subscribe to our newsletter
APRA's take on cloud computing 'nonsense'

APRA's take on cloud computing 'nonsense'

The prudential regulator's new approach to cloud computing has been labelled as "misguided" by one fintech firm.

APRA released an information paper titled Outsourcing Involving Shared Computer Services (Including Cloud) last week, which separates shared computing services into "low risk" and "heightened inherent risk".

Examples of low-risk services, according to APRA, are shared facilities with each entity's IT assets located on separate hardware and shared infrastructure hosting data that is either "low criticality", desensitised or publicly available.

Shared computing services with heightened inherent risk include those that have exposure to untrusted environments; the 'public cloud'; and arrangements where providers, the shared computing service or the specific usage has an "unproven track record", APRA said.

Finally, the disruption of shared computing services that host customers' information can have an "extreme impact", the regulator said.

But UK and Australia-based cloud-computing wealth management firm PractiFI took exception to APRA's approach.

"We lament, once again, the misguided nature of APRA’s approach to technology," PractiFI co-founder Adrian Johnstone said.

"The regulator seems to be stuck in a time warp, where globalised, multi-tenant technologies are forever trapped as new entrants."

For the most part, the information in APRA's new paper is "simple, uncontroversial stuff", Mr Johnstone said.

"Where it all breaks down, however, is with APRA’s assertion that IT risks are dramatically ramped up when using contemporary outsourced approaches. They just aren’t," he said.

Contrary to APRA's assertions, Mr Johnstone said software built by "global technology leaders with active clients in every major market in the world" is much less risky than software coded and tested "by hand" by developers locally.

"The best enterprise cloud solutions are more resilient and lower cost, both of which are massively in the best interests of members," he said.

"Understanding risk is a critical component of decision-making. But the inference that globalised, multi-tenant technology is inherently riskier than locally built and hosted systems is nonsense.

"Australia’s wealth industry leads the world in many respects, but it’s not immune to progress. The challenge for APRA is to make sure they don’t create unnecessary barriers to it staying there."

APRA's take on cloud computing 'nonsense'
mortgagebusiness logo

Latest News

Philip Lowe, the governor of the Reserve Bank of Australia, has said that he is “incredibly disappointed” and “appalled” at the beha...

The major bank has appointed a new chief information officer to replace Dave Curren, whose retirement has also been announced. ...

Borrowers paying lenders mortgage insurance should be offered more choice and ASIC should intervene to safeguard their interests, according ...

FROM THE WEB

podcast

LATEST PODCAST: Cash rate to remain unchanged, corporate cops for the banks and a new type of credit card

Do you expect access to credit to get harder this year?