CBA gives itself at least five years to move into public cloud

The Commonwealth Bank is giving itself at least five years to migrate over 95 percent of its workloads to public cloud.

The bank put a timeframe on the mass migration effort in its full-year results announcement, and also appeared to solidify the end goal that CEO Matt Comyn laid out back in February.

In a slide deck [pdf], it set a goal of “>95 percent of compute in public cloud over 5-7 years”; Comyn’s earlier commentary had suggested “about” 95 percent, though the bank’s statement today appears to commit to that proportion as a minimum.

The time frame for the project is also new, and it is unclear at the time of publication how the bank plans to divide up the work, which looks set to finish sometime between 2025 and 2027.

Today’s results announcement also suggests the bank will present its future IT environment internally as a platform-as-a-service (PaaS) - essentially a platform that has all the elements needed to build apps.

A similar model is used by other ‘Big 4’ banks in their own cloud journeys, such as Westpac.

CBA also said it would seek to build on its technology capabilities in partnership with “global technology leaders”, and through an “Academy for Career Excellence”, though no further information was immediately available on either.

Unsurprisingly, the bank’s digital channels continued to excel during COVID, with CBA adding large numbers of subscribers over the course of the financial year.

CBA said it gained 400,000 digitally active customers in the 12 months to June 30, for a total of 7.4 million. 

CommBank App customers are up 500,000 in the year to “eclipse” 6.1 million, and they are “transacting more than $1.2 billion every single day”, the bank said.

Overall, CBA booked a cash net profit of $7.3 billion for the full year, which was down 11.3 percent on the prior year.

New risk data quality issues emerge

In addition to its full-year results, CBA also released two progress reports on the risk and governance uplift it is pursuing following a critical review by an Australian Prudential Regulation Authority (APRA)-appointed panel.

The review, handed down in May 2018, concluded that the bank’s “continued financial success dulled [its] senses” to risk, leading to incidents like its alleged breaches of anti-money laundering laws.

The latest progress report [pdf] says “data quality” has emerged as a “key risk” to CBA’s remedial action plan or RAP.

IBM-owned Promontory Australia, which is preparing the progress reports, said it had encountered “inconsistent, incomplete or inaccurate datasets” in its work, which it said “could ultimately affect the quality of non-financial risk reporting across multiple areas targeted for uplift through the RAP”.

CBA has flagged further upgrades to RiskInSite, which is what it calls its implementation of IBM OpenPages, a system used to manage and report on its operational risk business processes.

This extra work would “clearly highlight instances where data is inconsistent or inaccurate”.

However, Promontory said the new work “could take focus away from other work to uplift data quality required to deliver key RAP recommendations”.