Posted: 22 Dec. 2020 3 min. read

How do I modernise IT and open platforms?

6 easy steps to future-proofing your cloud journey as a Financial Services organisation

Step Five: Review your legacy systems

Q: What is the best approach to review legacy IT systems and implement Cloud technologies that enable a more streamlined global IT architecture?

By using a ‘purpose alignment model’ matrix organisations can understand where their sources of value are coming from and optimise for those particular applications. 

On the x-axis is ‘mission-critical’ and on the y-axis is ‘differentiating’ or ‘business value-creating’. It quickly becomes clear what the capabilities are that are going to be fit for purpose for the applications of tomorrow, and what is going to be obsolete.  

Applications that are identified as highly critical but non-differentiating need to be optimised for availability in risk and cost. Applications that are identified as low criticality and non-differentiating need to be optimised for cost and risk. These applications tend to be commodities that aren’t related to an organisation's core business. 

There are very few applications that are highly differentiating and highly critical — these tend to be the ones that need to be optimised for velocity, and agility foremost and secondarily availability and risk. The highly differentiating low criticality space are generally the experimentation applications that need to be optimised for agility. 

The banking and finance sector spends a lot of time in core banking working with highly critical and low differentiating systems. This is where organisations need to build differentiating customer solutions on top of them. Sometimes it is appropriate to use an API gateway to hollow out some of these applications and make them digitally capable, in other instances, a pre-cut pattern-based solution may be more appropriate based on the organisation’s needs. 

Lowering the complexity number of applications is the best way to drive transformation and it will provide faster agility, lower cost and better availability. And financial services organisations need all three of these things to stay competitive. 

Organisations need to have a conscious multi-Cloud strategy that considers where they put their applications and what capabilities they want from them. Over time this enables them to become a less complex organisation and focus better on their core business. 

Again it comes back to the key question for FSI: are you going to lead or be led? Legacy is not an excuse moving forward. It’s not reasonable for organisations to use many disparate Clouds and platforms. It increases risk and cost and turns IT infrastructure into a complex furball of applications that aren’t creating any business value. 

Step Six: Prepare for regulators to catch up

 Any advance in how big business operates means advances in how regulators regulate. What should FSI businesses expect from regulators in the future and how should FSI professionals best prepare for what may soon be asked of them?

The key point is that regulatory attitudes have evolved quickly, particularly in Australia. In 2015 they were incredibly conservative and locked down. Every single iota of data that banks put in the Cloud had tenfold effort and regulatory approval attached to it. 

Now regulators are starting to understand the opportunity of the Cloud for financial services organisations. They are looking more towards the controls and framework of the Cloud, rather than the individual workflows that are implemented. While it has been a long time coming, they are coming at it with some speed. 

Globally, Cloud service providers like Google are liaising proactively with local regulators to understand and help build controls into products that will be used by regulated entities. That eases some of the regulatory concerns and making it easier for regulated entities (like banks) to get into the Cloud. 

Previously there would be a hold-up by regulators when banks tried to improve their agility and speed to business by moving their delivery processes into the Cloud. It defeated some of the value of the Cloud. What we’re seeing now is collaboration between Cloud service providers and the regulators. 

In the future we expect a three-way discussion between regulators, Cloud service providers, and regulated entities on how they can best adopt the Cloud while maintaining best regulatory standards and building the right frameworks for best-practice regulatory compliance. 

We recommend that regulated entities start to lean on their Cloud Service Providers for help in terms of getting regulatory approval for workloads. We also recommend they get the frameworks right, because at the end of the day, that’s really what the regulators are looking at.

Matt Pancino is the Industry Solutions Lead for Financial Services at Google for Asia-Pacific. He is experienced in leading organisations through large scale technology transformations that enable business growth.

Shane Lyell is a Director within Deloitte’s Cloud Engineering business, based in Victoria. He works with a number of large financial institutions to accelerate business growth through the adoption of innovative cloud solutions. 

James Allan leads Deloitte's Cloud Engineering business for Victoria with over 70 talented engineers working across a variety of technologies to deliver meaningful business transformation to a broad range of clients. He also holds various geographic roles, including leading Deloitte's alliance with Google Cloud across Asia-Pacific and acting as the global lead for Deloitte's Cloud Strategy and Transformation offering.

More about the author

James Allan

James Allan

Partner, Consulting

James is a Partner in Deloitte’s Consulting practice. He has played an instrumental role in the development and leadership of the firm’s Cloud and Infrastructure team. Several years ago, he had a vision to have a more focused technical team in the IT infrastructure space, as a catalyst to technology transformation work. James has been successful in leveraging the intersection of the team’s deep technical capabilities, and an understanding of client issues.