Professional Documents
Culture Documents
Three-Big-Moves-That-Can-Decide-A-Financial-Institutions-Future-In The-Cloud
Three-Big-Moves-That-Can-Decide-A-Financial-Institutions-Future-In The-Cloud
©Getty Images
August 2022
Most financial institutions today have a presence particular data center. Focusing on a few of these
in the cloud, but adoption in the financial-services kinds of high-impact “lighthouses” can be effective
sector is still at a relatively early stage. Among the in creating early momentum. However, institutions
financial-services leaders who took part in a recent that do not define an overall aspiration and put in
McKinsey survey, only 13 percent had half or more place the right success factors to achieve it often
of their IT footprint in the cloud. But migration to the fail to capture value from the cloud.
cloud is gathering momentum. More than half of the
survey respondents—54 percent—said they expect
to shift at least half of their workloads to the public Three shifts to accelerate your cloud
cloud over the next five years.¹ migration
Working with dozens of financial institutions
Given the value at stake, this sense of urgency is on their cloud migrations, we have found that
hardly surprising. A McKinsey analysis found that those seeking to evolve beyond nascent cloud
Fortune 500 financial institutions alone could programs need to make critical shifts across three
generate as much as $60 billion to $80 billion in dimensions: strategy and management, business-
run-rate EBITDA in 2030 by making the most of the domain adoption, and foundational capabilities
cost-optimization levers and business use cases (exhibit). Which dimensions they choose to
unlocked by cloud.² prioritize or emphasize will depend on their
particular needs and the stage they have reached
Some early adopters are already making inroads in their cloud journey.
into this pool of value. One European bank was
able to deliver the same output with 20 to 30 1. Strategy and management
percent smaller teams, after onboarding them From ‘We need to experiment’ to ‘Cloud is in our
on DevSecOps and cloud. Another bank in Asia future’
that migrated more than half of its workloads to The most important step a financial institution
the cloud can now develop and launch multiple can take in capturing cloud’s value is building
new products rapidly and at scale in international awareness across the organization about the
markets. And another European bank has partnered practical value of cloud as distinct from the exciting
with a leading cloud service provider (CSP) to marketing material from vendors.
develop AI-based cyber-defense capabilities to
improve security for its customers. One route is to use lighthouses to demonstrate
the future value potential and make them truly
These examples are still outliers in the financial scalable. We find, however, that many institutions
sector, where most companies have been tentative use what they call lighthouses as limited-life-span
about moving to cloud at scale. There is good reason experiments. Persuading them to change that
for this hesitancy, since cloud migration is uniquely mindset and to treat them instead as “incubators”—
complex for financial institutions. Furthermore, the which, with the right support and capability
IT landscape at financial institutions is particularly building, could be practical at-scale destinations
varied, with 40-year-old applications running themselves—is a big unlock. The best way to
alongside more modern systems. convince a CFO that cloud can reduce total cost
of ownership or a business leader that cloud can
These challenges and others have led financial speed innovation is to demonstrate that it does.
institutions to move in a more incremental fashion
when it comes to cloud, running limited experiments, Another route is to work with CSPs as partners
for example, or targeting a subset of applications rather than vendors. Striking strategic deals can
based on the ease of migrating them, or phasing lower barriers to entry, especially costs, and
their efforts to coincide with a planned exit from a signal full-scale commitment to cloud across
1
McKinsey survey of 120 C-level executives from regional banks, large commercial banks, payments providers, and other financial institutions,
conducted in 2020; McKinsey Infrastructure and Cloud webinar 2020.
2
See Exhibit 1 in “Cloud’s trillion-dollar prize is up for grabs,” McKinsey Quarterly, February 26, 2021.
2 Three big moves that can decide a financial institution’s future in the cloud
Exhibit
Shifts are
Shifts are required
requiredacross
acrossthree
threedimensions
dimensionsto
toaccelerate
accelerate cloud
cloud migration.
migration.
From To
Three big moves that can decide a financial institution’s future in the cloud 3
value. Moving cloud out of the realm of an IT project efficiency, the business benefits have been
to a business-backed initiative requires two things: significant. The company has increased the
velocity of its application modernization by 300
— First, change the operating model. Companies percent, improved data integration between
that have the most success have a working the parent company and the acquisition, and
model where technology and business work established protocols that support the easy reuse of
together in cross-functional teams. This applications or features developed for different use
approach orients the entire cloud migration cases. This has both decreased the time required
toward the business value it might generate. to launch new products and increased customer
satisfaction.
