Don’t rebuild your SWIFT connectivity on cloud

By and Niren Kinikar | 5 minute read | October 6, 2022

tunnel

Banks and businesses worldwide have embarked on a modernization journey, trying to re-imagine their systems and get ready for the world of tomorrow. While each institution faces different challenges, all are seeking common goals: new and improved channel experiences, integrated new technologies, cost management and cost takeout, improved risk management and security, reduced down-time, and operational efficiency. These goals are aimed to set the foundation for growth and agility and ultimately a better client experience.

To support this journey, most banks and businesses have announced a cloud adoption strategy. They see that the success of their transformation strategies is inextricably linked to moving to a cloud model for the flexibility, agility, resilience and time-to-market acceleration it offers. As the race to cloud adoption continues, now is the time to stop and evaluate the many options available to achieve your goals. Can you securely interoperate with ecosystem partners and networks? Can you automate to mitigate compliance risk? Are your systems designed with zero trust in mind? Are your in-house resources optimized for high-value work or burdened by increasing operational demands?

Cloud adoption has become mainstream. With its proven benefits, executives in every industry are investing and demanding that their physical infrastructure is moved to cloud, pressuring their teams to deliver mass migration to cloud while losing sight of their real objectives. Increasingly, we see businesses “lift and shift” their systems, recreating the same issues in a new environment and gaining nothing but the bragging rights of a “cloud infrastructure.”

Cloud adoption is a tool to achieve your goals, it should never be the goal. 

Should you rebuild your SWIFT connectivity on public cloud?

Of the critical components in banking and payments infrastructure, SWIFT provides the key core network for domestic and international financial messaging. It is the backbone on which the global economy is built. Maintaining connectivity to SWIFT is critical and any unplanned downtime of exclusion from the network harsh economic impacts. Recently, SWIFT has broadened access to its 11,000 member bank and corporate network with public cloud connectivity provided they comply with SWIFT Customer Security Program (CSP) requirements and abide by the application installation and configuration guidelines. SWIFT hardware components need to continue to be deployed on-premises or in colocation facilities to establish and maintain connectivity.

This sure smells like a “rebuild your SWIFT connectivity ’as-is’ on public cloud.” So what do you gain? You still have to build and configure your infrastructure. You’re still responsible to maintain the infrastructure and apply upgrades. You still have a physical footprint to manage. You still have to build or retain the skills and resources to support a SWIFT infrastructure and the responsibility to comply with mandatory controls. This is not cheaper, better or faster. Instead, consider shifting from a “build and maintain” model to a “subscribe and accelerate” model that integrates a value-added, SWIFT-certified service bureau and a purpose-built cloud for financial services.

Imagine a model where your SWIFT infrastructure is hosted on a public cloud specifically designed to comply with financial services standards, fully maintained and managed by a team of SWIFT experts you can leverage at any time. You could connect to a worldwide network of fully redundant SWIFT gateways, guaranteeing the availability of your connectivity while completely eliminating the hassle of managing it. Sound too good to be true? This is achievable, but it requires a partner with the end-to-end capabilities and expertise to meet the complexities of the challenge.

So what’s the primary consideration if you are moving your SWIFT infrastructure to cloud? It all boils down to one question: “What value am I looking to gain from this initiative?”

The reality of a SWIFT infrastructure is that it requires a physical footprint to host hardware components. A migration to cloud will likely require you to maintain some components on premises or deploy them in a new colocation facility, thereby increasing operational complexity. Leveraging managed services, at least for key components of the infrastructure, will drastically reduce cost and risk.

Furthermore, although hyperscalers have accelerators and tools to help build the infrastructure, you are still responsible to deploy, configure, integrate, maintain and update your infrastructure. This requires you to develop and maintain highly sought-after skills and resources. Finding the right partner who can manage your SWIFT infrastructure will allow you to leverage a pool of specialized resources available on demand. These resources will support you through the implementation and run phases of your deployment. This team will also be available to recommend innovations and support you in future initiatives to adopt new SWIFT capabilities (gpi features, APIs, other messaging options, etc.) or to comply with future mandates.

Finally, complying with SWIFT Customer Security Program (CSP) controls is mandatory, and SWIFT’s multiple architecture models provide you options and flexibility to minimize the number and complexity of in-scope components. Leveraging API integrations or outsourcing certain components to a SWIFT Certified Service Bureau will enable you to simplify your annual assessment and transfer much of the responsibility to your partner.

Selecting the right cloud provider should enable you to go beyond the SWIFT mandates. When a cloud is designed for financial services, it addresses the complex operational, cyber, regulatory and technical risks that are unique to the industry. Only a cloud that addresses these risks can truly meet the needs for cyber resiliency, operational resiliency and operational efficiency.

For a cloud provider to stay abreast of complex regulations governing financial services industry adoption of cloud, it must join forces with leading financial institutions and industry regulatory partners to define and establish a security controls framework. It must then integrate these controls comprehensively into its IaaS and PaaS services and offer industry leading security capabilities and best-in-class encryptions to protect the most sensitive financial data. Such a cloud dedicated for financial services is designed to accelerate migration of most sensitive workloads in a highly regulated industry while reducing the risk, cost and time required for such transformation.

The migration of your SWIFT infrastructure to cloud may seem like a complex program to undertake. Fortunately, it doesn’t have to be an all-or-nothing approach. There are great gains to be made through a phased and strategic approach.

Think of the options that allow you to address your biggest pain points while minimizing the amount of investment: You can simply migrate your DR and keep your production environments intact. You can keep your messaging interface on prem while outsourcing your gateways and connectivity. You can maintain your environment as-is but deploy a third redundancy site on cloud. There are many other options you can consider that will drive value without a large cloud migration.

The right partner can help you not only assess options but think through and execute against the right combination of operating model, technology and skills needed to realize results in this dynamic environment.