19 September 2024. A guest article for Cloud Computing Insider by Jochen Werne
Please find original article written in German and the original source by clicking on this LINK. Translation into English made with DeepL.com. Photo Sources: ChatGPT, CloudComputingInsider, JochenWerne
Imagine a world in which companies can make more accurate predictions and work more efficiently by using cloud-based artificial intelligence. Despite this promising prospect, many companies are hesitant to take this step.
But why is the cloud crucial for the use of scalable AI applications? Many financial service providers and telecommunications companies are looking for ways to improve the accuracy of their credit risk and fraud models by using AI, for example. The cloud plays an important role here.
The efficiency gains offered by AI are based on the fast and secure linking of data from diverse sources. Cloud technology makes it easier to connect data streams and enables different internal teams to work securely with information from different systems. The cloud can also provide the computing power needed to efficiently process and manage the large amounts of data required for AI and machine learning (ML). It offers the flexibility and scalability needed to develop, deploy and operate the software capabilities that ultimately enable the integration of AI into the loan decision process.
Harness the power of AI with the cloud
According to a survey conducted in autumn 2023 by Experian together with Forrester, which polled almost 900 international executives from the financial services and telecommunications sectors, 79 per cent of decision-makers from EMEA and APAC region are prioritising investment in software-as-a-service (SaaS) and cloud technology – with the same proportion of decision-makers surveyed in Germany prioritising the cloud (79%).
This is hardly surprising given the benefits of the cloud, such as improved security, faster processing speed, lower maintenance costs and elastic flexibility. While these benefits are widely recognised, there are still some challenges to adopting the cloud in the areas of AI and credit risk management. The resulting hurdles are causing some companies to hesitate to benefit from cloud deployment in this area of business as well – but these concerns can be overcome on closer inspection.
Those who already use the cloud
Our research shows that cloud adoption is already well established internationally: the executives surveyed report that 71 per cent use external cloud providers for their credit risk software (in Germany: 72 per cent), 69 per cent use them for identity and fraud risk management (in Germany: 65 per cent) and 70 per cent use the cloud for analytics platforms (in Germany: 66 per cent).
The study highlights that, although there are differences, most countries deviate only slightly from the average. According to our research, India has the highest rate of adoption of cloud technology, and Italy the lowest. Both countries are more than ten per cent above or below the average.
Analytics processes – without the cloud
The trend is clear: the transition to the cloud seems inevitable. Nevertheless, in most of the countries surveyed, around a quarter of companies have not yet taken the plunge into the cloud in this area of business. What are the reasons for this? Naturally, the adoption of the cloud varies depending on the segment, size and maturity of the company. The traditional view is that fintechs, for example, are far better able to use cloud-based services more broadly and quickly, while larger banks must first overcome the challenges of migrating from legacy systems and decoupling complex infrastructures.
In this context, it is therefore very interesting to note that the main reasons cited by the decision-makers surveyed in our study for why their companies have not (yet) adopted the cloud are relatively evenly distributed across the entire spectrum of company sizes. We took a closer look at the five hurdles identified by decision-makers in the study.
1. Regulatory concerns
Many companies see security as a limiting factor when it comes to using the cloud for credit risk assessments: 47 per cent (see figure) of the international executives we surveyed believe that cloud-based services are not secure enough to meet all regulatory requirements. However, given the widespread use of the cloud in many business areas, this view apparently reflects a subjective attitude or can be traced back to a very specific business risk in the companies concerned.
However, cloud technology is already an integral part of risk management in corporate IT, similar to other technologies. And in addition to general data protection regulations such as the GDPR, there are therefore well-established regulatory guidelines for the use of the cloud for risk management, particularly in the financial services sector, including the EBA guidelines on outsourcing agreements. Understanding these guidelines is therefore an important step in addressing potential concerns about compliance with regulatory requirements. Reputable cloud services today are designed to meet regulatory requirements. This includes third-party validations and continuous updates to ensure compliance with these regulations. This reduces the effort required to continuously maintain regulatory compliance, as cloud providers adapt their services as needed.
