Cloud Wars: AWS vs GCP vs Azure
A technological arms race is being waged with three titans positioning themselves to be the cloud provider of choice for the biggest banks on Wall Street, the City of London and the financial heart of Asia, as financial services firms gear up for the evolutionary leap.
Google, Amazon and Microsoft are engaged in a lucrative battle to win this book of business, evangelising to an audience of skeptics and traditionally risk-averse personalities who control modern banking, with billion-dollar contracts at stake.
Cloud spend is soaring, and analysts at Gartner predict that by 2020 the cloud market will be worth $383.3 billion, suggesting a corporate “no-cloud” policy will be as rare as a “no-internet” policy might be today.
“It’s going to be difficult for financial institutions to compete if they are not looking at more agile ways of operating and how they understand their clients better through use of data tools, and how they can use machine learning to improve their business,” Adrian Poole, head of financial services UKI at Google told Radar.
Although cloud technology, which is the delivery of computing services such as storage, databases, networking, software and analytics over the internet, has been widely available for more than a decade, only in the last 12 months have banks themselves really warmed to the upside.
“After 40 or more years of legacy technology in banking, there is a real drive to modernize whether it’s driven by business or regulations such as the Payment Services Directive, or GDPR and why would you not take advantage of cloud?” said Poole.
Finance has until now been a relatively cautious adopter of cloud, focussing on risk assessment, security and the necessary controls, but all of this is set to change; consultants at Celent estimate that in the next three years, financial services firms are expected to triple the amount of data they are uploading to the cloud, at the main expense of private data centres.
The Big Three
Amazon, Google, and Microsoft are the three largest investors in cloud provision, having pumped more than $10 billion into data centers in Q4 2017, with analysts predicting a 20 percent rise on that number in 2018.
Amazon Web Services launched in 2006 and is currently the cloud provider of choice for a number of financial institutions such as brokerage firm TP ICAP, Deutsche Bank, and also Coinbase, the world’s most popular Bitcoin wallet.
“Amazon has been providing cloud services to financial firms since the birth of AWS,” said New York-based risk consultant Robert J. Green. “It was about two years ago they saw the need for a real specialization in financial services and broke out the vertical, hiring people from the wider industry to help it grow.”
Capital One, one of the US nation’s largest retail banks, aims to complete the reduction of its data centres from eight to three this year using a number of AWS services. AWS is also the current cloud provider of choice for a number of regulators, including the US Financial Industry Regulatory Authority (FINRA).
Google Cloud Platform (GCP) has fought back to challenge the dominance of AWS and has invested significantly in its service to attract financial institution clients. Their biggest win so far has been the HSBC decision to take its big data and analytics into the cloud.
Insurance giant MetLife, the South African lender Nedbank, and the Canadian multinational TD Bank are just three of Microsoft Azure’s financial services clients. The software firm has a long and decorated history as a provider of banking technology, with its Windows PC architecture forming some of the very earliest computerized trading systems.
Cloud wins the security battle
Poole has been at Google since 2016, and has witnessed a sea change in attitudes from firms in the last two years.
One of the major reasons has been a U-turn on security, with a notable swing in attitude from uncontrolled vulnerability to superior security in the eyes of regulators, particularly since a Financial Conduct Authority paper in 2016.
“Regulators view the use of cloud as similar to an outsourcing type arrangement,” said Poole. “They are most concerned about knowing who has access to the banks’ data, that the right controls and processes are in place, and there is an audit trail.”
This enables a prepared strategy should a problem emerge, allowing the regulated entity to extract that data quickly.
‘’Security is one of the main aspects that appear in early conversations with any firm’’, Poole said. “Google has a large number of security experts on staff and we witness almost every kind of incident on the internet. Business are beginning to view cloud providers as being more secure than on-premise solutions.”
The heavily regulated nature of finance and the ongoing security risks have helped forge a close relationship between HSBC, which has more than $850 billion in risk-weighted assets and holds a central position in global finance, and GCP, as they work together to ensure stringent security standards are met and continuously assessed.
Google, Amazon and Microsoft have pumped significant sums into security and data encryption to such an extent that no bank can match this level of commitment. Financial services firms will always remain responsible for the security of their clients’ data, but the core fortress will be maintained by the cloud provider, who can best afford to protect it properly now.
“One of the major advantages Google has is the sheer size of computing power,” said Poole. “We can move clients from batch processes, which can only provide hindsight, to real-time analysis.”
HSBC is migrating anti-money-laundering workflows around identification and false positive reduction, as well as machine-learning projects to cloud, including finance liquidity reporting (six hours to six minutes), risk analytics (raising compute utilization from ten percent to actual units consumed), risk reporting and valuation services. It cited the rapid provisioning of compute power instead of on-premises grid as a key outcome.
Options Clearing Corporation, a US clearing house, is also moving its operations to the cloud because it wants to leverage the security spending of cloud providers.
Bank messaging service, Swift, announced in March that it has teamed up with SAP to offer connectivity over the cloud, and Finastra entered a strategic alliance with Microsoft in the same month.
Adoption in banking feels as inevitable as the quest towards driverless cars, or for those in finance who want to hark back, the advent of the internet itself.
In December 2017, a 78-page release of cloud service provider guidelines from the European Banking Authority, covering everything from data and system security to audit rights and chain outsourcing, kicked off a wave of announcements, indicating that firms were looking for the green light.
