Time’s up: why Australia’s financial institutions must accelerate their cloud migration journeys

So far, Australia’s financial institutions have only dipped a toe in the public cloud waters. In the post-pandemic era, they will need to dive right in.

After seeing what Afterpay and its many imitators did to credit card companies’ profits from 2014 onwards, you might assume Australia’s financial institutions would never again want to be caught napping by tech-savvy new market entrants. Yet history looks set to repeat itself if venerable incumbents don’t complete their cloud migration journeys quickly enough to hold on to their customers, especially their younger, digital native customers.

It’s estimated that Australia’s businesses, including its finance sector businesses, have only about 25% of their IT infrastructure on the cloud. If they want to remain competitive, they will need to get all or most of the remaining 75% on the hybrid cloud by 2025; Gartner estimates that more than 95% of new digital workloads will be deployed on cloud-native platforms by then.

What’s the hold-up? Why isn’t everything on the cloud yet?

Collin Penman, Kyndryl’s acting chief information security officer and security practice lead, and Anandh Maistry, Kyndryl’s banking and insurance managing partner, concede that there are valid reasons Australia’s financial services businesses have moved slowly in embracing a hybrid cloud future – that is, availing themselves of the ever-growing number of applications (such as software as a service – SaaS) and microservices available on public clouds.

The recent history of Australia’s financial services sector can be divided into three eras: pre-pandemic, pandemic and post-pandemic. Broadly speaking, in the pre-pandemic era Australia’s financial institutions were modernising mainframes, creating (internal) private clouds and experimenting with putting some relatively unimportant workloads on (external) public clouds.

During the pandemic, with staff working remotely and customers unable to visit branches, financial institutions had to make wider use of public-cloud-enabled applications such as video conferencing. However, they were still reluctant to let sensitive financial data stored “on prem” (on the premises) go “off prem” (onto a public cloud operated by a hyperscaler, such as Microsoft Azure, Amazon Web Services or Google Cloud Platform).

For obvious reasons, financial institutions have been cautious about sending any of their customers’ financial data off-premises. Indeed, until recently, it wasn’t even entirely clear in what circumstances Australians’ financial data could be shared with a third party.

“To take one example, Australia’s data sovereignty laws mean that you can’t send Australians’ financial data to a foreign country,” Maistry says. “If that data is being sent to a public cloud, it has to be stored exclusively at local data centres.”

Australia’s regulatory environment was somewhat cloud-unfriendly until recently, Maistry says. “Up until mid-2020, Australian financial institutions could only do business with a relatively small number of cloud providers; ones the federal government had approved via its Cloud Services Certification Program.”Advertisement

Penman points out that many of Australia’s finance industry businesses have decades-old legacy systems, making technology debt (that is, constraints imposed by old, complex infrastructure) a problem. “Safely and successfully migrating to the cloud is no simple matter for a big, or even a small, bank,” he says.

As understanding as they are, Penman and Maistry also argue Australia’s financial institutions are lagging behind their international counterparts, partly due to good old-fashioned C-suite risk aversion, a slow-moving innovation culture and fear of change. After all, banks in nations such as the US and UK also have technology debt and compliance headaches, but they have been less inclined to kick the cloud migration can down the road.

Time’s up: innovate or risk losing out to early adopters

“Cloud migration can’t be endlessly deferred just because it’s difficult,” Penman says. “Industry incumbents that aren’t taking advantage of public cloud applications and microservices to reduce costs, provide faster provisioning, deliver impressive customer experiences and create exciting new products and services risk being increasingly outcompeted by cloud-native challengers. And any business, financial or otherwise, that’s dragging the chain with cloud migration is denying itself access to new and innovative development services, on-demand capacity and scalability, improved security, [and] new and innovative middleware services, such as messaging and API [application programming interface] gateways, and substantial capex [capital expenditure] savings.”

Maistry says that, ironically enough, Australia’s finance sector is now effectively being pressured to accelerate its cloud migration journey by the same regulators who were slowing things down in the recent past. In 2021, barely a year after the Cloud Services Certification Program was scrapped, an amendment to Australia’s Critical Infrastructure Act passed that added the financial services sector to the list of sectors deemed to be providing vital infrastructure.

“The amendment means finance sector businesses must ensure they aren’t offline for any length of time,” Maistry says. “Even if they are impacted by a natural disaster or subjected to a cyberattack. If a finance sector business can’t provide the critical infrastructure Australians are depending on, the board members overseeing that business can be penalised.”

It’s a lot easier for a bank, insurer, credit card company or payment service provider to be up and running 30 to 60 minutes after a catastrophe if most of its mission-critical workloads are off-premises on the public cloud rather than on an on-premise data centre or private cloud, Maistry notes.

A tech-agnostic solution makes good sense

The good news for finance industry C-suiters is that they can outsource the task of cloud migration to a managed service provider (MSP). A good MSP will come up with a modernisation roadmap then execute it while helping their client unlock the potential for innovation and avoid future problems, such as vendor lock-in issues. (Vendor lock-in occurs when a business ends up trapped in an unsatisfactory relationship with a public cloud provider because it’s become prohibitively expensive to move to another provider.)

IBM has been helping financial institutions of all shapes and sizes, in Australia and around the world, digitally transform for decades, Penman says. “Given Kyndryl’s provenance [it was formerly part of IBM], it has deep relationships with the big cloud and SaaS players, such as Microsoft, Amazon, Cisco, Google, NetApp, Red Hat, VMware, SAP and, of course, IBM. Plus, 90,000 employees, including many experienced and high-performing engineers, now make up the Kyndryl global team.”

Maistry says: “Historically, a patient and prudent approach has served financial institutions well. But we are now in an era where fortune will favour the brave and early adopters will be able to steal a march on their late-adopting rivals.”

Discover how Kyndryl can help modernise your mission-critical systems.

Maistry says that, ironically enough, Australia’s finance sector is now effectively being pressured to accelerate its cloud migration journey by the same regulators who were slowing things down in the recent past. In 2021, barely a year after the Cloud Services Certification Program was scrapped, an amendment to Australia’s Critical Infrastructure Act passed that added the financial services sector to the list of sectors deemed to be providing vital infrastructure.

Facebook
Twitter
LinkedIn