I have long believed IBM has a clear opportunity to differentiate IBM Cloud as a top option for the large financial services firms seeking to migrate more of their application portfolio to the public cloud. Nearly all of the financial services firms have tasted the benefits of public cloud on the small portion of their application portfolio least constrained by regulatory requirements. Now they want to scale their public cloud use to include a larger portion of their portfolio but face a raft of GRC (governance, risk and compliance) management complexities specific to their highly regulated industry in doing so.
Many of these firms are long-time customers of IBM’s infrastructure platforms, so I believe IBM has a unique opportunity to offer ease of platform portability to public cloud. The challenge for all public cloud providers in addressing these firms’ needs has been achieving the required combination of platform capabilities, tools support and ISV support. IBM took a new approach last fall in unifying these efforts directly with its customers with its IBM Cloud for Financial Services offer, which I see as more of a platform play than anything else. It is building a platform where many different companies can participate, drive their own revenue, which is all goodness for the end client. IBM is moving quickly on this initiative and announced further significant progress that I wanted to share today.
At the core of the effort at this early stage is establishing the key early adopters partnering with IBM in refining the cloud platform and tooling capabilities based on policies driven by regulatory requirements. IBM announced Bank of America as its first collaborator in November 2019 (see my coverage here for more). Today, IBM announced BNP Paribas has committed to be its first IBM Cloud for Financial Services anchor customer in Europe. BNP Paribas sees IBM Cloud for Financial Services furthering its cloud transformation journey as it migrates mission-critical applications to public cloud.
In partnership with Bank of America in the US, IBM has been developing its IBM Cloud Policy Framework for Financial Services. Its next step announced today is the formation of a Financial Services Cloud Advisory Council to guide the ongoing advancement of that policy framework. Howard Boville, SVP, IBM Cloud, will lead the council, and he will be joined by Chief Technology Officer Tony Kerrison representing Bank of America. The council is intended to bring top financial institutions together to jointly define and drive the industry’s strategic evolution of cloud GRC.
In May 2020, IBM announced the first engaged ISV and SaaS providers (see my coverage here for more). Today IBM announced that group has grown to 30 partners, now including the likes of Adobe, Fortinet, and VMware along with others more specifically focused on financial services. IBM says BNP Paribas plans to onboard additional financial services partners to the ecosystem across Europe later this year.
Many continue to wonder how public cloud vendors, such as IBM, can convince an industry as highly regulated and risk averse as financial services to migrate more of its sensitive operations to the public cloud. That is no longer the question. These firms are convinced they can and should eventually move many of their most sensitive applications to public cloud. They want the economic benefits from elasticity and the application development acceleration benefits from the breadth and depth of platform services and features not available on-premises, such as AI-enabled cognitive services, ease of machine learning capability development, managed databases and more. Their only question is how and when they will find vendors offering suitable options to enable their application migrations.
This is where IBM’s Cloud Policy Framework for Financial Services comes in. The framework is designed to map out cloud services architecture, implementation and evidence guidance for the ISV and SaaS ecosystem partners to meet the similar needs of the financial services firms for GRC per domain of legal requirements (by country or region).
To address the requirements from the cloud policy framework with platform capabilities, IBM combines its existing capabilities from on-premises with new tools for GRC management in the cloud. For example, IBM Cloud offers the only cloud key management service built on FIPS 140-2 Level 4-certified hardware, IBM Hyper Protect, based on IBM Z mainframes. Banks can create a cloud environment that mirrors their on-premises environment on this type of specific GRC attribute. The "keep you own keys" option enables them to lock everyone out (including IBM) — just like they can in a physical, on-premises environment – but with an encryption level unique to IBM Cloud. In terms of new tools as cloud services capabilities for GRC, IBM is developing cloud services based on the cloud policy framework requirements and adding acquired capabilities. One of the biggest challenges in public cloud is ongoing GRC management specific to financial services requirements. IBM already offered OpenPages for operational risk management and in June added the acquisition of Spanugo’s capabilities for cloud compliance management to its portfolio – all complemented by its in-house consulting firm, Promontory, to help organizations navigate firm-specific requirements.
These latest IBM Cloud for Financial Services announcements demonstrate strong early progress at a rapid clip on this initiative. With this many ISVs on board this early to invest in customization specific to this cloud environment, there are likely more financial services firms signaling interest to the cloud ecosystem. Next up for IBM is converting them into committed adopters alongside Bank of America and BNP Paribas. This forms a strong opportunity for IBM to develop sustainable differentiation in the public cloud market specific to the financial services industry via the network effect of customer adoption and ISV ecosystem leadership.
There is plenty of work ahead, but IBM is sending all the right signals in its investment. Complementing the IBM Cloud team’s engagement with its customers, IBM Research Cloud Innovation Lab will provide hands-on experience to financial services users to preview and take feedback on new concepts and experimentation.
Note: This analysis contains significant contributions by Moor Insights & Strategy Cloud Analyst, Rhett Dillingham.