"potentially fungible data centres"- now they sound like fun places to work!!!!!
Euro bank regulator: Don't follow the crowd. Stay off the cloud
An EU financial regulator has warned that banks moving to the cloud are at risk of vendor lock-in as well as transferring IT jobs to "subcontractors from high-risk areas". The EU Banking Authority, which regulates the financial regulators of member states, has issued a report looking at the risks of "fintech", the fashionable …
COMMENTS
-
Wednesday 4th July 2018 08:36 GMT Anonymous Coward
I wonder?
Quote:-
An EU financial regulator has warned that banks moving to the cloud are at risk of vendor lock-in as well as transferring IT jobs to "subcontractors from high-risk areas".
I wonder if they include India in their High Risk Areas?
With the current speed of 'off shoring' to improve the bottom line (as long as nowt goes wrong that is...) it won't be long before all the UK banks IT will be totally offshored. Then the Indian contractors will move the whole thing to the cloud and before you know it, even the systems will be located in some backstreet of Mumbai, Kolkata or Pune.
Never mind, we have the EU to stop it... Oh Wait we don't. so much for being in control!
-
Wednesday 4th July 2018 09:08 GMT Teiwaz
Re: I wonder?
Oh Wait we don't. so much for being in control!
Wrestling control away from the corrupt oligarchs in Europe just means handing it to a smaller, more amateurish group of corrupt oligarchs in Westminster.
It's amazing though, that Banks need to be told what seems like the obvious to anyone with even half a grasp of IT.
Kind of like don't hand your lifesavings to someone who's likely to leave them on the bus and just shrug and deny any culpability when confronted.....
wait, sub-prime? - perhaps Banks do need to be told how (and probably have their laces tied by a responsible adult).
-
-
Wednesday 4th July 2018 12:44 GMT Gordon 10
Re: I wonder?
@Naive - I think your handle is dead on. Unless you are trolling you are very very naive.
ALL Banks offshore everything they can get their hands on but especially Ops. The only difference is the locations to which they offshore. But India is always high up the list because they all use the 4-5 big Indian IT outsourcers. The Philippines or Indonesia are other favourites due to the large proportion of staff who speak English, and whether you like it or not the international language of banking is English.
-
-
-
-
Thursday 5th July 2018 09:25 GMT Anonymous Coward
Re: It's just somebody else's computer
That is true, but moving to a cloud (outsourcing 1) puts your data on someone else's hardware, which is a loss of control, and then underfunding your IT department while paying a separate company to takeover IT (outsourcing 2), is another loss of control. At what point does the board simply move all operations, including accounting to the lowest cost centre (outsourcing 3)? What shocks me is that companies that earn their predominant income in an area like a particular country are allowed to outsource any jobs to separate companies or even worse out of that country. All this brought to you by Globalization and the greed of the already obscenely wealthy.
-
-
Wednesday 4th July 2018 14:04 GMT Sir Runcible Spoon
When will they learn? (Beancounters)
Outsourcing something doesn't magically make it cheaper, it just hides the costs.
If you want to know how much something costs, work out how much it would be to set up a team with the requisite skills (assuming you don't have them) plus the hardware and the time required, you can save support costs by retaining some of the people that build the thing if you like, or just get in drones and let them call the vendor. That's probably going to be the cheapest model in the long run, although it is a lot more hassle to manage and you can't blame someone else if it goes Pete-Tong.
If another company offers to do it for significantly less, you have to start looking at where they are going to hide the charges. A company that does this well and protects themselves from hidden costs can look forward to being sacked as a customer as the outsourcer will likely be losing money on you hand over fist.
Get the right people and you can half development time, remove expensive support contracts and create a lot of good will with your customers, leading to repeat business and continuity. That is a *lot* cheaper in the long run than the scenario's I see playing out every day, where the external supplier provides sub-par developers who do a crap job, then you have to get contractors in at 3* the price *in addition* to sort out the mess, then hand it all back to the people who fucked it up in the first place. Oh, and you can at least double the development time too.
They (beancounters) really need to learn how to count properly, but that would require a level of trust in your IT specialists - I don't see that happening any time soon. I often get the feeling that cost is the last thing they are actually worried about, no matter what they might say.
-
Wednesday 4th July 2018 14:18 GMT Martin M
Lock-in?
Regardless of the rest of the arguments - and I agree there lots of things that need to be thought about carefully before putting mission-critical workloads on the cloud - I just don't understand the lock-in point. Do you have more vendor lock-in with your core banking system being:
a/ Crufty CICS code that few people understand on an IBM mainframe with infrastructure and operations outsourced to IBM, as is currently the case at many banks.
b/ A modern banking application on a commodity OS hosted using cloud IaaS services, which could (at least in theory) be hosted pretty much anywhere.
You have to understand how you would migrate data out again if you needed to - although if you're sensible you do this continuously anyway to an independent location. You need to be careful to minimise your use of cloud-specific services - if you use AWS Dynamo all bets are off (in all sorts of ways).
Migrating will still be a pain as you will have to do massive amounts of testing, but frankly that will apply if you upgrade the OS on a server in your data centre, so you need to be able to do that quickly and efficiently in any case.
-
This post has been deleted by its author
-
-
Wednesday 4th July 2018 14:47 GMT steelpillow
What could possibly go wrong?
You'd have thought that the disaster of outsourcing customer support to "high-risk areas" would have taught them something. But no, provided there is a contractor between us and the high-risk area, it'll be fine.
Vendor lock-in? Shit, if they cause trouble we'll just buy 'em up and dump on 'em good and proper. Surely they can never grow bigger than us.
-
Wednesday 4th July 2018 14:48 GMT Chronos
They catch on fast, don't they?
Most of us have only been saying this since the idea of "cloud computing" (someone else has all your valuable data and your virtual testes in a hydraulic press) came along which was, what, ten years ago at least?
Very unusual for a monolithic, stagnant, stuffed-shirt sector to wise up so quickly. What's next? The government doing shit itself rather than handing it all to Crapita to underestimate, overspend and miss the deadline on?
Nah, too far fetched.
-
-
Thursday 5th July 2018 08:45 GMT Paul 195
Just be sensible
Keep your crown jewels locked up in your own data-centre/private cloud, but take advantage of public cloud for scaling for your public facing web services etc. And be aware that vendor lock in is definitely a thing with public clouds. Your code running on commodity hardware is easily portable, but all the metadata and scripts that keep your service elastic and fault tolerant are not.
-
Thursday 5th July 2018 23:04 GMT Claptrap314
Cloudy clouds
As I keep saying, cloud providers can provide resiliency that is entirely beyond the reach of SMB, and for a reasonable price.
But my immediate question for banks, is: what exactly are your uptime requirements? It's not at all clear to me that they even need three nines. As others have mentioned, the web front end might be nice and cloudy, but the core business operates off a distinctly 18th-century model of availability. Unless and until I can have final clearance of a check from a major bank in seconds, the banking system is not the least bit interested in five- or six-nines of resiliency.
If some bank(s) WERE attempting to bring banking into a modern era, then some sort of cloud-based solution would be required. See previous discussion regarding the necessary issues, but suffice it to say that the EU is almost big enough to set up a complete system. (FTR, I say the same thing about the US--you really want to span eight or nine time zones minimum.)
-
Friday 6th July 2018 14:15 GMT Dave 13
Reward vs risk calculation
It's human nature to value reward over risk and our financial institutions seem more in tune with that than ever. The real problem with reports like this is that those who ignore the stated risks and get caught with their knickers down never seem to get any real punishment. Stupid pointy-haired-boss decisions mainly affect customers and low-level employees - otherwise known as scapegoats.