Navigating Cloud Migration Strategies: Three Key Moves CTO and CIO of Financial Institutions Should Take

2023/09/21 02:43

The cloud holds immense value potential, yet financial institutions that adopt a fragmented migration approach may fail to fully seize its benefits.

While many financial institutions have established a foothold in the cloud, the financial-services sector as a whole is still in the early stages of adoption. According to a recent McKinsey survey, only 13 percent of financial-services leaders had migrated half or more of their IT infrastructure to the cloud. However, there is a clear upward trend in cloud migration. Over half of the surveyed respondents, accounting for 54 percent, expressed their intentions to transition at least half of their workloads to the public cloud within the next five years.

Given the substantial value that can be gained, it comes as no surprise that a sense of urgency surrounds cloud adoption. McKinsey also revealed that Fortune 500 financial institutions alone have the potential to generate $60 billion to $80 billion in run-rate EBITDA by 2030. This can be achieved by effectively leveraging cost optimization measures and capitalizing on the various business use cases enabled by the cloud.

Cloud adoption in finance sector is growing strong

Cloud adoption in finance sector is growing strong

Several early adopters have already begun tapping into this value pool. For instance, one European bank witnessed a significant boost in productivity, achieving the same output with 20 to 30 percent smaller teams, thanks to their adoption of DevSecOps and cloud technologies. Another bank in Asia, which successfully migrated over half of its workloads to the cloud, now possesses the capability to rapidly develop and launch multiple new products at scale in international markets. Additionally, a European bank has partnered with a leading cloud service provider (CSP) to enhance its customers' security through AI-based cyber-defense capabilities.

Within the financial sector, the aforementioned examples remain exceptions as most companies have approached cloud migration cautiously and on a limited scale. This hesitancy is understandable considering the unique complexities financial institutions face when adopting the cloud. Furthermore, these institutions have diverse IT landscapes, with a mix of legacy applications coexisting with more modern systems.

These challenges, among others, have prompted financial institutions to adopt an incremental approach to cloud migration. They may conduct limited experiments, migrate applications based on their ease of transition, or align their efforts with planned data center exits. By focusing on a select few high-impact "lighthouses," early momentum can be generated. However, institutions that fail to establish a clear vision and implement the necessary success factors often struggle to fully capture the value offered by the cloud.

Accelerating Your Cloud Migration: Three Key Shifts to Embrace

Based on our research, organizations aims to progress beyond initial cloud initiatives must navigate three fundamental shifts. These shifts encompass strategy and management, business-domain adoption, and foundational capabilities (Table 1). The emphasis and prioritization of these dimensions will vary depending on the institution's unique requirements and the stage they have attained in their cloud journey.

  From To
Strategy and management Migration in pockets Well-thought-out path to scaling
  IT Infrastructure cost savings IT Infrastructure cost, resiliency, developer velocity, and business-acceleration benefits
  Tactical cloud procurement Strategic partnerships with cloud service providers
  IT-led transformation with limited buy-in from the business Business advocacy and understanding of benefits
Business - domain adoption IT modernization Business transformation
  Lift and shift Applications optimized for the cloud
Foundational capabilities Application-specific architecture Automated application patterns
  Manual security approvals Security as code (SaC)
  Limited cost controls Advanced FinOps
  Ticket-based infrastructure delivery Full DevSecOps model and hybrid operations across on-premises and cloud

Table 1: The three essential dimensions requiring shifts to accelerate cloud migration

1. Strategy and management

The crucial step for financial institutions to capture the value of the cloud is to foster awareness throughout the organization regarding its practical benefits, distinct from the captivating marketing materials provided by vendors.

One approach is to utilize "lighthouses" as a means to showcase the future value potential and transform them into scalable entities. However, many institutions treat these lighthouses as short-term experiments. Encouraging a shift in mindset, recognizing them as "incubators" that, with proper support and capacity development, can become practical and scalable destinations themselves, presents a significant opportunity for advancement. The most effective way to convince a CFO of the cloud's ability to reduce total cost of ownership, or to persuade a business leader that the cloud accelerates innovation is through tangible demonstrations of these benefits.

