Visual of cloud-based SaaS risk management selection.

Cloud-based computing fraud solutions promise to fundamentally change the way banks, FinTechs, and other players in the banking industry conduct business. For many banks and FIs, these solutions are central to their digital transformations. However, it’s worth noting that not all cloud-based fraud solutions are created and developed equally. Like actual clouds in the sky, different cloud solutions are unique and offer different benefits and performances depending on the provider.

Risk management solutions are critical applications for any financial institution (FI), They’re also one of the most complex systems to operate due to the sheer size of data, the evolution of financial crime, and the complexity of the modern systems that can efficiently help FIs fight crime in a secure and timely manner.  

Cloud-based risk management solutions can remove the core complexity of managing these systems by delivering a significantly faster time to value. But do you lose control, data security, and speed by running the software side by side with core systems? This article covers some of the key aspects to consider when choosing between the SaaS model and running the software behind firewalls. 

SaaS is ready to use

FIs understand better than most organizations the importance of seeing a return on an investment. In a SaaS cloud-based model, on day one the system is available as a fully working product that is secure and reliable, avoiding months of setup, configuration, tuning, and certification.

Feedzai data shows that cloud-based fraud solutions require roughly one-third of the effort to be the system of record in production than on-premise hosted alternatives. This means that FIs can be live in two to three months, which compares favorably to the six to nine months that a typical hosted solution needs. 

Cloud-based risk management solutions realize faster ROI

FIs can also realize a return on their investments at a much faster pace and start to capitalize on their ROI. This translates into a much stronger time to value – 2.7 times greater in some cases according to our data. FIs can quickly get assurances their capital expenditures will prove cost-effective as they innovate with cloud computing services as part of their core banking infrastructure.

Cloud doesn’t require a stiff learning curve

Replacing a critical system always involves risk and can be intimidating for both the risk managers as well as the people who must guarantee the new system is reliable and performant. In a cloud-based SaaS model, you get the guarantee of the provider by service level agreements (SLA) that are supported and guaranteed by a team of engineers that specialize in operating that particular system. 

For the Financial Institution, one of the main challenges is getting all teams and/or vendors aligned so that the actual objective of the business is met: fighting financial crime. In a cloud-based SaaS model, the focus is centered on the main goals by:

  • Discussing the strategy to fight financial crime as opposed to discussing how to build environments, get hardware, configuration, and an endless checklist of requirements.
  • Centering your attention on a single vendor who will simplify all the onboarding because they’ve done it for dozens or hundreds of FIs. This means you won’t have to coordinate and communicate with multiple IT teams, Operations, and Security to get the new system running. having a guarantee of the best return on investment that a software tool can give to the business. Feedzai data shows that cloud-based SaaS solutions have up to one order of magnitude better service availability and performance than hosted ones.
  • Leveraging, if needed, the vendor’s data science teams that don’t require extra screening and onboarding and can deliver results in less than half of the time when compared to working with client-hosted infrastructure.

Data scientists prefer cloud-based risk management systems

For the data science teams, it’s all about being able to have good data and a powerful platform that enables better outcomes. Dealing with very large volumes of data is challenging and becomes even more complicated when the data is sensitive and engineers can’t easily support data scientists. 

  • With a cloud-based SaaS solution, not only is the elasticity of the cloud present, but the system can be tuned to adjust and scale, leading to more resources available to the data scientists.
  • Support teams can quickly aid data scientists, which results in five times faster resolution times.
  • Data is available faster due to the automation of processes required to operate at scale as opposed to long cycles of extract, transfer, load (ETL) to move data between environments. 

Cloud-based SaaS solutions increase operational efficiency

A cloud-based SaaS solution allows FIs to operate more efficiently and save resources they would otherwise have to expend on training teams and building infrastructure for a highly specialized system as well as investing in its own maintenance.

Think about how email has changed over the years. Previously,  an organization had to physically host email servers locally on-site. IT teams had to be trained to understand the technology and teach other staff members how to use it correctly. Fast forward to today and most email services are now cloud-based, freeing up IT staff to focus on other priorities. What’s more, the maintenance of cloud-based email services happens in the background by the solution provider’s team.

Cloud is secure and safe

Gartner predicted that through 2020, public cloud workloads will suffer at least 60% fewer security incidents than those in traditional data centers. 

Besides all the standard certifications such as PCI-DSS Level 2, SOC2 Type2, ISO27001, and compliance with data privacy standards as GDPR or CCPA, a cloud-based SaaS vendor that works with large FIs will be subject to scrutiny and tests from the security teams of most of those FIs. The security of the service will be the combined outcome of the effort of all these teams.

There are pervasive security myths about a cloud-based SaaS provider, that our experience debunks. Some of these are:

  • “If it is in the cloud, it is accessible to everyone, thus more vulnerable.” Even if these systems live in the cloud, they can be only available through VPNs or dedicated private connections. 
  • “Internal teams will ensure that the systems stay secure.” Feedzai’s data shows that security patches can take weeks or months to be deployed in client-hosted environments as opposed to days in cloud-based environments operated by Feedzai.
  • “Within firewalls, we can control the data.” SaaS vendors can offer solutions that allow FIs to continue to hold the “keys to the kingdom,” such as encrypting all data with keys provided by the customer. 

In summary, a security team working with a SaaS vendor that is highly trained to leverage public cloud capabilities and focus on a single application can significantly outperform a team that needs to guarantee the security of hundreds or thousands of applications. 

Considerations for SaaS vs. Self-Hosted Applications

Hosting an application, whether it is in traditional on-prem data centers or in a public cloud can be challenging. This is especially true if the IT teams haven’t mastered the technology. However, there are several factors to consider when choosing between self-hosted and SaaS:

  • How complex is the architecture of the system?
  • How long will it take to get the system live?
    • What are the SLAs needed for the business? 
  • Do the internal teams understand what those mean in their specific system? 
  • How frequently does your vendor release updates? 
    • What’s the cost of updating the system?
  • What’s the vendor’s experience with SaaS service?
  • How open is the vendor when talking about the SaaS service?
  • How much data isolation/segregation does the vendor provide?
  • How much visibility does the vendor provide about the system?

The benefits of cloud-based solutions 

It’s not that there’s something wrong with self-hosted solutions. But there are advantages that cloud-based SaaS solutions provide that self-hosted ones can’t match. Also, when competing with native digital businesses that leverage SaaS products to enable their speed, it’s imperative that established FIs leverage the same tools to stay relevant and competitive. 

At the end of the day, by consuming software in a SaaS model, financial institutions should realize the following benefits:

  • Demonstrate a higher return on their investment
  • Yield strong time to value
  • Require little activation time
  • Provide better service
  • Focus their teams on the business instead of the system

Once cloud-based SaaS solutions are deployed, FIs can quickly get to work stopping bad actors and can identify how scams are perpetuated. But not all SaaS solutions are alike. It’s important for banks to understand what they should expect from a cloud-based fraud solution and set realistic expectations of how the solutions will change the way they address financial crime.

Trust is the most important currency a bank has. Download the report Utilising AI to Prevent Financial Crime to learn how to prepare for fraud in the age of open banking and faster payments.