https://www.youtube.com/watch?v=yim2sL1J1Qc&feature=youtu.be

Tech Accelerator

Start small, and gather momentum with early successes

Banks and their technology vendors are running on legacy technology and tackling the problem presents numerous challenges. Enterprise financial services firms are increasingly bogged down by old-fashioned technology solutions which, over the course of their lifetimes, increase in complexity due to architectural entropy and tactical change. The result is a sluggish, brittle, difficult-to-change platform which becomes increasingly expensive to operate.

Data Overload

The insatiable demand for data and analytics by the business and regulators means that traditional data processing solutions are rarely up to the task. The result is large, slow databases, or ‘data islands,’ throughout the enterprise, which decrease data utility and increase the cost and complexity of deriving meaningful, actionable insights.

Brittle Architecture

Due in part to the architectural flux brought about by regulatory demands, many IT solutions have evolved their architectures in a knee-jerk fashion, rather than with a strategic view to the long-term. This application of tape and string has, over time, resulted in architectures that are easy to break, difficult to test and expensive to change.

Complex Change

Architectural brittleness and complexity makes software increasingly difficult to change, a problem which results in hugely inflated change budgets at a time where regulatory mandates require change to happen quickly and correctly. This is often exacerbated by poor software testing.

Production Problems

With such complex systems, brittle architectures and patchy test coverage, it is no surprise that firms suffer from production outages, performance dips or other incidents. Often the response is to commit more response to production support teams, which fails to address the problem at the source and further increases the total cost of ownership.

Inefficient Infrastructure

Legacy platforms are both hardware-hungry and inefficient in their use of compute resources with millions of CPU-cycles wasted in data centers. Server infrastructure can also become increasingly difficult to manage due to configuration drift; and non-production environments often suffer contention between projects which creates further sluggishness and cost when implementing change.

The Challenge

While most technology owners understand the problems and have a good idea where the solutions reside, they often battle to secure buy-in and convince business stakeholders of the need for change.

The perceived cost to replace or upgrade legacy technology is difficult to qualify and estimate and, with benefits that are often difficult to articulate, making a case for change initiatives becomes problematic in budget-constrained environments. Budget cycles and the myopic nature of change management often mean that the case for architectural improvement is deprioritised in favour of work that, at least superficially, appears to yield more immediate benefit.

Defining the scope and reach of change initiatives can often be difficult. Large-scale initiatives are often thought of as ‘too big to tackle’ by budget holders and implementers alike, which means that value-adding initiatives to modernise IT platforms are sometimes abandoned. This typically results in non-strategic change being required down the line, which usually exacerbates architectural brittleness, complexity and cost and ends up being benefit-neutral at best, rather than improving the agility, cost footprint, and reliability of the IT estate.

Large organisations typically find embracing change, especially transformational change, challenging. This can be caused by legacy organisational structures, red tape, vested interests, skills gaps, or simply fear of the unknown. Tackling the problems of legacy technology platforms is often fraught with this kind of organisational inertia as, to a degree, a level of cultural change is also required to successfully effect change.

While most IT leaders understand the benefits that modern approaches such as Cloud or DevOps bring, a primary objection to many of these approaches is that security policies, or data protection concerns, preclude their adoption. Additional regulatory concerns also surface, which introduce further barriers to modernisation.

The Value

The Technology Accelerator is designed to help banks and vendors modernise their technology stacks and processes and adopt best practices in IT. This holistic suite of services combines decades of technology experience with an expert grasp of modern IT approaches to deliver cutting-edge approaches specifically tailored to wholesale finance clients and their most pressing needs.

“Banks and many of their technology vendors continue to rely on outdated server infrastructure, brittle software architectures and legacy IT processes in an environment where businesses and regulators demand more data, more insightful analytics, more reliable performance, better security, faster change and less risk. And this, in an environment where IT cost reduction remains a priority.”

— Bradley Wood, Partner, and Head of the Technology Accelerator offering

Tech Accelerator Service Offering

SDLC Advisory

Assisting clients with:

  • Adopting Agile best practice
  • Designing and Implementing CI frameworks
  • Code branching and management techniques
  • Toolchain selection
  • Behaviour-driven design and requirements engineering
  • Velocity reporting and management tools

Microservices Architecture

Helping clients adopt microservices architectures:

  • API design and development
  • Monolith migration planning (“strangulation”)
  • CQRS and service design
  • Messaging
  • Transactional integrity and eventual consistency techniques
  • Microservices-based big data pipelines.
  • Tool/vendor selection

DevOps

Helping clients to “automate everything”, specifically:

  • Infrastructure-as-code / Immutable infrastructure
  • CI/CD pipeline design for hardware, OS, and app release management.
  • Containerisation and container clustering.
  • Elastic scalability
  • Zero down-time deployment
  • DR & BCP design and implementation
  • Cloud migration

Test Automation

Automating tests as part of the SDLC, specifically:

  • BDD and requirements engineering
  • Unit, system and load test automation
  • Stub and harness development
  • Destructive testing and chaos engineering
  • UAT management

CyberSecurity

Integrating security best practices from the outset.

