Preparing a cloud platform for core banking system is a major undertaking. When 365.bank faced this challenge, they knew they needed to find a reliable and experienced cloud partner to help them build a cloud platform. We’ll examine how and why 365.bank succeeded, the strategies they used including effective decision-making, an agile approach, and careful attention to security standards.
The Client
365.bank Group consists of 2 banks plus a dozen of investment and financial services in Slovakia. With a forward-thinking approach, 365.bank strives for innovation and modern solutions, completely transforming and repositioning the traditional Post Bank with more than 1500 branches to become a modern and efficient bank keeping its proximity to people.
Challenge
Let’s address the elephant in the room right away: this was a big enterprise project in a highly regulated banking field. At the same time, 365.bank had no previous or very little experience with public cloud from either development or operational perspective, also meaning there was no cloud platform or cloud team in place.
Since they decided to work on their core banking systems from scratch, after our first meeting 365.bank realised it was essential for them to find a reliable and experienced cloud partner, otherwise they wouldn’t be able to tackle this challenge alone.
As it was a major project for a large company, there were many teams involved: application architects, development teams, security, networking, operations… Therefore proactive interaction and effective decision making needed to be established. Especially, as the cloud teams were slowly being formed along the way.
Building core banking systems from the ground up is not easy and for 365.bank it also required a migration and refactoring of existing systems from on premise to cloud.
Technology Stack
- EKS stack, Serverless stack
- SSO, IAM, TGW, WAF, NLBs, API GW, Cognito, Route53
- CDK, Terraform, Atlantis, Gitlab, Nexus, ECR
- Aurora, ElastiCache, SNS, SQS, EventBridge, KMS, DynamoDB, MSK
- Grafana, Thanos, Prometheus, OpenSearch, Vector
- EKS addons: Kyverno, Karpenter, External-DNS, …
[The list is endless.]
What We Did
During initial assessments and roadmap planning we designed the complete AWS architecture and co-designed the architecture for some of their microservices and evaluated existing services which were going to be moved into AWS. We focused on increasing productivity, scalability, flexibility and allowing the customers to innovate faster while preserving high-security standards. At the same time, we improved the performance and reliability of microservices taking into account cost-effectiveness. For existing services we had to evaluate their readiness for AWS migrations and plan their refactoring process.
The process began with building a scalable infrastructure based on best practices and AWS well-architected framework. Along the way, we helped them set-up the entire project management process while forming their new cloud teams from 0, bringing them up-to-speed as we went.
Handover
We handed over the entire codebase, library of concepts, docs and necessary know-how to the cloud teams and helped them become self-sufficient in the upkeep of the infrastructure and ready for production.
Outcomes
An enterprise cloud platform based on the bank’s needs within the time frame of one year, taking into consideration they had no or very little cloud knowledge and no cloud teams in the beginning, starting from scratch in a highly regulated banking field. We helped them implement processes and defined the responsibility split among the teams.
Our agile approach enabled the development teams to spawn services within defined boundaries, enabling fast delivery while keeping high security standards. We also prepared both Kubernetes and serverless ecosystems while minimizing interaction differences to eliminate complexity for development teams.
Our final architecture contained newly built serverless services and old refactored Kubernetes workload.
The experience they collected while building their reference architectures and IaC pattern library helped us accelerate the cloud strategy implementation in two major environments - Kubernetes and Serverless - so we could rather focus on application specific topics.
Future Steps
Labyrinth Labs continued being their consultants, helping with ad-hoc development and supporting 365.bank to ensure their complete autonomy when it comes to their cloud infrastructure.
