Cloud-Native Data Platform Modernization for Regulatory Compliance in Global Banking

Abstract

A global banking organization migrated data platforms from on-premises architectures to public cloud services enabling scale, elasticity, and cost efficiency. Data residency and support for anti-money laundering monitoring were identified as key regulatory requirements impacting data residency strategy. Therefore, data platform services must store copies of specific data sets in defined jurisdictions. Requirements and implementation considerations were defined for the modernization of the shared data lake and data warehouse platform services. Enabling exposure required significant improvement across multiple capabilities.

Capability deficiencies were assessed across three distinct dimensions: governance-supporting processes and controls; data lifecycle management processes required to generate and maintain exposure evidence; and observability and metadata management requirements, including integration with existing data-sharing platforms and compliance risk assessment tooling. A compliance-by-design governance framework was created to support future security, privacy, and performance isolation requirements. Security policies enforcing data residency at rest were enhanced for data transmission and for supporting encrypted queries across data-sharing services.