There is a seemingly unavoidable journey that organizations in the financial services industry are embarking upon as more nimble competitors enter the market and customer expectations shift with the evolving technology landscape. It’s a journey that has led organizations to the bleeding edge of real-time decision making, tailored customer experiences, and scalable business processes. Banks and other financial service providers are encountering a new demand for business agility and need to start curating strategies to help prepare themselves for the future. The differing strategies currently being set in place by C-suite executives may take slightly different paths but are rooted in the same journey: the cloud journey.
Deloitte Financial Services on AWS
Deloitte has a strong reputation for delivering smartly designed, fully integrated solutions for organizations across the financial services industry. Deloitte solutions on AWS serve banks, insurers, investment managers, and real estate institutions, offering the latest emerging technologies to solve business issues and deliver elevated customer experiences.
Cloud isn’t simply an IT technology used to access storage and computing power, it is a solution in the forefront of CIOs’ minds to unlock a foundational platform on which advanced business and operating models can be built on to enable continuous evolution. Cloud allows organizations to leverage data more effectively, quickly respond to changing business conditions, and increase productivity gains.
Amazon Web Services enables these business abilities by offering an array of innovative solutions on their platforms to help banks improve revenue generation, increase customer insights, contain costs, deliver market-relevant products quickly and efficiently by utilizing best practices, such as AWS Well-Architected Framework, to help monetize enterprise data assets. The upsides to a cloud adoption are endless, but banks are facing challenges of moving secure data and having to re-think their IT organization. Through countless engagements, Deloitte and AWS have been able to successfully guide banks through cloud adoptions by proactively identifying and mitigating challenges with proven solutions.
Aligning Business Strategy
Alignment between business and IT strategy has become the norm in today’s organizations. Extending that alignment into the cloud sector is necessary to fully reap the benefits of cloud technology by synthesizing value. Key challenges facing business and cloud strategy alignment include pressures around quantifying business value, understanding cloud deployment models and use cases, solution design and execution, security, and regulatory compliance.
Cloud technologies can aid in the development of business cases. Cloud-centric business cases can emphasize cost savings through a variety of sources. Prebuilt cloud tools can provide plug and play services with clear cost implications and fast tangible impact to banking consumers. Costs around pilot ideas can be kept low with agile deployment of IT resources and pay as you go models. Reliable operating platforms paired with resiliency capabilities can also ensure smoother customer experiences. Cloud value-assessment models can be used to map evolving economic environments, project return on investment, business assumptions, and scenario/risk planning.
Solution and design execution are a common challenge for banking and financial institutions. Cost and time to market are pivotal factors when evaluating a cloud strategy. AWS and other cloud providers can provide readily available tools and technologies to reduce the time, maintenance efforts, and cost to go to market compared to in house builds.
Choosing a cloud model can help financial institutions customize the level of control and security they have for their data. Companies can be emphasizing cloud strategy without moving 100 percent of workloads to a single public cloud. Banks will be deploying hybrid and multi-cloud models over the coming years to support their business and operating strategy and to address specific requirements.
Retail and wholesale banking industry leaders increasingly are focused on leveraging the cloud to drive innovation and new capabilities, optimize the organization, reduce infrastructure costs, and support improved business performance and shareholder returns. Strong alignment between business and cloud strategy can provide synchronization and clarity throughout the enterprise. Creating shared platforms and common datasets can provide reduced infrastructure overhead and provide enhanced analytics and insights. Compute and storage resources can be scaled based on business requirements and traffic with reduced upfront costs. Visibility into IT costs along with scaling capabilities of cloud can allow financial institutions to pivot quickly, depending on changing business needs or financial constraints to help maintain strategic alignment.
As an example of a new purpose-built service for Financial Services industry, AWS FinSpace reduces time required to collect and prepare petabytes of data for Big Data analysis and Machine Learning tasks, giving data scientists secure access to virtual analytics sandboxes.
Cloud adoption doesn’t happen overnight – to thrive and realize higher returns, banks need to reimagine their IT organization and become cloud-centric. This requires transforming classic IT operating models into fast-moving, adaptable workforces by assessing the current organizational structure constraints, understanding workforce readiness and gaps, and planning for the future. With any workforce transformation, companies can be met with unenthusiasm from within, but by identifying challenges early on, a shift in attitude and ROI can come earlier than expected.
Banks face the challenge of siloed IT organizations that tend to not only be split internally by IT function but split by way of outsourcing certain IT functions to subcontractors – inflexible SOWs can hinder the ability to migrate to Cloud. Distributed organizations lead to inefficient, reactionary behavior with fragmented operations and siloed oversight. When adopting cloud, it is important to note that the focus is no longer around the delivery of infrastructure components, but instead around the delivery of solutions through cloud services. This requires operational teams to be organized around these services in a shared responsibility model. Although the approach can be phased or a waterfall reorganization, it is important to implement a Cloud Centre of Excellence (CCoE) upfront to provide oversight on governance, decision making, and any resource onboarding. The CCoE will be the strategic committee when developing the rest of the operating model.
Now that a strategic oversight team is established, people and talent within the company must be organized and assigned roles. With any operating model shift, definitions of roles and responsibilities tend to get blurred leading to a lack of accountability and team inefficiencies. It is always important to lay frameworks in the form of RACI charts and interaction models, but AWS provides solutions to prevent any accountability slippage. Tagging AWS resources with IT owner or custodian references can help by directly attributing usage and costs to business units and hold people accountable for business areas they represent. To further hold resources accountable for their respective business areas, AWS IAM roles and policies will allow the business to restrict access to certain resources and actions, thus creating a clear accountability and escalation path between similar roles.
