Compliance Imperatives for Moving to Public Cloud

Jul 19th '22

For many financial services firms, the path toward the cloud began long before the global pandemic, typically driven by a combination of two forces:


  1. The demands of the business to stay competitive, requiring that firms consistently add new offerings, appeal to a new generation of first-time clients, and capitalize on broadening geographic markets
  2. Technology modernization, as firms with legacy on-premise technologies are not equipped to address the collaborative, multi-modal data types that are now integral to business communication


Get your free copy of The Cost of Doing Nothing: Public Cloud.


The heavily regulated financial services industry has made big strides in the shift to digital. However, around 70% of financial organizations say their cloud projects are still in the initial “trial and testing” phase.


What’s holding firms back from fully transitioning to cloud-based services? And why is it more important than ever for compliance teams to embrace cloud-centric solutions?


5 obstacles to change

We have discussed this conundrum with compliance practitioners, strategic partners — including AWS — and within Financial Industry Regulatory Authority (FINRA) and SIFMA industry forums. The most common barriers and challenges being expressed include the following.


  1. Perception of data security in the cloud

At the recent FINRA Cloud Computing Conference, attendees shared their concerns on moving to the cloud:


Image: Smarsh


The survey indicated several areas of concern, including the possibility that a concentrated market of cloud storage providers creates clear targets for large scale cyber attacks, and that moving data to, from, and (potentially) among cloud providers may increase the risk of data loss.


  1. Operational resistance to change

This element combines common responses, including:


  • “That’s not how we do it.”
  • “It’ll take too long to retrain our compliance tech staff.”
  • “I prefer to see our data.”


This kind of resistance is understandable in the financial services industry. But it does not take into account how long existing processes can be sustained. Increasing data volumes and the increased energy it takes for compliance staff to supervise messages or investigate false positives is incredibly resource intensive.


It also ignores the chance of financial, legal and brand damage due to compliance mishaps that could have been avoided with more efficient, modern technologies.


  1. Compliance application resilience

In this context, resilience is not just the unavailability of compliance applications due to a possible cloud service disruption. It’s also the risk that compliance workflows can be impacted by cloud performance issues, which could slow data ingestion, search and retrieval, or export of data required for time-sensitive compliance tasks.


Considering that many firms lack production-level experience in this area, it might also fall into the “fear of the unknown” category, versus known processes to restore systems or provision additional storage or processing power of on-premise compliance technology (as expensive and disruptive as those are known to be).


  1. Inadequate compliance controls

On-premise compliance applications have decades of development baked into a firm’s infrastructure and workflows. Most likely, features and access controls were designed to operate in proximity to messaging and directory infrastructures. Firms that follow this approach may believe that their custom-built compliance controls can’t be matched by cloud technology.


In reality, this prevents organizations from accommodating evolving regulations, technology and practices. Each change requires a stop-gap and solving for the immediate issue without consideration of future growth and challenges. This commonly results in bloated compliance controls that require customized maintenance and training while being sluggish in the face of change.


Cloud-based compliance controls are often developed in conjunction with messaging vendors. There won’t be a need to customize connectors for a specific firm’s infrastructure. Problems and incidents will become far less common and maintaining and supporting solutions much less costly.


  1. Economic justification

Moving to the public cloud has a future cost saving component and a huge reduction in capital investment. But at the same time, it means jettisoning an infrastructure that may have years of useful life remaining. It also means running the two systems in parallel for a period, which can elevate costs and require investment at least in the short run.


The cloud-based digital transformation is well underway, and it’s a matter of time before it dominates the landscape. While the importance of cost reduction, flexibility and security can’t be overstated, its real power is that it makes infrastructure into a competitive advantage for the firm, making an overhead cost center into a marketing tool.


Because of this, firms are revisiting the earlier assumption that moving to the cloud is an unnecessary cost. As a result, more firms are adjusting migration strategies to fit within financial projections and looking at business benefits more holistically to justify the move.


Moving past the challenges

In our recent guide — “The Cost of Doing Nothing: Public Cloud” — we explore these common obstacles further. We discuss why reality runs counter to these arguments, how to move forward, and — most importantly — why maintaining the status quo (i.e., “doing nothing”) may be the greatest cost of all.


You’ll also learn why and how cloud-based compliance applications address:


  • The ever-growing set of communications and content types (chat, text, social, voice, etc.) that regulated users need to engage with clients
  • How to keep up with the increasing volume of communications data by adopting artificial intelligence and machine learning to augment supervision processes
  • The legal and privacy needs of global organizations operating across jurisdictions


FEATURED GUIDE – The Cost of Doing Nothing: Public Cloud – Get the Free Guide


Source: Smarsh


Related: Legal Imperatives for Moving to Public Cloud


About Smarsh

Smarsh® is the recognized global leader in electronic communications archiving solutions for regulated organizations. Smarsh provides innovative capture, archiving, e-discovery, and supervision solutions across the industry’s widest breadth of communication channels.


Scalable for organizations of all sizes, the Smarsh platform provides customers with compliance built on confidence. It enables them to strategically future-proof as new communication channels are adopted, and to realize more insight and value from the data in their archive. Customers strengthen their compliance and e-discovery initiatives and benefit from the productive use of email, social media, mobile/text messaging, instant messaging and collaboration, web, and voice channels.


Smarsh serves a global client base that spans the top banks in North America and Europe, along with leading brokerage firms, insurers, and registered investment advisors. Smarsh also enables state and local government agencies to meet their public records and e-discovery requirements. For more information, visit


About us

LS Consultancy are experts in Marketing and Compliance, and work with a range of firms to assist with improving their documents, processes and systems to mitigate any risk.


We provide a cost-effective and timely bespoke copy advice and copy development services to make sure all your advertising and campaigns are compliant, clear and suitable for their purpose.


Our range of innovative solutions can be tailored to suit your unique requirements, no matter whether you’re currently working from home, or are continuing to go into the office. Our services can be deployed individually or combined to form a broader solution to release your energies and focus on your clients.


Contact us today for a chat or send us an email to find out how we can support you in meeting your current and future challenges with confidence.


Explore our full range today.


Contact us


Why Not Download our FREE Brochures! Click here.


Call Us Today on 020 8087 2377 or send us an email.


Need A Regulatory Marketing Compliance Consultant? A Bit More About Us


We welcome individual bloggers / Professional Writers / Freelancers to submit high quality contents. Find out more…


You can see our Google reviews here.


Contact us