Redefining banking for the multi-cloud age

Future Panel Sydney

With data emerging as the corporate world’s most valuable commodity, the shift to full cloud infrastructure (increasingly critical to support and decode this influx of data) is all but assured for the financial services sector.

We’ve taken a snapshot of featured insights from the opening panel discussion of the Future of Financial Services, Sydney 2021 event. Leaders from Australia’s banking and tech sectors explored the financial industry’s shift to and benefits realised from cloud (and indeed multi-cloud) infrastructure, talent nurturing to support this new ecosystem, regulatory conformance, and allaying lingering doubts around cloud security.

Featured speakers on the panel:

  • Cameron Meindl, ex-Chief Platform Officer, Banking-as-a-Service, Westpac
  • Greg Dalton, Head of Transformation Delivery, Westpac
  • Rinesh Patel, Head of Financial Services Industry, Snowflake
  • Sean O’Malley, Group Executive, AMP Bank

Panel moderator: Luke Hannon


Hannon (Mod): Let’s talk about the pivot to cloud. As financial services migrate more to the cloud, what are some of the industry trends you’re noticing?

Patel: What we’re hearing continually from our financial services customers across the globe and across the ecosystem is about the shift into multi-cloud.

Multi-cloud seems very much to be top of mind for our financial services customers by way of the strategies they’re implementing – and for good reason. If you think about a typical financial services business customer today, they’re already grappling with multiple cloud environments, public and private, and have to decide which workflows or workloads to put where and to manage that complexity – not just tech complexity but the commercial complexity as well. Now, we’re seeing them having to grapple with reviewing multi-cloud in line with mitigating regulatory concerns.

We’re seeing regulators paying increasing attention to the systemic and concentrated risk of building on a primary cloud and are mandating exit strategies to put in place to support business continuity.

 

The first regulated corporate guidelines were set by the FCA [Financial Conduct Authority] in the UK, but we expect that to be the first of many to follow. Many banks in Asia and indeed Australia have an international presence, so it’s something that is very topical in this region as well.

O’Malley: I’d certainly agree with Rinesh [Patel] on the point of resilience; it’s key. And resilience across multiple risk types. Whether it’s about availability or about strategic risk, the point is to ensure that there is resilience in the choices that we, as businesses, are making about who we partner with, both for immediate delivery but also longer-term as the market continues to change for cloud services.

Meindl: You’ve always got to have a plan around where you’re going to move to. With material outsourcing and CPS 231, you’re required to have a path for how you’re going to manage these [cloud] providers.

Multi-cloud is a good way to prevent vendor lock-in.

But then it provides some technology debt as to how you manage across those and become cloud-agnostic. That requires very modern tech stacks to make it work, but it’s a really important place we all need to move to in order to meet our regulatory obligations.

Patel: Whilst everyone’s looking at the half glass empty and the associated risks, we need to emphasise the point around opportunity. We and our customers architecting right now for the future, for the next five, 10, 15 years.

“The one thing we know is customers will change their behaviours, and we need an architecture that can adapt”

The use cases the industry is solving for now, they’ll be very different in five, 10, 15 years’ time. We need to have an architecture that is open, an architecture that gives you a choice – choice of cloud providers, choice of cloud regions, choice partners, i.e. an open platform, which is very much top of mind – and multi-cloud supports a large portion of that thinking as well for our customers in financial services.

 

Hannon (Mod): You spoke about the pivot over the next five to 10 years. What skills are you finding are going to be highest in demand as these structures and ops evolve?

Dalton: We’ve seen in the Australian market in the last 18 months to two years unprecedented times with Covid; the war for talent has never been greater.

Working for one of the major four banks, trying to procure the right level program managers, particularly business analysts and architects, has been challenging.

 

To be able to procure this talent, we’ve embarked on a strategy of building ‘persistent teams’, as opposed to models where, predominantly, we’ve gone to the short-term labour force for itinerant labour, such as contractors. We’re pushing towards building a sustainable model where we can identify the right people with the right skills, give them education and training, and then hang on to them by providing the right support to grow their careers with us. That is critical for any large organisation moving towards a three- to five-year roadmap.

What I’ve seen in the past – and I’ve been in this role for about half a dozen years – is a lot of our good, talented people come in as itinerant workers and then move into the next job; we lose a lot of the skillset we’ve invested in. So, making investments in the right people and getting them on the journey of what we call a ‘persistent team’ is our short- to medium-term strategy.

