number of advantages for banks. For a start, it gives them efficient, flexible access to computer resources on demand for such applications as batch processing, data analytics and data storage. It also pays them to test new services in the cloud because it costs much less than using in-house IT systems. A further benefit is cloud’s inherent scalability, allowing banks to process thousands of transactions per second. This greatly enhances their capacity to spot financial irregularities such as money laundering and fraud in real time.
Cloud-based Core Banking
It’s only recently that banks have started to move core banking services like deposits, loans and credit processing into the cloud. According to the 2018 Digital Trends in Financial Services report from Adobe, only seven percent of U.S. financial institutions have implemented a cloud-based technology stack. The American Bankers Association’s (ABA’s) “Core Provider Survey” 2018 found 29% of banks would consider moving core banking to the cloud, 50% were unsure and 21% would not consider it. Nevertheless, momentum is growing. Industry experts expect the majority of new core banking projects launched by 2020 to be in the cloud.
Security and Compliance Challenges
The transition from legacy IT systems to a cloud-based infrastructure poses significant challenges. Not least is how to guarantee cast iron safety for customers’ personal and financial data in the cloud. Careful consideration must be given to how personal information is shared and stored to prevent data breaches. In addition, regular checks on cloud infrastructure security are needed for service continuity reasons and to make sure the integrity of customer data on shared servers is preserved.
On top of this are the numerous regulatory standards that banks have to comply with. British banks, for example, must comply with Open Banking regulation, or Payment Services Directive 2 (PSD2), which directs banks to allow pre-approved third parties access to customer data. At the same time the EU General Data Protection Regulation (GDPR) compels companies to take full responsibility for the security and privacy of customer data, irrespective of whether they store it on their own systems or process it in the cloud. Clearly, meeting both regulations at the same time presents a challenge.
Encryption Key to Privacy in the Cloud
As they strive to comply with the banking authorities, financial institutions are making ever greater use of encryption. They are developing mobile applications that use APIs with strong encryption and solid customer authentication to allow sensitive data to be shared privately. Additionally, enterprise-class VPNs are crucial for securing digital communications between different banking organizations. Flexibility, scalability and an ability to work with a variety of protocols are all essential properties. VPNs allow financial companies to allocate remote applications and resources to customers quickly and securely. Remote internet access to banking services such as loans, real time account status and investment reports can be made available easily and safely.
In summary, the move to cloud-based core banking services is on the way. Successful transition to cloud adoption in financial services will require close cooperation between banks, cloud providers and the authorities. Between them they must ensure their programs, processes and regulatory frameworks eliminate risks and support cloud services growth. Encryption technologies like VPNs and APIs are critical to keeping core banking services in the cloud safe. As more and more banks look to stay ahead in the market, it is only a matter of time before cloud-based financial services are adopted universally.