1 Banking & Financial Services White Paper How a Hybrid Cloud Strategy can help Financial Institutions Realize Business Value
2 About the Author Ravi Satyanarayana Solution Architect and Consultant Ravi Satyanarayana is a Solution Architect and Consultant with the Banking Technology Group (BTG) within the Banking and Financial Services (BFS) unit at Tata Consultancy Services (TCS). He has about 15 years of IT consulting experience mainly in the BFS domain, spanning areas such as payments, card services, and lending and brokerage, in a varied technology landscape. In the current role, Ravi leads a group that focusses on cloud computing and provides consulting services and design solutions and assets to TCS' banking clients in North America. His areas of expertise include cloud enablement services, enterprise middleware transformation through technology standardization, automation and application life cycle management, as well as DevOps and customized orchestration frameworks.
3 Abstract A tough economic environment, marked by stiff competition and tight budgets, has spawned the 'doing more with less' culture in enterprises, even as they strive to drive strategic growth and meet ever-increasing customer expectations. Consequently, an enterprise's IT landscape remains under tremendous strain to ensure the demands of the business are met effectively, while keeping operational costs in check. However, there exists a wide gap between these demands and the delivery capabilities of existing IT setups at most organizations. Enterprises are therefore looking at cloud computing technologies to address business requirements, while complying with security, governance, and regulatory mandates. This paper outlines current IT service delivery trends in the banking industry and the gaps that exist in enterprise IT services, while proposing a hybrid cloud approach as a means to address these issues.
4 Contents Introduction 5 The Gap between Business Requirements and IT Service Delivery 5 How Cloud Computing Can Help 6 Key Business Drivers of a Hybrid Cloud Strategy 9 Open Hybrid Cloud: An Option Worth Exploring 10 Leveraging the Open Hybrid Cloud to Close the IT Service Delivery Gap 11 Different patterns of the hybrid cloud 12 Managing the hybrid cloud 14 Conclusion 15
5 Introduction With the increasing preference for need based, pay-per-use technology services, cloud computing is set to become the norm, even as it redefines the way IT delivers value. Based on our interactions with global banking and financial firms, we believe that cloud adoption in the financial services industry is gaining momentum, and offers a huge potential for operational optimization. Enterprises are increasingly adopting cloud computing technologies to realize cost benefits and improve service delivery. Faced with an array of cloud solutions, organizations however find it difficult to identify the right cloud solution to meet their needs. Implementing a solution that best fits the enterprise's strategic objectives is crucial to fully realize the benefits of the cloud. While both public and private cloud technologies deliver specific benefits, they also come with inherent soft spots that hinder a seamless adoption. This general perception, coupled with our experience gained from working with leading financial industry players, leads us to believe that the best solutions are often well-integrated combinations of public, private, and traditional on-premise models. The Gap between Business Requirements and IT Service Delivery In most organizations, the IT landscape has become more and more complex over the years. It is characterized by the presence of varied technologies spanning legacy infrastructure such as mainframes and physical environments, virtualized servers, and digital platforms. A potpourri of sorts, such an IT environment makes it challenging for enterprise IT teams to maintain and upgrade applications. Upgrading and modernizing legacy infrastructure to deliver new capabilities is a huge task that requires considerable investments in terms of personnel, time, effort, and money. Even as enterprises consider moving legacy applications to the cloud, the inherent complexity and lack of portability impede the process notably, which in turn impacts the bank's ability to drive growth. A large bank we recently worked with was grappling with the challenges associated with legacy infrastructure and was planning to upgrade in order to operate effectively in a dynamic business environment. The technology team's suggestion to migrate some core applications to the cloud was not accepted due to concerns around performance, and the time and effort involved. To add to the pressure, business stakeholders demand agility for improved decision-making and advanced capabilities to effectively respond to market shifts all this, while ensuring cost efficiency and operational productivity. The inability of enterprise IT teams to meet these requirements in a timely manner, hampers business growth, much to the disappointment of business stakeholders. This service gap between what businesses demand and what IT teams can deliver adversely impacts business agility, and consequently, the overall performance. Meeting ever-evolving customer expectations also becomes a challenge. Bridging the IT service delivery gap, the difference between what businesses demand and what IT delivers, is vital to ensuring operational agility and superior business performance. 5
6 A major part of the IT budget and the time spent by IT teams is dedicated to the maintenance of complex heterogeneous IT environments, to support business-as-usual activities. At the same time, IT teams are also expected to innovate to meet customer expectations and drive strategic growth. The inability of legacy infrastructure to meet the aforementioned demands creates an 'innovation gap' in IT service delivery. How Cloud Computing Can Help Clearly, bridging the gaps in IT service delivery and innovation are key business imperatives for enterprises today. Increased IT efficiency, improved personnel productivity, and enhanced operational performance, as well as better business agility, are the direct outcomes of initiatives undertaken to close this gap. Cloud technologies, both public and private, with their inherent feature of on-demand provisioning of compute resources, can help in this regard. Each approach has its own set of unique benefits and implementation challenges. The key advantages of public cloud services are data availability, continuous uptime, scalability round-the-clock technical support, and guided self-service, while concerns around ensuring data security and regulatory compliance pose significant challenges. The private cloud combines all benefits of a public cloud and also resolves the security issue, but demands a much higher initial investment. This apart, both private and public cloud come with inherent challenges in integrating on-premise applications and the ones that are hosted on the cloud platform. Addressing the integration challenge is therefore essential to orchestrate and manage complex business processes, ensure workload mobility, and deliver a consistent user experience. In the absence of a one-size-fits-all solution, organizations are evaluating a hybrid approach that encompasses a combination of private and public cloud services. Hybrid cloud options are cost-effective, help maximize asset utilization through an optimal use of internal resources and external services, and offer the necessary scalability by moving to the public cloud, as and when required. By minimizing investment on IT infrastructure and creating flexible operating models, hybrid cloud reduces development cycles for new products and thereby, the time to market them. This helps organizations gain the necessary business agility to quickly respond to market shifts. Hybrid cloud is the key: The right mix of private and public clouds, seamlessly integrated with the onpremise environment, can go a long way in removing the gap between business demands and IT capabilities. According to a recent report from the market research firm, MarketsandMarkets, the hybrid cloud market is expected to grow at a compounded annual growth rate (CAGR) of 27.3 percent between 2014 and 2019; will touch USD billion by 2019.¹Hybrid cloud solutions are expected to gain traction as they enable enterprises to save IT infrastructure costs and ensure business continuity, while delivering the combined benefits of both cloud and traditional environments. We believe that banking and financial services organizations will immensely benefit by adopting a hybrid cloud approach that blends the most favourable characteristics of public and private clouds, as well as on-premise  MarketsandMarkets, Hybrid Cloud Market worth $84.67 Billion by 2019 (March 2015), accessed April 6, 2015, 6
7 environments, thereby meeting business needs effectively. Since banks and financial institutions are subject to stringent regulatory scrutiny, the legacy applications they operate on are critical to not only day-to-day functioning, but also for ensuring requisite compliance. A hybrid cloud architecture allows banks to host core banking applications on single-tenant private clouds to retain control over sensitive customer data, and use the public cloud for non-core applications such as cheque processing, digital storage safes, and digital wallets. Fraud and risk management applications of banks have process-intensive components that necessitate the use of modelling tools, rules, and metrics. Banks can deploy such process-intensive workloads on the public cloud while hosting proprietary underwriting processes on the private cloud to establish an end-to-end framework that improves performance and enhances process efficiency. Hybrid cloud adoption will also help reduce the burden on banks' IT teams responsible for maintenance and support, and allow them to provide a higher level of support for core banking functions. Cost benefits and faster market launch of products are some benefits of the hybrid approach for financial services firms. Banks can allay security concerns by deploying sensitive applications that demand a high degree of security on the private cloud, while using the public cloud for non-core processes with lower security requirements. Effective and optimal use of cloud computing: Deploy core banking applications on a private cloud and process-intensive generic activities on a public cloud. 7
9 Key Business Drivers of a Hybrid Cloud Strategy Considerations for deploying a comprehensive hybrid cloud strategy include interoperability and portability, compliance with data sovereignty regulations, and business process optimization. Another key driver is that hybrid clouds do not run the risk of vendor lock-ins. Interoperability and portability: A hybrid cloud approach should facilitate the interoperability of workloads spread across legacy systems and private as well as public clouds, seamlessly integrating their services to reduce operational risk and facilitate effort-free management. The interoperability feature also allows enterprises to access diverse technologies and enables integration with the existing traditional infrastructure. Seamless business operations demand interoperability between different components, as well as between the same components running on different clouds. For instance, a high demand in the holiday season or during the end of the month may require retail banks to scale up their systems to better cope with the increase in payments or billing transactions. In such situations, banks may choose to deploy an application component in a private cloud and replicate it in a public cloud to handle the increase in traffic. These two components will need to work together to ensure smooth operations. The cloud architecture should also allow portability of data, applications, programming languages, and frameworks to other environments. For instance, a bank may want to move data from an existing SaaS based CRM solution to a new SaaS product, or migrate an application from an existing PaaS service to another PaaS platform or to an inhouse system. Alternatively, a bank may choose to maximize its IT investments through the reuse of platform components across cloud IaaS services and non-cloud infrastructure, and the reuse of applications and data on supporting platforms. Compliance with data sovereignty regulations: Regulatory compliance and data sovereignty requirements are critical parameters that determine the location of sensitive data (for banking and financial firms, this data could pertain to customer profiles, banking transactions, investment products, and so on) in a cloud environment. A hybrid cloud approach lets enterprises leverage the low processing cost of public cloud while ensuring regulatory compliance by storing data in the private cloud. For instance, several regulatory agencies require financial institutions to ensure data confidentiality and store sensitive customer data within specified boundaries. A hybrid cloud model allows financial institutions to comply with regulations on data storage, while saving costs by processing workloads on the public cloud. Business process optimization: A hybrid cloud model helps enterprises achieve business process optimization by allowing mission-critical applications to be hosted in the private cloud and non-critical applications in the public cloud. For instance, banks' IT organizations can leverage the public cloud for test and development functions, and use a private cloud for production deployment. In addition, the cloud bursting feature of a hybrid cloud environment enables enterprises to move the applications hosted in the private cloud to the public cloud to support increased demand for computing capacity. This allows enterprises to pay for actual resources used and eliminates the costs associated with maintaining IT infrastructure to cater to peak periods. This means that banks pay only for the compute resources that they actually use and are not required to invest and maintain infrastructure to cope with seasonal variations. 9
10 A hybrid cloud model allows banks and financial institutions to move non-critical back-office operations from the onpremise enterprise data center to the public cloud platform. Financial institutions can also look at hosting the underwriting engine that determines an applicant's eligibility for a mortgage product or a credit card, on the cloud, while retaining the bundling capability and customization features in the on-premise data center. Banks can also utilize cloud bursting methods to enable a seamless disaster recovery (DR) mechanism. Leveraging the public cloud for DR Disaster Recovery as a Service (DRaaS) helps banks realize significant cost benefits by eliminating the need to invest and maintain an offsite DR environment. In the event of a data center failure, the DR environment scales on-demand to maintain resource availability, thereby ensuring business continuity. A cloud based DRaaS solution thus helps banks make a faster recovery in the event of a disaster. For instance, some community banks in the US have adopted a hybrid cloud based DRaaS to improve business continuity, reduce the IT team's efforts, and increase the frequency of replication to the storage area network. Preventing vendor lock-in: Application portability between various cloud service providers is an inherent feature of the hybrid cloud model. This helps enterprises prevent vendor lock-in a situation where a customer using a certain product or service is unable to transition to a competing service provider, given the underlying intricacies in the system due to the use of proprietary tools and techniques. Adopting a proprietary cloud solution can make switching cloud service providers a formidable task by creating significant data migration and integration challenges. Banks that opt for such a service will have to undertake a complex data migration program while switching providers. Besides having adverse cost implications, the situation can become even more complicated in the absence of the necessary infrastructure post migration to the cloud. Open Hybrid Cloud: An Option Worth Exploring While transitioning to the cloud is inevitable, identifying the right hybrid cloud strategy is vital to an enterprise's future competitiveness and flexibility. Adopting the right cloud strategy will facilitate redeployment of enterprise resources from business-as-usual activities to innovation-centric initiatives. A complete replacement of the existing IT infrastructure with a hybrid cloud model is impractical and cost intensive. Similarly, migration of a particular function, technology, or a set of applications to the cloud creates new silos and augments landscape complexity, besides impeding optimal capacity utilization. Therefore, the most viable and sustainable alternative is to adopt the hybrid approach and migrate a wide range of IT assets to the cloud framework, while retaining selected workloads in the existing architecture to prevent operational bottlenecks. In addition, the hybrid cloud infrastructure should allow interoperability, and the capability to run applications in multiple environments, and in different clouds. This approach, however, requires an open standards development model. Follow an open standards development model for cloud adoption to ensure interoperability and optimal capacity utilization. An open hybrid cloud architecture, which is an ideal mix of public and private cloud, is based on open standards and offers capabilities to meet business demands, while meeting compliance, governance, and data security requirements. It enables enterprises to unlock strategic business value and realize the manifold benefits of cloud computing. An open hybrid cloud: 10
