By Nigel Moulton, EMEA CTO at VCE
Regulatory compliance is the price of doing business today. As CIOs charged with taking responsibility for information management in financial services we all speak the language of compliance. Red tape continues to bind us all and there is no sign of it ending. Instead we all have to meet increasingly stringent rules on how we collect information, process it, use it, store it and share it. Failing to meet these rules results in financial penalties and, even more serious perhaps, damage to brand and trust.
On the other hand we can’t allow compliance to get in the way of progress. In KPMG’s recent Global Transformation Study more than a third of insurers (37 percent) said that the potential for regulatory change represented a major threat to achieving their transformation objectives. So the question is raised: how can we continuously offer new services and improve existing processes without taking our eyes off the compliance ball?
How can we continuously offer new services and improve existing processes without taking our eyes off the compliance ball?
The question is particularly pressing at a time when companies are changing the way they deploy IT services. Most people in IT will agree that cloud computing has had an enormous and positive effect, accelerating the speed with which we can implement new services and try things without incurring onerous costs or being too slow to market. But the public cloud also still sets nerves jangling in financial services where data privacy and security are essential.
Despite initial concerns, the finance sector has been warming up to cloud over the years, but generally adoption has come for commoditised, non-differentiated services or for trials and tests. One way of remaining compliant while ensuring you benefit from the cloud to support business transformation is to adopt a multi-track approach. Keeping sensitive data on site in a traditional on-premises datacentre. But also using private clouds for a slightly lower category of information. Thereby getting the best of the cloud for high levels of utilisation and to move workloads, but without needing to break established rules and protocols around movement of data outside of premises, countries or regions, which would raise a red flag.
One way of remaining compliant while ensuring you benefit from the cloud to support business transformation is to adopt a multi-track approach.
Whatever type of financial services business you work for this approach has benefits. For larger, more traditional finance institutions that need to clearly identify the newer markets they wish to engage in, and build out a new set of (predominantly software based) service offerings, adopting a set of cloud first principles will help support that change. For new entrants in this space, although they are able to move quickly with ideas, because they aren’t hindered by legacy technology, they still have to play by the same compliance rules.
Moving ahead of the game
So what’s the best way to move to this hybrid approach, quickly taking advantage of what the cloud has to offer?
Acquire Infrastructure As A Service (IAAS) capability rather than using in-house IT teams to build it for you: this action alone results in a dramatically faster time to market, reduced operational cost and an IT Department that is better able to focus on innovation projects as opposed to maintenance activities
Foster and develop a culture that is able to support agile software development capabilities: this will almost certainly mean hiring new staff and partnering with external companies to deliver quantifiable results. The products and services you produce do not have to be perfect day one, but they have to be good enough, and through customer interaction and feedback they can evolve to meet the changing needs of customers.
By learning these principles, making appropriate investments, and engaging with IT to lead the way, then compliance doesn’t need to hold back the journey towards a platform business.