An alternative approach is to establish partnerships with Cloud Service Providers (CSPs) rather than viewing them solely as vendors. Collaborating strategically with CSPs can help reduce barriers to entry, particularly in terms of costs, while signaling a complete organizational commitment to the cloud. This was exemplified by a North American bank that faced challenges in advancing its cloud migration efforts. Although technology teams were driving the initiative, the lack of adequate investment and a scalable plan hindered progress, primarily due to insufficient business support.

Recognizing the limitations of a slow-paced approach, the CEO and business leadership took decisive action. They proactively engaged with multiple CSPs to structure a strategic partnership with a primary provider. This not only resulted in substantial discounts to offset initial costs but also compelled the bank to adopt a more comprehensive approach to cloud migration, capitalizing on the full range of services offered by the chosen CSP.

Moreover, this process facilitated a commitment from the CSP to provide training for the bank's staff on essential tools and capabilities. It also included co-investment opportunities in innovative propositions that could leverage the assets of the CSP's parent company, such as ecosystems and marketplaces. When the partnership was announced, it served as a clear internal and external indication of the bank's unwavering dedication to the migration, leading many previously hesitant individuals to embrace the initiative. As a result, the bank is now on track to migrate 70 percent of its applications to the cloud within a three-year timeframe.

Another effective approach involves developing a comprehensive business case that revolves around specific levers and use cases. These encompass technology benefits such as enhanced resiliency, reduced maintenance and operational costs, and the ability to scale infrastructure to meet varying demands. Additionally, there are significant business benefits, including accelerated innovation, decreased experimentation costs, and the capacity to scale up advanced analytics. By focusing on tangible outcomes, financial institutions can shift the focus from the abstract value of the cloud and utilize the business case as a practical guide to realizing real value. This approach facilitates better understanding and support within the organization for the goals of the migration.

Another effective approach involves developing a comprehensive business case that revolves around specific levers and use cases

Another effective approach involves developing a comprehensive business case that revolves around specific levers and use cases

2. Business-domain adoption

To fully capture the value of the cloud, it is crucial for institutions to view cloud migration as more than just an IT improvement initiative. Shifting the perception from an IT project to a business-backed initiative requires two essential steps:

  • Firstly, a change in the operating model is necessary. Successful companies adopt a working model where technology and business collaborate in cross-functional teams. This approach aligns the entire cloud migration process with the potential business value it can deliver.
  • Secondly, initiating migration at the domain level, focusing on complete products, services, or functions, such as the checking suite or security foundation, is more effective than opportunistically moving separate applications. By migrating one business domain at a time and establishing a repeatable approach, including support skills, institutions can gradually roll out the migration across the organization. While starting with applications may seem practical for building skills and experience, the true value of migration emerges when these applications work synergistically within a domain. One institution refers to this phenomenon as "app magnetism." Within this framework, joint teams evaluate the extent of application modernization required to capture business benefits and develop a pipeline of business use cases that can be enabled in the cloud. These use cases may include advanced analytics, AI-enabled process automation, and innovative customer journeys.

Initially, a leading payments company faced challenges in advancing its cloud aspirations due to its limited perspective of cloud as merely an "IT initiative." However, a transformative event occurred when the company underwent a major acquisition that necessitated seamless integration. This integration process demanded closer collaboration between the business and technology teams, prompting the company to elevate its cloud strategy to a top business priority, unlocking significant potential.

Moreover, the acquisition provided an opportunity for the company to pilot new products on the cloud and modernize its core transaction-processing system. As a result, the company has now mandated that all new development activities take place exclusively within the cloud platform.

Beyond the IT-related benefits, such as data center consolidation and enhanced cost efficiency, the business advantages have been remarkable. The company has achieved a 300 percent increase in the pace of application modernization, improved data integration between the parent company and the acquired entity, and established protocols that facilitate the effortless reuse of applications or features across different use cases. Consequently, the time required to launch new products has decreased, and customer satisfaction has increased, leading to tangible business gains.

