Since the sub-prime crisis of 2008, the amount of regulation in the financial markets has been steadily on the increase. Financial institutions are struggling to keep pace with digitalisation, the speed of innovation and the global markets, while also implementing regulations. To achieve this, they should turn to specialised service providers offering cloud solutions while keeping the footprint in their profit and loss as small as possible.
The challenge of regulation
The key challenge for financial institutions is meeting regulatory demand while reducing its costs and expanding their business. The larger the financial institution, the broader the range of regulations it has to cope with. Adding to this complexity is the legislative diversity on a national level. A prime example here is Europe, where a European regulation is usually transferred in national law, whereby local legislators often add a national finish to the regulation. This provides a challenge when designing a solution as well as in day-to-day operations in the bank. This becomes even more challenging when a regulation has impact on offshore locations to protect the members of its legislative scope. For example, European PRIIPs regulation also covers advisory in offshore locations for European clients.
The pace of change
First, let’s look at the regulatory changes. Ever since 2008 there has been more than 40 regulations introduced, on both, national and European level, in order to stabilise the financial markets. Every regulation forces financial institutions to adapt their processes, implement IT changes as well as train people. This requires executing substantial initiatives for change in parallel with coordinating side effects between the different initiatives.
Introducing new IT systems into a financial services institution is a highly complex procedure. It means that many policies need to be followed before a new solution can go live; e.g. security, disaster recovery and contingency planning. Of course, this implies that security requirements such as DLP (Data Loss Prevention) are constantly rising.
Cloud-based solutions offer the benefit of running proven infrastructures with automated global scaling features, allowing for a dynamic adjustment to the usage load as well as relying on proven security procedures. Just a quick example: Running an IDS (Intrusion Detection System) on Amazon web services is rather simple because it can easily be deployed by using an AWS Marketing Place tool. For a classic on-premise IDS deployment, a major IT project will be needed.
Therefore, with all the benefits of cloud solutions, why is everybody not using them? One reason is that not everybody trusts the cloud, especially on the issue of privacy. Cloud solutions pose a challenge: institutions cannot physically locate their data as it is possibly distributed among many data centres all around the globe. Here is where regulation comes in, making everyone’s lives easier. For example, the European GDPR (EU Regulation 2016/679 – General Data Protection Regulation) offers a uniform framework all across Europe.
Cloud solutions from an IT management perspective
In legacy financial services enterprise software, integration of different systems is always a driver of complexity and cost. Lean cloud solutions offering standardised interfaces provide the opportunity to reduce this overhead. For example, cleversoft’s docCreatorTM solution for regulatory documents such as PRIIPs (EU Verordnung No. 1286/2014 on Packaged Retail Investment and Insurance Products) allows storing its document archive in cloud storage containers from Azure, Google and even Google drive. This enables the institutions’ architects to easily integrate the archive in other solutions.
Another classic example is single sign-on. Here, technologies like SAML (Security Assertion Markup Language) or oAuth allow the financial institution to use internal sign-in accounts to seamlessly sign- in to the cloud providers solution without entering passwords again. An added benefit here is that the institutions own security enforcements, such as chipcard-based two-factor authentication, can be used.
Cloud solutions also add the benefit of ensuring fast accessibility from any network. However, through the previously described single sign-on access controls, access can still be restricted to on-site. Based on the institution’s security restrictions, its clients could access the solutions seamlessly from their tablet or mobile phone while travelling as well as from their laptop or desktop PC. This allows for quick and easy access to the most recent information, reports and documents.
Leverage for digital marketing
Engagement between organisations and their customers through digital measures is becoming key in the 21st century – cloud solutions offer an easy way to do so. For example, the delivery of regulatory and marketing documents can be realised by storing them in a cloud-based archive to which an institution could provide a secured access to its customers. Such solutions also enable institutions to collect metrics and behaviour analysis about their customers, allowing for tailoring services to its customers’ needs. This can also be combined this with A/B tests to check for behavioral engagement preferences.
Cloud-based solutions offer a lean approach to solve regulatory challenges in the increasingly regulated landscape. By benefiting from their easy interconnectivity, every institution can seamlessly leverage multiple solutions and engage directly with its customers.