Business Applications

Many banks started with systems built more than 40 years ago, when the requirements consisted of accounting for products and business transactions between 8 AM and 5 PM, only in branches, without real-time processing. So, moving to digital and now remote access has been hard and many banks still have significant legacy.

Banks also need to reduce the cost to serve, as Digital-only banks have achieved much lower costs ($26 to $65 – per account compared with $220 for a mainstream bank [1]).

Post pandemic, 66% of banks said they expect to increase investment in digital banking and services, 74% said that modernizing core banking and payment platforms was a greater priority [2].

To modernise their applications, banks seeking to re-platform applications, introduce SaaS applications, or to create an API environment to surround legacy applications to allow digital platforms to be introduced and remote working to be allowed. Containerisation of legacy applications will be a necessary step in the large-scale migration of workloads to public cloud and allow workloads to shift across a hybrid multi-cloud architecture.

Compute & Cloud

By their very nature digital platforms leverage hyperscale infrastructure from cloud providers in computing, data storage and security to deliver scale, reliability and customer experience. Banks were slow to adopt cloud due to security and regulatory concerns, but adoption is now growing fast.

There will be a major shift toward cloud as the primary venue for workloads over the few  years, with public cloud IaaS and PaaS serving as the primary environment of workloads. A 2022 survey suggests that 15% of workloads have migrated to the cloud, up from 8% in 2021. Enterprise applications (e.g. email) are the most migrated at 35%, followed by Data & Analytics at 20%, Customer Engagement at 21% and finally Core applications at 7%. The 85% of workloads that have not yet been migrated will be much harder to move. They represent the more complex workloads that remain trapped in legacy systems [1].

44% cited the main benefit of adopting cloud as being the enhanced ability to automate processes, while 40% cited the enhanced ability to develop new products and services [2] Security & Compliance risk, Legacy infrastructure, complexity of change and lack of cloud skills are the main barriers to further adoption. 

70% of banks have a Multi-cloud strategy [3], these architectures are seen as key to delivering agility, cost and performance while addressing security and compliance challenges. Eventually, container-driven application portability in a hybrid or multi-cloud IT architecture will enable the multi-directional movement of workloads to best execution venues on an ongoing basis for optimisation of cost and application performance. Unsurprisingly, 81% believe a multi-cloud strategy will become a regulatory prerequisite after several years of regulatory focus on cloud technologies in the UK and the US [4]. Skill shortages are key inhibitor with banks seeking cloud platform, security and machine learning expertise.

Digital Workplace

Organisations must now provide a digitally enabled, flexible and collaborative working experience to attract and retain staff. They must also move beyond the fast reactions required to achieve a lockdown, where over 70% worked from home [1], and deliver an ongoing hyrbid working environment.

In the new normal, the percentage of basic banking needs handled in-branch could be as low as 5%. In some markets, this may translate to 25% fewer branches [2]. Remaining branches will evolve into advice centres as banks offer wealth management products to a wider audience. This will drive new digital workplace and customer interaction needs in the branch.

A modern collaborative digital workplace is critical to a remotely located workforce. It ranges from access to HR applications and core business applications to e-mail, instant messaging and enterprise social media tools and virtual meeting tools. 

Security, Compliance & Data Privacy

Security especially with data breaches is high priority issue. Consumers and businesses  expect banks to operate at a very high level of security and privacy, this includes identity management, data security, privacy management and cybersecurity.

Delivering this across a hybrid cloud and remote working environment is challenging given the ever-increasing number of attack surfaces. Most banks will spend at least 10% of their total budget on cybersecurity [1]. A considerable portion will go to cloud security, reflecting the shift to cloud-based business models.

In 2021, 63% of financial institutions experienced an increase in destructive attacks, an increase of 17% from the previous year [2]. In 2022, Akamai Security Research observed a colossal 3.5x growth in web application and API attacks against financial services. In 2022, DDoS targets increased by 22% in the financial services industry [3].

Whilst banks need to secure their own organisation, more than 80% of Financial Services attackers target customer accounts rather than the organizations themselves [4]. During the pandemic banks have seen a 35% increase in fraud attempts through digital channels [5].  Facility takeover fraud [i.e. where a bank account is hijacked by a fraudster] went up over 20% in the first nine months of 2020 [6]. Identity theft is the second most-common type of fraud in Europe, and 56% of Europeans have experienced at least one type of fraud in the last two years. The statistics show 25% of Europeans exposed to any fraud suffered financial damage, causing a total loss of around €24 billion in two years [7]. Whilst 83% of consumers trust their banks’ security measures, half believe their financial institutions should provide additional protection [8].

According to IBM’s Cost of a Data Breach 2022 report, data breaches against financial services, which is considered “critical infrastructure,” has an average cost of $5.97 million, about 75% more than the similar costs for other organizations [9].