Welcome!

Related Topics: Cloud Security, Microservices Expo, Agile Computing

Cloud Security: Article

Ending the Tug of War: How Startups Can Help Banks Innovate

Startups can drive amazing innovation by rapidly iterating across ideas and testing with users

Banks face a difficult tug-of-war every day. Consumers demand innovative new services - regulators demand security, compliance and soundness of all offerings. How can a bank resist being pulled in every direction and find a middle ground?

Startups Provide Innovation
Banks can look to startup technology companies for new solutions. Startups are (at least initially) unfettered by regulations, approval committees, and long meetings. This is both a scary and exciting notion for bankers. There are a host of startups in the financial technology space, and bank-grade platforms like FIS's mFoundry originated from small teams working on an idea.

Startups can drive amazing innovation by rapidly iterating across ideas and testing with users. Startup product and service design and usability typically eclipse the made-by-committee-and-regulators look of bank applications.

Banks attend conferences throughout the year looking for innovative new partners. The excitement of possible collaborations is often tempered when you return to the office and discuss the regulatory implications with your business development and compliance teams.

Banks need a way to find compliant startups that do a great job of customer service and satisfy regulatory rules and frameworks.

Startups that Scale for Security
While the early days of a startup are heady times filled with dreaming, those that want to succeed in financial services technology must understand the environment that banks face. You can easily spot the savvier startups within their first 18-24 months - where appropriate they are already leveraging big company processes and practices, to make them look like "real" companies, even if they have only 10 or 20 people.

Signs of a bank-ready startup:

  • External certifications for security (e.g., PCI Level 1 Compliance, ISO 27001)
  • They've read the latest OCC bulletin on third-party provider compliance
  • The founder or management team has a banking or large-scale fintech background

We didn't just describe a unicorn: these startups to exist. The founders know they need a bank partner to launch their product (either as a part of the solution or as a customer). The founders understand what banks need to do from their side and they built their business from the ground up with respect for compliance.

Starting Right Leads to Efficient Compliance
Startups that build solutions that are strongly compliant are often asked: "How can a small company afford that?" While it is difficult and expensive to keep large, older organizations in compliance, smaller companies find it much faster and require much less expense.

The development of Wallaby's digital wallet software began less than two years ago, and included a strong focus on security from day one. Last month, we received our first Attestation of Compliance with PCI Level 1 Security Standards. It required twelve months and less than $50,000 to achieve this because it required so little rework and retraining.

Having participated in PCI compliance audits before, we were familiar with the requirements: We had all the basics like a firewall and anti-virus. We hired engineers for Wallaby with a security mindset. We took the approach that the standards are the minimum. We built our own tools instead of spending thousands on software.

This focus on compliance extends throughout our business. In our short history as a company, numerous partners have audited us. From our financial statements to our office, we keep everything in order at all times.

The Tug of War Ends Here
Innovative customer services and compliance can live together peacefully and productively. It is a key dynamic of working within a regulated industry that is entrusted with the security of people's financial assets. While not every new company is right for banking (and not every bank is looking to partner with startups), we believe there are methods, policies, procedures and audits that can help banks work comfortably with innovative new companies. Together we can provide improved products and services to customers and improve returns for banks.

More Stories By Matthew Goldman

Matthew Goldman is CEO and Co-Founder of Wallaby Financial, Inc. Wallaby Financial is a Pasadena, Calif.-based startup that is working to bring order to your financial life by helping you pay the right way—to earn more rewards and avoid fees, by helping you use the right credit card each time you pay. Previously, Matthew was Director of Retail Strategy at Green Dot Corporation (GDOT), the nation's leading provider of reloadable prepaid debit cards. Follow Matthew on Twitter @magoldman. Learn more about Wallaby at https://www.walla.by/

