John Galligan, Regional Director, Government Relations, Microsoft Asia Pacific, discusses why the Financial Service Industry should put its trust in the cloud
A core tenet of companies in the financial services industry is the management of risk. However, in today’s digital world where technology advances at a relentless pace, can banks afford to turn a blind eye to game-changing innovation in the name of avoiding risk?
The deployment of new technologies such as the cloud can bring many advantages to banks and other financial services institutions looking to differentiate their offerings and set themselves apart from the competition. Adopting an innovation mind set and embracing the cloud can open the doors to new revenue models, quicker product development cycles and a significantly reduced cost of operations.
So with a myriad of benefits to be realized, what is holding back more financial service institutions from making the move?
The issue can be distilled down to one word, “Trust.” In a post-Edward Snowden world, one where consumers and organizations alike worry about data security, they are faced with the question of how can they outsource their technology without outsourcing control? The decision to trust or reject new technologies has become a boardroom decision, and one that is made with the utmost caution.
Balancing pace of innovation and “trust,” is not a simple task. It is also not an endeavor that organizations in the finance industry can afford to ignore amid rising customer expectations and the potential for industries to be disrupted.
We are already seeing these effects in other sectors, where innovation from new apps such as Uber and GrabTaxi has disrupted traditional taxi businesses, winning customer share across the globe. These companies have reimagined the transport business by offering a more convenient booking and billing system as well as a rating system for both customers and drivers.
In a world where we are seeing an astounding pace of innovation in all sectors of the economy, it is only natural for people to expect the same from the financial institutions they patronize. Banks need to innovate to stay relevant and future-proof their business.
The financial services industry must find the “Goldilocks zone”. A suitable pace of innovation, that is not “too hot, or too cold,” and does not lead to compromises in trust and security. The first step to realizing this should involve moving onto a trusted cloud platform.
The cloud is already being viewed as a mainstream technology. The Microsoft Asia Pacific survey of 291 IT decision makers across 10 markets in Asia Pacific revealed that 71% of Asia’s CIOs expect to increase the use of the cloud in the next three years, making it a necessary part of their IT strategy.
One way to pick a trusted provider is looking out for appropriate certifications. For example, the ISO 27018 standard is the first international set of privacy controls relevant to the cloud. Azure and Office 365 are the first cloud computing platforms to be validated against this standard, providing a strong indicator that stringent privacy principles are followed, and are verified by independent auditing.
Regulators are not cloud adverse
Over the past year we spoke to regulators across the region to better understand their position on the use of the cloud and what conditions they considered to be optimal for a trusted use of this technology. When we first began this process, we assumed that there would be more resistance than acceptance towards the use of the cloud. What we discovered was surprising on two fronts: First, there no blanket regulatory barriers to the use of the cloud. Regulators just wanted to know how institutions are utilizing the cloud, and what they are doing to ensure security is achieved and customer trust maintained. And second, those regulators who were also responsible for industry development, worried that local banks would lose their ability to compete against foreign banks. Interestingly, some regulators expressed their frustration with the reluctance of banks to adopt new technologies.
But, no matter who the regulator and what the jurisdiction, one concept was consistently expressed – financial institutions can outsource their technology, but cannot outsource their responsibility. They have a shared responsibility, with cloud service providers to safeguard their customers’ data, but the onus is on them to make sure they utilize a trustworthy cloud platform.
Banks often use the acronym, “KYC,” which means know your customer. Perhaps it also should mean know your cloud. Technology adoption and security are not necessarily mutually exclusive. It can often be the case that cloud service providers can provide a more secure environment for data.
Essentially, the key to enabling cloud adoption for banks and other financial institutions boils down to transparency – which enables trust. A cloud service provider should offer banks the utmost transparency and control with regards to their data. Can you dictate who has access to the data, where the data is hosted and can you rest assured that third party requests for data will be fought? These are just the tip of the iceberg when determining if a cloud service provider is suited to host your data.
Determining the right cloud service provider may be a daunting task, but selecting the right one can open the door to greater innovation for financial institutions in Asia.