In the financial services industry, there is a growing interest in the cloud and its advanced capabilities to improve existing operations and innovate and transform business. Yet, when it comes to cloud adoption and implementation, there is still a lot of confusion. The most common misperception: Regulation is a barrier to the cloud.
Debunking the cloud myth
Our team at Microsoft has spent the last seven years working closely with financial services regulators and found the opposite to be true. Regulations are tech neutral to cloud computing, and our experience is that regulators are more open to cloud technology than when we started this journey years ago. That said, there is a lot of banking regulation that comes into play when using cloud services, and both banks and regulators want to get it right. Regulators are also modernizing their laws to address cloud computing.
The role of technology vendors
As banks look to third-party vendors for cloud services, our role goes beyond providing a scalable platform they can use to run and operate their business. Technology providers are also responsible for helping them understand the cloud journey; providing both financial services organizations and regulators with transparency in how they manage and operate their cloud services; and ensuring their customers have the control and security of their data to meet their compliance obligations.
Accelerating the compliance journey
As a global cloud service provider, Microsoft has made significant investments in helping the financial services industry meet and manage its regulatory responsibilities and accelerate the compliance journey. Here are a few ways we are doing this.
- Regulator Engagement: We have engaged with regulators to educate them about our cloud services and, importantly, have a dialogue to understand what is important to them. This enables us to share our ongoing compliance work and understand and anticipate new regulations to ensure our customers can use our cloud services accordingly. The European Banking Authority’s recent guidance on outsourcing is just one example of the modernization of regulation to permit use of cloud computing that we think will help the industry transform. We think the dialogue is important to advance the needs of regulators and financial institutions alike.
- Financial Services Compliance Program: We developed a unique program that allows firms and regulators to deeply examine Microsoft cloud systems, services and processes. This assures banks and regulators that Microsoft has taken the proper steps to secure data and mitigate risk. This industry-leading program also serves as a peer community of leading banks to share input directly to Microsoft. We take that feedback, and improve our services and capabilities to meet the needs of our customers, globally.
- Built-In Compliance Capabilities: Microsoft’s cloud solutions are designed with regulatory requirements in mind. Our Trusted Cloud is based on four foundational principles: security, privacy, compliance and transparency. And we provide the latest security and compliance features within Microsoft Azure, Office 365 and Dynamics 365 with supporting tools like Compliance Manager and Secure Score ranking.
- Trusted Advisor. Our goal is to act as an ongoing advisor with proactive resources and support to keep up with ever-evolving security threats and industry standards. We share security risks when we identify them, provide visibility into our solution roadmap, and offer tools to help assess compliance risks. We also recently released new compliance checklists to help financial services understand specific regulatory requirements in more than 25 leading capital markets.
The opportunities ahead
As cloud adoption increases, we also see the cloud as a compliance-enabler. As banks look at sensitive and confidential data and workloads, like payments in core banking, there are scenarios where cloud can offer greater security and controls than in their legacy, on-premises environments.
Another opportunity is hybrid cloud computing. This is a valuable option for financial services who want to keep some business-critical applications and data on-premises in a private cloud, while taking advantage of new public cloud capabilities like large-scale databases or AI and machine learning. Microsoft Azure is designed to work across on-premises and cloud environments to give you the best of both worlds.
Learning from the leaders
As more banks turn to the cloud, there is a lot we can learn from those at the forefront. UBS, the world’s largest wealth manager, is leading the industry in public cloud adoption by using Microsoft Azure for global scale, security, to improve business agility, reduce costs and gain a competitive edge. Key to UBS’s move to Azure was a significant focus on regulatory compliance.
Saxo Bank also aims to run its entire banking platform on Microsoft Cloud, thus providing an agile and highly secure environment for the bank to accelerate its digital journey and democratize financial services.
The future is in the trusted cloud
At Microsoft, we’re committed to earning and keeping the trust of our financial services customers, providing business cloud services based on principles of security, privacy and control, compliance and transparency; and a set of compliance offerings for those services, validated by independent auditing firms against national, regional and global financial industry requirements.
More than 80 percent of the world’s largest banks and 90 percent of the global systemically important financial institutions are Azure customers. This represents the highest bar for legal, compliance, security and acquisitions teams.
We look forward to helping financial services organizations in their cloud journey to achieve digital business transformation while meeting compliance changes along the way! To learn more about our Trusted Cloud and compliance work, visit the Microsoft Trust Center. And to learn more about Microsoft in Financial Services, visit our Financial Services page. You can also continue the conversation by connecting with me on LinkedIn.