📖 This case study is part of our AWS advisory series. For contract negotiation, see AWS Contract Negotiation Service. For additional case studies, see AWS Negotiation Case Studies.
Client Background and Challenge
The client is a major regional bank headquartered in the Midwest, with approximately 40,000 employees serving retail banking, wealth management, commercial lending, treasury services, and insurance across 12 states. The bank operates over 600 branches and a full-service digital banking platform that processes millions of transactions daily. AWS had become the bank’s primary cloud infrastructure platform over the previous five years, supporting a critical portfolio of workloads: the digital banking application (mobile and online), real-time fraud detection and anti-money laundering (AML) systems, data analytics and customer intelligence platforms, core banking API layer, disaster recovery and business continuity infrastructure, and development and testing environments for the bank’s 1,200-person technology team.
The annual AWS spend had grown to approximately $6.3 million — a 180% increase over three years driven by the bank’s digital transformation and the migration of workloads from on-premises data centres to AWS. The spend was distributed across EC2 compute (48%), RDS and DynamoDB database services (22%), S3 and EBS storage (14%), data transfer and networking (9%), and managed services including Lambda, SageMaker, and CloudWatch (7%).
The bank operated in a regulated environment subject to OCC (Office of the Comptroller of the Currency), FFIEC, SOX, and PCI-DSS requirements, which imposed specific constraints on data residency, encryption, and third-party risk management for cloud service providers.
Industry
Midwestern US regional banking and financial services. Regulated under OCC, FFIEC, SOX, and PCI-DSS. 40,000 employees across 12 states and 600+ branches.
AWS Estate
$6.3M annual spend across EC2, RDS, DynamoDB, S3, Lambda, SageMaker. Digital banking platform, fraud detection, AML, analytics, DR, and 1,200-person dev team environments.
Key Pressure
180% consumption growth over 3 years. No independent cost review ever conducted. Over-provisioned infrastructure sized for migration speed, not operational efficiency.
Scale
600+ branches, millions of daily transactions, 1.8 PB of S3 storage, Enterprise Discount Program renewal approaching with outdated 8% discount tier.
The AWS contract renewal presented four challenges. First, the bank had never conducted an independent review of its AWS consumption efficiency. The technology team had prioritised speed of deployment over cost optimisation during the initial cloud migration, resulting in over-provisioned EC2 instances (many sized for peak capacity but running at 15–25% average utilisation), development and testing environments running 24/7 despite being used only during business hours, and S3 storage accumulating without lifecycle policies (regulatory archives stored in S3 Standard at $0.023/GB instead of S3 Glacier at $0.004/GB).
Second, the bank’s Reserved Instance portfolio was poorly structured — 60% of Reserved Instances had been purchased based on initial migration sizing rather than actual steady-state usage, resulting in reservations for instance types and sizes that no longer matched the production workload.
Third, AWS’s Enterprise Discount Program (EDP) commitment had been negotiated three years prior at a lower spend level, and the bank’s 180% consumption growth meant the original discount tiers no longer reflected the bank’s actual purchasing power.
Fourth, the bank lacked granular cost allocation — AWS costs were tracked at the account level but not attributed to specific business units, applications, or projects, making it impossible to identify which workloads were driving cost growth and which were candidates for optimisation.
“Regional banks migrating to AWS face a predictable cost trajectory: rapid consumption growth during migration (150–200% over 3 years is typical), followed by a plateau where the organisation realises it is significantly overspending because infrastructure was sized for migration speed rather than operational efficiency. The window between migration completion and EDP renewal is the optimal time to intervene — the bank has enough consumption history to identify waste, the EDP renewal creates negotiation leverage, and the consumption volume justifies meaningful discount improvements. We typically find 25–35% savings opportunities for banks at this stage of their cloud journey.”
Our Approach — Five-Phase Engagement
Redress Compliance deployed a structured five-phase engagement over 10 weeks, working from our Fort Lauderdale office with the bank’s CTO, VP of Cloud Infrastructure, FinOps team, and AWS account team.