IBM and Lloyds Banking Group inked a 10-year, £1.3 billion cloud deal last year, and HSBC also announced a similar length of partnership with GCP; the length of the contracts indicate that the infrastructure provider holds a coveted and influential position.
From ‘lift and shift’ to ‘move and improve’
GCP and AWS have been on a charm offensive to showcase the advantages of cloud infrastructure across every aspect of a bank’s ecosystem, not least the improved security, governance and regulatory posture which are fundamental to daily operations.
Discussions quickly move from security to how the new arrangement can help firms gain an advantage over competitors, not least by improving services for clients.
“For firms looking to do a straight ‘lift and shift’, the business case doesn’t always stack up, so clients should do their due diligence” said Poole. “What Google has seen is where there is a ‘move and improve’ or a need for transformation, real dramatic changes in terms of flexibility, capabilities and cost case can be delivered.”
Handing basic tasks over to machines to allow compliance, risk, surveillance and other analysts more time to do their roles is one major upside.
“There are a lot of roles where organizations want their people analyzing the data and doing the investigative work, not doing some of the repetitive, mundane work,” said Poole. “We allow the analysts to focus on the questions they want to ask.”
Sewing together the patchwork of data pockets inside a firm is one advantage, but the use of intuitive technologies such as machine learning and other forms of artificial intelligence goes much further.
Following the introduction of regulations such as the behemoth Markets in Financial Instruments Directive (MiFID II) with its unprecedented reporting requirements, alongside other burdensome regulatory reforms, banks are now drowning in data, desperate to better analyze what they have, and turn it in a strategic advantage.
Not only is the volume of what they hold and capture continuing to grow exponentially, unstructured data is also proving even more difficult to manage; the cloud offers a smarter way of storing and sorting.
Aside from security, another big play has been how they can help modern firms get an edge over competitors, alongside improving services for clients.
Firms seeking an advantage by upgrading their IT infrastructures, which in some cases are more than half a decade old, need computing platforms that provide greater agility at lower cost; for some this means months of testing if they want on-premise, or even entirely new data centres which carry an exorbitant cost.
“When considering cloud the first question is why would anyone build anything new on premise?” Poole said. “Within organisations it can be three to six months just to provision a server – perhaps just as a trial. Cloud allows much more rapid development of services.”
HSBC, as an example, took 130 years to measure its data in terabytes, and now counts in petabytes (one petabyte = 1000 terabytes). It held 6 petabytes of data in 2014, 77PB in 2015, 93PB in 2016, and expects to count more than 100PB in 2018.
Cloud as innovation driver
For a global, multinational firm, the benefits of public cloud computing are optimised for banks, their clients and customers when leveraged across jurisdictions.
As macro forces such as open-source software and cloud architecture create more opportunity to innovate at a higher pace and lower cost, there has been a general movement in the industry toward digital frameworks and business models.
Modern consumers also have much greater levels of digital literacy compared to 10 or 15 years ago, and want to see the same attitude shift from their own banks. Clients have converted to using tablets and smartphones, and can see the speed at which development can happen.
Technology has outpaced the laws that govern many aspects of global commerce to the extent everyone is being forced to rethink their approach, said Dervish Tayyip, assistant general counsel at Microsoft.
Shifting the permanent residence of data and applications to third party data centres, which may be located in other countries or even other continents, meant that cloud computing created a fundamentally new way of working and thinking.
The advent of machine learning technology applied to various use cases in compliance, customer relationship management and front office analytics, has helped progressive firms to take enormous strides in using data to get ahead.
Having a better understanding of their employee relationships helps them determine if resources are being allocated effectively, and in the right places, to produce better outcomes for both the company and its clients.
From conception through to implementation, new ideas and services can be added faster than ever; firms view cloud as being perfectly suited for an agile development approach that can reduce the time lag in being able to launch an improved or an internal platform.
This also leads to significant cost savings, at a time when regulatory demands, fines and compliance costs are higher than ever. Firms can instantly avoid large capital spending on physical servers and other infrastructure, which just continues to depreciate and also requires ongoing maintenance.
“There is an economic change from capital expenditure to operational expenditure; it’s not the main driver, however, it is more about agility, innovation and security,” said Poole.
Providers now offer compliance controls and features that are WORM (write once read many) compliant. SEC Rule 17a-4(f) specifies that “electronic records must be preserved exclusively in a non-rewritable and non-erasable format”. Cloud also enables companies to adhere to their records retention rules which may mandate that records need to be retained for up to seven years or longer in certain jurisdictions.
There are words of caution, despite the hype; moving away from current infrastructure and legacy systems is not an easy exercise done at the flip of a switch.
Several cloud providers told Radar they have anticipated these concerns and over the last 18 months have put systems in place primed to do the heavy lifting for banks and to ease the fears of compliance personnel.
Their persistence looks to have paid off; numerous surveys show banks, brokers and asset managers of all sizes are moving to cloud solutions consistently, including core financial applications and transactional systems of record.
‘We have found that most clients asking about these financial business application markets are solely interested in the cloud option,” said John Van Decker, research vice president at Gartner. “Many enterprises that currently run on-premise solutions want to move to newer solutions that put more control in the hands of the end user, and reduce the effort required when compared with on-premises upgrades.”