Has the FCA given a silver lining to specialist cloud providers?

The FCA guidelines advised firms to take note of the cloud for their outsourcing strategies.

After the Financial Conduct Authority (FCA) stated that there is “no fundamental reason” why financial firms cannot implement cloud services, service providers should benefit from an influx of demand from the financial services. Firms should no longer be fearful of breaking their regulatory obligations as a consequence, and the benefits cloud can offer to them are plain to see.     

Helping with City activity 

Cloud can offer flexibility, scalability and availability to financial firms, as well as a solution to the outage of other servers or IT delivery platforms. With Thomson Reuters indicating a high level of M&A activity in the City after Brexit, private cloud based IT infrastructure offers an easy solution to the scaling up or down of a financial firm throughout its corporate lifecycle. Furthermore, cloud services allow for the transfer of data to alternative platforms should an outage occur. 

The FCA guidelines advised firms to take note of the cloud for their outsourcing strategies, but have warned that data relating to their organisation must be held in suitable jurisdictions. The FCA requires oversight of any data relating to financial services – so data residency policies should be agreed before storage occurs. The majority of cloud providers allow firms to dictate where their data is stored, replicated and backed up, not only adhering to these FCA guidelines, but also making cloud even more attractive to financial services.

Is security still an issue?  

There are certainly a number of individuals still with misconceptions over the cloud’s security levels. In general, cloud boasts superior security over internal IT infrastructures that are currently used by the majority of the financial industry. Most data breaches take place on-site, with security issues tending to be linked to the operations and controls of the end-user, rather than the cloud provider. 

Firms are ultimately responsible for the security and location of their data, and as result cloud providers must be audited to ensure they can meet regulatory demands. Once cloud services have been deployed firms must undertake due diligence through regular assessments of the provider’s security. 

How is the FS industry different?  

Due to the level of regulatory compliance in the financial services sector, it is specialised cloud providers that will be most suitable in contrast to ‘off the shelf’ solutions offered by Microsoft, for example. Niche providers can better understand a financial firm’s requirements for around the clock service, and the higher levels of regulation they must adhere to. 

Specialist cloud providers can enhance a firm’s delivery of IT service, are able to better understand the specific requirements particular firm, and can provide a bespoke solution. 

Some financial firms may still fail to see what cloud can achieve for their business, but the new FCA guidance should encourage the sector to view cloud as a viable option when considering their infrastructure budgets next quarter. It should be remembered that the term ‘cloud’ is extremely broad, and so should not be rejected based on misconceptions and generalisations. By conducting research into the more specialist options available, financial services firms will undoubtedly reap the rewards of implementing some form of cloud based service.

Robert Rutherford, CEO of QuoStar
Image Credit: Everything Possible / Shutterstock

ABOUT THE AUTHOR

Robert Rutherford is chief executive officer of QuoStar, a consultancy specialising in business technology. Founded in 2005, it offers business improvement and technical consulting, outsourcing and cloud services.