When you think of banks, marble columns and steel vaults are probably what jump to mind. They project stability, dependability, security and trust.

What if today, the truest symbol of a bank’s rock-solid reliability was the cloud—with the added advantage of faster innovation and globe-spanning efficiency? What if cloud computing, which once seemed so vulnerable and unpredictable, had become, through its size, scope and ambition, among the most secure and compliance-attuned places for a financial firm to conduct business?

Last fall, IBM announced it had designed the industry’s first financial services public cloud that addressed most core needs of finance organizations, created in collaboration with the platform’s first customer, Bank of America. Today, they have been joined by BNP Paribas and dozens of service vendors to launch the IBM Cloud for Financial Services.

It’s about more than having some of the world’s ten largest banks on board, though. When it comes to building a public cloud suitable for an industry that is the circulatory system of the global economy, four capabilities should be in place.

 The freedom to innovate

One of the biggest appeals of public cloud has always been its adaptability and elasticity.

Your bank could be launching a new service or that app gets really popular overnight. Maybe regulators or the security team want to double back-ups on the payments system.

“Before, you might have to buy a whole bunch of new servers, the space to put them in, configure them—it’s a huge investment not just of money but time,” explained Tom Eck, global CTO for banking and financial markets at IBM. “With public cloud, we’re seeing banks get access to the resources they need within a matter of minutes or hours.”

This flexibility has already been crucial in the fast-moving digital world, and it has only grown more essential in 2020. Disruptions due to natural disasters, macroeconomic shocks, and cyberattacks revealed in the past how companies needed to be agile; the new normal brought on by COVID-19 has taken this imperative to the extreme.

The ability to rapidly scale day-to-day operations and to release new products quickly—by tapping into services and partners already integrated into the public cloud—means financial institutions can become better prepared for whatever the future holds.

There should be freedom in that future, too. Utilizing an open-source model where your applications live in portable containers—like the one offered by IBM and Red Hat—your operations can run on any cloud as well as on-premises networks. You’re not locked in.

Partners abound

Partnerships and platforms are where most banks have been headed for years, it’s widely acknowledged, and most of those partners are moving to the cloud or were born on the cloud to begin with.

Fintechs have played an especially important role over the past decade. Many traditional institutions viewed them first as adversaries, then as acquisitions. Now, with public cloud, it’s easier to collaborate and source the services you need and build platforms together.

“The real value in open banking isn’t about trying to do everything yourself,” Bharat Bhushan, IBM’s financial services CTO for Europe, said. “It’s about exploring what other people are good at and exploring that partnership model where you create a win-win situation. Those relationships thrive on the cloud.”

They also thrive on trust, which is why IBM, Bank of America and BNP Paribas initiated the Financial Services Cloud Advisory Council. Users of the financial services public cloud can gain the confidence that their peers on the platform are trustworthy and compliant.

Cloud is also where advanced technologies, like AI, edge computing and quantum programs can live freely. Many of these technologies have grown so large and complex, to tap their full capabilities within a private data center is all but impossible.

Regulation is fundamental

One of the biggest constraints on public cloud adoption has long been financial regulations. The importance of maintaining good relationships with regulators naturally leads to a conservative approach to operations.

It’s one thing to host a customer service chatbot on a cloud server. It’s another to put your mortgage processing or savings accounts there and have the agencies charged with oversight accept that customer data and the bank’s operations overall are safe.

Working with Promontory Financial Group—an IBM unit that helped author many cloud regulations in the United States and European Union—IBM and Bank of America created a policy framework containing numerous public cloud controls, architecture patterns and guidance for implementation and evidence, all of which support institutions’ regulatory and security needs.

“In banking, it’s all about assessing risk,” Eck said. “When a bank is assessing the benefits of public cloud, jeopardizing compliance has always been a risk. But we’ve turned that on its head—we’ve put in place regulatory guard rails, and now, instead of being a burden, one of the benefits inherent in our cloud is the ability to more easily fulfill regulatory requirements.”

Institutions that adopt IBM Cloud for Financial Services can readily adapt its regulatory framework to their needs as well as easily integrating their own. This helps companies rapidly confirm that applications running on the cloud comply with current rules and security obligations. Furthermore, the framework is updated as necessary to support ongoing compliance into the future.

The new policy framework is IBM’s way of engineering a solution that turns an obligation into an advantage.

Security, security, security

If your operations have moved outside your own walls, your own servers and even your own private cloud, how can you be sure they’re secure?

“It’s simple,” Bhushan said. “Their data remains their data, their insights from that data remains theirs, and security is not just purely about the end-to-end, point-to-point security.”

The nature and sophistication of cyber threats increasingly means there is greatest safety in numbers. The same way public cloud offers more access to diverse services and apps, it can offer enhanced security by aggregating the cyber requirements of multiple institutions. This combined defense is designed to help IBM Cloud for Financial Services deliver security that is more robust, more efficient and more regularly updated.

What is particularly distinctive about IBM Cloud for Financial Services is that, while all participants benefit from their shared security, IBM is the rare partner providing each organization with sole control of their cryptographic keys, which gives them confidence that third parties aren’t sharing their keys.

“With newfound confidence in cloud technology’s ability to address their security and compliance needs, banks can extend their reach without losing focus on their core mission of serving customers,” Sarah Diamond, IBM’s global managing director for banking and financial markets, recently wrote in Forbes.

Want to speak with an expert? Contact IBM now.

More from Cloud

Sensors, signals and synergy: Enhancing Downer’s data exploration with IBM

3 min read - In the realm of urban transportation, precision is pivotal. Downer, a leading provider of integrated services in Australia and New Zealand, considers itself a guardian of the elaborate transportation matrix, and it continually seeks to enhance its operational efficiency. With over 200 trains and a multitude of sensors, Downer has accumulated a vast amount of data. While Downer regularly uncovers actionable insights from their data, their partnership with IBM® Client Engineering aimed to explore the additional potential of this vast dataset,…

Best practices for hybrid cloud banking applications secure and compliant deployment across IBM Cloud and Satellite

10 min read - Financial Services clients are increasingly looking to modernize their applications. This includes modernization of code development and maintenance (helping with scarce skills and allowing innovation and new technologies required by end users) as well as improvement of deployment and operations, using agile techniques and DevSecOps. As part of their modernization journey, clients want to have flexibility to determine what is the best “fit for purpose” deployment location for their applications. This may be in any of the environments that Hybrid…

Level up your Kafka applications with schemas

4 min read - Apache Kafka is a well-known open-source event store and stream processing platform and has grown to become the de facto standard for data streaming. In this article, developer Michael Burgess provides an insight into the concept of schemas and schema management as a way to add value to your event-driven applications on the fully managed Kafka service, IBM Event Streams on IBM Cloud®. What is a schema? A schema describes the structure of data. For example: A simple Java class…

SSD vs. NVMe: What’s the difference?

7 min read - Recent technological advancements in data storage have prompted businesses and consumers to move away from traditional hard disk drives (HDDs) towards faster, lower-latency solid-state drive (SSD) technology. In this post, we’re going to look at this new technology, as well as the fastest and most popular protocol available to connect it to a computer’s motherboard—non-volatile memory express (NVMe). While the terms SSD and NVMe are often used to describe two different types of drives, they are actually different data storage…

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters