How organisations in financial services can achieve multi-cloud data resilience
Source: Finance Derivative
W. Curtis Preston, Chief Technical Evangelist, Druva
In the past, the financial services sector has been known for their slower pace of digital adoption. More often than not, banks and financial institutions would rely on the same legacy systems for decades and keep data locked away in data centres. Many were simply not interested in the cloud because of misconceptions that it was not secure or that would make it harder to maintain compliance.
However, this is beginning to change as myths around the cloud continue to be debunked. In fact, the cloud makes it easier to secure sensitive data, as you simply have to follow the established best practices of the cloud vendor you are using. Contrast this with the hodge podge of security practices in the typical datacenter, and you will see why those who understand the cloud tend to trust its security more than the typical datacenter.
As more organisations in financial services realise the many benefits the cloud has to offer, cloud adoption is quickly becoming the norm. In fact, Gartner expects that 75 percent of financial institutions’ infrastructure and data will be processed in the cloud this year. Even more, many are turning to multiple cloud providers to reap the benefits of the cloud’s scalability and to achieve cost savings for specific workloads. Research from Bain & Company found that this is especially true with larger enterprises, in particular. The Bain survey shows that the number of public clouds used by large organisations, including financial institutions, is almost 50% higher than for small organisations.
The multi-cloud world
What is happening alongside this shift, is that single-cloud deployments are quickly becoming a thing of the past. Organisations are being driven by the need to deploy best-of-breed applications and they are now rapidly moving to multiple cloud environments, or otherwise known as adopting a hybrid approach.
These changes have meant that, unavoidably so, the multi-cloud world is becoming the new reality. Although this is very much the case, the same Bain survey found that many executives in financial services have concerns that multi-cloud environments can become very complex – and there are legitimate reasons for this concern.
What are the challenges?
To understand these challenges, it’s important to note that multi-cloud is not something that just happens overnight. Instead, multi-cloud is a gradual evolution that typically is thrust upon teams by developers and business units adopting public cloud and SaaS applications such as Microsoft 365 and Salesforce.
As organisations adopt multiple SaaS applications and rely on multiple, diverse clouds, data becomes more distributed which creates silos. Information is inefficiently replicated across redundant storage types and locations with no central controls or visibility. In addition, as data becomes more distributed across different locations, it creates more area to attack. Threats such as ransomware remain a serious threat to financial services institutions – so much so that the banking industry alone experienced a whopping 1318 percent increase in attacks in 2021.
How these challenges can be simplified
Overcoming these obstacles may seem inconceivable for some, but it is possible. To simplify, organisations need a single solution that is inherently designed for the multi-cloud world – one that can manage data and keep it resilient across multiple environments. Yet, the delivery of such a solution is far from simple, and requires a specific skill set and expertise to get it right.
A solution that is built in the cloud and offers a single control pane is key to regaining control of multiple data sets. A true multi-cloud control pane must follow three key principles. These include:
- No infrastructure: enables an organisation to scale compute, network and storage resources as needed. An infrastructure-as-a-service approach uses application programming interfaces (APIs) to continuously monitor data assets and proactively address problems in the data infrastructure. The cloud-native solution will give IT administrators and business owners easy access to all the latest technology without requiring additional staff to manage it.
- Global policies: allows an organisation to follow best practices for data management in a holistic manner across all environments. When policies are global, it ensures that an organisation’s data resilience standards are met across the entire environment, while requiring management of these policies in only one place.
- Self-service (with central oversight): ensures any organisation can delegate certain responsibilities for maintaining data resiliency to application and data owners, while still providing IT protection administrators with centralised control. The central oversight is necessary to ensure the organisation and its data will always be protected.
Overall, it is critical that all organisations, including those in financial services, have a solution that can work across all clouds and instantly scale with their business. It isn’t possible to effectively retrofit a legacy data protection architecture into multi-cloud environments because these legacy tools were built for an appliance-centric data centre. Organisations should look to adopt an approach that fits correctly with their growing multi-cloud environment – one that enhances data resiliency and provides a better way to manage, protect and secure critical data – wherever it lives.
Unlocking the Power of Data: Revolutionising Business Success in the Financial Services Sector
Source: Finance Derivative
Suki Dhuphar, Head of EMEA, Tamr
The financial services (FS) sector operates within an immensely data-abundant landscape. But it’s well-known that many organisations in the sector struggle to make data-driven decisions because they lack access to the right data to make decisions at the right time.
