Balancing Compliance and Cloud Strategy in Finance with Jean-Philippe Gerbi

Guest Introduction Jean-Philippe Gerbi is the Chief Information Officer at Metropolitan Commercial Bank, where he oversees technology strategy in a highly regulated and security-sensitive environment. With deep experience in building scalable and secure infrastructures for financial institutions, Gerbi takes a pragmatic and risk-aware approach to digital transformation. Before joining Metropolitan, he supported major organizations in finding the right balance between innovation and compliance, ensuring that IT operations closely align with business priorities. His areas of expertise include data governance, cloud enablement, cybersecurity, and operational resilience, all of which are essential for banks facing today’s complex threat landscape. Here’s a Glimpse of What You’ll Learn How financial institutions prioritize security while embracing innovation The CIO’s role in balancing regulatory constraints with technological agility Why application visibility is essential for operational control How cloud adoption intersects with banking compliance Tips for evaluating vendors from a cybersecurity perspective Jean-Philippe’s take on Zero Trust in banking environments Strategies for ensuring IT investments align with real business value In This Episode Jean-Philippe Gerbi discusses how Metropolitan Commercial Bank strengthens its security posture while continuing to evolve its technology infrastructure. He explains how banks that operate under heavy regulation must be careful and intentional when deploying new tools, especially when protecting sensitive customer data and maintaining trust. Gerbi points out that strong IT leadership requires a full understanding of every layer in the tech stack, from core infrastructure to application workflows, in order to implement proper security and oversight. He also shares his thoughts on the qualities of an effective CIO in the financial sector. For Gerbi, success depends on the ability to connect technical decisions with executive priorities and risk management strategies. He walks through his vendor evaluation process, focusing on how to assess security, reliability, and alignment with long-term business needs. The conversation also touches on cloud adoption. Gerbi explains how banks can use cloud technologies without violating compliance standards. His view on Zero Trust focuses on layering security and deeply understanding internal systems and behaviors, which he sees as essential given the limitations of traditional perimeter defenses.