An Update On Cloud Services For CFIs

Anvil clouds are a sight to see. They form during thunderstorms and look like thin umbrellas, or anvils, stretching across the sky for miles. It forms when the updraft from the storm reaches the tropopause--the boundary between the troposphere and the stratosphere. From there, the air spreads out and forms the anvil cloud. While these clouds can be beautiful, they are also associated with weather disturbances, including heavy rain and strong winds.Speaking of clouds, community financial institutions (CFIs) avoided the use of cloud services due to regulatory and security disturbances for years. However, as cloud technology advances, providing additional layers of security, and regulators offer more detailed guidance, that may change. Increased cloud spendingMore than nine out of 10 financial institutions surveyed recently by the Cloud Security Alliance are either using cloud services or plan to do so within nine months, which is 2x the number in 2017. Global cloud revenue is forecasted to rise 16% this year to $474B, according to research firm Gartner. Furthermore, public cloud spending is expected to represent 45% of all enterprise IT spending by 2026, up from 17% in 2021. While only 12% of financial institutions in North America use the cloud for their business, it is expected to double in 2Ys according to Accenture. Big banks, like Goldman Sachs and JPMorgan Chase, seem to be leading the way. David M. Solomon, the chief executive of Goldman Sachs, says “it’s got to be done with high levels of security and real protection of data and information…That’s why you’ve got to go slowly and you’ve got to go cautiously.”Regulatory view on cloud servicesRegardless of the benefits of cloud systems, connecting an institution’s often dated or disjointed legacy systems to more modern cloud systems can give rise to regulatory issues and delays. While regulatory guidance has existed for 10Ys, many financial institutions think the regulatory direction will become clearer. Indeed, a Google/Harris study found that 88% of financial leaders had an overall positive view of how regulation will eventually provide “guidance and clarity” on cloud usage going forward. In fact, the Financial Industry Regulatory Authority (FINRA) recently moved to the cloud and notes that the organization is spending only a small portion of the tens of millions of dollars it cost to support in-house servers. However, Steven J. Randich, FINRA’s chief information officer commented in the NY Times that “there’s a way to do it right and there’s a way to do it wrong.” Getting it wrong could open a financial institution up to cyber breaches.Hybrid cloud architecturesConsidering the regulatory and privacy implications of storing customer information and other private data in the cloud, many traditional financial institutions using the cloud have employed the use of “hybrid cloud” architectures. These combine elements of public and private clouds with an institution’s on-premise systems, to make the most of cost-saving benefits while still keeping the most sensitive data protected and compliant. According to a 2021 study by Google’s cloud division and the Harris Poll, which surveyed over 1300 global bankers, 83% of their institutions are using the cloud as part of their main systems and 38% are using hybrid cloud architectures. This was followed by 28% that utilize single or private cloud systems.  Many CFIs will likely remain on the sidelines of cloud services until security and regulatory concerns are fully resolved. Yet, those concerns may be resolved earlier rather than later. So, make sure you have done your research and are ready.