11 n facilitates portability of applications and data across multiple clouds; ensures that applications are deployed on the right platform based on the lifecycle stage; n utilizes existing IT investments and prevents the creation of new silos; n helps realize the benefits of cloud pervasively, across the enterprise IT infrastructure, by building a cloud architecture that leverages diverse systems physical servers, various virtualization platforms, and public options irrespective of the underlying technology; n allows enterprises to select most appropriate technologies from the options available, to offer a pluggable, extensible, and open Application Program Interface (API) architecture; and n frees enterprises from intellectual property restrictions, thereby preventing vendor lock-ins. Leveraging the Open Hybrid Cloud to Close the IT Service Delivery Gap Increasing IT efficiency, enhancing developer productivity, and improving business agility can prove immensely useful in closing the IT service delivery gap. This will also help enterprises to shift focus from regular maintenance to continuous innovation, facilitating the redeployment of investments from routine maintenance activities to more productive tasks. Infrastructure automation through IaaS: An open hybrid model allows organizations to link new IaaS capabilities with the legacy IT environment. An environment that enables portability allows enterprises to deploy workloads on open source IaaS, physical servers, virtual machines, or public cloud platforms. As a result, enterprises can choose the most suitable public cloud service provider, while maintaining on-premise infrastructure and retaining the flexibility to move workloads as required. Software-based distributed storage and backup ensures data connectivity between the cloud and the legacy environment. In addition, data is replicated across all enterprise data centers, which may be on public or private cloud. IaaS improves IT efficiency by automating infrastructure provisioning, thereby eliminating delays in responding to requests for additional capacity. Moreover, the self-service interface of IaaS allows users to access resources within minutes, instead of weeks, which was the case with conventional IT infrastructures. Enhancing developer productivity through PaaS: An open development framework allows developers to port existing applications into a PaaS environment, while retaining the flexibility to re-port to a virtual machine for development and test operations or the traditional physical infrastructure for production. This allows enterprises to access latest technologies and capabilities without being compelled to adopt them. The PaaS model frees application developers from the responsibility of provisioning and maintaining infrastructure, environments, and support services, allowing them to focus on core development, which in turn enhances productivity. PaaS also comes with a DevOps framework that delivers benefits such as continuous integration and delivery, while infusing agility into application lifecycle management to ensure continuous improvement. 11
12 Enterprises should ensure that the entire gamut of application platforms across the IT environment is accessible in the PaaS model as well, along with similar options for application languages and frameworks. As the PaaS model for application development gains traction among developers, the same application platforms, processes, and tools can be used for traditional IT development and workflow management, while also standardizing platforms. Increasing business agility through applications and management: While increased IT efficiency and enhanced developer productivity empower enterprises to build new application infrastructures for the cloud platform, these new applications should seamlessly connect to business, back-end services, and data. This will provide the necessary agility for enterprises to meet the varied needs of clients and scale up rapidly to respond to changing customer requirements. An open hybrid approach is the key to ensuring a seamless connect between new architectures and capabilities, and the existing environment encompassing legacy infrastructure, applications, and processes. Different patterns of the hybrid cloud The type of applications that provide the core functionality in a hybrid cloud setup, and how the application components are distributed, are two key aspects that decide the pattern of the hybrid cloud. A critical business functionality of an application can be distributed among static data centers and elastic clouds to best match its requirements. Patterns provide a framework to implement cloud services and achieve cloud computing goals. Enterprises should utilize these resources while defining their cloud strategy and building cloud application architectures. Hybrid cloud patterns fall into the following categories: n n n n n Hybrid application functions Hybrid backup Hybrid data Hybrid user interface Hybrid development environment Of these, the most commonly used patterns are hybrid user interface and hybrid development environment. 12
13 Hybrid user interface: The hybrid user interface pattern helps enterprises architect a user interface for an asynchronous interaction experiencing varying workloads. User interface components are hosted in an elastic environment like the public cloud, while the remaining application components are retained in a static on-premise environment. A loose coupling integrates UI components residing in the cloud with the rest of the application components in the static environment (see Figure 1). On-premise web application User interface component User interface component Processing component Data access component Loose Coupling Stateful component Static Elastic Figure 1: Hybrid User Interface Pattern with a Decoupled Architecture between Cloud and On-premise Environments (Source: TCS Internal) 13