— Second, start your migration at the domain
level—a complete product, service, or 3. Foundational capabilities
function, such as the checking suite or security From ‘Migrate apps but keep the same processes
foundation—rather than by opportunistically in place’ to ‘Automate as much as possible and
moving disparate applications. Migrate one install a hybrid ops foundation’
business domain and use it to build a repeatable The short-term, incremental approach to cloud
approach, complete with support skills, that migration creates significant barriers that make it
can be rolled out domain by domain across all but impossible to scale. For instance, defaulting
the institution. In the interest of practicality, to on-premises security controls, which are not
companies sometimes choose to start with well suited to the cloud, leads to delays or, worse,
applications, which are easier to migrate, as breaches. Investing in migrating apps without
a way to build skills and experience. But the investing in a strong cloud foundation creates an
full value of migration comes when those economic reality where each successive app costs
applications are mutually reinforcing within at least as much if not more to migrate than the
a domain. One institution calls this effect first one. That’s because this approach doesn’t
“app magnetism.” Within these parameters, address the underlying infrastructure, security, and
joint teams calibrate the level of application governance processes and merely transfers to the
modernization needed to capture business cloud existing process and operational issues that
benefits and then build a pipeline of business increase the “tech debt” the cloud is creating for
use cases that can be enabled in the cloud, such management.
as advanced analytics use cases, AI-enabled
process automation, and innovative customer Building out an effective cloud foundation requires
journeys. doing a variety of things, such as setting up the right
number of isolation zones to limit fallout from issues
One leading payments company initially struggled affecting any one application. One of the most
to make much progress on its cloud aspirations important actions is to automate everything that is
because it was limited to an “IT initiative.” That possible to automate. Successful cloud innovators
changed when it needed to integrate a major do the following:
acquisition. Successful integration required closer
collaboration between the business and technology — automate infrastructure processes through
groups, which allowed the company to shift its cloud infrastructure as code (IaC)
strategy to a top business priority, a significant
unlock. — implement end-to-end application patterns
that can be consumed as code by developers to
In addition, the deal enabled the company to pilot enable a frictionless, self-serve experience
new products on cloud as well as to modernize
its IT’s core transaction-processing system. — use automated continuous integration/
The company has since mandated that all new continuous delivery (CI/CD) pipelines
development will occur only in the cloud platform.
— adopt “policy as code” (PaC) and “security as
Over and above the benefits to IT, such as the code” (SaC)
consolidation of data centers and greater cost
4 Three big moves that can decide a financial institution’s future in the cloud
SaC essentially automates the testing of application period when it is operating in more than one
and infrastructure code to ensure that it meets environment.
security, resiliency, and compliance needs using
policies that are instantiated as code rather than in When one US regional bank began its migration,
word-processing documents. Any code that doesn’t it planned to move 40–50 percent of its IT
meet these policy requirements is automatically workloads to the cloud within three years, with
rejected before it’s deployed. What needs to be the rest following in the next few years. But
corrected is clearly articulated so that the code can halfway through the first phase of the effort, it
come into compliance. found that provisioning cloud infrastructure, such
as environments, network changes, and access
When properly implemented, this SaC approach and identity management, still took three to four
can also allow companies to more easily and clearly months—nowhere near the target of less than 24
meet regulatory requirements and satisfy audit hours. Only some aspects of the process had been
needs without significant disruptions. To define how automated, forcing application teams to continue
the new foundations will improve the institution’s using manual security controls and ticket-based
compliance, security, and resilience, top institutions requests, which introduced significant delays,
integrate their risk functions across all three lines of limited the agility that cloud was expected to bring,
defense. and created additional risk.
This focus on automation also extends to FinOps Leaders decided to hit pause in order to build
(financial operations), the process of dynamically technical tools and capabilities that would enable
managing application costs in the cloud. Because them to make faster progress in the future. To lay a
the cloud is so dynamic—new servers can come firm foundation, they committed to fully automating
online as needed, and capacity can be extended their cloud foundation and security controls.
to meet unforeseen spikes in usage—automating Another key step was to streamline policies and
finances can help to flag or adjust financial issues to governance processes to take advantage of
keep costs in line with the business’s goals. automation and minimize manual handoffs. Thanks
to these and other efforts, the bank now expects
Lastly, leading institutions also rewire their to complete its cloud migration and exit its data
operating model across application development, centers ahead of its original schedule.
infrastructure, risk, and security to take full
advantage of the automation enabled by cloud,
particularly during the period before the full cloud
migration is complete. This requires DevOps While most financial institutions are still early in their
and site-reliability-engineering (SRE) practices, cloud journey, we are already seeing a widening
productized infrastructure services, outcome- gap in success between those taking a tentative,
driven governance, and engineering-centric experimentation approach and those working
capabilities. This “hybrid ops” management of both backwards from a well-defined destination to
on-premises and cloud operations—for incident architect lighthouses and a plan characterized by
management, as an example—can set the stage for the three shifts outlined here. We believe this offers
the institution’s eventual cloud destination while financial institutions their best chance of capturing
making sure nothing slips during the extended the significant business value cloud can offer.
Chhavi Arora is a partner in McKinsey’s Seattle office, Aaron Bawcom is a distinguished cloud architect in the Atlanta office,
Xavier Lhuer is a partner in the New York office, and Vik Sohoni is a senior partner in the Chicago office.
Three big moves that can decide a financial institution’s future in the cloud 5