Cloud providers are increasingly expanding their services to offer local facilities and to address concerns about the storage and transmission of sensitive data across territorial borders. For example, Amazon Web Services (AWS) has announced the introduction of a European sovereign cloud. This independent cloud infrastructure is located and operated within the EU, thus solving the data residency issue.
Another regulatory obstacle that has recently come under greater scrutiny concerns on-site audits and inspections. However, some cloud providers have also recognised that such audits are unavoidable in some jurisdictions and now offer eligible customers the option of conducting on-site inspections of their facilities through special audit programmes.
2. Level of control
Another reason, also mentioned by 47 per cent of the decision-makers surveyed, is concerns about the level of control when using cloud-based services. However, this concern can also be alleviated by understanding the shared responsibility model in the cloud. The key to this, however, is an informed decision about which cloud services to use. In the shared responsibility model of the cloud, control and responsibility are combined.
For example, companies seeking comprehensive control can opt for an Infrastructure-as-a-Service (IaaS) model that allows them to control both the use of computing resources and the operating system itself. However, this also requires that companies take full responsibility for managing these resources and the software running on them.
By contrast, the choice of a software-as-a-service (SaaS) model reduces control over the computing resources used, but also transfers operational responsibility for them to the cloud provider. Companies must therefore take a close look at the shared responsibility model and understand the respective conditions in order to carry out a suitable cost-benefit analysis and thus select a service model that best suits their needs.
3. Internal infrastructure policy
Obstacle number three for 44 percent of the executives surveyed is an organisational policy that requires all software to be operated on the internal infrastructure. Although there may be other reasons for this decision that we cannot go into here, another reason probably plays a role here: some companies may not fully understand the advantages and far-reaching effects that the introduction of cloud-based services could have for their business.
In addition to cost-effective scalability and the ability to scale as needed, the cloud can help companies break down data silos and improve the accuracy of their decision-making. As digital customer experience becomes an increasingly critical competitive advantage, companies that delay the move to the cloud in the credit risk environment risk falling behind in the long term. Already today, competitors who are consistently taking advantage of the cloud and AI are able to significantly improve their customer experience.
4. Concerns about the transition from on-premises to cloud
The fourth hurdle, cited by 42 per cent of the decision-makers surveyed, concerns concerns about the approach and timeframe for the transition from on-premises services to cloud-based applications. And of course, changes of this magnitude don’t happen overnight, but require careful planning and a step-by-step implementation.
However, the transition to the cloud has recently become much easier – especially when companies work with experienced partners. However, the long-term benefits that companies gain from the cloud make the transition more a matter of ‘when’ rather than ‘if’. If companies are aware of this, they can usually mobilise the necessary resources for such a change.
5. Security concerns
The fifth reason cited by 40 per cent of the executives surveyed as delaying the adoption of the cloud in their companies relates to security. They believe that cloud-based services are not yet secure enough to fully meet their companies’ internal security policies.
This view may have been justified in the past, but it is outdated: the physical and digital security offered by cloud providers today is on a completely different level. Organisations can now access the latest security features from their cloud providers faster and more cost-effectively than ever before.
There are no longer any arguments against the cloud
Many companies that deal with credit risks have made the switch from private to public clouds because of the advanced and often even industry-specific security features that cloud providers offer them today. They rely on the highest standards of data encryption with multiple layers of protection. They also have a choice when using external cloud providers for their credit risk management: they can either manage their security keys themselves or leave this to a specialised third-party provider if they wish.
Many of the concerns that decision-makers still have about using the cloud in this sensitive area of business can be significantly mitigated – especially in view of the great benefits of using the cloud. The reason is simple: cloud providers are judged by their customers precisely on the level of data protection and data security that they offer as standard. This means that companies in data-sensitive business areas can also engage with the cloud with confidence.
* The author Jochen Werne is CEO of Experian DACH. He was named one of the 50 most influential Germans in the Tyto PR Ranking 2020. A member of Chatham House and a former navigator in the German Navy, he is a passionate advocate of international diplomacy and has founded several NGOs. His efforts have been recognised by top international publications and earned him awards for promoting global understanding and environmental awareness.