Modernizing the legacy IT landscape can be an effective way out of the outlined dilemma. Cloud technologies can provide a solid foundation for doing so. Both from a functional and technological perspective, cloud services offer highly standardized IT services from the provider’s data centers. They are highly automated and completely independent of physical hardware. This allows institutions to adapt IT services to their actual needs elastically and without delay, rather than aligning their IT capacities with peak demand, for instance at the end of the month, as has so far been the case. Cloud services thus offer a high level of flexibility in implementing business requirements, while boosting speed and reducing risks.
Regulatory requirements increase pressure
Regulatory requirements such as BCBS 239 force larger banks in particular to speed up their reporting processes significantly. To meet reporting deadlines, long-running calculations are optimized—which often involves making considerable investments into hardware. This results in permanently higher fixed costs for computing machines that are only ever used for reporting and otherwise remain idle.
Cloud computing offers new ways of accelerating such processes. With the standard software "zeb.control", we have succeeded in transferring credit risk simulation to a cloud infrastructure and, by temporarily using massive processing power, reduce the processing time for a medium-sized institution from 16 hours to 10 minutes—at one eighth of the cost! We achieved similar results for the profitability analysis with 40 million cash flows, which was reduced to 5 minutes in testing. In both cases, such calculation runs cost approximately 5 euros.
Banks remain hesitant
Despite these advantages over traditional IT delivery models and the fact that cloud offerings have been around for years, German financial service providers and banks are still hesitant. One of the reasons may be that using cloud services can represent a material outsourced activity pursuant to MaRisk AT 9. However, the supervisory authorities are now highlighting practicable ways of implementation and cloud providers are loosening their contractual terms. The enormous benefits for financial institutions and the huge market potential for providers will lead to further convergence.
The use of cloud services and the integration into existing IT systems require institutions to open up their data centers. We believe that the resulting security risks can be controlled. There are tried and tested mechanical mechanisms to secure this opening and the connection with the cloud provider, and cloud providers’ security standards are generally higher than those in internal IT operations.