There is a very good reason why traditional banking has not taken to SaaS in the same way as other sectors. It is not a lack of understanding. When, with the Economist Intelligence Unit, we
surveyed over 500 banking executives about SaaS in 2021, 72% said that incorporating cloud into their organisation’s products and services is a priority. From speaking with these executives every day, my strong hunch is that the percentage is much closer to 100 now.
Banking executives ‘get’ SaaS. They understand that the digital revolution has made consumers more demanding and that SaaS is the best way to give people and businesses banking on their terms. They understand the benefits of moving from a CAPEX to OPEX spending model. They know that cloud services make innovation and scalability easier. They’ve seen the data around productivity gains. They’d love to redeploy IT resources to core banking activities.
The big obstacle for banking executives is risk. More specifically, personal risk.
Nobody ever got in trouble for playing it safe; and in this case, playing it safe means sticking with the legacy core IT that has served the bank just fine for many years. Ripping out what you have is not to be undertaken lightly. Alongside decades worth of complex technical wiring and integrations that must be unravelled and reset, there is the data that must be preserved, and the business users who will need to learn a new system from scratch. We are not talking about a supporting system. Get an HR, procurement or communications software implementation wrong, and it’s inconvenient. Get it wrong with core banking, and it is catastrophic for potentially millions of customers. When it comes to migrating core banking software, you cannot roll with the punches and just apologise away unscheduled downtime.
Executives are not just thinking about their professional reputation. In many jurisdictions around the world, executives at banks and other financial institutions are personally liable, including financially, for taking decisions which cause the institution to fail or puts the organisation at unnecessary risk.
Forewarned is forearmed
That is likely to happen more. In Singapore, MAS has published new
guidance designed to strengthen the individual accountability of senior managers in banks and financial institutions. In Ireland the stricter accountability and liabilities rules for directors set out in the
Central Bank Individual Accountability Framework Bill 2022 has
57% of the country’s financial services sector worried.
In the UK, a 2019 UK Parliamentary report into IT failures in the financial services sector
wrote: “Holding individuals and firms to account when IT failures happen is essential, not only to prevent individuals making the same mistakes again, but also to focus the attention of senior management on the risk of incidents and incident management.”
The EU is on the same war footing. When passed into law, DORA (Digital Operational Resilience Act) will mandate that financial organisations ensure the resilience of all the technologies in their stack. From the jurisdiction that brought us GDPR, where company directors can be held personally accountable for data breaches or data protection failures, it is a reasonably short hop to predict that DORA may evolve to also include liability for individuals.
The unstoppable force
But the impetus to adopt SaaS banking services has become too strong for any executive to stand still. Any doubts are quickly abandoned by looking at the rise of SaaS-native banks.
Take Flowe, a new digital-only bank designed to attract younger customers. Within six months of launching it had registered 600,000 customers. Or Varo Bank, which by operating at 75% lower cost than incumbent banks was able to win four million new accounts in its first 13 months. The challenger bank market is expected to be worth $471bn by 2027; and it’s being fueled by SaaS.
These stories don’t just serve as further motivation for tier one banks to jump on board the SaaS train; they also inject confidence that doing so works.
Yet such case studies are not the critical mass that makes a full on move to SaaS a no-brainer. Banks like Flowe and Varo are born in the cloud. There was no legacy tech to unwind, no customer data to migrate, no reputation to lose. Nor is their scale in the same ballpark as a global bank. The risk is not comparable.
Tier one banking executives needing to build a business case for SaaS should instead look within. Most big banks will have a SaaS deployment running somewhere, perhaps a distinct business division like offshore banking, payments, or microloans. Emerging opportunities like crypto trading and accounts can be further used as a test bed for SaaS. At arm’s length, the risk is a fraction of what it would be at the core. It is the perfect ‘try before you buy’ scenario.
The currency of trust
So what should executives be ‘trying’ exactly? It is tempting to judge a SaaS vendor solely by its software. But this is increasingly hard to do. Security, latency and even functionality have become basic standards. Compliance and global scalability offers more scope for the best banking SaaS providers to rise to the top. The breadth and depth of individual capabilities a single vendor can supply, and the ease with which the bank can access and integrate these, is another valid criteria.
But product excellence and regulatory satisfaction matters little to a banking executive without also trust in their SaaS partner. And it is this trust, I’d argue, that is really the last obstacle to core banking SaaS going mainstream. The invoice receipt may list technological solutions, but trust is the currency that the best SaaS providers trade in. They understand that ‘service’ is a 24/7 commitment. They understand that ‘service’ is not merely a state of reaction, but about proactively bringing opportunities to the table as if the bank were your own business. They understand that ‘service’ is not just what you provide to the client today, but also the investments you make to ensure that service is maintained in the future. They understand that ‘service’ is not just about empowering a bank’s customers, but about protecting their data too. They know that without the service, it doesn’t matter how good the software is. Banking executives won’t trust you, and so the risk to them will be too great. It is trust that turns a brilliant product into a world-class service.
And trust is rightly hard to earn. History matters. When Mirabaud, a 200 year old private investment bank decided to replace its legacy systems with SaaS, they came to us first. Why? Because we’ve been around for almost 30 years, during which we have learned how to build industry-leading products that are used by thousands of banks around the world. Key to this scale has been the ability to continually navigate regulations across every jurisdiction, from Finma in Switzerland to MAS in Singapore.
Mirabaud has adopted the complete suite of SaaS wealth banking capabilities, from self-service channels and portfolio management to back-office functions like financial crime mitigation and data analysis. Yes, it has invested in world-class software; but as its CEO Camille Vial told us, it has also invested in “a partner that truly understands global banking.” Mirabaud is a business that owes its reputation to providing clients with discreet, intimate and trusted advice. It’s a pretty decent judge of what providing a good service involves.
Often we think about software in purely mechanical terms; technical wizardry, data flows, integrations and interfaces. Vendors probably do this more than customers, incorrectly thinking that is all their customers care about. In truth, buying any mission critical piece of technology is also deeply personal, because the consequences are felt personally. Vendors that underestimate the value that banking executives place on a trusted and lasting service can expect to get left behind in the big banking SaaS bang.