As the sector strives for a data-driven approach, companies focus on democratising data, granting non-technical users the ability to work with and leverage data for informed decision-making. However, dirty data, riddled with errors and inconsistencies, can lead to flawed analytics and decision-making. Siloed data across departments like Marketing, Sales, Operations, or R&D exacerbates this issue. Breaking down these barriers is essential for effective data democratisation and achieving accurate insights for decision-making.
An antidote to dirty, disconnected data
Overcoming the challenges presented by dirty, disconnected data is not a new problem. But, there are new solutions – such as shifting strategies to focus on data products – which are proven to deliver great results. But, what is a data product?
Data products are high-quality, accessible datasets that organisations use to solve business challenges. Data products are comprehensive, clean, and continuously updated. They make data tangible to serve specific purposes defined by consumers and provide value because they are easy to find and use. For example, an investment firm can benefit from data products to gain insights into market trends and attract more capital. These offer a scalable solution for connecting alternative data sources, providing accurate and continuously updated views of portfolio companies. Using machine learning (ML) based technology enables the data product to adapt to new data sources, giving a firm’s partners confidence in their investment decisions.
But, before companies can reap the benefits of data products, the development of a robust data product strategy is a must.
Where to begin?
Prior to embarking on a data product strategy, it is imperative to establish clear-cut objectives that align with your organisation’s overarching business goals. Taking an incremental approach enables you to make a real impact against a specific objective – such as streamlining operations to enhance cost efficiency or reshaping business portfolios to drive growth – by starting with a more manageable goal and then building upon it as the use case is proved. For companies that find themselves uncertain about where to begin their move to data products, tackling your customer data is a good place to start for some quick wins to increase the success of the customer experience programmes.
Getting a good grasp on data
Once an objective is in place, it’s time for an organisation to assess its capabilities for executing the data product strategy. To do this, you need to dig into the nitty-gritty details like where the data is, how accurate and complete it is, how often it gets updated, and how well it’s integrated across different departments. This will give a solid grasp of the actual quality of the data and help allocate resources more efficiently. At this stage, you should also think about which stakeholders from across the business from leadership to IT will need to be involved in the process and how.
Once that’s covered, you can start putting together a skilled team and assigning responsibilities to kick-off the creation and management of a comprehensive data platform that spans all relevant departments. This process also helps spot any gaps early on, so you can focus on targeted initiatives.
Identifying the problem you will solve
Now let’s move on to the next step in our data product strategy. Here we need to identify a specific problem or challenge that is commonly faced in your organisation. It’s likely that leaders in different departments, like R&D or procurement, encounter obstacles that hinder their objectives that could be overcome with better insight and information. By defining a clear use case, you will build a real solution to a challenge they are facing rather than a data product for the sake of having data. This will be an impactful case study for your entire organisation to understand the potential benefits of data products and increase appetite for future projects.
Getting buy-in from the business
Once you have identified the problem you want to solve, you need to secure the funding, support, and resources to move the project ahead. To do that, you must present a practical roadmap that shows how you will quickly deliver value. You should also showcase how to improve it over time once the initial use case is proven.
The plan should map how you will measure success effectively with specific indicators (such as KPIs) that are closely tied to business goals. These indicators will give you a benchmark of what success looks like so you can clearly show when you’ve delivered it.
Getting the most out of your data product
Once you’ve got the green light – and the funds – it’s time to put your plan into action by creating a basic version of your data product, also known as a minimum viable data product (MVDP). By starting small and gradually enhancing with each new release you are putting yourself in the best stead to encourage adoption and also (coming back to our iterative approach) help you secure more resources and funding down the line.
To make the most of your data product, it’s essential to tap into the knowledge and experience of business partners as they know how to make the most of the data product and integrate it into existing workflows. Additionally, collecting feedback and using it to improve future releases will bring even more value to end users in the business and, in turn, your customers.
Unlocking the power of data (products)
It’s crucial for companies in FS to make the most of the huge amount of data they have at their disposal. It simply doesn’t make sense to leave this data tapped and not use it to solve real challenges for end users in the business and, in turn, improve the customer experience! By adopting effective strategies for data products, FS organisations can start to maximise the incredible value of their data.
HOW SMALL BUSINESSES CAN FIGHT BACK AGAINST POOR PAYMENT PRACTICES
Source: Finance Derivative
SMEs across the UK are facing a challenging economic environment and late payments pose a severe challenge to maintaining cash flow. Here, Andrea Dunlop, managing director at Access PaySuite, explores the challenges facing small and medium sized businesses, the risks that late payments carry, and what can be done to secure timely payments, in full.
