hit tracker
Saturday, February 24, 2024
HomeLatest NewsOpportunities and challenges of the journey to the cloud of the financial...

Opportunities and challenges of the journey to the cloud of the financial sector | Opinion by Judith Arnal

Date: February 24, 2024 Time: 09:30:06

Digital transformation is already an unstoppable process that extends across all economic sectors. One of the technologies that has emerged with the greatest force is cloud computing. The cloud is a technology that enables the provision of computing services, including servers, file storage, databases, and software, over the Internet. You’ve been exposed to the cloud for sure: if you’ve ever watched a series on Amazon Prime, edited a document in Google Docs, or listened to a song on Spotify, you’ve made use of the cloud.

There are three types of cloud computing: public, private, and hybrid. In the public cloud, computing resources, such as servers and storage, are standardized, owned by the third-party cloud provider, located on-premise, and available to any person or company that wishes to hire them. The private cloud would be for the exclusive use of a single organization and could be located both in the facilities of the user company itself and in those of the third party provider. And the hybrid cloud would be a combination of the public and the private, allowing the portability of data and applications between them.

Regarding the functionalities and services provided by the cloud, three models are also distinguished: infrastructure as a service (IaaS), platform as a service (PaaS) and software as a service (SaaS). In the IaaS model, infrastructure resources such as servers, data centers, hardware, and other tools that enable data transmission and storage are rented. In the PaaS model, a complete development environment is contracted, in which it is possible to create, modify and optimize software and applications. And finally, in the SaaS, final lists of applications are made available to the user for their use and without the possibility that the user can modify them.

Cloud computing has multiple advantages. First of all, scalability and flexibility. Thanks to the cloud, companies can easily scale up or down their resources based on their needs, without having to invest in additional hardware or software, thus responding quickly to changes in demand. Second, cost savings. Unlike traditional models that require large initial investments in hardware and software, the cloud allows you to pay a subscription and also adjust the payment to the effective use made. Third, security and compliance. Cloud computing providers invest many security and compliance measures to protect their customers’ data. In effect, it uses advanced controllers, access controls, and monitoring tools to ensure data privacy, integrity, and availability. Lastly, innovation. By leveraging cloud services and tools, businesses can create new applications, experiment with new technologies, and collaborate on projects in real time.

However, like everything in life, the cloud also brings challenges and risks. To begin with, and depending on the architecture of the chosen infrastructure, there may be a risk of concentration and dependency on the provider. Indeed, Amazon Web Services, Microsoft Azure and Google Cloud held a market share of more than 60% in the provision of IaaS and PaaS in the first quarter of 2023. After assessing the mitigation of risks due to the architecture used, and In the interest of reducing the remaining risks, alternatives may be explored by the industry such as the use of open source technology and multi-cloud approaches, which promote portability and interoperability. Secondly, the lack of adequate staff training is a challenge, since decision-making on whether to move to the cloud and, if applicable, which functions to move, as well as the strategy to carry it out optimally, requires some new and technical knowledge that is not abundant in the market. Third, the slower progress of regulation with respect to technological developments may also pose obstacles to the use of this technology. Finally, the growing importance of this technology could also alter the nature of the operational risks to be managed (for example, in terms of data localization).

Of course, the financial sector does not remain on the sidelines of the growing relevance of this technology. Changes in consumer demands, as well as the need to reduce costs and increase efficiency, are leaving financial institutions no choice but to embrace digital change and, in many cases, start their journey to the cloud.

As for the rest of the economic sectors, a well-designed migration of certain services to the cloud can be positive for certain financial entities. The Financial Stability Board concluded in a 2019 report that cloud computing did not pose an immediate risk to financial stability. At that time, the use of the cloud by financial institutions for critical services was low, with the exceptions of email and risk modelling. But a few years have passed and the use of the cloud is increasing. Public authorities are aware of this, so they have gotten to work to reduce the risks, while allowing efficient use of this technology.

In the case of the EU, the Digital Operational Resilience Act (DORA) stands out. DORA establishes one of the first global regulatory frameworks that allows financial services supervisors to control so-called “third parties”, that is, external service providers, including those of cloud services. In particular, the European Supervisory Authorities (EBA, ESMA and EIOPA) will have important supervisory powers over service providers considered critical, being able to ask them to change their security practices and penalize them if the corresponding modification is not produced. In addition, in the event that critical service providers are not based in the EU, they will have the obligation to establish a subsidiary in EU territory within 12 months of their designation as critical. Although DORA entered into force in January 2023, secondary and even tertiary regulations still need to be developed for its full operation. Specifically, level 2 regulations will be constituted by the Technical Regulatory and Implementation Standards that will be developed by the European Supervisory Authorities. And the level 3 regulation will consist of the development of standardized contractual clauses for outsourcing to the cloud.

In short, the efficiency gains of the cloud for banking entities are undeniable: increased speed of innovation, reduced costs of establishing and maintaining technological infrastructures, the possibility of scaling or de-scaling projects easily and immediately, and even better systems. of cybersecurity. However, the transition from the model based on the financial institution itself to the cloud is not easy and, in addition, the operation from the cloud of banking services, essential for the proper development of economic activity, is not exempt from risks that it must be analyzed and studied by academics, supervisors, regulators and members of the financial and technology industry.

* This website provides news content gathered from various internet sources. It is crucial to understand that we are not responsible for the accuracy, completeness, or reliability of the information presented Read More

Puck Henry
Puck Henry
Puck Henry is an editor for ePrimefeed covering all types of news.

Most Popular

Recent Comments