“If you had to ask me ‘which one is the toughest challenge?’, it is going to be architecting fintech solutions because the fintech space [presents a] completely different set of challenges,” said Sanjeev Gopinath, Cloud Solutions Architect (Customer Engineer) – Fintech, Google. Sanjeev was delivering a masterclass special on Supercharging one’s fintech engineering strategy on Day 3 of TechSparks 2022.
Sanjeev explained the process that goes behind the creation and execution of a fintech company’s new product. Following the product creation and presentation before finance giants, fintech startups must follow the standards set in their regulatory and industry frameworks.
However, some big merchants in this space will insist that the company deploys the software on a cloud service provider where they already have their assets and existing deployments because “it is going to be very difficult for some of the largest merchants and banks to start certifying each cloud service provider. So, what they will do is, just pick one or two and start deploying all their assets there,” he said. This will force companies to start supporting other data cloud providers, which is challenging.
Another challenge emerges when the company looks to expand to regions where either a different cloud service provider is used or none is used at all, which will require the company to deploy the software on-premises or on a data centre.
He highlighted three aspects that provide a backdrop to how fintech startups operate: managing operations, developing an ecosystem, and managing compliance. A fintech strategy must thus focus on scaling these three aspects to ensure maximum outputs and revenue.
Scaling the ecosystem
The first task is to scale operations so that the company is not married to a single cloud provider but can instead support multiple providers, on-premise architecture, and data centres. “One way to do this is to have your engineering team focus on each of these cloud service providers and on-premises deployment and ensure supportability for those products,” he said. However, he added, this is not a scalable solution. Building a layer of abstraction to create infrastructure would be a better solution here, he said.
Sanjeev said that the strategy he would adopt for his app-serving layer would be to standardise on portable, open-source-based platforms, as he highlighted a sample process of creating a scalable fintech solution within Google Cloud based on Kubernetes, an open-source-based relational database management system, and a no-sequel database.
A similar strategy will also work across other clouds, he said. This uniform abstraction will ensure companies’ applications become infrastructure-agnostic. It creates a framework that allows easy scaling to different geographies.
Sanjeev introduced Anthos, a managed platform that gives a single-pane view to engineers, allows them to control any Kubernetes cluster, and provides global visibility to pick the right cluster, be agile, and make quick regulatory changes.
Scaling the ecosystem
The next challenge, Sanjeev said, arises when one is scaling the ecosystem. Sometimes, integration might take a lot of development time and when “you want to scale from 10 customers and partners to hundreds of them, it is going to become super slow because each of those integrations takes really long… that is where the challenge kicks in,” Sanjeev added.
Companies need to look at their deployments and services in a different way to solve the challenges, he said, adding that they must understand that they have deployed business capabilities and not just clusters. He spoke of how building a layer of abstraction protects the pure capabilities, ensuring that “if a customer comes with bespoke requirements, I need not change business capabilities; I can mix and match some of the business capabilities.” If further changes are required, they can be released as a new service for customers.
Sanjeev also threw light on the API Management Solutions that are used to run APIs. An ideal API Management Layer would enable companies to support multi-cloud and on-premises deployments, he said, adding that this is available in Apigee, an API development and management platform. “With Apigee, you are not just looking at web and API securities or access controls… you are open to a different world which also talks about monetisation, analytics, and so on,” Sanjeev said.
Sanjeev highlighted the various regulatory frameworks (by IRDAI, SEBI, RBI, MeitY) and industry standards that fintechs must consider based on their operations.
Understanding that it may be overwhelming for new fintechs to begin to comply, Sanjeev suggested a method to not allow the long winding process to hinder a company’s roadmap. “The way to think about it is that you start engineering all of the resiliency, security, and operational practices as part of your product itself,” he advised.
As long as companies ensure that they follow the checklists by regulatory bodies such as SEBI or RBI, they can ensure compliance, he said, adding that another method would be to consider and treat every bit of data as one’s own. “When you know it is going to be your data, you start adding a lot more security layers. But if you think that this is somebody else’s data, then [you’ll] probably cut a little slack there,” he said.