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


Latest Stories
In their Live Hack” presentation at 17th Cloud Expo, Stephen Coty and Paul Fletcher, Chief Security Evangelists at Alert Logic, provided the audience with a chance to see a live demonstration of the common tools cyber attackers use to attack cloud and traditional IT systems. This “Live Hack” used open source attack tools that are free and available for download by anybody. Attendees learned where to find and how to operate these tools for the purpose of testing their own IT infrastructure. The...
SYS-CON Events announced today that IoT Now has been named “Media Sponsor” of SYS-CON's 20th International Cloud Expo, which will take place on June 6–8, 2017, at the Javits Center in New York City, NY. IoT Now explores the evolving opportunities and challenges facing CSPs, and it passes on some lessons learned from those who have taken the first steps in next-gen IoT services.
SYS-CON Events announced today that Interoute, owner-operator of one of Europe's largest networks and a global cloud services platform, has been named “Bronze Sponsor” of SYS-CON's 20th Cloud Expo, which will take place on June 6-8, 2017 at the Javits Center in New York, New York. Interoute is the owner-operator of one of Europe's largest networks and a global cloud services platform which encompasses 12 data centers, 14 virtual data centers and 31 colocation centers, with connections to 195 add...
SYS-CON Events announced today that MobiDev, a client-oriented software development company, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place June 6-8, 2017, at the Javits Center in New York City, NY, and the 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. MobiDev is a software company that develops and delivers turn-key mobile apps, websites, web services, and complex softw...
DevOps is often described as a combination of technology and culture. Without both, DevOps isn't complete. However, applying the culture to outdated technology is a recipe for disaster; as response times grow and connections between teams are delayed by technology, the culture will die. A Nutanix Enterprise Cloud has many benefits that provide the needed base for a true DevOps paradigm.
Information technology (IT) advances are transforming the way we innovate in business, thereby disrupting the old guard and their predictable status-quo. It’s creating global market turbulence. Industries are converging, and new opportunities and threats are emerging, like never before. So, how are savvy chief information officers (CIOs) leading this transition? Back in 2015, the IBM Institute for Business Value conducted a market study that included the findings from over 1,800 CIO interviews ...
Virtualization over the past years has become a key strategy for IT to acquire multi-tenancy, increase utilization, develop elasticity and improve security. And virtual machines (VMs) are quickly becoming a main vehicle for developing and deploying applications. The introduction of containers seems to be bringing another and perhaps overlapped solution for achieving the same above-mentioned benefits. Are a container and a virtual machine fundamentally the same or different? And how? Is one techn...
What sort of WebRTC based applications can we expect to see over the next year and beyond? One way to predict development trends is to see what sorts of applications startups are building. In his session at @ThingsExpo, Arin Sime, founder of WebRTC.ventures, will discuss the current and likely future trends in WebRTC application development based on real requests for custom applications from real customers, as well as other public sources of information,
Keeping pace with advancements in software delivery processes and tooling is taxing even for the most proficient organizations. Point tools, platforms, open source and the increasing adoption of private and public cloud services requires strong engineering rigor - all in the face of developer demands to use the tools of choice. As Agile has settled in as a mainstream practice, now DevOps has emerged as the next wave to improve software delivery speed and output. To make DevOps work, organization...
As businesses adopt functionalities in cloud computing, it’s imperative that IT operations consistently ensure cloud systems work correctly – all of the time, and to their best capabilities. In his session at @BigDataExpo, Bernd Harzog, CEO and founder of OpsDataStore, will present an industry answer to the common question, “Are you running IT operations as efficiently and as cost effectively as you need to?” He will expound on the industry issues he frequently came up against as an analyst, and...
ChatOps is an emerging topic that has led to the wide availability of integrations between group chat and various other tools/platforms. Currently, HipChat is an extremely powerful collaboration platform due to the various ChatOps integrations that are available. However, DevOps automation can involve orchestration and complex workflows. In his session at @DevOpsSummit at 20th Cloud Expo, Himanshu Chhetri, CTO at Addteq, will cover practical examples and use cases such as self-provisioning infra...
The financial services market is one of the most data-driven industries in the world, yet it’s bogged down by legacy CPU technologies that simply can’t keep up with the task of querying and visualizing billions of records. In his session at 20th Cloud Expo, Jared Parker, Director of Financial Services at Kinetica, will discuss how the advent of advanced in-database analytics on the GPU makes it possible to run sophisticated data science workloads on the same database that is housing the rich inf...
For organizations that have amassed large sums of software complexity, taking a microservices approach is the first step toward DevOps and continuous improvement / development. Integrating system-level analysis with microservices makes it easier to change and add functionality to applications at any time without the increase of risk. Before you start big transformation projects or a cloud migration, make sure these changes won’t take down your entire organization.
My team embarked on building a data lake for our sales and marketing data to better understand customer journeys. This required building a hybrid data pipeline to connect our cloud CRM with the new Hadoop Data Lake. One challenge is that IT was not in a position to provide support until we proved value and marketing did not have the experience, so we embarked on the journey ourselves within the product marketing team for our line of business within Progress. In his session at @BigDataExpo, Sum...
Apache Hadoop is emerging as a distributed platform for handling large and fast incoming streams of data. Predictive maintenance, supply chain optimization, and Internet-of-Things analysis are examples where Hadoop provides the scalable storage, processing, and analytics platform to gain meaningful insights from granular data that is typically only valuable from a large-scale, aggregate view. One architecture useful for capturing and analyzing streaming data is the Lambda Architecture, represent...