Gen AI in Wholesale

Perspectives

Building the foundation for a bank of the future

IT infrastructure modernization by Deloitte and AWS

Is your information technology (IT) infrastructure getting in the way of becoming a modern bank of the future? Learn how Converge™ by Deloitte BankingSuite and AWS are helping organizations keep up with customer demands with a digital banking platform that forms the foundation for you to build on.

Addressing industry challenges with IT infrastructure modernization

Consumers aren’t the only ones who expect more from banks—so do the banks themselves. They want to offer the agile, open banking environment that attracts business. They want to strengthen regulatory performance, bolster security, streamline development of new offerings, and keep costs under control. They want to operate as banks of the future.

Central to all these ambitions is the IT infrastructure a bank relies on. Siloed, batch-based, monolithic architectures have left many institutions limited in their ability to adapt while navigating compliance and security concerns. Meanwhile new market challengers are often cloud-native, which gives them the high degrees of scalability and flexibility they seek but lack.

Modernizing a bank’s IT infrastructure by moving to the cloud can open the door to capitalizing on artificial intelligence (AI) solutions and meeting customers at their point of need, restoring balance to the playing field. Banks that have taken this journey have seen cost reductions of as much as 60% compared to their legacy systems, freeing resources they can devote to customer acquisition and digital competitiveness. Banks that have not made this leap may risk being left behind, and customers may perceive them as slow, lacking in innovation, or unresponsive to their fast-changing needs.

What’s stopping every bank from taking on this transformation? In some cases, the will is there, but it’s difficult to know where to begin. There are many active proofs of concept, but less certainty about which investments add value to the business, or how to align them into a coherent whole.

Building the foundation of a future-focused bank

Core architecture principles for modern banking systems

While every bank will have unique needs to address in its IT infrastructure modernization, there are common approaches that AWS and Deloitte have found can help in forming the foundations most institutions will build on. These include:

Putting the principles into practice with BankingSuite

Recognizing the need for banks to modernize rapidly, without compromising on security, Converge™ by Deloitte BankingSuite provides banks with a secure, stable digital platform to lay the foundations for future growth and new capabilities.

The combination of BankingSuite and AWS services with the cloud and cyber strengths of ConvergeSECURITY addresses the five principles outlined above by design. Details of this combined operation include:

Three primary enterprise service delivery goals

${column1-large-text}

End-user verification

The Amazon API Gateway is configured with authorizers on all required endpoints to verify incoming requests for authentication and authorization and integrates with a Web Application Firewall (WAF) to protect APIs from common web exploits like SQL injection and cross-site scripting (XSS).

${column2-large-text}

Customer credential management

Customer credentials are managed using Amazon Cognito with a Challenge-Response Authentication Mechanism (CRAM) approach. This provides a configurable MFA platform that also supports device authentication and a custom grant flow to enable biometric authentication on the WebAuthn protocol.

Contact us

${column3-large-text}

Zero trust service mesh

A zero trust approach to the service mesh is provided by Istio and enhanced container security is provided by a Calico firewall. The mesh uses a deny-by-default network policy. Mutual TLS (mTLS) certificates secure traffic within the cluster, mitigating man-in-the-middle (MITM) and insider attacks.

Download the report

${column4-large-text}

Best security practices

The BankingSuite platform uses Open Policy Agent (OPA) policies to enforce best security practices within containers, automatically rejecting images not built according to guidelines. The digital banking platform is also controlled through fine-grained RBAC and Active Directory (AD) integration.

${column4-button-text}
${column-img-description}

Get in touch

Gys Hyman

Principal

Deloitte Consulting LLP

gyshyman@deloitte.com

Tim O’Connor

Principal

Deloitte Consulting LLP

tioconnor@deloitte.com

Michael Michaelides

Managing Director

Deloitte Consulting LLP

mimichaelides@deloitte.com

Sarah Huey

Senior Manager

Deloitte Consulting LLP

sahuey@deloitte.com

Fullwidth SCC. Do not delete! This box/component contains JavaScript that is needed on this page. This message will not be visible when page is activated.

Insert Custom CSS fragment. Do not delete! This box/component contains code needed on this page. This message will not be visible when page is activated.
+++ DO NOT USE THIS FRAGMENT WITHOUT EXPLICIT APPROVAL FROM THE CREATIVE STUDIO DEVELOPMENT TEAM +++

Did you find this useful?
Breaking ground without breaking the bank

Modernize your core with Converge™ by Deloitte BankingSuite

Core banking solutions that capture the heart of your bank

BankingSuite and AWS set the stage for modern banking