It’s estimated that UK businesses are currently owed more than £23.4bn in outstanding invoices. For all businesses, managing the outward flow of products and services with a steady incoming cash flow is a fine balance – with unexpected disruptions and complications capable of causing catastrophic problems.
Late and delayed payments have been identified as a significant challenge for SMEs – an issue that has scaled over recent years. In fact, in its latest report, the Federation for Small Businesses (FSB) stated that the UK is “almost unique in being a place where it is acceptable to pay small businesses late”.
The FSB also states that this “will remain the case without further action” and, as such, has called for government action to put a stop to these damaging trends.
Small businesses form a vital part of the economic ecosystem – in 2022, it was estimated that 99% of UK businesses were SMEs – so poor payment systems not only present a very real threat for individual businesses, but for the UK economy as a whole.
Despite this strong case for urgent action to be taken, changes to legislation can be a slow process and, in the face of ongoing economic pressure, small businesses need more immediate solutions.
Although businesses are at the liberty of their customers and clients, there are a number of actionable steps SMEs can take to increase the rate of prompt and complete payments.
The impact of late payments for SMEs
Published in Q4 2022, research published by the ICAEW demonstrates that around half of invoices issued by small businesses are paid late.
More often than not, small businesses operate within a chain of regular suppliers and customers. These chains can include multiple business links, stretching across sectors and regions. As a heavily interwoven ecosystem, if one ‘link’ in the chain is damaged by late payments and unreliable cash flow, the delays can quickly escalate and create a domino effect of complications across the whole system.
With a lack of consistent income, SMEs are more likely to be prevented from paying their overheads and suppliers on time.
As late payments add up and push multiple businesses into a negative cash flow, the problem can continue to snowball.
Simply put, extended periods of unreliable and heavily reduced payments put whole supply chains of companies in very dangerous financial positions – especially as running costs remain high.
Combined, the complexities arising from late payments and the vast scale of the issue, demonstrates a clear need for systemic change.
Current government action
At the end of January, the government published a review of the reporting of payment practices first introduced in 2017 .
This review stated that the government is committed to “stamp[ing] out the worst kind of poor payment practices within the business community”.
The 2017 Payment Practices and Performance Regulations require all large UK companies to report publicly on their payment policies, practices and performance, to ensure accountability.
Following its review, a new consultation has been launched, seeking the opinion of business owners on current regulations – asking whether this existing policy should extend beyond its current expiry date, 6 April 2024. This consultation is part of a wider examination of payments in the UK.
Delving into issues including the emotional and psychological impact of late payments on small business owners – as well as analysing how banks and technology can help – the government’s review is a welcome development, but SMEs need to take more immediate action to strengthen their payment processes.
What can SMEs do?
With the government consultation finalising at the end of April, the future of the payment landscape in the UK will soon be made clearer – but what actions can SMEs take to immediately strengthen their payment processes?
For many SMEs, payment systems are low down the list of priorities, and the fear of disruption or additional costs can lead many to turning a blind eye to problems with their existing systems. But, with challenges around cash flow increasing, investing in a flexible and comprehensive payment system could be an incredibly worthwhile investment.
Issuing regular invoices takes a lot of time, and when working across different clients with different payment frequencies invoicing can lead to unnecessary complexities.
Instead, systems that enable customers to set up direct debits ensure payments are completed on a set date, reduce additional paperwork and still allow bespoke schedules for each client or customer to be arranged.
In many SMEs, missed payments can easily get lost in piles of paperwork and human-error can result in problems down the line. When using digital payment systems, should a missed payment occur, automated capabilities ensure the issue is flagged, and any outstanding challenges can be resolved in a timely manner.
With payments and invoicing automatically managed in a centralised database, countless hours that would otherwise be spent on repetitive and laborious administrative work are saved.
As well as reducing the amount of staff time spent managing processes and tracking financial activity, a reliable payment system delivers benefits for customers too, and contributes towards greater service and boosting brand loyalty.
In the coming weeks and months, new government guidance should clarify legislative expectations for businesses regarding payments. But, with smart investment in specialist software solutions, our country’s vital SMEs can take the necessary safeguarding steps to boost payment security and thrive through this tough financial time.
Less than a year until EMIR Refit: how can firms prepare?
Source: Finance Derivative
Leo Labeis, CEO at REGnosys, discusses everything that financial institutions need to know about EMIR Refit and how they can prepare with Digital Regulatory Reporting (DRR).
