AFME, Protiviti report maps out barriers to wider cloud adoption

Elements of portability and multi-cloud could be hindering banks' use of cloud technology, as well as its overall resilience, report warns

by | September 22, 2021 | bobsguide

The Association for Financial Markets in Europe (AFME) has outlined some key the potential key regulatory barriers to a more far-reaching adoption of cloud services by banks and financial services firms – a trend that has been greatly amplified by the pandemic but that continues to stumble upon key operational issues. 

In a report released on Wednesday in collaboration with consultancy firm Protiviti, AFME identified the main areas of concern where additional support from both legislators and policymakers and regulators and engagement from Cloud Service Providers (CSP) could take steps to lower hurdles for banks to migrate to cloud technology while safeguarding their operational resilience. 

“There are concerns that recommendations towards portability and the use of multi-cloud to achieve outcomes sought by regulators (increasing cloud resilience and mitigating concentration risk) will introduce further limitations on adoption,” the report said.  

Firms surveyed by AFME warned that portability between multiple CSPs – i.e., the ability to move applications and data from one computing environment to another, allowing for equivalency of functions – can introduce significant technical complexity, stemming from the additional services and integration required. This, the warned, could further inhibit the ability of banks to recover from failures quickly, due to the number of systems, services, and technical components involved. 

“Portability poses significant technical limitations and a loss of differentiated cloud benefits as a mechanism for increasing resilience,” the report said, citing “limited benefit in a CSP stressed exit where a bank may have reduced or no access to its data.”  

Another set of risks would arise from the fact that a large number of banks is now using a multi-cloud strategy, which the report says allows them to “deploy IT workloads across multiple CSPs [and] take advantage of each CSPs unique service offerings and strengths,” as well as accessing different geographies. 

These use cases for a multi-cloud approach, the report emphasises, prevail over its use “as a mechanism to mitigate concentration risk and increase resilience.” 

Moreover, “while multi-cloud can reduce concentration risk to some extent, the technical, process and resource complexity needed to support multiple CSPs can lead to decreased resilience overall,” the report said.  

AFME and Protiviti said regulators’ approach to the wider adoption of cloud technology should overall be risk- or scenario-based, grating banks “flexibility based on their usage and technical needs.” 

Any future regulatory framework should also ensure cross-border convergence between different jurisdictions, they said, on both resilience metrics and risk expectations- based on baseline indicators that would also help regulators quantify any macro-concentration risk across the industry.  

The report also recommends setting out clear information sharing and transparency requirements for CSPs – including contingency procedures, security testing and recovery and restoration capabilities. 

The mapping and benchmarking of CSPs’ offerings would also boost adoption and safety across the industry, it added. 

Finally, the report calls for more robust cloud cross-border data flows and storage, “to prevent further technology and data-related regulatory requirements being introduced that could segment banks adoption of cloud services regionally, […] increasing geographic concentration and cyber and resilience risks.” 

Categories:

Resources

R3 Acquires World Class Regulated Markets Stablecoin Issuance Capability

Brochure / Fact Sheet | Banking R3 Acquires World Class Regulated Markets Stablecoin Issuance Capability

R3

R3 Acquires World Class Regulated Markets Stablecoin Issuance Capability

R3 has acquired the technology and team of the financial asset tokenization specialist Ivno, enabling the use of Ivno-developed capabilities… Continue Reading

View resource
Is Digital Banking important for you?

Brochure / Fact Sheet | Banking Is Digital Banking important for you?

Profile Software

Is Digital Banking important for you?

Industry Insight | Digital banking is also essential to banks as a function to not only retain existing customers and… Continue Reading

View resource
The Role of Automated Reconciliation in Banks’ Digital Transformation

Other | Banking The Role of Automated Reconciliation in Banks’ Digital Transformation

ReconArt

The Role of Automated Reconciliation in Banks’ Digital Transformation

The transformation and automation of financial processes are usually part of this bigger effort. For the reconciliation area, this means… Continue Reading

View resource
Federal Reserve bank reconciliation: First National Bankers Bank case study

Case Study | Banking Federal Reserve bank reconciliation: First National Bankers Bank case study

ReconArt

Federal Reserve bank reconciliation: First National Bankers Bank case study

Prior to implementing ReconArt the bank used an internally IT-developed program, performing only the transaction matching and account reconciliation of… Continue Reading

View resource