SYS-CON MEDIA Authors: Pat Romanski, Gary Arora, Zakia Bouachraoui, Yeshim Deniz, Liz McMillan

Blog Feed Post

Public Cloud Core Banking: Vendors Hype or Short term Reality?

Many large banks are IBM Mainframes users. They use mainframes for decades. They use other platforms as well, but their Core Banking systems are deployed on Mainframes.

Recently leading Cloud Computing vendors such as Amazon, Microsoft and Google approached large banks in order to start migration of systems to their Public Clouds. 

I looked for evidence supporting the notion that Banks are transforming from Mainframes to Public Clouds. I found no evidence.

I am not the one to be blamed for not finding any significant evidence, because there is no evidence supporting the notion cited above. 

Banks are using Public Clouds but...
Like many other organizations, banks are using Public Clouds applications. However, they do not use it for Core Banking systems deployment.
They use Public Clouds for applications which are less integrated with the Core Banking systems.

If they will not use Public Clouds for Core Systems, IBM Mainframes will be used for many years.

Public Clouds, Private Clouds or Hybrid Clouds
The answer to the question: Which type of Clouds are you using or you will use in the next years? will  vary.  
SMBs' frequent answer would be: Public Clouds
Large Enterprises' frequent answer would be: Hybrid Clouds.

Hybrid Clouds usage is based upon both Private Clouds and Public Clouds.

If you read a previous post titled: The Next generation of Private Clouds, you probably noticed that, according to Forrester Consulting's survey, building Private Clouds is a priority for nearly half of the large enterprises surveyed.

You may also noticed that 67% of the survey respondents said that access to Mainframe Data was critically important or very important in Clouds environments. 

Conclusions

1. Large enterprises will continue to use Mainframes.

2. Large Enterprises will use Hybrid and Private Clouds. Mainframes will be part of Private Clouds.

Large Banks will not migrate of Mainframes to other platforms if they considering including Mainframes in their Private Clouds. 

Business Barriers to Migration from Mainframes
Is there a Business Case for migrating Core Banking systems from Mainframe? 
It is difficult to justify such a large and expensive  endeavour.

The CEO or another manager would ask: What would we get for this multi year expensive endeavour?
The answer would probably be the same functionality.

Not the best answer for convincing Business oriented non-tech managers to spend a large amount of money.

Risks

1. resistance to change
Many of the current elderly Mainframe team members will not be able to adjust to new platforms and new development paradigm and tools. They are afraid of losing their jobs. 
Some of them will resist the change and will not cooperate.

2. losing expertize
The IT staff maintaining current Core Banking systems has limitations, as far as new technologies and architectures are concerned, however some of the employees have deep understanding of current systems and the Bank's Business processes and Business goals.

They also know a lot about the Organizational Culture and about people working in the Business departments. 

Many of these employees will retire or will be fired.
The new young energetic employees, replacing them,  lack understanding and knowledge of the Business, the Organization and the People.     

3. Bugs 
Even in case of no resistance to change do not expect 100% accurate migration.
New bugs introduced to the new system imply cost and less satisfied customers.    

3. missing Functionality
Undocumented functionality will not be part of the new Core Banking Systems.
The assumption that the documentation of complex old systems is full and accurate is an unrealistic assumption

4. missing Data
Replace the word Functionality in the previous section by Data. Do not expect 100% precise data migration. 

5. Misinterpreted Business Processes
The Challenges to BPM implementations include lack of Visibility and non-documented processes. 
If the Bank migrating from Mainframe, did not complete its BPM implementation, some Business Processes in the new non-mainframe systems will not be identical to current Business  

6. Co-existence and Migration process
After completion the development of new systems, these systems should be deployed.
Anything could get wrong during the actual migration process.

  
Additional Challenges 
  
 1. Security
Mainframes Security is better than other platforms Security.
In addition to the gap between Mainframe Security and Windows Security and Linux Security in non Cloud based environment, there is an issue of Public Cloud Security.

I am not sure that in house Linux and Windows based systems are more secured than Public Cloud based Linux and Windows systems. 
However, customers perceive them as less secure because they are managed by employees of another company and because their systems shared resources with other enterprises' systems.

Systems and Data Security is more important to banks than to many other enterprises. 

2. processing Large Amounts of Data
Mainframes are capable of processing large amounts of Data. High percentage of Business Data resides on Mainframes. 

3. Scalability and Workloads Management 
Current Public Clouds are based on Hypervisiors, Windows and Linux. 
Are these Operating Systems capable of supporting large amount of concurrent Banking Transactions? 
I doubt. My experience, as well as others experience, do not support the assumption that these Operating Systems will be capable of supporting and managing  properly large number of concurrent Banking transactions.  

Reasons to replace current mainframe Core Banking systems


1. Maintenance
Maintenance of old Legacy systems could be a nightmare. 

Many of the people we wrote the programs 20 years or 30 years ago are not available.