Cloud migration starts at the business-domain level

Cloud migration starts at the business-domain level

3. Foundational capabilities

Adopting a short-term, incremental approach to cloud migration poses significant barriers that hinder scalability. For example, relying on on-premises security controls, ill-suited for the cloud environment, can result in delays or even security breaches. Investing solely in migrating applications without establishing a robust cloud foundation creates an economic reality where each subsequent application migration costs at least as much, if not more, than the initial one. This approach fails to address underlying infrastructure, security, and governance processes, simply transferring existing process and operational challenges to the cloud. Consequently, it contributes to the accumulation of "tech debt" that management must contend with in the cloud environment.

Establishing a robust cloud foundation involves a range of essential tasks, including the implementation of the appropriate number of isolation zones to mitigate the impact of issues on individual applications. One of the most crucial steps is to maximize automation wherever possible. Successful pioneers in the cloud space follow these practices:

  • Automate infrastructure processes using Infrastructure as Code (IaC) to streamline and standardize deployment and management.
  • Implement end-to-end application patterns that developers can consume as code, enabling a seamless and self-service experience.
  • Utilize automated continuous integration/continuous delivery (CI/CD) pipelines to facilitate efficient and consistent software delivery.
  • Embrace the concept of "Policy as Code" (PaC) and "Security as Code" (SaC) to codify and automate compliance policies and security controls.

Security as code (SaC) plays a pivotal role in automating the testing of application and infrastructure code to ensure adherence to security, resiliency, and compliance requirements. SaC employs policies instantiated as code instead of traditional word-processing documents. By doing so, any code that fails to meet these policy requirements is automatically rejected before deployment, while clear indications of necessary corrections are provided to bring the code into compliance.

When effectively implemented, the SaC approach enables companies to more easily meet regulatory requirements and fulfill audit needs without significant disruptions. Top financial institutions enhance their compliance, security, and resilience by integrating risk functions across all three lines of defense. This integration helps define how the new cloud foundations will bolster these critical aspects of the institution, fostering a cohesive and comprehensive approach to risk management and regulatory compliance.

SaC plays a pivotal role in automating the testing of application and infrastructure code

SaC plays a pivotal role in automating the testing of application and infrastructure code

Automation is a key focus in FinOps (financial operations), which involves dynamically managing application costs in the cloud. Due to the cloud's dynamic nature, with the ability to scale up resources as needed, automating financial processes can help identify and adjust any issues to align costs with the business's objectives.

Furthermore, leading institutions revamp their operating models across application development, infrastructure, risk, and security to fully leverage the automation capabilities offered by the cloud, even during the transitional phase before completing the full migration. This transformation involves implementing DevOps and site-reliability-engineering (SRE) practices, adopting productized infrastructure services, implementing outcome-driven governance, and cultivating engineering-centric capabilities. This approach, known as "hybrid ops," encompasses managing both on-premises and cloud operations, ensuring smooth incident management and preparing the institution for its eventual transition to the cloud while maintaining operational efficiency across multiple environments.

For instance, when embarking on its cloud migration journey, a bank initially planned to transfer 40-50 percent of its IT workloads to the cloud within a three-year timeframe, with the remainder following in subsequent years. However, during the midway point of the first phase, the bank encountered a setback. Provisioning cloud infrastructure, including environments, network modifications, and access and identity management, took significantly longer than anticipated - averaging three to four months instead of the targeted timeframe of under 24 hours. Only certain aspects of the process had been automated, necessitating manual security controls and ticket-based requests from application teams. This reliance on manual procedures introduced significant delays, hindered the expected agility of the cloud migration, and increased overall risk.

Recognizing the need to address these challenges, the bank's leadership decided to temporarily pause the migration effort and focus on developing technical tools and capabilities to expedite future progress. They made a commitment to fully automate the cloud foundation and security controls, laying a strong groundwork for the migration. Additionally, they streamlined policies and governance processes to leverage automation and minimize manual handoffs. These initiatives, alongside others, have positioned the bank to complete its cloud migration and exit its data centers ahead of the original schedule.

Final thoughts

As financial institutions embark on their cloud journey, there is a noticeable divergence in outcomes between those who adopt a cautious, experimental approach and those who strategically plan their path, incorporating lighthouses and the three shifts described earlier. This distinction highlights a growing gap in success. We firmly believe that the latter approach, with a well-defined destination and a comprehensive plan, presents financial institutions with the greatest opportunity to unlock substantial business value offered by the cloud.