While the software-as-a-service (SaaS) or cloud delivery model has been accepted for consumer applications for some time, it has not been widely adopted in financial services.
For the uninitiated, I believe SaaS offers an array of benefits, such as:
- SaaS provides superior economics. The total cost of ownership is usually significantly lower than any other delivery model.
- SaaS applications provide immediate value. They are generally much faster to roll out than on-premises tools or internally built applications. SaaS applications eliminate the need to procure, install, test, and plan for the backup, recovery, and maintenance of hardware. These are significant costs to expend for machines that rapidly depreciate and whose functional life is rather short. I often use the analogy of owning a car. A traditional delivery model is like buying a car in cash, but with the added constraint that you might not get to use it for a couple of years (on-premises installations are often that long). With SaaS, it’s like having a long-term car rental that takes care of all maintenance and repairs and lets you trade up to a newer model as soon as it comes out. Pretty cool. But what’s better is the price of the lease actually goes down as well.
- SaaS applications evolve constantly. The software constantly improves and the customer is always on the latest version of the software with minimal to zero investment. Since the upgrades require minimal investment from the customer the vendor can actually move faster and respond to market needs. Contrast this to traditional software lifecycle management, where upgrading software to obtain new functionality is painful and expensive. Most enterprises cannot take functionality faster than a two-year cycle and hence software vendors release functionality every couple of years. Given the pace of change many banks face, this is often unacceptably long, necessitating expensive buildarounds.
- SaaS applications have extremely high resiliency and availability. SaaS applications are designed to never fail. “Never” is a slight exaggeration of course, but with duplicate hardware and network capability for all critical areas and no single point of failure the risk of an application being down is very low, many times lower than other delivery models. This is an inherent advantage of a SaaS application -- designing and building these sophisticated systems requires significant investment in both time and capital. Enterprises can greatly benefit by piggy backing on investments made by SaaS vendors on a pooled infrastructure.
- SaaS applications scale massively. SaaS based systems are designed from scratch to be highly scalable, since the infrastructure and software needs to serve multiple customers at once. A cloud-based infrastructure taps into large number of servers and instances on the back end that can be increased or decreased as necessary to match demand, without requiring additional re-architecting of the application.
So why hasn't SaaS been more widely adopted in financial services? There are several real concerns that have hindered a broad adoption of SaaS applications in the financial services space.
Financial institutions also need to ensure that their specific non-functional needs are being met by their vendors. They must ensure that they manage, secure, audit, and control all information flows and they do so in a manner that ensures they can easily evidence that they comply with the plethora of regulations imposed on them. This is an undoubtedly important concern, and has not been satisfactorily addressed with the first iteration of general purpose SaaS solutions. Up until recently, these non-functional needs have only been addressed adequately via on-premise applications (either internally built or vendor installs) or the Application Service Provider (ASP) delivery model. The ASP delivery model, often called “hosting,” is very common in financial services -- many institutions run their core systems this way. Institutions are comfortable defining their corporate firewall to include these application providers and these vendors have spent the time, often at significant expense, to integrate their toolsets within the control and operating environment of the financial institution.
SaaS has evolved -- the next generation of SaaS is commonly termed “Vertical SaaS” -- vendors that understand both the functional and non-functional needs of their customers and tailor their solutions to problems and needs that are sector specific. Vertical SaaS applications are architected to offer the same level of control, integration, transparency, and security as ASP applications and can live within an institution’s firewall.
The great advance of vertical SaaS is that its providers build products by combining strengths of the long established ASP delivery model that addresses industry specific concerns along with significant benefits of a SaaS model. Thus, like the “hybrid cloud” that uses the best of both worlds in terms of security and compliance but with cost benefits, vertical SaaS applications leverage the security of internally built or ASP applications but also take advantage of the vastly superior economics of the SaaS delivery model.
Vertical SaaS providers to the financial services industry extend the SaaS delivery model to address industry concerns by:
- Providing real integration with the operating and control environment of the financial institution, ensuring that the customer’s control environment and the enterprise infrastructure they already have in place can seamlessly integrate within the vendor solution. This requires having an open solution that ensures that existing enterprise investments in areas such as governance, identity and access management can be fully leveraged across their SaaS portfolio of applications in a manner substantively similar to what they have in place for other in-house or ASP applications.
- Understanding the financial institution’s data governance procedures and policies and including appropriate capabilities in their applications to comply with these policies and evidence compliance.
- Understanding specific privacy needs and implementing proper data segregation controls that can be evidenced in a manner that makes it easy to support known regulatory requirements and audits. For example, understanding regulations around personally identifiable information (PII), and ensuring that the applications supports the regulation and also makes it easy and transparent for the financial institution to verify this support.
- Ensuring that the operating procedures and infrastructure of the SaaS vendor are transparent, audited by an independent third party and comply with the stringent requirements of a financial institution.
- Fully understanding the need to fit into, invest, and participate in the defined control and internal audit processes that a financial institution will have in place.
- Providing real functional and non-functional Service Level Agreements (SLAs) rather than the more generic uptimes common with general SaaS applications.
We are finally getting to a point where SaaS solution providers are making the investments needed to address the more stringent non-functional needs of customers within this space. With the introduction of these vertical SaaS providers, the barriers to adoption are falling allowing financial institutions to benefit from the huge advantages offered by cloud solutions in the industry’s ongoing drive to do things better, faster, and cheaper.
John Lankenau is the head of valuation and accounting product solutions at Primatics Financial. He has extensive consulting and financial services industry experience, with an emphasis on complex loan systems integrating risk and finance. Mr. Lankenau is a notable thought ... View Full Bio