Phase 1: Comprehensive Usage Review (Weeks 1–3)
We conducted a forensic analysis of the bank’s AWS consumption using AWS Cost Explorer, Trusted Advisor, Compute Optimizer, and detailed billing reports. The review examined every service, instance type, and storage class across all AWS accounts. The analysis revealed substantial optimisation opportunities: EC2 instances across development and testing environments (representing 22% of total compute spend) were running 24/7 but used only during business hours — scheduling these for 12-hour weekday operation would reduce their cost by 64%. In production, 35% of EC2 instances were over-provisioned by 2–4× relative to actual CPU, memory, and network utilisation. RDS instances showed similar patterns, with several database instances running on r5.4xlarge when r5.xlarge would accommodate actual query loads. S3 storage totalled 1.8 petabytes, of which 1.1 PB (61%) was regulatory archive data that had not been accessed in 12+ months but was stored in S3 Standard rather than S3 Glacier or S3 Glacier Deep Archive. Total identified waste: $1.5 million annually in underutilised and overprovisioned resources.
Phase 2: Cost Optimisation Recommendations (Weeks 4–5)
We developed a detailed optimisation programme addressing five areas. EC2 right-sizing: 142 instances recommended for downsizing (primarily dev/test and staging environments), saving $680K annually. Scheduling automation: Non-production environments scheduled for business-hours-only operation using AWS Instance Scheduler, saving $420K annually. Storage tier migration: 1.1 PB of regulatory archive data migrated from S3 Standard to S3 Glacier Deep Archive, reducing storage costs from $25K/month to $1.1K/month — saving $290K annually. S3 Intelligent-Tiering applied to remaining active data. RDS optimisation: 18 database instances right-sized, 6 underutilised read replicas consolidated, saving $180K annually. Data transfer optimisation: VPC endpoint adoption for S3 and DynamoDB access (eliminating NAT Gateway charges) and CloudFront caching for the digital banking application’s static assets, saving $130K annually. Total annual optimisation savings: $1.5 million — all achievable without any change to application functionality or performance.
Phase 3: Reserved Instance and Savings Plan Restructuring (Weeks 6–7)
The bank’s existing Reserved Instance portfolio was misaligned with current workloads. We restructured the commitment strategy around three tiers. Compute Savings Plans (CSP): Replaced the legacy Reserved Instances with Compute Savings Plans covering the bank’s baseline compute footprint at up to 66% discount with full flexibility across instance families, sizes, and regions. EC2 Instance Savings Plans: Applied to stable, predictable workloads (fraud detection, core banking API) at 72% discount for 3-year partial upfront commitments. On-demand for variable workloads: The remaining 20–25% of compute left on-demand with auto-scaling policies, avoiding the cost of committing to capacity used intermittently. The restructured portfolio reduced the effective compute rate by an additional 28% compared to the previous RI structure, contributing approximately $1.2 million in annual savings.
Phase 4: Benchmarking and EDP Negotiation (Weeks 8–9)
We benchmarked the bank’s AWS pricing against our database of AWS Enterprise Discount Programs for regional and national banks. The benchmarking revealed the bank’s existing EDP discount of 8% was well below the 15–22% range typical for financial institutions with comparable consumption. We engaged AWS’s financial services sales team with a comprehensive negotiation package: the optimisation programme, restructured Savings Plan portfolio, consumption growth projections, and competitive positioning (Azure financial services capabilities, Google Cloud’s banking solutions). The final EDP was negotiated at 19% — more than double the previous 8% discount. Additional concessions included $400K in AWS credits for migration of remaining on-premises workloads, AWS Enterprise Support at a reduced rate, and dedicated AWS Solutions Architect time.
Phase 5: Governance and FinOps Framework (Week 10)
We implemented a comprehensive FinOps governance framework tailored to the bank’s regulatory environment. This included granular cost allocation using AWS Cost Allocation Tags — every resource tagged by business unit, application, environment, and cost centre — enabling the CTO to attribute AWS costs to specific banking operations for the first time. Weekly automated cost anomaly detection, monthly FinOps reviews with the CTO and business unit technology leads, automated scheduling enforcement for non-production environments, quarterly Savings Plan utilisation reviews, and all governance processes documented to meet OCC and FFIEC requirements for third-party cloud service provider risk management.
Need Expert AWS Contract Negotiation? Redress Compliance provides independent AWS contract advisory — fixed-fee, no vendor affiliations. Our cloud specialists help enterprises negotiate EDP commitments, reserved instances, and consumption-based pricing.