Patel: Enablement is very much core to what our customers are looking to do, organisationally with product people and process, if you will. This is a journey for our customers and one that starts with people. We’re already seeing organisations put in place Centres of Enablement or Centres of Excellence to be able to support an organisation in making that pivot – not just planning but also in executing and bringing in various talented individuals across the organisation to areas of data accountability and governance.

Data is going to be huge, and there are a lot of individuals that are going to be part of that journey in understanding the minutiae of [data] access, usage and lifecycle. They’ll be crucial to helping organisations make that pivot.

 

Hannon (Mod): It’s fascinating to consider organisations putting so much effort into strategic planning, investment change. Sean [O’Malley], let me come to you with this one. What are the key components that underpin the success of our respective organisations?

O’Malley: We certainly do put a lot of time into considering strategic investments and thinking about the markets in which we operate, and forming an idea of where and how we’re going to win, and the capabilities we need to build to win in those markets.

The model that was centred on ‘Okay, we have a clear strategy, we’ve got a group of initiatives, we’re going to form a big project team, and that program team is then going to execute against that‘ has really changed, and is changing rapidly, to something where a combination of the persistent team, the business, change professionals, and tech teams, all need to work hand-in-glove together. That’s more of a continual iteration of the capability and continual delivery of the capabilities to achieve the strategy, as opposed to the big projects that would do a big drop and then be done, and as Greg said, disperse off and have a loss of capability. I do think we’re moving that way.

When we think about the opportunities that technology and cloud raise, we also need to think about how we upskill and build the capability and business leaders to capitalise on those opportunities.

 

Meindl: To follow on from that, it’s really important to start to embed some tech capability within the business side. I’ve moved from technology to the business side for that very reason. If you can embed some technical capability and get the right decision-making in the business, it makes things a lot easier when they simplify their processes to allow this delivery to occur.

Dalton: One of the things I’m also noticing with talent is, when we’re building out these persistent teams, we also need to look at the ability around collaboration skills. Sean touched on it a little earlier.

Historically, we ran big projects as silos to go and deliver capability to the business as opposed to with the business.

 

We’re trying to build a model where we work with our business leaders, with our other tech support partners and digital et cetera to collaborate and deliver with the business. That’s been quite a significant change – albeit subtle in language – in the direction we need to take going forward.

 

Hannon (Mod): Rinesh, let’s talk about the enormity of moving an established, highly regulated business to the cloud; it’s certainly not a trivial task. What do you see as key challenges that your clients tend to experience on their journey to cloud?

Patel: There’s a multitude of challenges our customers face, some of them have just touched upon in terms of enablement. But the one that springs to mind for me in financial services is data management.

Contrasting with other industries – and I work with peers across retail, healthcare and life sciences financial services is the only industry that is dependent on ingesting third party data on a daily basis to perform its functions, i.e. trading, transactions, risk etcetera.

If you think about what happens today, there’s the physical movement of data through APIs or XMLs, from a data vendor to a customer to support those functions. The challenge is that whilst organisations want more and more data to be able to be more data-driven, they’ll also inherit the data management complexities that come with that, i.e., how do they normalise that data, cleanse that data, code that data, put symbology behind that data? What customers are now waking up to is the realisation that being data-driven needs to be really thought through in terms of how they put a data strategy together that reduces some of those data management complexities.

You’re going to see a lot more in this industry around data collaboration and data sharing as a concept to reduce data management friction that exists in financial services.

 

Meindl: If you think about it from a regulator’s point of view, the regulator becomes really interested in what your IT operating model is. If you think about cloud, you have two flavours: you’ve got cloud that you manage yourself and you’ve got the Software-as-a-Service model. How do you govern your data and how do you keep that secure?

One of the things that we’ve done successfully is to bring your own key, where we actually maintain the security team for SaaS providers.

 

Often, we’ve actually given the cloud provider accounts for them as well.

So, when you talk to the regulator, you can say, ‘Actually, we have complete control of the data.’ We can take it back, we can clear it, and then use modern technologies, like streaming, to move the data into your organisation. In this case, if something does go wrong, you can talk to the regulator and say ‘We’ve actually got a copy of the data ourselves, we’re not completely reliant upon this provider!’ It gives you some options about what you might do in the future.

With modern technology, you can actually make the regulator happier about what you’re doing and make them comfortable. Then, it’s really a conversation with the regulator about where you need to get to.

O’Malley: I agree with Cameron. An important component, more and more, is to understand that we’re now aggregators of services. We’re increasingly partnering with not just one or two but multiple partners across a certain customer experience or a certain customer journey. Partnering is indeed an important component and an important capability for us. The question is, how do we partner and govern those relationships effectively?

