Welcome!

Related Topics: Cloud Security, Microservices Expo, Agile Computing

Cloud Security: Article

Ending the Tug of War: How Startups Can Help Banks Innovate

Startups can drive amazing innovation by rapidly iterating across ideas and testing with users

Banks face a difficult tug-of-war every day. Consumers demand innovative new services - regulators demand security, compliance and soundness of all offerings. How can a bank resist being pulled in every direction and find a middle ground?

Startups Provide Innovation
Banks can look to startup technology companies for new solutions. Startups are (at least initially) unfettered by regulations, approval committees, and long meetings. This is both a scary and exciting notion for bankers. There are a host of startups in the financial technology space, and bank-grade platforms like FIS's mFoundry originated from small teams working on an idea.

Startups can drive amazing innovation by rapidly iterating across ideas and testing with users. Startup product and service design and usability typically eclipse the made-by-committee-and-regulators look of bank applications.

Banks attend conferences throughout the year looking for innovative new partners. The excitement of possible collaborations is often tempered when you return to the office and discuss the regulatory implications with your business development and compliance teams.

Banks need a way to find compliant startups that do a great job of customer service and satisfy regulatory rules and frameworks.

Startups that Scale for Security
While the early days of a startup are heady times filled with dreaming, those that want to succeed in financial services technology must understand the environment that banks face. You can easily spot the savvier startups within their first 18-24 months - where appropriate they are already leveraging big company processes and practices, to make them look like "real" companies, even if they have only 10 or 20 people.

Signs of a bank-ready startup:

  • External certifications for security (e.g., PCI Level 1 Compliance, ISO 27001)
  • They've read the latest OCC bulletin on third-party provider compliance
  • The founder or management team has a banking or large-scale fintech background

We didn't just describe a unicorn: these startups to exist. The founders know they need a bank partner to launch their product (either as a part of the solution or as a customer). The founders understand what banks need to do from their side and they built their business from the ground up with respect for compliance.

Starting Right Leads to Efficient Compliance
Startups that build solutions that are strongly compliant are often asked: "How can a small company afford that?" While it is difficult and expensive to keep large, older organizations in compliance, smaller companies find it much faster and require much less expense.

The development of Wallaby's digital wallet software began less than two years ago, and included a strong focus on security from day one. Last month, we received our first Attestation of Compliance with PCI Level 1 Security Standards. It required twelve months and less than $50,000 to achieve this because it required so little rework and retraining.

Having participated in PCI compliance audits before, we were familiar with the requirements: We had all the basics like a firewall and anti-virus. We hired engineers for Wallaby with a security mindset. We took the approach that the standards are the minimum. We built our own tools instead of spending thousands on software.

This focus on compliance extends throughout our business. In our short history as a company, numerous partners have audited us. From our financial statements to our office, we keep everything in order at all times.

The Tug of War Ends Here
Innovative customer services and compliance can live together peacefully and productively. It is a key dynamic of working within a regulated industry that is entrusted with the security of people's financial assets. While not every new company is right for banking (and not every bank is looking to partner with startups), we believe there are methods, policies, procedures and audits that can help banks work comfortably with innovative new companies. Together we can provide improved products and services to customers and improve returns for banks.

More Stories By Matthew Goldman

Matthew Goldman is CEO and Co-Founder of Wallaby Financial, Inc. Wallaby Financial is a Pasadena, Calif.-based startup that is working to bring order to your financial life by helping you pay the right way—to earn more rewards and avoid fees, by helping you use the right credit card each time you pay. Previously, Matthew was Director of Retail Strategy at Green Dot Corporation (GDOT), the nation's leading provider of reloadable prepaid debit cards. Follow Matthew on Twitter @magoldman. Learn more about Wallaby at https://www.walla.by/