Achieving compliance with:

  • PCI DSS
  • Cloud Security Alliance framework
  • ISO 27000-series standards
  • Security as part of CI/CD
  • Static vulnerability analysis
  • Security policy development and implementation

Delivery

Build APIs

Many of the legacy systems that operate today’s enterprise platforms are monolithic. And so, the challenge to adopting a modern microservices architecture ultimately requires redesigning monoliths into smaller, discrete services. Doing this in a wholesale, big-bang fashion is a massive undertaking and so the best approach is to start small, which begins with building an API in front of monolithic systems and then applying the strangler pattern over time to slowly deconstruct the monolith.

Fix SDLC

In order to produce products efficiently, you need a factory that works well. This means adopting Agile approaches like continuous integration, test automation and sprint- or Kanban-based development cycles. Toolchain selection to support the entire SDLC is also critical, with significant engineering required in environment provisioning, test infrastructure, test data management, code profiling, testing and deployment. Once this is addressed, the efficacy with which value-adding functionality can be produced is massively improved.

Automate Everything

In order to optimise the code factory, automation must be relentlessly pursued. This DevOps philosophy is central to achieving agility and, with legacy release environments, it can appear an insurmountable task. The approach here too, is to start small and begin to automate those aspects of the SDLC and its supporting infrastructure that give the biggest benefit in the shortest time. Tests are the obvious thing to automate and this should be actively pursued but, beyond that, the automation of environment provision, test data refreshes and deployment should all be addressed within a CI/CD pipeline, as well as infrastructure tasks like firewall configurations, DR invocation, and the like.

Bake in Security

Security should not be applied as an afterthought in production environments, but systematically baked into the SDLC and production process. By applying DevOps principles to security considerations, much of the more mundane security assurance work can be applied in an auditable fashion. Authentication, entitlement, encryption, static vulnerability scanning and OS patching, for example, should be part of the software lifecycle, rather than a production management BAU function.

Media

BlogTechnology AcceleratorTechnology Trends
24 Mar, 2016

Western Cybersecurity Standards are Setting the Stage for Banks in Asia to Mitigate Client, Operational Risk

Many investment banks in Asia-Pacific (APAC) are planning to implement new, internal cybersecurity standards in 2016 for protecting their vast warehouses of proprietary client and operational data, according to GreySpark…

Case Studies

28 Feb, 2018 in Architecture, Case Studies, Cyber Security, Devops, Software Development, Technology Accelerator

Cloud Microservices Architecture Remediation

The client, a pre-revenue fin-tech payments and mobile commerce start-up acquired the technology assets from another firm and wished to bring a new offering to market in the mobile commerce…
Read More
28 Feb, 2018 in Case Studies, Devops, Technology Accelerator

Proximity Hosting & Network Latency

The competitive market place for providers of proximity and colocation data centres has helped lower costs and offer an attractive proposition to banks to locate close to these services and…
Read More
28 Feb, 2018 in Case Studies, Due Diligence, FinTech Advisory, Technical Analysis, Technology Accelerator

Technology Due Diligence Exercise

IONA is a mergers and acquisitions (M&A) decision making project originated by large private equity fund for assessing the integration possibility between an online digital bank (Bank A) and a…
Read More
28 Feb, 2018 in Architecture, Case Studies, Devops, Project Delivery, Technology Accelerator

Low Latency Trading Platform Design & Development

The client received a new platform tailored specifically to its needs and designed in conjunction with the expert advice and experience of GreySpark.
Read More
28 Feb, 2018 in Case Studies, Devops, Project Delivery, Technology Accelerator

FX Algo Trading Platform Development

The client was running an obsolete FX trading platform that could not be updated or extended due to lack of source code. The client wanted to design a new scalable…
Read More
28 Feb, 2018 in Case Studies, Devops, Technology Accelerator

FX Low Latency Hardware Review

Following a review in latency performance, the client wanted to conduct a further investigation into low latency firewalls, switches and NICs, used in e Trading colocation scenarios.
Read More

Careers at GreySpark

We want our professionals to be proud of being a part of an international, fast-pace, growing organisation with great prospects.