IBM has launched the industry’s first financial services-ready cloud platform, IBM Cloud for Financial Services, which includes a set of security and compliance controls to operate securely with bank-sensitive data in the public cloud.
This was developed with Bank of America and Promontory, a global leader in financial services regulatory compliance consulting which IBM acquired in 2016. The controls will be maintained by IBM’s Financial Services Cloud Council, led by Howard Boville.
The market opportunity for financial cloud services is huge, said Boville.
“Practically without exception they (FIs) have moved three to four percent of their workloads to the cloud, so 96% to 97% haven’t moved.”
Large financial firms maintain their own systems in their own data centers with their own controls. Moving to a cloud would require them to build those controls with the cloud provider and then sustain them.
“That’s a huge, huge overhead.”
IBM’s Cloud for Financial Services allows banks and fintechs to innovate quickly with built-in controls that are adhered to by the entire ecosystem. So software as a services (SaaS) providers that sit on the IBM cloud have to follow the rules and controls that IBM has for all the software running on its financial services cloud. IBM will guide ISV and SaaS providers through each step of the onboarding process, which includes a technical and security assessment, workload migration, and readiness validation designed to address third- and fourth-party risk, the company said in its announcement.
“The IBM Cloud for Financial Services features a control framework designed to help financial institutions reduce expenses and accelerate revenue growth while fostering a secure and compliant partner ecosystem.”
The financial services industry, including technology partners, can now build applications with Red Hat OpenShift, migrate virtual machine workloads, and establish compliance profiles across their workloads– to help support their continuous compliance needs, the company said in its announcement. IBM provides built-in security and compliance controls for both cloud-native and VMware workloads.
To protect data across cloud-native and VMware workloads, IBM uses its fourth-generation confidential computing capabilities and ‘Keep Your Own Key’ encryption which gives enterprises technology-backed control of their own encryption keys so clients are the only ones who can control access to their data. That protects European banks using the IBM cloud from subpoenas under the U.S. Patriot Act because the cloud service provider wouldn’t have an encryption key. Europe and some other jurisdictions have passed laws to protect their citizens from the potential intrusion of the American regulation.
The IBM Cloud for Financial Services also provides technology redundancy. To protect against the failure of a single data center, IBM provides users with three data centers so even if two go down, the firm can still operate.
“We built our cloud offering very specifically for this target market. It’s priced like other general purpose clouds, so you can get all these capabilities and benefits at the same price point as you could from any other cloud provider.”
“It sits above the IBM cloud and other clouds so you can manage multiple cloud environments through a single pane of glass, and ensures you don’t get locked into a single cloud provider,” he added. “You can develop once and run anywhere. Other cloud service providers are becoming more proprietary, which introduces a huge amount of complexity with proprietary languages and interfaces your developers have to learn and then develop against. That just increases a huge amount of complexity in your environments and it diminishes the productivity of your developers. We work on open standards. Having an open platform is a better way to build deeper relationships with customers.”
In addition to Bank of America, IBM is working with several global financial institutions such as BNP Paribas, Luminor Bank and MUFG. The IBM Cloud for Financial Services is supported by an ecosystem of more than 90 collaboration partners including SAP, global systems integrators like EY and TCS, Independent Software Vendors (ISVs) and Software as a Service (SaaS) providers. It uses Red Hat OpenShift as its primary Kubernetes environment to manage containerized software across the enterprise, and includes more than 200 API driven, cloud native PaaS services to create new and enhanced cloud-native apps.