Finance firms shift cloud focus to resilience and compliance

By Vriti Gothi

Financial services firms across the globe are shifting their cloud strategies as the twin imperatives of regulatory compliance and operational resilience rise to the top of the agenda. A new survey commissioned by the London Stock Exchange Group (LSEG) has revealed that 84%of firms have modified their cloud approaches in response to evolving requirements around data privacy, security, and sovereignty. Notably, more than a quarter of the respondents, 28%, have undertaken extensive changes, highlighting the scale of the industry’s response to mounting regulatory and operational pressures.

The research, carried out by Phase 5 between November 2024 and March 2025, surveyed 453 executives across 12 countries, nearly two-thirds of whom were primary decision-makers for financial market data and IT solutions. The findings underline the growing recognition within the industry that cloud adoption is no longer solely a question of efficiency or scalability. Instead, it has become a core part of building a more stable, secure, and resilient infrastructure capable of withstanding disruptions and ensuring continuity of financial services.

Operational resilience has emerged as one of the most critical benchmarks shaping cloud strategies. Globally, almost one in three firms, 30%, reported experiencing a disruption linked to cloud services over the past year. Such incidents are reshaping boardroom priorities, with 47% of firms now viewing resilience and security as central indicators of their cloud strategy’s return on investment. This shift in perception reflects a growing understanding that resilience is not merely a regulatory box-ticking exercise but a direct contributor to business performance and client confidence.

The emphasis on resilience is particularly strong in the EMEA region, where 95% of respondents consider it either critical or very important when selecting a cloud provider. This contrasts with findings from Asia-Pacific, where 38% of firms reported cloud-related disruptions, the highest rate globally, yet only 21% ranked resilience as critical when choosing a provider. Despite this, more than half of APAC respondents, 51%, did recognise it as a key factor in evaluating return on investment. This apparent gap between recognition and prioritisation is being addressed, however, by regulators across the region. In November 2024, financial authorities from Australia, Hong Kong, Indonesia, Japan, Malaysia, the Philippines, Thailand, and Singapore collaborated with major cloud providers on a crisis management exercise. This initiative, the first of its kind in the region, demonstrated regulators’ increasing commitment to ensuring cloud resilience across markets that are rapidly digitising financial services.

The survey also found that regulatory developments are exerting a powerful influence on firms’ strategic decisions around the cloud. One-third of financial institutions said that compliance requirements had directly shaped their strategies, affecting decisions related to migration, the deployment of artificial intelligence, and data analytics. In response, many firms are opting for diversified approaches. 59% of respondents reported adopting hybrid cloud strategies, while 56% are pursuing multi-cloud models. A further 37% are limiting the amount of data stored in the cloud, and 35% are partnering with local or regional vendors to mitigate risks associated with data sovereignty and third-party dependencies.

Regional differences remain stark. In the Asia-Pacific, one-third of firms have implemented extensive changes to meet new regulatory requirements, compared with 24% in the EMEA region. In the Americas, Canada stood out for the breadth of its reforms, with 96% of Canadian firms reporting moderate or extensive adjustments to their cloud strategies. These shifts were largely driven by a series of regulatory updates introduced between 2023 and 2024, covering third-party risk management, data integrity, security, and operational resilience.