The need to adapt to numerous changes in legal regulations and ensure data security are crucial for banks and companies from the financial sector. However, they give rise to many challenges, not only in compliance but also technologically. Cloud solutions are slowly replacing on-premises software due to greater flexibility and efficiency.
But does investing in them always translate into actual savings?
I asked Robert Marek, CEO and co-founder of FINGO - a fintech software house, which provides programming services and offers ready-made solutions for regulatory reporting for banks and financial institutions.
Software created for regulated financial institutions requires greater security and compliance with legal regulations. Referring to your experience, what requirements are challenging to meet in the case of cloud solutions?
Two aspects are specific to solutions created for financial institutions, significantly affecting the application architecture and how we look at costs. The first of these is data separation. The data of each tenant (company using cloud infrastructure) must be independently processed and encrypted with its own keys. This makes many SaaS solutions more challenging to scale – each entity must have a separate application, database and copies of them.
The second aspect is the cloud exit plan. Suppose a failure occurred on the part of a cloud service provider or a company providing solutions based on cloud infrastructure. In that case, financial institutions must develop an action plan that will allow them to maintain business continuity.
There are, of course, many more requirements, and to meet them all, you need to create teams consisting of specialists from various areas - not only IT engineers but also people familiar with legal requirements. Nevertheless, the requirements imposed by the legislator are reasonable.
It is widely said that the times of "free" money are over. In addition, there are rising energy costs. Companies started to optimize costs. Do you also see changes in the approach to IT service providers?
The aspect of looking at costs is becoming an increasingly important business requirement, even if it is not expressed explicitly. Therefore, it is no longer enough to have a good understanding of the functional requirements when designing cloud systems. You also need to consider what the user actually needs, and in the case of the financial market, also what is necessary due to security or regulatory and legal requirements.
The ability to listen to needs and develop cost-optimal solutions are competencies that will be sought from IT service providers. This is especially important from the perspective of those companies for which systems based on cloud infrastructure function as a permanent item in the budget.
However, regardless of whether the system being built is in the cloud or not, when choosing a technological partner, you must always be convinced that it is a trustworthy partner.
How do you verify this?
Simply by talking, by checking whether someone who provides cloud services knows how to ask the right questions. Do they try to support you, or do they take the initiative and suggest potential solutions? Do you want to work together to develop the best possible solutions for your company?
Certificates such as ISO or partnerships with cloud service providers Google or Microsoft may also be an indication.
What should you pay attention to when designing a solution based on cloud infrastructure?
Regardless of whether it is a cloud solution or not, it is important to choose the right architecture. This is the basis that, if poorly designed at the beginning, it will be a recurring nightmare during the system’s subsequent development and optimization. In the case of the financial market, security aspects and legal requirements are also important.
As a regulatory reporting SaaS provider, can you explain how cloud solutions specifically translate into savings?
Some time ago, we moved our flagship product, currently used by approximately 500 banks and payment institutions, to the cloud. Due to its functions and the need to meet many legal restrictions, the system requires a lot of resources, which, when using cloud infrastructure, greatly impacts the costs incurred. In addition, the application is used irregularly by financial institution employees - depending on the report, it may be 3 days a month or even once a quarter.
Our engineers wondered how to manage the cloud infrastructure more effectively in order to be able to sell our systems at an attractive price.
And how did you resolve this problem?
Initially, we thought about offering service only on working days and between defined hours, for example, between 06:00 and 20:00. However, this would not be comfortable for our clients. Reports for regulatory institutions must be sent by the deadline; a hefty fine is incurred if this is exceeded. Therefore, those involved in reporting work outside standard working hours (late evening or even at weekends because the required data has only just arrived) to meet the required reporting obligations.
So, we designed a lightweight starter application that is a front door to heavy reporting systems. This is where users log in, and a list of all reports is displayed here. After clicking on the selected report, the target reporting system is activated, and a window for editing the report opens for the user. The application goes into sleep mode when work is finished, or the user is inactive. Thanks to this seemingly simple solution, we were able to reduce the monthly costs of maintaining cloud products from 25% to 75%, depending on the intensity of the user's work in the system.
The most important thing, however, is that this was achieved without compromising the quality of use of the system – the user perceives it as one of the steps in creating a report. Additionally, the starter application allows us to offer further reporting products.