The increasing digitization of goods and services creates the need for speed in application development and deployment. This is particularly true in the financial services industry where financial technology (fintech) startups are focused on disrupting and capturing the most lucrative segments of the market.
The financial services industry has already seen a good deal of innovation in the payments sector. M-Pesa — the mobile payments solution from Vodafone and its subsidiaries that enables unbanked individuals in Africa, India, and elsewhere to receive and make payments — has been around for over a decade. Closer to home, teens and tweens are now splitting the cost of a pizza or an Uber using mobile payment apps like Venmo, which has seen 80 percent growth this year.
Many fintechs have taken advantage of modern application architectures and DevOps practices that are associated with “cloud-native” technologies. Monzo, the mobile UK bank, discussed this in their presentation Building a Bank With Kubernetes. It released its annual report in July citing growth from 0 to 750,000 customers in three years. The future is here, and it’s cloud native.
Cloud usage in financial services for CRMs, HR systems, and other “non-core” applications has been widely adopted, but the use of the cloud – and the use of cloud-native technologies – for core applications has been slower.
The Cloud Native Computing Foundation (CNCF) charter described cloud-native applications as having the following characteristics:
- Container packaged
- Dynamically managed
- Microservices oriented
Containerization enables rapid deployment and updating of applications. This is particularly true when microservices are used. And dynamic orchestration is achieved through Kubernetes. Kubernetes handles deployments, maximizes resource utilization, provides desired state management capabilities, and enables application auto-scaling.
Cloud Native Isn’t Necessarily Cloud-Bound
Cloud native is not limited to the public cloud. Cloud-native applications can be run on a private cloud and even on more traditional computing environments, however, typically the first cloud-native applications that many enterprises create do run in the public cloud.
Cloud native is frequently conflated with the environment (e.g. cloud), a platform (e.g. a PaaS like Cloud Foundry), and the benefits it provides (speed, self-healing apps, and scalability). Even leading consulting firms often refer to cloud native and Platform-as-a-Service (PaaS) as nearly synonymous.
This is somewhat understandable given the impact that the major cloud providers are experiencing. The ease of using cloud-specific tooling and services to achieve speed is alluring. But every early adopter we talk with follows a similar path:
- Get to the cloud fast —migrate, forklift, refactor, write new, but get there fast
- Let’s be more efficient in the cloud (as the bills roll in)
- We need multi-cloud and hybrid capabilities
The Challenges for Financial Services Firms
Traditional financial service companies face two primary obstacles when moving to cloud-native architectures: regulatory compliance and legacy monolithic back-end applications.
Traditionally, regulators in the U.S. and Europe tell banks and other regulated financial services companies what to do, not how to do it. This includes directives to manage service providers, including cloud providers, and to have contingency plans in place in case there are problems with the service provider. Application portability should be a key consideration in these contingency plans, and correctly designed cloud native applications can be a key enabler of portability.
There’s a growing awareness among regulators of the need to address the impact that technology is having on the financial services industry. Underscoring this, the U.S. Treasury Department released its fourth report in July 2018 on the Administration’s goals for the Financial Services Industry: A Financial System that Creates Economic Opportunities, Non-Bank Financials, Fintechs, and Innovation. The report highlights the growth of financial services by non-bank firms, chiefly fintechs. Some of the more striking data points:
- 3,300 fintech firms were created between 2010 and 2017
- Financing of fintech firms reached $22 Billion in 2017
- Personal loans by these firms went from 1 percent to 36 percent of loans in that period
Given the impact that innovation is having for financial services technologies, the report advocates for financial firms to experiment with new technologies but suggests limiting potential damage through regulatory sandboxes.
The second challenge is that most established financial services firms can’t, or won’t, get rid of monolithic core applications overnight. Unlike Monzo, which wrote its back-end in microservices, established financial services firms will need to architect hybrid applications with cloud-native front-ends running either in the cloud, in their data centers, or both. Additionally, they will need to connect to back-end services running in the data center.
Some Considerations Before Going Cloud Native
Being able to develop, run, and manage cloud-native applications in multiple environments means financial services must consider how they will address some key issues:
- Do you need the massive scalability of the cloud? To be specific, from a Kubernetes stand point will horizontal pod autoscaling be sufficient, or will you need node autoscaling?
- Does this application talk to a monolithic application on our back-end like a core banking system? If so, how will I regulate the impact of front-end volume on back-end resources?
- The rapid iteration and innovation enabled by containers, Kubernetes, and other cloud-native technologies is associated with much higher frequency of application releases. How do your current, dev, QA, and release processes align with a faster release schedule? Do you need to change your processes?
- Monitoring cloud-native applications requires a new stack, which may include FluentD, Prometheus, and maybe the ELK stack. How will I scale both cluster and application monitoring and provide the right visibility and alerts to my Dev and Ops teams?
- Trouble-shooting microservices requires tracing capabilities provided through Jaeger, Zipkin, and other solutions. These are newer tools that many organizations are not familiar with.
- Securing this new stack includes implementing container scanning, trusted registries, integration with identity and access management (IAM) for admins, and securing communication internal to Kubernetes nodes, at a minimum.
The Cloud-Native Future
Across the industry we are already seeing innovative financial services firms start to address all of these issues. Cloud-native architectures are driving innovation in data science, IoT, and other areas and will provide both the threat of being disrupted and the opportunity for innovation.