There is now less than a year until the implementation date for the much-anticipated changes to the European Markets Infrastructure Regulation (EMIR). The amendments, which are set to go live on 29 April 2024, represent an important landmark in establishing a more globally harmonised approach to trade reporting.
Despite the fast-approaching deadline, concerns are growing around the industry’s preparedness, with a recent survey from Novatus Advisory finding that 40% of UK firms have no plans in place for the changes, for instance.
Much of the focus in 2022 was on implementation efforts for the rewrite of the Commodity Futures Trading Commission’s swaps reporting requirements (CFTC Rewrite), which went live on 5 December. Both the CFTC Rewrite and EMIR Refit are part of the same drive to standardise trade reporting globally. While EMIR Refit was originally anticipated to roll out first, implementation suffered from repeated delays to its technical specifications, in particular the new ISO 20022 format. The ISO 20022 mandate was eventually excluded from the first phase of the CFTC Rewrite, hence the earlier go-live date.
In parallel, the Digital Regulatory Reporting (DRR) programme has emerged as a key driving force in helping firms adapt to continually evolving reporting requirements. Having participated in the DRR build-up for their CFTC Rewrite preparations, how can firms leverage these efforts to comply with EMIR Refit in 2024?
The drive to standardise post-trade
To understand the new EMIR requirements, it is important to first look at the two main pillars in the global push to greater reporting harmonisation.
The first is the Committee on Payments & Market Infrastructures and International Organization of Securities Commission’s (CPMI-IOSCO) Critical Data Elements (CDE), which were first published in 2018 to work alongside other common standards including the Unique Product Identifier (UPI) and Unique Trade Identifier (UTI). These provide harmonised definitions of data elements for authorities to use when monitoring over the counter (OTC) derivative transactions, allowing for improved transparency on the contents of the transaction and greater scope for the interchange of data across jurisdictions.
The second is the mandating of ISO 20022 as the internationally recognised format for reporting transaction data. Historically, trade repositories required firms to submit data in a specific format that they determined, before applying their own data transformation for consumption by the regulators. The adoption of ISO 20022 under the new EMIR requirements changes that process by shifting the responsibility from trade repositories to the reporting firm, with the aim of enhancing data quality and consistency by reducing the need for data processing.
Preparing for the new requirements with DRR
DRR is an industry-wide initiative to enable firms to interpret and implement reporting rules consistently and cost-effectively. Under the current process, reporting firms create their own reporting solution, inevitably resulting in inconsistencies and duplication of costs. DRR changes this by allowing market participants to work together to develop a standardised interpretation of the regulation and store it in a digital, openly accessible format.
Importantly, firms which are using the rewritten CFTC rules which have been encoded in DRR will not have to build EMIR Refit from scratch. ISDA estimates that 70% of the requirements are identical across both regulations, meaning firms can leverage their work in each area and adopt a truly global strategy. DRR has already developed a library of CDE rules for the CFTC Rewrite, which can be directly re-applied to EMIR Refit. Even when those rules are applied differently between regimes, the jurisdiction-specific requirements can be encoded as variations on top of the existing CDE rule rather than in silo.
Notably the UPI, having been excluded from the first phase of the CFTC Rewrite roll-out, is mandated for the second phase due in January 2024. DRR will integrate this requirement, as well as others such as ISO 20022, and develop a common solution that can be applied across the CFTC Rewrite and EMIR Refit.
As firms begin their own build, the industry should work together in reviewing, testing and implementing the DRR model. Maintaining the commitment of all DRR participants will strengthen the community-driven approach to building this reporting ‘best practice’ and serve as a template for future collaborative efforts.
Planning for the long-term
Although the recent CFTC Rewrite and next year’s EMIR Refit are centre of focus for many firms, several more G20 regulatory reporting reforms are expected over the next few years. These include rewrites to the Australian Securities and Investments Commission (ASIC), Monetary Authority of Singapore (MAS) and Hong Kong Monetary Authority (HKMA) derivatives reporting regimes, amongst others.
Firms should therefore plan for the entire global regulatory reform agenda rather than prepare for each reform separately. Every dollar invested in reporting and data management will go further precisely because it is going to be spread across jurisdictions, easing budget constraints.
Looking ahead, financial institutions should establish a broad and long-term plan is to learn from their CFTC Rewrite preparation and how DRR can be positioned in their implementation. For example, firms should ask themselves which approach to testing and implementing DRR works best: via their own internal systems or through a third-party? Firms should review what worked well in their CFTC Rewrite implementation and apply successful methods to EMIR Refit. Doing so will enable firms to have a strong foundation for future updates in the years to come.