Fintech is prominent in today’s business lexicon, having migrated from the back office to a prominent position in both consumer and commercial finance. Its core functionality on mobile devices and wide application in artificial intelligence (AI) spans blockchain, smart contracts, banking, insurance, regulation and cybersecurity. And Amazon Web Services (AWS), a major cloud player, is the go-to provider for small and mid-sized businesses.
AWS delivers internet-based, on-demand computing, servers, storage, remote computing, mobile development and security, and a host of other information technology (IT) resources, all on a pay-as-you-go basis. This means that companies can gain unfettered, rapid access to low-cost, flexible services, with no up-front investment in hardware, software consulting and design, or expensive-to-maintain data centers.
Companies can operate faster, more securely and less expensively, preserving their most valuable resources: time and money. Furthermore, the AWS Management Console is user-friendly. It is simple, intuitive and accessible on the web or through the AWS Console mobile app. Wide adoption means lower costs from economies of scale.
AWS has mushroomed since its introduction a decade ago—posting $5.1 billion in revenue for fourth quarter 2017 and a 44.6 percent increase in year-over-year sales. AWS’ business model enables financial services firms and banks to scale up and down with increasing speed and agility. They can target new market segments, such as millennials—the fastest-growing consumer base—instantly, and easily offer an uncomplicated, compelling and accessible banking experience, appealing to a broad range of customers anywhere in the world.
Users’ traditional security concerns are assuaged with the AWS infrastructure, which aligns with best security practices, including SOC 1 and SOC 2 assurances. Third-party attestations and helpful white papers are available at its AWS Security Center at aws.amazon.com. AWS’ reliable development environment supports establishing a firewall via separate accounts for development and production. Companies can try new features, conduct product experiments and perform user acceptance testing (UAT) without compromising the integrity of existing applications or disrupting active operations.
Although AWS offers quick, easy and simple solutions, users need assurance of adequate controls to protect the underlying database. Company decision makers must clarify who controls the data and how security is managed before migrating their data.
Minimum precautionary measures include encrypting data, limiting the amount of data stored and insisting on multifactor authentication. Data ownership is a murky issue with AWS, and companies’ data could be mined to gain a competitive advantage.
AWS fintech customers should understand that segregation of duties is paramount. Oftentimes, small organizations have a chief technology officer who is also responsible for development, design and support. These multiple duties can create a control issue. Additionally, fintech companies may not have clearly defined production schedules, so they often make changes during the day. Segregating the production from the development environment mitigates the risk of unauthorized changes.
The overarching issue of regulation is major.
The Financial Stability Board, an international body that monitors the global financial system, highlights 10 issues that supervisors and regulators must heed, and three have top priority
- First is an oversight structure to govern third-party service providers, including cloud computing and data services.
- Second is mitigating cyber risks by maintaining contingency plans for cyberattacks and focusing on cybersecurity when designing IT systems.
- Third is monitoring macro financial risks against undue concentration and large and unstable funding flows.
These top issues have particular application to fintech where traditional risk management functions may not suffice. Blockchain and robotics technologies demand a risk management framework. Firstly, this framework should examine underlying assumptions. Secondly, it should revise risk tolerance levels and acceptable risks. Finally, it should increase stress testing and simulations.
AWS has earned a solid reputation in the marketplace—it is more than 10 times the size of its nearest competitor—and its prominence will increase. Small and medium-sized businesses have championed its ease of use, cost savings and scalability. However, they must protect data and avert potential operational risk.
This article was originally published by BankDirector.com on April 17, 2018.
Click here to view original article.