NASDAQ OMX's new FinQloud is a cloud solution designed to serve the needs of the regulated financial services industry. By building FinQloud on top of AWS, NASDAQ was able to create a protected environment for regulated data that meets very stringent security, reliability, and durability requirements.
Financial services firms operate in a very complex global regulatory environment. Due to new compliance regulations aimed at increasing transparency, they must provide regulators with access to more granular data around financial activities. The costs associated with the security, storage, management, and processing of all of this data have continued to grow. FinQloud provides financial services customers with a secure, industry-only cloud (sometimes known as a community cloud) that will reduce their technological burdens, aid in compliance, and allow them to focus more of their resources on activities that generate revenue.
All connections to FinQloud will be required to pass through a rigorous encryption key management system, scheduled to be available in the coming months. The encryption key management system will be housed in private NASDAQ OMX data centers before directly connecting to AWS. Encryption will protect data in motion as it flows from the FinQloud customer, to the data center, and then to AWS. FinQloud takes advantage of the AWS Virtual Private Cloud (VPC) to create a completely isolated network layer. Stored data is also encrypted, adding an extra layer of protection above and beyond the security already provided by AWS (see the AWS Security Center for more information). Additionally, FinQloud places data from each client in a distinct storage container, and also implements a dedicated network connection to AWS using the Direct Connect service.
The first two FinQloud services are Regulatory Record Retention (R3) and Self Service Reporting (SSR).
Regulatory Record Retention
Regulatory Record Retention (R3) is expected to be available in the coming months and will provide a storage solution for broker-dealers to allow them to meet the record archival and retrieval requirements (including Write Once Read Many, or WORM) specified by U.S. Securities and Exchange Commission Rule 17A-4 at a cost that is up to 80% lower than current non-cloud solutions. All data will be stored in encrypted form using keys that are generated and stored on a separate hardware device.
Let's take a more detailed look at the way that R3 intends to meet each of the requirements set forth in Rule 17A-4:
Indexing - R3 plans to record and log key properties of each customer file as it is stored. It will use this data to build a comprehensive database that supports management, identification, and retrieval of stored data.
Audit - R3 expects to provide detailed access logs for all system activity for every file. Complete history of each file, from receipt, through storage, retrieval, and disposal (at the end of the file's useful life) is available.
Data Quality - R3 is being designed to compute and store a checksum for each file as part of the upload process. It then plans to regularly compare the stored checksum against a freshly computed checksum to ensure that the file has not been altered or compromised.
Search & Retrieval - R3 customers will be able to view, search, and download files, along with index and audit information through a secure, streamlined user interface.
Self Service Reporting
FinQloud's Self Service Reporting (SSR) gives broker-dealers the power to run fast, on-demand queries and value-added analysis on their stored trade data. It is able to process large data sets quickly and efficiently in response to specific, user-generated queries.
SSR allows broker-dealers to store all of their trade data in one location, and to mine it for patterns, trends, and insights. It also includes templates for standardized push-button reports.
The largest broker-dealers have data demands that are measured in petabytes. SSR takes advantage of FinQloud's scalability to support analysis of large datasets using the most demanding queries.
Here is a simple block diagram to help you to understand how R3 works in conjunction with your data center, NASDAQ's data center, and AWS:
To learn more, visit the FinQloud site.