Global banking forecast? Plenty of cloud. Protiviti MDs on accelerating banking transformation

In brief

  • By 2025, core banking workload deployment on cloud is expected to be 14% of total IT spend.
  • Banks are grappling with outdated applications; data is siloed and trapped within legacy systems and not accessible for customer insights and tailored experiences and services.
  • Regulatory changes in Australia, the UK and U.S., in GDPR and APRA standards for data privacy and operational resiliency, are also impacting the financial sector and can be directly mitigated with the security, resilience and scalability of cloud technologies

Protiviti Managing Directors David Kissane, Global Leader of Enterprise Cloud, and Alex Setchin with Enterprise Cloud in Australia, sat down with Joe Kornik, Editor-in-Chief of VISION by Protiviti, to discuss some of the trends and investment priorities they are seeing in the financial services industry, including insights from Gartner’s Future of Cloud Computing in 2027: From Technology to Business Innovation. Kissane and Setchin also share some of the ways Protiviti is helping business leaders strategically address banking transformation and digitalisation with cloud technologies. 

Kornik: What global trends are you seeing right now across the landscape of financial institutions?

Kissane: Globally, financial institutions are actively transforming and moving mission-critical workloads to cloud, and legacy technology spend is declining dramatically year over year, with a 47% decline expected in 2023, according to Gartner. These numbers don’t surprise me, and I can confirm we are seeing this across Australia, Asia-Pacific and the U.S. regions. IT leaders are actively migrating workloads off legacy infrastructure, while some also are in the process of modernising mission-critical workloads on cloud-native platforms for improved resiliency, reliability and scalability.

Kornik: And what do you think is driving this change?

Kissane: We can see a broader trend of an accelerated pace of core banking and mission-critical application migration and transformation. Again, according to Gartner, by 2025 cloud deployment of core banking workloads is expected to account for 14% of the total IT spend. There are multiple contributing factors here. First, the long tail of legacy applications and data is continuing to accumulate and requires attention. Second, IT spending on data centres is decreasing dramatically year over year as financial institutions actively exit capital expenditure-heavy and self-managed data centre facilities and migrate workloads to the private and public cloud.

This, of course, has a positive impact on mission-critical application resiliency, availability and scalability and unlocks capacity for the business and IT teams to focus on strategic initiatives that drive value for the business. Currently, a majority of the migrated workloads are non-mission-critical, but I see mission-critical applications accelerating in the coming years. Furthermore, many of the financial institutions in advanced stages of cloud migration and are launching modernisation initiatives to drive further cost efficiencies, simplification and digitalisation of customer and back-office processes on cloud native-solutions and SaaS platforms.

Legacy technology spend is declining dramatically year over year, with a 47% decline expected in 2023, according to Gartner.

Kornik: The complexity of the operating environment of financial institutions is arguably greater today, with ongoing regulatory changes both a complicating factor and a reflection of this growing complexity. How do you see these changes mitigated by cloud adoption and transformation by financial institutions globally?

Setchin: The regulatory landscape is top of mind for financial institutions, and it is shaped by several macro factors such as economic environment instability, rising customer expectations, digitalisation of financial assets, ESG mandates, financial crime, operational resiliency and strategic agility. Globally, regulators and policymakers prescribe how financial institutions engage with cloud service providers through robust outsourcing arrangements, governance and operating models. There is some emphasis on having effective multi-cloud models and exit strategies for transitioning major infrastructure and cloud services between vendors.

Cloud concentration and lock-in and third-party IT risks are also some of the key regulatory callouts in terms of principles and guidelines. Operational and cloud resilience is another priority for financial institutions and underscores the need for resilience controls and response mechanisms to outages from external factors such as cyberattacks. Financial institutions need to engage continuously and proactively with their regulators and policymakers, to be at the forefront of emerging regulatory frameworks globally as they enable their business agility and risk mitigation with cloud platforms and services.

Kornik: Finally, how do you see financial institutions approaching cloud transformation and digitalisation? Any advice for business leaders?

Setchin: Cloud should be a strategic enabler of business change and digitalisation and can help increase the speed to market, resiliency and scalability for financial institutions. There are seven strategic pieces of advice I’d share when it comes to cloud transformation and adoption by financial institutions:

  • Set a clear vision and strategy for the cloud transformation with a focus on business outcomes enabling business objectives. Communicate the cloud transformation vision to all business and technology stakeholders and link transformation drivers back to customer outcomes.
  • Be clear on the process- and people-change impacts and how business and technology teams will effectively communicate all changes.
  • Set the right governance structure for the transformation with business, technology and customer stakeholder representation.
  • Transform the technology landscape with cloud technologies so it’s sustainable for the future. The underlying cloud platform, systems, integration and data need to be simplified to reap the benefits.
  • Define a delivery model that leverages internal expertise and, if needed, external technology expertise to ensure transformation outcomes are achieved. Set realistic targets.
  • Execute on the transformation plan and deliver to all process and people change objectives, ensuring proper transitioning, knowledge transfer and upskilling of business and technology teams at the end of the program.
  • Track benefit realisation every step of the way, being sure to quantify even incremental benefits.

For more insights on the Future of Money, please visit:

Cloud concentration and lock-in and third-party it risks are some of the key regulatory callouts in terms of principles and guidelines.


Michael Pang
Michael is a managing director with over 20 years’ experience. He is the IT consulting practice leader for Protiviti Hong Kong and Mainland China. His experience covers cybersecurity, data privacy protection, IT strategy, IT organisation transformation, IT risk, post ...
Franklin Yeung
Franklin is a director with over 22 years’ experience in IT consulting, audit, and system implementation. He has experience in assisting organisations with IT/IS security, strategy, governance, risk management, internal controls, business continuity management, system ...