As a technologist, I aim to communicate with precision and avoid sweeping generalizations. As such, it drives me crazy that the same people who just a few years ago were saying that nobody will move mission-critical data to the cloud because of security concerns are today saying financial firms are racing into the cloud as quickly as their little bank legs will carry them.

As with almost all things, truth is rarely black and white; it’s usually found somewhere in the shades of grey. With every year that goes by more applications are delivered through and running in the cloud for lower cost and faster time to market, but there are some specific applications that the capital markets firms I work with won’t be moving any time soon.

Consider the following diagram:

A data distribution diagram showing three categories: latency mission critical, privacy mission critical, public cloud friendly

Here are examples of three categories of applications mapped against three criteria that make the point. Let’s look at the x-axis in detail.

The cloud still sucks for latency

For applications where low latency or consistent latency is truly mission-critical, investment banks continue to run their applications on bare metal in a datacenter with full control over their network latency. Low-latency trading needs to be colocated in the venues’ datacenters. And even for pre- and post-processing, wherever latency sensitivity exists, cloud doesn’t cut it. Cloud computing simply has too many abstractions and virtualization layers in its compute and network operations. It’s difficult to get cloud latencies down to tens of milliseconds, and the most aggressive algo trading platforms have requirements in micro and nanoseconds.

So applications focused around trading (algos, hft, direct feeds, risk and analytics) are all still in the datacenter or colo facilities, and very likely to stay there—unless the venues start moving to the cloud, which would be a massive shift in our world.

Banks are getting comfortable with cloud security… but not “all the way” comfortable

There is some data that banks consider crown jewels, or that regulators have decided isn’t safe to store in the cloud. For example, trading portfolio data is the key to a firm’s opportunity for alpha, the profits from which can dwarf any savings promised by the cloud. A bank, hedge fund or prop trader’s algos and trading strategies are its most closely held secrets. These companies go to great lengths to disguise their buying fingerprints within the various exchanges and dark pools to keep their secrets, because nearly every bank is using data forensics to try to reverse engineer every other banks’ strategy. Then there’s the matter of trusting that Amazon or Google isn’t watching what you’re doing. Financial services folks tend to be a paranoid bunch, and they sleep better at night knowing this data is not out in the wild.

For everything else, it’s “to the cloud baby!”

Everything else is already in the cloud, on its way, or will be in the foreseeable future. For decades, financial firms have relied on information services like Bloomberg and Reuters for market and reference data. They still do, but instead of using leased lines to these services, they’re using the web and public clouds. Fintech SaaS is rising in prominence, and of course front-office customer service tools like Salesforce pepper the landscape. Is there more valuable and sensitive data than your customer data? Just about every company has allowed that to be in the cloud for going on two decades.

Services like retail brokerages and single dealer platforms are already accessible via the internet; is the security profile that much different if they’re also hosted there? Likewise, clearing and settlements are well-worn processes for exchanging data externally that have already been narrowed to just the essential information sharing to minimize exposure.

Beyond that, nearly everything currently in a bank’s datacenter—where latency and data privacy are not paramount—can be run cheaper and better in the cloud. And the computing that is actually on those critical latency and privacy paths is small compared to all the rest of computing in these firms. Plus, there are emerging cloud-first tools powered by AI and machine learning engines with massive-scale that are streaming data analytics, and they may never reach the datacenter. Access to these next-gen technologies within AWS, GCP or Azure is further seducing banks to build their apps in the cloud.

So just like you are likely hearing that everyone is watching Game of Thrones this month and that nobody uses Facebook anymore, my engineering mind will keep looking for the truth, which is that about 5% of the US (17.4 million viewers) watched John Snow’s return, and 20% of the world’s population (1.52 billion people) still log into Facebook every day. Remember to be wary of those same kinds of absolutes when you read about the cloud and capital markets.

Ken Overton

As a former systems engineer with Solace, Ken's work as developer and architect ran the gamut of financial applications from pricing and analytics to high-frequency trading, for small prop trading desks and some of the highest profile SDP's. He was considered a subject matter expert in trading systems architecture, complex event processing, service-oriented architecture, and event-driven architecture.

PubSub+ powers the financial services industry.

It’s used by 6 out of the 10 world’s biggest investment banks and 3 out of the top 6 FX trading banks.

Learn more