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


Latest Stories
Web Real-Time Communication APIs have quickly revolutionized what browsers are capable of. In addition to video and audio streams, we can now bi-directionally send arbitrary data over WebRTC's PeerConnection Data Channels. With the advent of Progressive Web Apps and new hardware APIs such as WebBluetooh and WebUSB, we can finally enable users to stitch together the Internet of Things directly from their browsers while communicating privately and securely in a decentralized way.
"Matrix is an ambitious open standard and implementation that's set up to break down the fragmentation problems that exist in IP messaging and VoIP communication," explained John Woolf, Technical Evangelist at Matrix, in this SYS-CON.tv interview at @ThingsExpo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
Information technology (IT) advances are transforming the way we innovate in business, thereby disrupting the old guard and their predictable status-quo. It’s creating global market turbulence. Industries are converging, and new opportunities and threats are emerging, like never before. So, how are savvy chief information officers (CIOs) leading this transition? Back in 2015, the IBM Institute for Business Value conducted a market study that included the findings from over 1,800 CIO interviews ...
Web Real-Time Communication APIs have quickly revolutionized what browsers are capable of. In addition to video and audio streams, we can now bi-directionally send arbitrary data over WebRTC's PeerConnection Data Channels. With the advent of Progressive Web Apps and new hardware APIs such as WebBluetooh and WebUSB, we can finally enable users to stitch together the Internet of Things directly from their browsers while communicating privately and securely in a decentralized way.
"We host and fully manage cloud data services, whether we store, the data, move the data, or run analytics on the data," stated Kamal Shannak, Senior Development Manager, Cloud Data Services, IBM, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
While DevOps most critically and famously fosters collaboration, communication, and integration through cultural change, culture is more of an output than an input. In order to actively drive cultural evolution, organizations must make substantial organizational and process changes, and adopt new technologies, to encourage a DevOps culture. Moderated by Andi Mann, panelists discussed how to balance these three pillars of DevOps, where to focus attention (and resources), where organizations might...
Zerto exhibited at SYS-CON's 18th International Cloud Expo®, which took place at the Javits Center in New York City, NY, in June 2016. Zerto is committed to keeping enterprise and cloud IT running 24/7 by providing innovative, simple, reliable and scalable business continuity software solutions. Through the Zerto Cloud Continuity Platform™, organizations can seamlessly move and protect virtualized workloads between public, private and hybrid clouds. The company’s flagship product, Zerto Virtual...
Some people worry that OpenStack is more flash then substance; however, for many customers this could not be farther from the truth. No other technology equalizes the playing field between vendors while giving your internal teams better access than ever to infrastructure when they need it. In his session at 20th Cloud Expo, Chris Brown, a Solutions Marketing Manager at Nutanix, will talk through some real-world OpenStack deployments and look into the ways this can benefit customers of all sizes....
SYS-CON Events announced today that delaPlex will exhibit at SYS-CON's @CloudExpo, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. delaPlex pioneered Software Development as a Service (SDaaS), which provides scalable resources to build, test, and deploy software. It’s a fast and more reliable way to develop a new product or expand your in-house team.
Extreme Computing is the ability to leverage highly performant infrastructure and software to accelerate Big Data, machine learning, HPC, and Enterprise applications. High IOPS Storage, low-latency networks, in-memory databases, GPUs and other parallel accelerators are being used to achieve faster results and help businesses make better decisions. In his session at 18th Cloud Expo, Michael O'Neill, Strategic Business Development at NVIDIA, focused on some of the unique ways extreme computing is...
The explosion of new web/cloud/IoT-based applications and the data they generate are transforming our world right before our eyes. In this rush to adopt these new technologies, organizations are often ignoring fundamental questions concerning who owns the data and failing to ask for permission to conduct invasive surveillance of their customers. Organizations that are not transparent about how their systems gather data telemetry without offering shared data ownership risk product rejection, regu...
Due of the rise of Hadoop, many enterprises are now deploying their first small clusters of 10 to 20 servers. At this small scale, the complexity of operating the cluster looks and feels like general data center servers. It is not until the clusters scale, as they inevitably do, when the pain caused by the exponential complexity becomes apparent. We've seen this problem occur time and time again. In his session at Big Data Expo, Greg Bruno, Vice President of Engineering and co-founder of StackIQ...
The security needs of IoT environments require a strong, proven approach to maintain security, trust and privacy in their ecosystem. Assurance and protection of device identity, secure data encryption and authentication are the key security challenges organizations are trying to address when integrating IoT devices. This holds true for IoT applications in a wide range of industries, for example, healthcare, consumer devices, and manufacturing. In his session at @ThingsExpo, Lancen LaChance, vic...
"Plutora provides release and testing environment capabilities to the enterprise," explained Dalibor Siroky, Director and Co-founder of Plutora, in this SYS-CON.tv interview at @DevOpsSummit, held June 9-11, 2015, at the Javits Center in New York City.
FinTech is the sum of financial and technology, and it’s one of the fastest growing tech industries. Total global investments in FinTech almost reached $50 billion last year, but there is still a great deal of confusion over what it is and what it means – especially as it applies to retirement. Building financial startups is not simple, but with the right team, technology and an innovative approach it can be an extremely interesting domain to disrupt. FinTech heralds a financial revolution that...