> The only way is to not use cloud computing at all and go on-premise.

This point of view may be based on a lack of information about how global finance handles security and privacy critical workloads in high-end cloud.

Global banks and the CSPs that serve them have by and large solved this problem by the late 2010s - early 2020s.

While much of the work is not published, you can look for presentations at AWS reInvent from e.g. Goldman Sachs or others willing to share about it, talking about cryptographic methods, enclaves, formal reasoning over not just code but things like reachability, and so on, to see the edges of what's being done in this space.