IBM lures banks’ critical workloads to financial cloud as ‘threat’ from big tech looms large

The biggest threat facing the investment banking industry today isn’t coming from regulators, other types of financial firms, or activist investor movements, but rather from its suppliers—big tech and fintech companies, according to Likhit Wagle, general manager of global banking and financial markets at IBM. And to fend off that threat, big banks will need to behave more like big tech, and in particular increase their agility by making more use of public cloud resources.

“Those businesses are providing a level of customer experience and are able to operate at costs that a traditional incumbent bank is never going to get to if it’s not able to move a large chunk of its workloads onto the public cloud, and take advantage of flexibility, lower cost, [and] innovation that’s available on the public cloud,” says Wagle, who is general manager of global banking and financial markets at the tech giant.

Constrained by rigid regulation and conservative culture, Wall Street banks have fallen short on utilizing cloud technologies for their critical processes, despite the lip service they often pay to Facebook’s old ethos of “move fast and break things”. In 2018, 451 Research—a technology research group acquired by S&P Global Market Intelligence in 2019—published a study that found just 9% of banks’ critical workloads’ used a public cloud environment. The same study projected that by 2020, 28% of critical workloads would be done in a public cloud—still low compared to other tech- and data-centric industries such as entertainment, communications, and retail. In practice, breaking things is frowned upon, especially by high-paying clients and lawmakers, in a way that isn’t at tech companies (and even Facebook has long abandoned that mantra).

With this in mind, IBM is pushing to grow its financial services-specific cloud, first announced in 2019 and built-in partnership with Bank of America. Other banks have joined the ecosystem recently, including BNP Paribas, MUFG, and Luminor, the third-largest bank in the Baltics, created in 2017 through the merger of Nordea’s and DNB’s operations in the region. More recently, BNPP has migrated 40 of its business applications, some of which are critical, to IBM’s cloud. IBM was unable to share specifics on which applications had moved, but a spokesperson confirmed that they span multiple business lines at the bank.

Generally, Wagle says, the types of workloads that cloud providers have successfully captured from bank clients include systems of engagement—mobile apps, web applications, internal communications, and the like. These are the systems that banks have been primarily successful in migrating to the cloud, as they are subject to less regulatory scrutiny, and have a relatively minor risk profile when it comes to data privacy concerns. But because they aren’t critical workloads, these projects don’t usually end up being transformative for these banks.

“What is key, though, is systems of analytics, and—much more important—systems of record,” Wagle says. “These are the ledgers and transaction processing systems that do all of the heavy lifting within a bank. Let’s take an example—if you look at lending, it is the application that looks at originating the loans, doing the underwriting, recording what it is going on, and then continuing to record the repayments or collection measures that are being taken for loans that are going into default.”

These are systems that are expensive to run and are bogged down by slow, outdated legacy infrastructure.

While arguably a big tech company itself—much closer to Microsoft, Google, and Amazon than to a pure fintech—IBM is staking some of its cloud push on a lesser-known technology called confidential computing. The computing giant first launched its Hyper Protect Cloud Services in 2018. Rivals Google began dabbling in the tech last summer, and Microsoft Azure rolled out its own offering, Attestation, in February this year.

Confidential computing leverages a piece of hardware, called an enclave or trusted execution environment, to secure data in use, as opposed to its other two states: at rest and in motion. Information concealed in an enclave is encrypted on a pervasive basis, Wagle says, meaning that even if there were some breach and the data were made public, it would remain encrypted and unknowable to anyone except whoever held the encryption key, the data owner. It cannot even be known to the underlying cloud provider.

IBM first built confidential computing capabilities into its IBM Z mainframe franchise, and it has now built the same technology into its financial services cloud offering. The company’s banking division is betting on this feature to combat banks’ hesitancy to use the cloud for storing sensitive customer and transaction data, and for proprietary data science projects and analytics.

“One of the things that were a major step back for cloud in the financial services industry was the data breach that happened at Capital One. This will ensure that we do not have that sort of problem in the future,” Wagle says.

In addition to its aspirations to fill the gap between financial institutions and digitally native financial and tech organizations, IBM is focused on releasing analytics offerings around data security and usage. For example, the computing giant is looking to utilize machine learning and artificial intelligence to take the process length of loan underwriting from days and weeks to minutes and seconds.

IBM Cloud Satellite—which allows clients to use a single API to create an IBM Cloud Satellite location and then add host machines from any cloud, from on-premise data centers, or from the edge—will be an important component of this endeavor because Wagle says, it allows the organization to deal with data where that data is. That means that regardless of branch or datacenter location, the aim is to let banks deal with data with uniform levels of security and control.

The final area the company is focused on maintenance. Anticipating possible changes in regulation in both tech and finance—US President Joe Biden has already signaled his willingness to take on or break up giants like Facebook—a central tenet of IBM’s financial services cloud is to ensure that banks still in the early days of their cloud projects don’t end up being taken by surprise by unexpected shifts in government policy.