Explore AWS Advisory Services →Outcome
The engagement delivered $6.2 million in total savings over the three-year EDP term. The savings comprised three layers: $1.5 million annually from consumption optimisation (EC2 right-sizing, scheduling automation, storage tier migration, RDS optimisation, and data transfer improvements), $1.2 million annually from the restructured Savings Plan portfolio (replacing misaligned Reserved Instances with flexible Compute Savings Plans and targeted EC2 Instance Savings Plans), and $1.4 million annually from the improved EDP discount (19% versus the previous 8%, applied across all eligible consumption). Annual AWS costs were reduced from $6.3M to approximately $4.2M — a 33% reduction achieved while maintaining full capacity for all banking operations, fraud detection systems, and digital banking services.
The cost allocation framework implemented during Phase 5 has already revealed that the wealth management division’s analytics workloads account for 28% of total AWS spend — an insight that was invisible before tagging was implemented and has triggered a separate right-sizing initiative for that division. The automated scheduling of non-production environments is consistently saving $35K per month, and the FinOps review cadence has prevented two potential cost overruns from unplanned development environment expansions within the first quarter of operation.
The 10-week engagement cost represented less than 2% of the first-year savings, delivering a return on investment exceeding 50:1. The bank has committed to quarterly FinOps reviews and annual Savings Plan reassessments to maintain the optimised baseline as workloads evolve.
| Metric | Before Engagement | After Engagement | Impact |
|---|---|---|---|
| Annual AWS cost | $6.3M | $4.2M | 33% reduction ($2.1M/year savings) |
| Total 3-year savings | — | $6.2M | Optimisation + Savings Plans + EDP |
| EDP discount | 8% | 19% | 137% improvement in discount rate |
| EC2 instances right-sized | 0 | 142 | $680K annual savings |
| Dev/test scheduling | 24/7 operation | Business hours only | $420K annual savings (64% cost reduction) |
| S3 archive storage | 1.1 PB in Standard | 1.1 PB in Glacier Deep Archive | $290K annual savings (95% storage cost reduction) |
| Savings Plan structure | Misaligned RIs | CSP + EC2 ISP + on-demand | 28% additional compute rate reduction |
| Cost allocation | Account-level only | Full tagging (BU/app/env) | Granular cost attribution for first time |
| AWS credits | None | $400K migration credits | Funded remaining on-prem migrations |
“Redress Compliance’s expertise in AWS negotiations transformed our cloud strategy. They identified $1.5 million in resource waste we didn’t know existed, restructured our commitment portfolio to actually match our workloads, and more than doubled our EDP discount. But the most valuable outcome is the FinOps framework — for the first time, we can see exactly where every dollar of AWS spend goes, which business units are driving costs, and where the next optimisation opportunity exists. Their guidance was invaluable and has positioned us for sustainable, cost-efficient cloud growth.”
— Chief Technology Officer, Midwestern US Bank
Key Lessons for Banks and Financial Institutions
This engagement demonstrates the optimisation potential for regional banks and financial institutions that have completed their initial cloud migration to AWS. The patterns we identified — infrastructure sized for migration speed rather than operational efficiency, misaligned Reserved Instance portfolios, EDP discounts that have not kept pace with consumption growth, and the absence of granular cost attribution — are pervasive across the banking sector. The 10-week engagement delivered $6.2M in savings, with the FinOps framework projected to prevent $300–500K in annual cost drift.
Post-Migration Right-Sizing Is the Highest-ROI Cloud Optimisation
Banks that migrated workloads to AWS typically sized infrastructure for peak capacity and migration reliability, not operational efficiency. Once workloads are stable, 30–40% of EC2 instances can be downsized without any performance impact. Non-production environments running 24/7 when used only during business hours represent an additional 60–65% waste. These optimisations are low-risk, high-impact, and should be the first action taken before any EDP negotiation — they reduce the baseline against which discount percentages are applied, compounding the savings. See our AWS Contract Negotiation Service.
Savings Plans Must Replace Legacy Reserved Instances
Many banks purchased Reserved Instances during their initial AWS migration based on sizing assumptions that have since changed. As workloads evolve, RIs become misaligned — the wrong instance families, wrong sizes, wrong regions. Compute Savings Plans provide equivalent discounts (up to 66%) with full flexibility across instance types and regions, eliminating the alignment problem entirely. The transition from misaligned RIs to flexible CSPs typically delivers 20–30% additional compute savings. Banks should restructure their commitment portfolio at every EDP renewal. See AWS Negotiation Case Studies.
