Compliance: is it the biggest threat to public cloud adoption in banks?

Compliance is it the biggest threat to public cloud adoption in banksThe dangers posed by data leaks and general compliance challenges, including the GDPR, are still defined as the biggest threats preventing public cloud migration, with over half of interviewees stating compliance.

This is according to our recent research looking into the state of public cloud in banks.

Compliance teams are under increasing stress as more data protection regulations come into force. This impedes the progress of public cloud projects in banks for a number of reasons. Personally Identifiable Information (PII), which is the focus of the platinum-standard data protection regulation in Europe – the GDPR – is arguably at greater risk if stored in public clouds. This is because of the open nature of public clouds – other banks and the general public can share the same servers, and therefore banks have to relinquish control to the vendors.

If there is a data breach and unencrypted PII should leak, local data protection regulators need to determine where the fault lies: at the bank, the vendor, or the vendor’s subcontractors. With the GDPR coming into force, there is just as much penalty emphasis on the vendor (the “data processor”), as there is on the “data controller” (the bank). This has not been the case previously: the bank would be fully liable. Because of this change to how data privacy regulations work in Europe, there are now equal incentives for banks and their cloud providers to prevent data breaches. In addition, the specific security concerns posed by public clouds have been identified years ago, with cloud vendors often employing some of the world’s best cybersecurity and data protection experts to help allay any threats.

All of this makes using public clouds more appealing.

Furthermore, as more regulations appear, such as BCBS 239 and MiFid II, compliance hires are becoming more important. A bank’s compliance team needs to have eyes across the entire bank, and that will become increasingly difficult if more banks introduce public cloud projects before 2020. Arguably, the majority of our respondents in our research say compliance is the number one priority in 2018 in banks instead of public cloud projects. In all likelihood, once a fully-functioning compliance team is in place, there can be more engagement with public clouds, in general.

We have no doubt that compliance is the main focus for banks in 2018, but public cloud projects will increase in the next two years as compliance teams are given more resources.

To read our research into the state of public clouds in banks, please click here.

Related resources

ActiveViam’s Market Risk Accelerator
ActiveMonitor
FRTB Accelerator
The Fundamental Review of the Trading Book (FRTB) – Tackling A New Approach For Market Risk
ActivePivot Under the hood
Managing business performance and detecting outliers in financial services
ActiveLedgers – Facilitating and shortening the accounting period close
Collateral Optimization
Optimizing Liquidity Management
Real-time Credit Value Adjustment
eBook – Intraday Liquidity Management
eBook – Liquidity Management

GET IN TOUCH

Questions ? Want to know more about our solutions?




Follow us: linkedin twitter