Once roles are in place, the components of the operating model (people and talent) must be assessed to determine current IT skills and competencies across the entire organization to support modern cloud skill requirements and roles. Without an upskilled workforce, teams are unable to deliver higher-value results or perform cross functionally. Deloitte has designed and built in-house Cloud Institutes where AWS’s suite of training and certification programs are leveraged to gauge employee’s know-how through organizational badging. The Cloud Institute curriculums can be customized to host workshops for specific talent groups and accelerate learning. Guided by a CCoE, in-house trainings can transition your workforce from operators and administrators to developers of automation and future cloud solutions.
Many financial institutions choose to augment in-house IT teams with third-party Managed Services to close skills gap and accelerate cloud adoptions. Deloitte is a member of AWS Partner Program and provides certified Managed Cloud and Security Services to clients in variety of regulated industries.
Learn more about Deloitte participation in AWS Partner Program, including Financial Service Competency and other AWS Validated Qualifications.
Security and Governance
Having a secure operation is a key component for banking. A security breach could tarnish the reputation of any financial institution and could have significant legal and financial implications. Security risks and government regulations are therefore strong components in the decision to switch to cloud. AWS and other cloud providers have made security a focus and provide customizations to allow any institution to choose how to setup their cloud program.
When choosing to use cloud, organizations must decide between different service models and between public, private, or hybrid approaches. Depending on the use case, organizations can have any combination of Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), or Software-as-a-Service (SaaS) models based on what level of control an organization wants. For regulated secure workloads or private data that a financial institution wants full control of, private or hybrid cloud models could be used. For less private use cases or instances where a portion of an application needs to be scaled, public cloud can provide a secure, fast, reliable option.
AWS Organizations and Control Tower services help tenants to deploy and operate a highly efficient micro-account strategy across multiple AWS Regions, to meet requirements of governance, centralized security and log management, networking and workload isolation per System Development Lifecycle and Line-of-Business boundaries.
Cloud providers use a shared responsibility model when discussing security. Cloud providers are responsible for security of the cloud including hardware/infrastructure and software related to compute, storage, networking, and database. End users are responsible for security in the cloud including, for example, provisioning, configuring and maintaining workload resources, access to and encryption of data, selection of specific network security protocols, and development of AWS IAM roles. This provides many benefits to financial institution as the hardware security, patching, and maintenance of cloud services is handled by the cloud provider. This reduces overhead costs for the organization and can provide better security than an organization may be able to afford on its own. Best practices include ensuring proper planning and considerations have taken place in choosing cloud models along with implementing appropriate encryption policies,
Financial institutions can integrate on premises identity management and data management solutions to help provide enhanced security. There are also cloud provided tools to help automate security rules and ensure newly provisioned or scaled resources are secure per company policy. AWS provides Cloud Formation service to help provision new resources according to best practices and can help manage the lifecycle of resources through code. These templates, along with appropriate AWS IAM roles, deploy cloud resources with security controls consistently coded in, which can help prevent unauthorized access and mitigate security concerns. AWS CloudWatch can help monitor and log metrics and events. It can also be used to detect any anomalies in behavior and to launch automated actions as security measures. AWS Security Hub also provides a centralized comprehensive view of all security needs. Amazon Detective, Amazon Macie, and Amazon Guard Duty can also help analyze, identify, and prevent security risks. Implementing these security tools along with proper governance and control policies can help secure workloads and cloud environments to ensure compliance with best practices.
With the expansion of financial services into mobile and internet domains, organizations must stay up to date on global regulatory requirements. Cloud providers can help achieve compliance and identify gaps. AWS holds various internationally recognized certifications and accreditations for the financial services industry including PCI-DSS, SEC Rule 17-a-4(f), Reg SCI, EU Data Protection Directive, FedRAMP, GDPR, FIPS 140-2, and NIST 800-171. Cloud tools like AWS Compliance Center can help organizations research requirements by country and locality in addition to identifying services that are compliant for those regions.
Appropriate governance policies are required to optimize the use of a cloud tools and services. Common challenges include concerns around cost management and maintaining security requirements. AWS tools can help manage these risks. Costs can be managed through cost allocation tags, reporting through AWS Cost Explorer, and AWS Consolidated Billing. Cost anomaly protection with AWS Budgets can help track and identify unauthorized actions and fees. Elasticity and rightsizing tools can also help manage costs without negatively affecting accessibility of resources or end user experience. AWS Instance Schedulers, Intelligent Tiering, and other capabilities can help appropriately scale and manage the size and cost of resources to help manage costs, so the organization only pays for what it needs and uses at any given point.
Banks, insurers, investment managers, and real estate institutions employ Financial Services Industry Lens – AWS Well-Architected Framework, which guides cloud architects in developing and operating efficient workloads by facilitating conversations with stakeholders in areas of Operational Excellence, Security, Reliability, Performance Efficiency and Cost Optimization.
By leveraging AWS offerings, Well-Architected Framework best practices and Deloitte as a trusted partner for Consulting and Managed Services, banks can finally feel comfortable positioning secure organizational information in Cloud to continuously reap the rewards of a successful Cloud journey.
Learn what AWS and Deloitte can do for your business.