The systems are not architectured well and are not structured properly. Usually the systems are large monolithic silos.

The code was changed many times by many different people.

2. lack of Agility and a long Change Backlog  
The lack of Agility is an additional maintenance difficulty.
The Business result of the difficulty to change systems is a long list of unfulfilled change requests.
 
3. Skills unavailability
Young professional prefer to work with mainstream technologies and/or new innovative technologies. Gradual skills decline is a real problem in Mainframes environment.

Are there non-migration alternatives?
Basically there are two alternatives addressing Mainframes concerns without risky migration to other platforms:

1. Modernization
Systems modernization could be performed without migration.
The Modernized systems could be Service Oriented and may use advanced modern technologies, which are available on Mainframes.

It is not a Big Bang risky approach but it is still a long journey. Those who will decide to modernize  their Mainframe Core Banking systems will use Mainframes for more than Short Term period.
However, after completing systems Modernization they will be capable of gradual and relatively smooth migration, if they will decide to migrate.  

2. Core Banking Packages
Core Banking systems could be replaced by Core Banking packages. These packages resemble ERP products. Some of these packages can be deployed on Mainframes and on other platforms as well.

An endeavour of choosing a Core Banking Package and replacing current Core Banking Systems by it is also a long journey. Usually it is a longer journey than Modernization.

After completing the journey maintenance could be easier and cheaper, the dependency on employees is reduced and future gradual or complete migration from Mainframe is smoother and cheaper.  

Migrated from Mainframe but not the Public Cloud
After long journeys to Modernization or Core Banking packages the last thing you would think of is another migration from Mainframes to another platform.
  
Few years later you may start migration to another platform. Even if someone will migrate to Linux or Windows the systems are still deployed in his Private Cloud (or not in any Cloud).

There are still significant barriers to Public Cloud based deployment.
I will name few major barriers: Local Regulation, International Regulation (e.g. Basel 3), Security and integration with other systems in the Data Center and in other Public Clouds.  

   
Real World Case Studies? - Capital One
Amazon's leading Early Adopter is Capital One.  
Capital One is a Credit Cards company and a Large Bank. 

Capital Bank is using Open Source software, Microservices and Devops. Capital is performing transformation to Digital Banking. 

Capital Bank's CIO Rob Alexander presented a Keynote presentation in last October at Amazon's re:Invent conference.  

Alexander described how they start experimenting AWS in 2014 and how late in 2015, they launched production Mobile Banking applications based on Amazon's AWS.

I guess that the Mobile applications are using Mainframe Core Banking Applications and Data.

According to Capital One's CIO "the bank has been working closely with Amazon's team to develop the Security model". 

For more details read: 
AWS Case Study: Capital One 
AWS reinvent 2015 keynote - Rob Alexander


The private Security model will be only the first step in a long process of development of industry Security standards and implementing these standards.


Me Bank
Me bank is a full fledged retail bank. The Melbourne-Headquartered company manages 20 billion $ in assets and has 800 employees who support 280,000 customers around Australia. 

Amazon AWS is used for Development and Testing.
The Core Banking systems reside in the bank's Data Center.     
For more details read:
AWS Case Study: ME Bank


ME Bank is not a large bank. I do not know if the Core Banking Systems were deployed on Mainframes.
If they were, I would not predict migration from Mainframe in the following 5 years.

Microsoft's partner: Capgemini
Capgemini partnered with Microsoft in order to provide Cloud based Services in Microsoft's Azure

I did not find Case Studies in Capgemini's white paper Cloud Computing In Banking.

However, I found the following text: " Banks are expected to enter the cloud computing arena cautiously, with no single cloud services delivery model being a silver bullet for best meeting their demanding business needs". 

Capgemini's white paper also discussing the first methodological step of choosing the right cloud model. The models are: SaaS, PaaS, IaaS and BPaaS (Business Process as a Service). 

Microsoft's partner is preparing the methodology for banks entering the Cloud Computing arena. No Case Studies yet.

It should be remembered that the first banks that will  use Azure will be smaller banks using Windows operating system and not Mainframe based large banks. 


The Bottom Line
Mainframe was not dead in the 90ies and was not dead few years ago.
Large Banks will continue Core Banking systems deployment on Mainframes at least for the following 5 years. 

Read the original blog entry...

More Stories By Avi Rosenthal

Ari has over 30 years of experience in IT across a wide variety of technology platforms, including application development, technology selection, application and infrastructure strategies, system design, middleware and transaction management technologies and security.

Positions held include CTO for one of the largest software houses in Israel as well as the CTO position for one of the largest ministries of the Israeli government.

