Customer Stories / Financial Services
Bank Pocztowy and Tameshi Confirm Compliance Before Migrating to the AWS Cloud
Learn how Bank Pocztowy and Tameshi are meeting strict regulations using a custom solution powered by AWS Config.
with banking and regional cloud regulations
Facilitates cloud migration
for highly regulated industries
to get to work faster
in deployment times expected
When Bank Pocztowy SA (Bank Pocztowy) made the strategic decision to migrate to the cloud, it knew that the process would be complex. Before it could even plan the migration, the Polish retail bank needed to warrant that its data and processes would remain secure and in compliance with strict regulations. Additionally, it would need to verify that the migration would not negatively impact the performance and availability of its digital applications.
Bank Pocztowy turned to Amazon Web Services (AWS) and paved the way for its cloud migration with the help of Tameshi Sp. z o.o. (Tameshi), an AWS Partner. The bank adopted a custom solution from Tameshi powered by AWS Config, which will continually assess, audit, and evaluate the configuration and relationships of cloud resources. Using this solution, Bank Pocztowy can automatically check whether some of its cloud workloads are compliant with banking and regional regulations. Now, the bank is ready to migrate its key customer-facing application, its electronic banking app, to the cloud.
Opportunity | Using AWS to Plan a Cloud Migration for Bank Pocztowy
Founded in 1990, Bank Pocztowy is a Polish bank that primarily serves individual customers, small businesses, and housing cooperatives. The financial institution provides access to financial services through one of the most extensive branch networks in Poland, with approximately 4,700 post offices and over 130 bank branches. To improve its agility, Bank Pocztowy sought to migrate its on-premises environment to the cloud, beginning with its electronic banking application, before analyzing candidates for future iterations. “Cloud services take away the burden of maintaining infrastructure,” says Jacek Presz, director of the IT management bureau at Bank Pocztowy. “By migrating to the cloud, we could develop our capabilities faster and focus our efforts on building solutions for our customers.”
To migrate to the cloud, Bank Pocztowy would need to comply with the strict regulations of the Polish Financial Supervision Authority. It would also need to meet its own stringent requirements for security, availability, and performance. These policies define critical requirements for protecting cloud environments; any deviation could expose sensitive customer data and have significant consequences for the bank. For this reason, Bank Pocztowy needed a solution that could automatically check whether its cloud workloads and resources complied with banking and regional regulations.
While exploring different cloud vendors, Bank Pocztowy engaged AWS to help identify how using the cloud can help shorten its time to market and facilitate the migration. The AWS team introduced Bank Pocztowy to Tameshi, an IT services company that uses cloud technologies to support financial institutions in their digital transformations. With expertise in helping Polish and European banks meet compliance requirements, Tameshi was an ideal AWS Partner for the project. “Experience in the banking sector was the most important consideration for us,” says Presz. “Tameshi combines compliance understanding with technical skills, which is essential.”
We are confident that we can meet the key regulatory requirements on AWS and that we can benefit from automating maintenance tasks on the cloud.”
Director of the IT Management Bureau, Bank Pocztowy SA
Solution | Facilitating Compliance with Custom Solution from Tameshi
Over a few months, Bank Pocztowy and Tameshi conducted a proof of concept for the cloud migration. The proof of concept examined two key topics: how the bank’s digital services would perform on the cloud and how the bank could establish AWS managed rules on AWS Config that matched its various security and regulatory requirements. AWS Config rules are predefined, customizable rules that are used to evaluate whether AWS resources comply with common best practices. Using these rules, Tameshi’s solution can continuously check whether Bank Pocztowy’s cloud workloads and resources comply with banking and regional regulations. “Continuous compliance shortens the amount of time required for new developers to start using the cloud infrastructure,” says Maciej Cetler, chief technology officer of Tameshi. “The solution automatically notifies them of the compliance rules that they need to follow.”
To develop the solution, Tameshi and Bank Pocztowy analyzed the bank’s internal documents and identified the rules that it needed to follow on AWS to fulfill its regulatory needs. Then, the teams assessed AWS conformance packs, such as Operational Best Practices for Security Services and Operational Best Practices for Encryption and Keys. Conformance packs are a collection of AWS Config rules and remediation actions. The teams identified which ones fulfilled the bank’s regulatory needs, and Tameshi also developed custom conformance packs to further meet complex requirements.
Using Tameshi’s solution, the bank can assess changes made to its cloud environment and determine whether they meet its strict compliance requirements. If the solution detects any gaps in compliance, Bank Pocztowy can immediately launch remediation actions. “There are many security mechanisms that we have to implement, like encryption,” says Presz. “With Tameshi’s solution, we can warrant that these mechanisms are applied consistently and that encryption is turned on in the places that it needs to be.”
With these capabilities, Bank Pocztowy can make sure that some of its cloud workloads meet its various regulatory requirements, paving the way for its migration. The bank can also reduce the risk of mistakes by automating selected compliance checks, rather than performing them manually. Because the solution automatically notifies its developers of important compliance requirements, they can get to work faster on the cloud and focus on building innovative new solutions for the bank’s customers. With this automation in place, Bank Pocztowy expects to shorten its deployment times by 80 percent.
Outcome | Helping Highly Regulated Industries Migrate to the Cloud
With the custom compliance solution in place, Bank Pocztowy is now ready to begin its cloud migration. In only 2.5 months, the financial institution developed a business plan, secured funding, and launched the migration of its electronic banking system to the cloud. Bank Pocztowy is looking forward to continuing its digital transformation.
“With the proof-of-concept results, we are confident that our electronic banking application will still offer a great user experience and responsiveness for our customers,” says Presz. “We are confident that we can meet the key regulatory requirements on AWS and that we can benefit from automating maintenance tasks on the cloud. And thanks to that confirmation, we have confidently made the decision to migrate.”
About Bank Pocztowy
Bank Pocztowy SA is a Polish retail bank that serves primarily retail customers, small businesses, and housing cooperatives. Founded in 1990, Bank Pocztowy provides financial services through one of the most extensive branch networks in Poland.
AWS Services Used
AWS Config is a configuration tool that helps you assess, audit, and evaluate the configurations and relationships of your resources.
Organizations of all sizes across all industries are transforming their businesses and delivering on their missions every day using AWS. Contact our experts and start your own AWS journey today.