14 Hybrid development environment: Different applications make different demands on the environment depending on their phase development, test, or production and consequently, these environments vary for each application based on requirements. A hybrid cloud infrastructure that involves a public cloud for development and testing and an on-premise private cloud for production deployment, is the perfect combination to optimize the software development lifecycle (SDLC) (see Figure 2). Consumer Developer/Tester Development Production Deploy Test Static Elastic Figure 2: Hybrid Development Environment with On-premise Production and Cloud-hosted Development and Testing (Source: TCS Internal) Managing the hybrid cloud Enterprises are increasingly using a mix of cloud environments, and this mix is continually expanding with new clouds being added to meet fresh demands. This assortment of varied cloud environments forms the enterprise hybrid cloud infrastructure and requires continuous management and oversight. Enterprises should adopt a solution with capabilities to support and manage a wide range of cloud environments. The solution should also be flexible enough to accommodate the addition or removal of cloud environments from the overall enterprise IT infrastructure. At the same time, it should ensure adequate governance of all environments and deliver complete application portability across multiple cloud environments and enterprise functions. Enterprises should also have a clear understanding of security risks and should follow industry best practices for effective risk mitigation. 14
15 Conclusion An in-depth understanding of the use of cloud computing, and its implications on financial operations, is likely to spur regulators to allow their adoption by financial institutions the Dutch banking regulator permitted the use of Amazon Web Services for financial operations in July 2013.² Cloud computing is therefore set to gain traction in the global financial sector. However, financial institutions can realize significant benefits by way of lower costs and faster time to market by proactively adopting cloud solutions without waiting for a regulatory mandate. To stay ahead of their peers in an increasingly competitive financial environment, banks require a high degree of business agility to anticipate and respond to market shifts. The existing IT organization within banks is unable to meet these demands, adversely impacting their market position and brand image. Closing the gap between business demands and IT capabilities has emerged as a key imperative and enterprises can achieve this by adopting an open standards-based hybrid cloud strategy.  Pressebox, De Nederlandsche Bank and Amazon Web Services Open the Door for Dutch Financial Institutions to Realize the Many Benefits of the CLOUD (July 2013), accessed June 15, 2015, 15
16 About TCS' Banking and Financial Services Business Unit With over four decades of experience working with the world's leading banks and financial institutions, TCS offers a comprehensive portfolio of domain-focused processes, frameworks, and solutions that empower organizations to respond to market changes quickly, manage customer relationships profitably, and stay ahead of competition. Our offerings combine customizable solution accelerators with expertise gained from engaging with global banks, regulatory and development institutions, and diversified and specialty financial institutions. TCS helps leading organizations achieve key operational and strategic objectives across retail and corporate banking, capital markets, market infrastructure, cards, risk management, and treasury. TCS has been ranked #2 in the 2014 FinTech Rankings Top 100 of global technology providers to the financial services industry, by both - FinTech Forward (a collaboration of American Banker and BAI) and IDC Financial Insights. TCS has also been recognized as a 'Leader' and a 'Star Performer' in Everest Group's 2014 PEAK Matrix reports for Banking and Capital Markets Application Outsourcing (AO). Contact For more information about TCS' Banking and Financial Services Unit, visit: Subscribe to TCS White Papers TCS.com RSS: Feedburner: About Tata Consultancy Services (TCS) Tata Consultancy Services is an IT services, consulting and business solutions organization that delivers real results to global business, ensuring a level of certainty no other firm can match. TCS offers a consulting-led, integrated portfolio of IT and IT-enabled infrastructure, engineering and TM assurance services. This is delivered through its unique Global Network Delivery Model, recognized as the benchmark of excellence in software development. A part of the Tata Group, India s largest industrial conglomerate, TCS has a global footprint and is listed on the National Stock Exchange and Bombay Stock Exchange in India. For more information, visit us at IT Services Business Solutions Consulting All content / information present here is the exclusive property of Tata Consultancy Services Limited (TCS). The content / information contained here is correct at the time of publishing. No material from here may be copied, modified, reproduced, republished, uploaded, transmitted, posted or distributed in any form without prior written permission from TCS. Unauthorized use of the content / information appearing here may violate copyright, trademark and other applicable laws, and could result in criminal or civil penalties. Copyright 2015 Tata Consultancy Services Limited TCS Design Services I M I 07 I 15