Latest Stories
Every organization is facing their own Digital Transformation as they attempt to stay ahead of the competition, or worse, just keep up. Each new opportunity, whether embracing machine learning, IoT, or a cloud migration, seems to bring new development, deployment, and management models. The results are more diverse and federated computing models than any time in our history.
On-premise or off, you have powerful tools available to maximize the value of your infrastructure and you demand more visibility and operational control. Fortunately, data center management tools keep a vigil on memory contestation, power, thermal consumption, server health, and utilization, allowing better control no matter your cloud's shape. In this session, learn how Intel software tools enable real-time monitoring and precise management to lower operational costs and optimize infrastructure...
"Calligo is a cloud service provider with data privacy at the heart of what we do. We are a typical Infrastructure as a Service cloud provider but it's been designed around data privacy," explained Julian Box, CEO and co-founder of Calligo, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Isomorphic Software is the global leader in high-end, web-based business applications. We develop, market, and support the SmartClient & Smart GWT HTML5/Ajax platform, combining the productivity and performance of traditional desktop software with the simplicity and reach of the open web. With staff in 10 timezones, Isomorphic provides a global network of services related to our technology, with offerings ranging from turnkey application development to SLA-backed enterprise support. Leadin...
While a hybrid cloud can ease that transition, designing and deploy that hybrid cloud still offers challenges for organizations concerned about lack of available cloud skillsets within their organization. Managed service providers offer a unique opportunity to fill those gaps and get organizations of all sizes on a hybrid cloud that meets their comfort level, while delivering enhanced benefits for cost, efficiency, agility, mobility, and elasticity.
DevOps has long focused on reinventing the SDLC (e.g. with CI/CD, ARA, pipeline automation etc.), while reinvention of IT Ops has lagged. However, new approaches like Site Reliability Engineering, Observability, Containerization, Operations Analytics, and ML/AI are driving a resurgence of IT Ops. In this session our expert panel will focus on how these new ideas are [putting the Ops back in DevOps orbringing modern IT Ops to DevOps].
Darktrace is the world's leading AI company for cyber security. Created by mathematicians from the University of Cambridge, Darktrace's Enterprise Immune System is the first non-consumer application of machine learning to work at scale, across all network types, from physical, virtualized, and cloud, through to IoT and industrial control systems. Installed as a self-configuring cyber defense platform, Darktrace continuously learns what is ‘normal' for all devices and users, updating its understa...
Enterprises are striving to become digital businesses for differentiated innovation and customer-centricity. Traditionally, they focused on digitizing processes and paper workflow. To be a disruptor and compete against new players, they need to gain insight into business data and innovate at scale. Cloud and cognitive technologies can help them leverage hidden data in SAP/ERP systems to fuel their businesses to accelerate digital transformation success.
Concerns about security, downtime and latency, budgets, and general unfamiliarity with cloud technologies continue to create hesitation for many organizations that truly need to be developing a cloud strategy. Hybrid cloud solutions are helping to elevate those concerns by enabling the combination or orchestration of two or more platforms, including on-premise infrastructure, private clouds and/or third-party, public cloud services. This gives organizations more comfort to begin their digital tr...
Most organizations are awash today in data and IT systems, yet they're still struggling mightily to use these invaluable assets to meet the rising demand for new digital solutions and customer experiences that drive innovation and growth. What's lacking are potent and effective ways to rapidly combine together on-premises IT and the numerous commercial clouds that the average organization has in place today into effective new business solutions.
Keeping an application running at scale can be a daunting task. When do you need to add more capacity? Larger databases? Additional servers? These questions get harder as the complexity of your application grows. Microservice based architectures and cloud-based dynamic infrastructures are technologies that help you keep your application running with high availability, even during times of extreme scaling. But real cloud success, at scale, requires much more than a basic lift-and-shift migrati...
David Friend is the co-founder and CEO of Wasabi, the hot cloud storage company that delivers fast, low-cost, and reliable cloud storage. Prior to Wasabi, David co-founded Carbonite, one of the world's leading cloud backup companies. A successful tech entrepreneur for more than 30 years, David got his start at ARP Instruments, a manufacturer of synthesizers for rock bands, where he worked with leading musicians of the day like Stevie Wonder, Pete Townsend of The Who, and Led Zeppelin. David has ...
Darktrace is the world's leading AI company for cyber security. Created by mathematicians from the University of Cambridge, Darktrace's Enterprise Immune System is the first non-consumer application of machine learning to work at scale, across all network types, from physical, virtualized, and cloud, through to IoT and industrial control systems. Installed as a self-configuring cyber defense platform, Darktrace continuously learns what is ‘normal' for all devices and users, updating its understa...
Dion Hinchcliffe is an internationally recognized digital expert, bestselling book author, frequent keynote speaker, analyst, futurist, and transformation expert based in Washington, DC. He is currently Chief Strategy Officer at the industry-leading digital strategy and online community solutions firm, 7Summits.
Addteq is a leader in providing business solutions to Enterprise clients. Addteq has been in the business for more than 10 years. Through the use of DevOps automation, Addteq strives on creating innovative solutions to solve business processes. Clients depend on Addteq to modernize the software delivery process by providing Atlassian solutions, create custom add-ons, conduct training, offer hosting, perform DevOps services, and provide overall support services.