Talking with regulators, that’s certainly a point of interest from them – that is, not just concern with our underlying cloud provider, but also any other partners that are part of those experiences.

 

Hannon (Mod): A question from the floor. How much responsibility is on us as financial institutions to help take the regulators on the journey of Open Banking and CDR, given that it’s quite unconventional?

O’Malley: It’s a really good question.

There’s a lot of onus on us as financial services as an industry to… help educate the regulator.

 

But being really open and transparent, I think, is the answer here. It is certainly on us, and our approach is to be as open and as transparent as we can be to sharing our understandings, our direction, and our strategy. Things are moving pretty quickly and it’s hard for everyone to stay completely up to date.

Meindl: If you think about the regulatory outcomes they’re looking for – control of safety and protection of customer data and customer rights – then the ways we as an industry achieve that can be very different.

It’s really up to us as organisations to come up with appropriate ways to manage those risks and drive those through. That’s a conversation with the regulator about how you’re achieving that; that requires a journey with the regulator about where you’re going and how you’re going to achieve the outcome that they’re looking for. They may not be very prescriptive about how you get there, so it really is up to us to drive out that journey with them.

 

Hannon (Mod): Another audience question coming in. Digital banking is the ‘new thing’ thanks to technology. Is there any challenge for physical banks to get data from a physical database to the cloud? Will virtual banks be the future?

Patel: As I touched upon, digital banks have understood that building in the cloud means they can reduce a lot of the cost base of being a physical institution. But the thing they’ve really understood is how they can collaborate more and more with data without having to manage a lot of those data management complexities.

Established banks are really looking at the model of the challenger and digital banks, particularly in terms of how they’re increasingly using data to be more customer-driven and to inform their next best actions, as well as, crucially, how they’re managing that data management complexity. The digital banks’ ability to leverage cloud tooling and services available to operate their businesses at a really high level could be seen as best practice for some of those physical banks looking to make that pivot.

O’Malley: ‘Digital banking’ will probably disappear as a term.

We won’t talk about digital banking very much because it’ll just be ‘banking’.

And it’ll be available everywhere. It’ll be integrated into all of our experiences and you simply won’t think about ‘digital banking’.

Certainly, if I think about direct competitor banks, typically physical banks, the priority and demand there is to be able to seamlessly integrate [their services] – that horribly overused term of ‘omnichannel experience’ comes to mind. That’s really what customers expect. Whether I’m on a digital device or I’m talking with someone in the contact centre or visiting a branch, for customers to stop, start and be able to pick up from whoever is helping them and in whatever way or channel, and seamlessly, that’s where we all need to be. I know a lot of work’s going on in the space.

Meindl: For those neobanks, I find it’s a little bit easier; they’re not trying to be everything to everybody. They have quite a clean set of products, and they can target a set of customers or anywhere with a set of products.

Larger banks today are dealing with a lot of complexity across some really broad product ranges. It’s going to be interesting to see how you target really specific niche product experiences when you have this broad range of capabilities. The neobanks don’t have that problem; they can be laser-focused on a set of experiences and a set of customers and deliver that really well. That makes it easy for them as well.

Dalton: My belief is that customers are really seeking expertise in price and service delivery.

Obviously, through digital banking, service delivery and speed is there.

There is a large cohort of customers who aren’t as financially educated as many of us who work in financial services – customers that still need that face-to-face expertise and advice around product choice and value. For a lot of us, that’s going to be there for a long time.

There’s this idea that the branch is dead and it’s all going to be digital in the future; that may be true for some customers, but there is still a significant cohort out there that value face-to-face interactions, to be talked through and understand what options they have, and for us to offer them that person-to-person perspective rather than just through a digital platform.

 

Hannon (Mod): We need to keep our customers’ data safe. Is there this perception that the cloud is riskier than on-prem?

O’Malley: I don’t think there’s any reason to believe that cloud is any more risky; the risks are a little different.

The onus is on us as banks to understand those risks and then have appropriate ways to manage and mitigate them. Nothing that I’ve seen would suggest that it’s riskier per se. But there is a difference. There are risks as we transition; there’s also risks when we run in that state.

One of the risks we’ve talked about is the concept that, actually, it’s someone else’s concern; it’s a black box to us and we don’t really understand what works. I don’t think that’s an appropriate way to think about these services.

There’s certainly a difference between running our own data centre or running our own on-prem. But I don’t think it’s any riskier, just different.


This is an abridged extract from the first featured panel discussion at the Future of Financial Services, Sydney 2021 event.