Capital One redefines banking for the cloud age

With thousands of apps hosted on AWS, the bank considers itself a technology company that provides financial services.

Banking dates back to ancient times, and some of the world's most powerful banks were founded before the 20th century. Yet Capital One -- a company that is about to turn 25 -- has become one of America's top banks in a far shorter period of time.

Internally, Capital One operates less as a bank and more as a technology company.

Courtesy of Capital One

The change in mindset happened around six years ago, when the company still had a traditional, legacy IT infrastructure, says Bernard Golden, the organization's VP of Cloud Strategy. At the time, Capital One set audacious goals to apply digital transformation practices to transform the traditional organization into a digital enterprise. "Capital One looked at itself, and said, 'To compete and win in what we expect the banking environment to be in the future, we'll need to operate like a tech company," Golden explains.

"The company moved forward with changing to agile development practices, to DevOps with continuous integration and continuous deployment, and using cloud data practices around the software-defined data center. That, combined with the capabilities you get from a cloud provider, lets you transform the way that your entire IT organization operates," he adds.

More than lift and shift

Capital One is now a cloud-first organization, with its data center infrastructure residing on Amazon Web Services (AWS) cloud resources. The company has thousands of applications and services running in the cloud, and nearly all of its production, development, and test servers operate in the cloud, Golden says.

The company has also enabled more than 50 AWS tools for its developers, including DynamoDB for core banking; Amazon Connect for better call routing and call quality; and RDS, CloudFront, and Lambda, which drive consumer banking apps.

Capital One has also embraced cloud-first practices, particularly in its development processes. According to Golden, Capital One has more developers than many leading digital brands.

Courtesy of Capital One

The company has organized its army of coders into agile sprint teams that work on two-week development cycles. The cloud infrastructure gives them the flexibility to innovate, test, and deliver continuously. Capital One reports that the time needed to build a new environment and new features into a product has been significantly reduced.

"If you want to get all the benefits of being a cloud-native organization, you have to really examine every part of your IT value chain and figure out how to safely and securely accelerate to the speed of the cloud itself," Golden says.

The result is resilient applications that can respond to spikes in demand. When you can tell someone you need another couple of petabytes and the response is, "Okay, it'll be ready for you in minutes," Golden says, "It's a huge change, a real game-changer. [But] If your applications aren't designed to scale very gracefully, it doesn't matter that your cloud provider can provide immense amounts of capacity; your application won't be able to handle it."

Private data in the public cloud

Protecting customer and account information is a top priority and Capital One takes it very seriously. Security is of paramount concern to a company that manages finances. Golden says, "We have a very comprehensive set of controls we use to implement regulatory and security requirements." Capital One uses special tools to manage security processes and automate security policy enforcement.

Additionally, Capital One developed and open-sourced a compliance-enforcement engine called Cloud Custodian that helps customers more effectively manage their AWS accounts. It has comprehensive support for many different AWS services, and it integrates with AWS Lambda, Config, Cloudtrail, CloudWatchEvents, and GuardDuty to provide real-time guardrail automation. It allows customers to express complex policies and workflows via simple YAML DSL, which allows for a compliance-as-code approach. Cloud Custodian has a community of other organizations that have adopted it for similar purposes to help them achieve security, compliance, and cost savings in AWS.

Capital One has also invested heavily in its own AI and machine learning technologies to bolster security and transform the customer experience. Golden explains that the company uses machine learning to detect fraud attempts in real-time.

Much of the customer service capability works through a unique intelligent assistant called Eno. Golden says that Eno uses natural language processing to understand customers and interact with them conversationally. Eno looks out for Capital One customers, helping them to manage their money through alerts about potentially fraudulent transactions, suspected double charges, and important payment due reminders, among other proactive traits.

The future is cloud

Golden summarizes the Capital One philosophy succinctly: "I don't really work for a bank with an IT department; instead, we operate like a bank that a technology company would build."

This focus helps Capital One build richer relationships with customers while protecting them from fraud and innovating continuously with new services that are transforming the traditional definitions of banking.

You can learn more about Capital One's cloud innovation and digital transformation at https://www.capitalone.com/tech/events.