EDP Discounts Must Be Renegotiated as Consumption Grows
AWS Enterprise Discount Programs are negotiated based on committed annual consumption. Banks whose AWS spend has grown 150–200% since their original EDP are almost certainly on discounts that are 5–15 percentage points below what their current consumption justifies. Financial institutions with $4M+ annual AWS spend should target 15–22% EDP discounts — any bank on single-digit discounts at this consumption level is leaving significant money on the table. Combine EDP renegotiation with competitive positioning (Azure, GCP) for maximum leverage. See AWS Advisory Services.
Engagement Timeline
| Phase | Duration | Key Activities |
|---|---|---|
| Phase 1: Usage Review | Weeks 1–3 | Forensic AWS consumption analysis using Cost Explorer, Trusted Advisor, and Compute Optimizer. Identified $1.5M in waste across EC2, RDS, S3, and data transfer. |
| Phase 2: Optimisation | Weeks 4–5 | EC2 right-sizing (142 instances), scheduling automation, S3 Glacier migration (1.1 PB), RDS consolidation, VPC endpoint adoption. |
| Phase 3: Savings Plans | Weeks 6–7 | Restructured commitment portfolio: Compute Savings Plans, EC2 Instance Savings Plans for stable workloads, on-demand for variable capacity. |
| Phase 4: EDP Negotiation | Weeks 8–9 | Benchmarked pricing against financial services peers. Negotiated EDP from 8% to 19%. Secured $400K migration credits and reduced Enterprise Support rate. |
| Phase 5: Governance | Week 10 | FinOps framework: cost allocation tagging, anomaly detection, monthly reviews, automated scheduling enforcement, OCC/FFIEC compliance documentation. |
AWS Costs Growing Faster Than Your Business?
Redress Compliance provides independent AWS contract negotiation and cost optimisation for banks, financial services companies, and regulated industries. We deliver consumption analysis, Savings Plan restructuring, EDP negotiation, FinOps framework implementation, and ongoing governance. Our financial services clients typically achieve 25–35% reductions in AWS costs.
Frequently Asked Questions
Based on our experience across multiple financial services engagements, regional banks that have completed their initial cloud migration and have not conducted an independent cost review typically achieve 25–35% reductions in annual AWS costs. Savings come from three layers: consumption optimisation (right-sizing, scheduling, storage tiering), commitment restructuring (replacing misaligned Reserved Instances with flexible Savings Plans), and EDP renegotiation (securing discounts that reflect current consumption levels). In this case, the combined savings totalled 33%.
An EDP is a contractual commitment between an enterprise and AWS where the customer commits to a minimum annual spend level in exchange for a percentage discount applied across all AWS services. EDP discounts for financial institutions with $4M+ annual spend typically range from 15–22%. The discount is negotiable and should be renegotiated whenever consumption grows significantly beyond the original commitment level. Banks on single-digit EDP discounts at high consumption levels are almost certainly under-negotiated.
Reserved Instances commit you to a specific instance type, size, and region at a discounted rate. If your workloads change (different instance family, different size, different region), the RI becomes misaligned and you pay both the unused RI commitment and on-demand rates for the new workload. Compute Savings Plans provide equivalent discounts (up to 66%) but apply flexibly across any instance family, size, operating system, tenancy, and region. This eliminates the alignment problem that causes most RI portfolios to become inefficient over time.
No — right-sizing reduces instances to a size that matches actual utilisation, not to a size below requirements. If an instance is running at 15% CPU and 20% memory utilisation, downsizing from an m5.4xlarge to an m5.xlarge maintains ample headroom while reducing cost by 75%. Scheduling applies only to non-production environments — development, testing, and staging instances that are used during business hours but run 24/7. Production workloads are never affected by scheduling policies.
Regulatory archive data that is retained for compliance but rarely accessed can be moved from S3 Standard ($0.023/GB/month) to S3 Glacier Deep Archive ($0.00099/GB/month) — a 95% cost reduction. The data remains fully encrypted, durable, and retrievable when needed for audits or regulatory requests (retrieval time is 12–48 hours for Deep Archive). Lifecycle policies automate the transition based on object age. All regulatory retention and encryption requirements are maintained; only the storage class and access speed change.
A comprehensive AWS optimisation and EDP negotiation engagement typically takes 8–12 weeks from initial assessment through contract execution. The five phases — usage review, optimisation recommendations, Savings Plan restructuring, EDP negotiation, and governance framework implementation — are sequential but overlapping. The engagement should begin at least 3–6 months before the EDP renewal deadline to allow sufficient time for thorough analysis, multiple negotiation rounds with AWS, and governance implementation. See our AWS Contract Negotiation Service for details.