IBM RegTech Innovations

The cloud advantage: Three approaches for implementing cloud for risk management

Share this post:

Compared to traditional data centers, I believe that cloud computing has several characteristics that make it an attractive platform for risk management. First of all, the compute requirements for risk management can vary over time. Cloud provides the ability to scale up resources during peak periods and scale them back down when they are not needed. For example, typical market and credit risk implementations involve large simulations that require a large number of cores on a nightly basis. Similarly, banks with asset liability management, and insurance companies running strategic asset allocations against liability cashflows, also have simulations that have signification computational requirements but may run on a less frequent basis (e.g., weekly, monthly, or quarterly).

A second cloud characteristic that is appealing for risk management is the capacity for allocating a very large number of cores to a job. Whereas data centers are limited by their maximum capacity, clouds provide the ability to scale far beyond the size of a typical data center.

A third characteristic of cloud that is especially relevant for risk management is the charge metrics. Cloud computing typically uses a “pay as you go” model based on utilization. In other words, you pay for what you use. Given the cyclic nature of risk simulations, this means that organizations can align costs with operations and help avoid the problem of “peak provisioning.” Combined, the second and third characteristics should prompt firms to rethink the trade-offs between cost and performance. The trade-offs represent an efficient frontier – firms can now use cloud to select new optimal points.

Given the benefits of cloud for risk management, there is one question that everyone is asking: how do I get to cloud? Obviously, everyone’s situation is slightly different but we have found that the “hybrid cloud” approach is ideal for many financial institutions. In hybrid cloud, the organizations can run a majority of the risk system in their own data centers but run the computational, expensive parts on cloud.

Many institutions have spent years implementing or developing their risk systems, customized to meet specific business requirements. Hybrid cloud implementation helps firms to preserve the customizations while still gaining the scalability benefits of cloud computing. In many cases, a straight ASP or SaaS model is not a viable option either because they don’t support hybrid cloud and can’t be tailored to address client requirements, or the expense of those customizations undermines the cost advantages of moving to cloud.

A second possible approach is to procure virtual machines (or bare metal servers) from a cloud provider. Under this scenario, the servers in the cloud can be used to run select components of the risk system. Although this approach allows firms to break out of the constraints of existing data centers and address scalability, it can require a significant IT investment to manage the entire process in a production environment. For example, IT has to create and maintain cloud enabled images of software components, manage horizontal scaling, define and implement methods for starting and stopping processes, build APIs for invoking jobs, and more.

IBM has taken a third approach to supporting hybrid cloud for risk: developing microservices that perform basic operations essential to risk management such as pricing and simulation, scenario generation, and portfolio optimization. These microservices are encapsulated in RESTFul APIs which are designed to be integrated into existing risk workflows and which allow firms to migrate computational expensive calculations to cloud. Because the microservices cover atomic operations like instrument valuation, solutions can take advantage of the scalability of cloud while retaining key customizations as part of the on-premises workflow. Furthermore, the microservices are designed to not require any IT support because IBM handles all those activities behind the scenes. An additional IT support service contract is not required for the microservices.

For example, IBM regularly rebuilds the Docker images for the services where known security vulnerabilities are addressed, manages the Kubernetes cluster to provide horizontal scalability, performs regular testing to make sure the services have acceptable response times, ensures the services are fault tolerant, and provides encrypted storage for client data. As a result, new instances of the services can be deployed, usually in a matter of minutes which can lead to several additional benefits. First, it reduces the implementation time because there is no need to build IT processes to manage cloud resources. Second, it allows the services to be integrated into new workflows that fall outside the scope of traditional risk management but still require the same analytics (think about wealth management or performing a one-time analysis.)

The target architecture of the future for all risk solutions will likely involve cloud. This is driven by the large volumes of hardware required to run risk simulations and by the fact that these simulations run periodically, for example, daily. When the simulations are not running, the hardware requirements are significantly less, typically by several orders of magnitude.

The requirement for dynamic scalability, coupled with cloud’s typical “pay as you go” model, make it a very attractive platform for risk systems. However, getting there can have challenges. As a first step, many firms will adopt a hybrid cloud approach. Compared to alternatives, I believe that IBM microservices provides a practical and cost-effective way to start the journey to a cloud architecture.

To learn more about more about leveraging cloud for financial risk management, register for our webinar “IBM RegTalk – The cloud advantage for financial risk” taking place on June 19th, 2019. The session will feature a discussion on the power, breadth and flexibility that cloud can bring to financial institutions and innovative new cloud API technology from IBM. For more information and to register, click here.

Director of Research, Innovation & Financial Engineering - Financial Risk

More IBM RegTech Innovations stories

Ask the expert: 20 questions fraud fighters want to know

In our webinar yesterday, the first in the series AI Fraud Detection — Beyond the Textbooks, we ran out of time and weren’t able to address some great questions we had from the audience. Instead of waiting until the next episode, I hope these brief answers will be of help and interest to both those […]

Continue reading

Thinking in cloud microservices – Reshaping how firms architect risk and investment management

One of the privileges of the innovation team is that we get to evangelize concepts that are poised to reshape how our business will function. For the last year or two, we’ve been encouraging and enabling our organization to “think in microservices”. While fundamentally an architectural paradigm, technology designed as microservices has the potential to […]

Continue reading

Payments modernization: Addressing threats and assessing new opportunities

Payments modernization initiatives around the globe have long been a topic of huge interest and are at different stages of implementation in different countries. Time and again, it has proven to be a catalyst for transformation that has fueled innovation. Canada is now completely into this modernization party, driven by the modernization agenda and timeline […]

Continue reading