オペレーショナルリスク管理におけるクラウドについての考察

The last 24 months have seen tectonic shifts in cloud adoption and openness to the cloud in financial services. The forces of digitalization, intensified by the pandemic, are accelerating financial institutions’ (FI) digital transformation journey. Cloud is the lifeblood for fintech and regtech providers, while incumbent vendors are evolving their solutions mix and deployment options with a mission of making their solutions cloud friendly and eventually cloud native.

The confluence of these forces on the demand and supply sides are creating a conducive environment for greater adoption of cloud-based models across the financial services value chain, including in those functions that were previously left out of the cloud journey. Operational risk management is one such area as cloud-based solutions are seeing greater adoption in several areas in operational risk management, such as Know Your Customer (KYC), anti-money laundering (AML), anti-fraud, trade surveillance, governance, risk, and compliance (GRC), and others.

Along with a discussion of cloud adoption in these areas, in this report we highlight how 15 providers of different types and focus areas are evolving their operational risk related offerings over the cloud. These include Amazon Web Services (AWS), BAE Systems, Bottomline Technologies, ComplyAdvantage, Fenergo, FIS, Fiserv, IBM, NICE Actimize, Oracle, S&P Global Market Intelligence, SAS, Tata Consultancy Services, Tier1 Financial Solutions, and Wolters Kluwer. While not exhaustive, this group represents a good mix of various types of operational risk solutions and their providers. Furthermore, the cloud activities and plans of these providers offer a representative view of cloud-related developments taking place in the industry overall.

Cloud must play a big role for financial institutions strategizing about their medium-to-long-term technology strategy choices, even for critical functions such as operational risk. Instead of a big bang approach, cloud migration is best achieved in a gradual manner. At most FIs, cloud migration of operational risk systems is usually preceded by cloud movements of other critical systems and is typically a part of larger enterprise-wide strategies. There are also some FIs, especially medium-small sized institutions, that may not have an organization-wide cloud strategy but use cloud solutions—typically SaaS—in operational risk functions.

Providers of operational risk solutions must accelerate their cloud journey while helping on-prem clients gradually transition to the cloud. It will also be important for the vendors to develop an ecosystem strategy whereby vendors can benefit from the major platform economies and marketplaces that are likely to emerge on the back of cloud developments.