Five Cloud Myths about Core Banking Systems (Article 3)

Subtitle: The Complexity of the Cloud: From Vendor Lock-In to Migration

In collaboration with Swisscom, a series of articles has been written to address common cloud myths in the banking context. Through four articles, we aim to explain and clarify these myths while providing simple and common cloud terminology to help you understand cloud technology.

In today’s article, we will clarify the final three myths. If you missed the last article on Myth 1 and 2, check it out here:

  • Myth 1: The Cloud always saves money
  • Myth 2: The Cloud makes it easy for cybercriminals
  • Myth 3: Once you choose a cloud provider, there’s no turning back
  • Myth 4: Moving software to the cloud automatically makes you more innovative
  • Myth 5: Cloud migration is too complex

Myth: Once you choose a cloud provider, there’s no turning back
Reality: Cloud agnosticism creates independence, but also presents challenges

The myth that choosing a cloud provider inevitably leads to permanent dependence is widespread. While the risk of vendor lock-in is a serious challenge, there are proven strategies to minimize this dependence while increasing flexibility.

One of the most effective methods is to pursue a cloud-agnostic strategy. This approach relies on open standards, open-source technologies, and containerization techniques like Docker and Kubernetes. These methods allow applications to be developed in such a way that they operate independently of the underlying cloud infrastructure. This gives companies the flexibility to switch between different cloud platforms or use hybrid multi-cloud strategies to take advantage of the best offerings from various providers.

However, it must be noted that this flexibility does not come without costs. Technically, switching between cloud providers, particularly when using open-source technologies, is feasible. However, from an investment protection perspective, this presents a significant challenge. Migrating workloads, reconfiguring them technically, and ensuring compliance and security requirements, such as those for critical infrastructure disclosures (CID), require substantial investments. Additionally, the managed services offered by global public clouds (GPCs) vary in depth and functionality. Thus, while technically possible, switching is often unattractive in practice due to these differences.

Besides the technical aspects, contractual agnosticism plays an important role. The licensing and contractual terms of cloud providers, as well as compliance reviews and regulatory requirements – such as those often found in the financial sector – must be carefully considered. Contracts may include restrictions or additional costs for migrations and switching between providers, which further complicates the process. These factors make the purely technical aspect of vendor lock-in less relevant, as the investment costs and contractual obligations often play a larger role.

In summary, while companies can theoretically reduce dependence on a single cloud provider by using platform-independent technologies such as open source and containerization, this requires careful planning and thorough consideration of the technical, economic, and legal factors. The IT infrastructure remains dynamic and adaptable but switching between providers only makes sense if all costs and risks – including technical, operational, and legal requirements – are fully considered.


Myth: Moving core banking software to the cloud automatically makes you more innovative
Reality: The company must be “Cloud Ready” from its strategy and organization to its platform.

It is not sufficient to simply migrate the core banking system and/or its associated systems to the cloud, for example, using containers. When an outdated software architecture is transferred to a cloud-based infrastructure, the desired results of a digital transformation are rarely achieved. Instead, high costs often arise without fully utilizing the actual benefits of the cloud – such as scalability, flexibility, and innovation potential.

The cloud should rather be understood as a driver of digitalization, enabling new opportunities for developing digital business models linked to innovative financial products and services. To achieve this, core banking system providers and banks must undergo not only a technological transformation but also an organizational, processual, and strategic transformation (Amazon Web Services, n.d.).

In this context, the term “Cloud Readiness” is used. Cloud readiness means that software is scalable, flexible, automatable, resilient against disruptions and outages, cost-optimized, and secure against misuse and attacks. One approach to achieving this is cloud-native development.

Cloud-native development focuses on designing, developing, and optimizing applications and services specifically for operation in a cloud environment. This strategy takes full advantage of the cloud by integrating technologies such as microservices, serverless architectures, CI/CD pipelines, and cloud-specific PaaS or SaaS services. The software applications are designed to optimally utilize the elasticity, scalability, and availability that cloud environments offer. Often, this involves working closely with the native tools and services of a specific cloud provider, which, however, can lead to stronger dependence on that provider and thus contradict cloud agnosticism. Nevertheless, it makes sense to combine both approaches within the cloud strategy, using different goals and techniques.

Cloud StrategyCloud NativeCloud Agnostic
ApproachUsing native functions and services to make applications more efficient.Open standards, open-source, and universal technologies that work across platforms.
Flexibility in choosing the cloud environmentLow flexibility, risk of vendor lock-in.Maximum flexibility, free choice of providers.
Use casesImplementable for private and public cloud strategies. Maximum efficiency and scalability of the system.Fast testing and market launch. Suitable for digital end-customer products and services.Implementable for all types of cloud operating strategies, especially multi-cloud or hybrid-cloud. Maximum flexibility of the system. Suitable for frequent provider switches or customers (banks) with different needs. Suitable for core banking systems.
Vendor-Lock-InOccurs when using the native cloud services of a cloud provider.No Lock-In

Myth: Cloud migration is too complex
Reality: Migration is complex with increasing scope, but today there are best practices that simplify the complexity and make migration feasible.

To debunk this myth, it’s essential to consider the different types of migration. Migration types include migrating from a data center to the cloud, hybrid cloud migration, cloud-to-cloud migration, and application, database, and mainframe migration. Application migration is, of course, easier than data center migration to the cloud. The complexity increases with the size of the migration project (Microsoft Corporation, n.d.-c).

On one hand, cloud migration can indeed be complex, but it is possible to carry it out step by step. Banks can first migrate less critical applications and then their core banking systems. Careful planning, the use of migration tools, and collaboration with experienced cloud experts help manage complexity and mitigate risks. The factors of cloud readiness, cloud-native development, and cloud agnosticism also contribute to a successful migration, reducing the future risk of complex and failed migrations. Additionally, security, compliance, cost management, and governance should be prioritized.

Therefore, the migration must be carefully planned and continuously monitored from planning through to operation to ensure that adjustments can be made to meet new cloud requirements. This also requires a cultural shift, as well as building cloud-related knowledge and skills at core banking system providers and banks. On the one hand, cloud-native solutions are being developed and operated, which shift from typical mainframe architectures to microservice architectures. On the other hand, banks operate in an environment of various sourcing partners. Thus, the focus shifts from operations to product development, integration, and continuous end-to-end testing and delivery. From the silos between business and operations in an in-house data center, we now have agile cross-functional DevOps teams that further develop and enhance the core banking systems and their associated systems.


References

Microsoft Corporation. (n.d.-b). Vertrauen in die eigene cloud | Microsoft Azurehttps://azure.microsoft.com/de-de/explore/trusted-cloud/

Microsoft Corporation. (n.d.-c). Was ist Cloudmigration? | Microsoft Azurehttps://azure.microsoft.com/de-de/resources/cloud-computing-dictionary/what-is-cloud-migration

Tanyel Tuncer