The Cloud IS the Bank

A generation ago, when the Internet first arrived, it shrunk the gap between big companies and SMBs. Those smaller firms could suddenly leverage a new arsenal of online tools to compete on research, product development, customer outreach, partnerships, recruitment and just about everything else.

With the cloud, it’s a little different. With banks in the cloud, it’s very different—and very slow. And with community banks and credit unions, it’s even slower.

That’s a real pity, because these institutions represent the last mile of the banking system, and often the lifeblood of the local community and economy. These organizations know the cloud is out there, offering massive benefits, but it’s been just out of reach.

Until now.

This is not your father’s bank. . .or even your father’s cloud. This cloud features exciting technology advances and capabilities, along with economies of scale and, crucially, economies of skills—organizations don’t need a massive implementation program, a big IT department or even a replacement of legacy systems. With this cloud, 4,000 smaller banks can scale, experiment, find partners, launch new services and expand into new markets. And they can do all this leveraging Agile Compliance to protect the banks’ mandate of safety and soundness.

Agile Compliance includes a powerful blend of modern technologies (secure cloud, AI/ML, intelligent automation) and targeted processes to streamline operations, enhance efficiencies and ensure compliance. In this incarnation of the cloud, governance drives process, and process drives technology—and that’s exactly how it should be.

But first, a little context. Smaller institutions don’t get much attention but they’re actually very well run—in a tight market, they manage operations efficiently, maintain sound financing, keep their focus on core offerings and prioritize good relationships with customers. They know that even in the digital era, the personal touch makes a huge difference; the line between online and in-person banking is thin.

But there is one area with room for improvement: technology modernization. These organizations implement the most viable technologies at any given time. . .and stick with them. This illustrates what might be the biggest difference between the financial services and technology industries.

The financial services business model relies on stability and familiarity. Many smaller institutions stay in the same locations offering the same services with the same best practices for decades, even as every aspect of their environment changes. Among conglomerates, the biggest names change only through acquisition and consolidation. The barrier to entry is too high for upstarts to tackle the giants—and besides, in spirit and by mandate, this is not a market that welcomes transformation, let alone disruption.

In technology, it’s the opposite. The industry thrives on dynamic players bringing innovation and change—constant advances ensure that even the best tools can reach legacy status overnight. Many of today’s biggest tech providers didn’t exist until a few years ago, and many will be replaced in the next decade.

And when it comes to the cloud, there are even bigger problems.

Financial services providers function under constant scrutiny, heavy regulation and the threat of sophisticated cyber-crime: Security is more important than innovation. Big players allocate extensive resources to digital protection in ways their smaller counterparts can’t. In fact, a recent report from NTT Data found that a clear majority of banks, 61%, prefer to build their own technology stack rather than seek third-party options.

Big banks migrating to the cloud have largely taken the same deliberative approach that governs most of their initiatives. For example, among financial-services providers in a recent McKinsey survey, only 13% had half or more of their IT footprint in the cloud. Meanwhile, enterprise solutions are mostly developed for the largest players. There’s nothing for the little guys.

And there’s one more big variable: The American Money Laundering Act (AMLA 2020), which mandates technology modernization to reflect emerging tech-driven capabilities and new criminal methodologies. However, even when a bank acquires sophisticated software, that solution comes with a business process the bank has to follow.

That gets us to now, where the cloud is the bank.

Consider three use cases for risk management and innovation in the cloud.


Now that risk assessment and new technologies are inextricably linked, it starts with identifying specific products, services, customers, entities, and geographic locations unique to each institution. This drives major changes, such as:

  • For predictions, from rules engines to AI/ML
  • For algorithms, from costly proprietary engineering to affordable and future-proof open source technologies
  • For false positives, from 90%-plus to sub-60%
  • For approach, from process automation to Agile Compliance.


Digital ID Proofing

What is a scalable, cost-efficient and risk-based solution to measure the effectiveness of digital identity proofing to ensure that individuals who remotely present themselves for financial activities are who they claim to be? There are different perspectives.

  • Tech Vendor: Digital Identity Proofing can be done in four minutes—this problem has been solved
  • Regulators/Agencies: Digital ID Proofing is a point of vulnerability for banks and MSBs. This problem remains unsolved
  • Bank/MSB/VASP: How can we manage the risk of Digital ID proofing within the mandate for safety and soundness?


Performance Management

Are you data-rich and insight-poor? Can you deconstruct metrics to find the root cause of performance issues? Do you make key decisions based on ad hoc analysis of a spreadsheet? Does your peer review with other banks compare apples with oranges? With the new cloud:

  • Governance priorities drive the process, and process drives the technology
  • The complexity stays under the hood
  • Banks get economies of scale and economies of skills.


Smaller institutions have been shut out of the cloud because they couldn’t deploy the technology and couldn’t hire the talent. Now, bespoke solutions can be found off-the-shelf, and the existing team can manage the migration. Small banks and credit unions can adopt only what they need, customize each service to meet their own priorities, measure and manage performance against comparable banks, and ensure compliance and security more effectively than ever before.  

This will be the new generation of the bank. This is the new generation of the cloud.

Now, the cloud is the bank.