Steve Whatling, MD at Keysource, looks at the data challenges facing the financial sector and what lessons can be learnt from economic and political instability…
The financial sector has gone through phenomenal change over the past decade. If we go back 10 years to the mid-2000s, the banking sector was entirely different. It was all about growth, with some financial institutions putting together 25-year strategy plans confidently based on year-on-year growth.
The retail banking platforms were still relatively traditional with low adoption of electronic banking as many customers still visited the branch network to carry out transactions. The CIO/CTO was often not part of the senior team and the data centre was the responsibility of the real estate or property department.
Whilst banks have always been concerned with privacy and security issues, at this time there was low confidence in the security of cloud provision, so they retained total control of their operations. There was no real outsourcing model and, as a result, with the exception of one or two, they decided to build and run their own data centres – and of course they could afford to! So they built huge facilities in anticipation of this predicted growth and invested heavily.
Ten years on things are very different. The industry’s promised growth predictions have proven to be incredibly flawed and recent years have seen the global system in crisis, with the UK government stepping in and rescuing some institutions.
Looking forward it is unlikely that we will see any new data centres built in the UK for the financial sector for many years
At the same time, we have seen a phenomenal uptake of electronic, online and mobile banking, which has created a greater emphasis on the importance of technology and data. It has also been used as an enabler to reduce headcount, creating much-needed savings.
As a result, the CIO/CTO is now right at the heart of everything with the IT strategy fundamental to the business. The financial sector CIO/CTO has had to embrace outsourcing and consider cloud provision but is now also responsible for the property and Facilities Management associated with IT too.
Looking forward it is unlikely that we will see any new data centres built in the UK for the financial sector for many years. The sector is quite simply overprovisioned after building huge, highly resilient Tier IV and secure facilities in the early to mid-2000s that even the increase in electronic banking is failing to fill. There has also been considerable consolidation in the sector which has further exacerbated the issue.
There are also some legacy facilities which are outdated and run inefficiently as unfortunately there hasn’t been enough investment available to upgrade in recent years.
Meeting today’s IT demand
What we are seeing today is institutions looking at their data centre facilities and trying to optimize the asset wherever possible by seeing how they can be more suitable for their current requirements and potentially commercially viable. This might involve selling, upgrading or subletting.
There are a number of additional challenges facing the sector. A key area is how to keep aligning the business to its fast-moving and ever-changing environment. There is no doubt that electronic banking will continue to grow and more IT investment will be required to meet the needs of the influential millennial generation.
The impact of Brexit is as of yet unknown but it is likely to affect how British banks are operated and where their data is located
Whilst we will continue to see significant growth within the electronic banking area, the real opportunities are in the emerging countries in Asia and Africa. Their systems are often years behind and the industry in some countries is really in its infancy. They will benefit greatly from the lessons learned by the West and our experience and expertise.
The impact of security and regulation
For the UK, the impact of Brexit is as of yet unknown but it is likely to affect how British banks are operated and where their data is located. It may also result in another economic downturn or recession.
Cybercrime also continues to rise, which can be damaging not just for customer confidence but also for the overall brand. This should be considered as the sector starts to relax some of its security with cloud adoption.
The regulatory environment for those working in the financial sector is a further challenge – increasingly complex and still evolving, with firms having to devote more resource to governance, risk and compliance issues than ever before.
There has been a steady stream of legislation for several years now and this is set to continue with new regulations in the form of MiFID II, REMIT, MAD (I&II) and MAR that will make the need to monitor financial transactions even more important. In fact, a recent Thomson Reuters ‘Cost of Compliance’ survey found that 70 percent of firms are expecting regulators to publish even more regulatory information in the next year, with 28 percent expecting significantly more. This creates challenges for financial organisations in terms of resources, expertise, and cost.
One of the most significant pieces of legislation to affect the financial markets so far is the Dodd-Frank Wall Street Reform and Consumer Protection Act, introduced in the US in 2010, which required, for the first time, organisations operating in the OTC derivatives market to record all oral communications relating to daily trading activity. The Act doesn’t just apply to US-based financial institutions but also non-US-based institutions that trade with the US. Now we are seeing other G20 members also putting their own legislation into place that is equally, if not more, stringent. We are also seeing continuing confusion around the Safe Harbour regulations and we are awaiting guidance on how other EU agreements will be affected by Brexit.
Flexibility is key
The key lesson to be learned therefore must be about flexibility. While arguably no-one could have predicted the economic downturn, and the dramatic effect it would have on the banking industry, the strategy that was followed at the time enabled no room for a change in direction. More thought must be given in the future to scalable and future-proof solutions.