CBA vows 95 percent public cloud as it culls 25 percent of apps

The Commonwealth Bank of Australia will embark on its biggest infrastructure and enterprise software renewal in around five years, stating it will now seek to move its current public cloud base of around 25 percent to a whopping 95 percent as the bank tightens the screws on operating costs.

The move, revealed by chief executive Matt Comyn during the CBA’s interim results on Wednesday, aims to catapult the bank’s current public cloud base of just 25 percent to almost total public cloud as it seeks to retain digital dominance of the local financial sector.

At the same time, Comyn indicated that the CBA will seek to cull around 875 applications from bank’s current portfolio of 3000 - around 25 percent - as Australia’s largest institution continues to integrate and consolidate disparate systems and offload non-core business under its ‘Simpler Bank’ model.

There are now around 5000 staff working on technology projects, CBA estimates.

The revelation of the new public cloud target comes just days after Comyn very publicly buddied-up to Microsoft during the launch of the bank’s wholly-owned X15 Venture start-up ‘builder’ play, with a pre-made video of Comyn and Microsoft CEO Satya Nadella appearing instantly after the launch.

Comyn said while the CBA needed “the best [people] internally” it also wanted to “work with the best partners, both domestically and internationally”.

Despite being an earlier adopter of public cloud under former chief information officer Michael Harte, it is known that views over the relative value of public cloud, especially for core applications versus build-your-own diverged, especially around AWS’ offerings.

What’s changed since then has been the launch-in-anger of Azure in Australia, and particularly its pitch towards critical infrastructure and government, that has seen it gain accreditation at ‘protected’ level under ASD’s cloud certification schedule.

While the move to shift CBA’s remaining 70 percent of compute onto public cloud will be a bonanza for local cloud players, there is an obvious question as to how much additional value can be derived by the bank by pushing down application costs, especially around productivity apps like Office.

Not to mention the red carpet treatment the CBA would get from a post-Ballmer Microsoft that is now selling its own reinvention DNA as part of its pitch to customers.

Departing from the well-worn consumer technology spiel about the importance of the CBA’s customer experience and digital execution, Comyn on Wednesday dug under the glass to emphasize it was the ten years of work building CBA’s new real-time stack that was now paying off.

“Yes, digital is an incredibly important part of it but actually, our ambitions are really making sure that we have a modernised real time and very resilient top-to-bottom technology stack,” Comyn said.

“I think we come from an advantage position. We've got a strong history of leadership in this area. It's a very good asset that we're going to build upon.”

Comyn said there were now a number of focus areas within the CBA stack, but that “just continuing the modernisation” was first and foremost.

“We've got about 3500 applications. We want to take that footprint down by 25 percent.

"Those simplifications obviously deliver some real benefits.

"We've got a big cloud or public cloud migration underway. We've got about 25 percent of that footprint in the public cloud, and we'd like to get that to about 95 percent,” Comyn said.

Comyn said this would come with lower running costs and “lower costs to compete” but would also boost resilience which was now more important than ever given there were 7 million digital customers, around 6 million of which used the bank's app.

The resilience issue is not small beer. An outage in October traced to an infrastructure upgrade sent the CBA scrambling to restore services and tarnished what had until recently been a dream run.

The Reserve Bank of Australia is so concerned about outages it has forced banks to report incidents directly to it and will make those numbers publicly available, at a bank level, to spur improvements rather than letting banks make up their own reliability benchmarks.

Mortgages, where the CBA nailed it in the right areas like owner occupier lending, have benefitted significantly from digitisation.

Comyn said 80 percent of the CBA’s home lending was now “digital end-to-end using Pexa on the back end.”

“We want to continue to invest in our business underwriting process,” Comyn said of the tech capability, adding that the unsecured small business lending platform, Business Express, could “really improve” in terms of both “the speed to decision and fulfillment process in business lending.”

There were also “big investments” in the institutional bank (think CommSec) around what Comyn called the “underpinning infrastructure and systems”.

“Everything from the KYC [Know Your Customer] onboarding process to the institutional lending system.”

And then there was data, or lack of it in the case of AUSTRAC, that has been singled out for urgent remediation and development.

“On data, if you look at any of the issues that we've had in regulatory and compliance… data quality and reconciliation and lineages [have] often been at the centre of a number of those,” Comyn said.

“Improving the data quality at source is a really important priority for us. We're making… big investments in areas like financial crime, one of those elements is making sure …we've got high quality at source – and we've got complete coverage; accurate data with a high quality lineage.”

Comyn said the data overhaul was about a lot more than regulatory compliance. Rather it was a “foundational asset” that gave the CBA a “very strong starting position…to build upon and build differentiated customer experiences that will help in engagement and retention.”

“We want to build differentiated experiences relative to our competitors that are hard to replicate at a lower risk [or] lower cost.”

That meant the CBA would now have a “much greater velocity than we currently build software, and at a higher level of security.”