Regulatory requirements behind Western Union's multi-cloud push

The company's VP head of technology transformation detailed the global regulatory requirements that impact a cloud strategy at an organisation like Western Union.

Moving from the mainframe to the cloud, according to Western Union VP head of technology transformation Veena Dandapani, is a problem confronted by most financial institutions.

"We all have systems that were written in the 1960s on mainframes and we all have COBOL codes sitting out there -- millions and millions of lines of code -- and so now everybody wants to move to the cloud because it's agile, it's scalable, it's global," she said, speaking at VMworld in San Francisco last month.

See also: IBM z15 release shines light on how much is still being run on a mainframe

"We are also on the same journey, trying to move to the cloud. It's a learning curve for everyone, and we at Western Union are in 200 countries and we deal with 130 currencies -- it's a very complex cross-border, cross-currency organisation."

Developing a cloud strategy for Western Union wasn't straightforward. Dandapani said the organisation decided the cloud was where it wanted to be, and assumed one provider would be chosen, but the regulators quickly drew a line through that idea.

"We went to the regulators and they asked, 'Where's your exit strategy for the cloud? so if you need to have an exit strategy, what is it? Is it another cloud provider or is it another data centre?'," she explained.

"The most complex in all this is going to be the regulatory bodies and the regulations in each country. Every country we're seeing is having a say in terms of how the data resides, where the data resides, where the transaction has to happen, and no two countries are going to be the same."

Western Union, as a result, is driving a hybrid multi-cloud strategy.

Pointing to regulatory requirements present around the world, Dandapani said that in Russia, for example, there is a mandate that all data has to reside in Russia. Meanwhile, the Philippines, she said, dictates that cloud cannot be used unless a hybrid model is used; and Japan requires all cloud transactions stay in Japan.

"So you have all these variations, so as you embark on the cloud journey, you really need to think about regulatory bodies ... that's where we are at right now," she said.

Blockchain: It's still too overhyped

Dandapani touched blockchain, saying the value of the distributed ledger technology is where all of its parts -- the smart contracts, the cryptocurrency, and the single source of truth -- come together before it can provide any kind value for an organisation.

See also: Is FOMO making enterprises unnecessarily leap into blockchain?

"It all depends on what the use cases are -- everybody's dabbling with blockchain and so are we," she said. "But unless the regulatory body around blockchain [is created], because all of these have to come together, there is really no compliance and standards when we talk about blockchain as how do you govern them? How do you govern the contract? It's very, very hard.

"The way I see blockchain, there's a lot of hype ... but really we haven't conceived a fully-baked use case out there that we can all rely on."

She said, however, that almost all organisations should expect to be impacted by blockchain in some way.

"Directly because they're going to implement something, indirectly because they're going to get sucked into being part of the network that is going to be provided as part of blockchain," Dandapani said.

On artificial intelligence and machine learning, Dandapani said where she sees those technologies playing a part in the financial services industry is in social profiling -- specifically targeting unbanked customers.

Disclosure: Asha Barbaschow travelled as a guest of VMware to VMworld in San Francisco. 

RELATED COVERAGE