Migration

AWS Infrastructure for Core Banking Services: From Zero to Hero

Preparing a cloud platform for core banking system is a major undertaking. When 365.bank faced this challenge, they knew they needed to find a reliable and experienced cloud partner to help them build a cloud platform. We’ll examine how and why 365.bank succeeded, the strategies they used including effective decision-making, an agile approach, and careful attention to security standards.

The Client

365.bank Group consists of 2 banks plus a dozen of investment and financial services in Slovakia. With a forward-thinking approach, 365.bank strives for innovation and modern solutions, completely transforming and repositioning the traditional Post Bank with more than 1500 branches to become a modern and efficient bank keeping its proximity to people.

Challenge

Let’s address the elephant in the room right away: this was a big enterprise project in a highly regulated banking field. At the same time, 365.bank had no previous or very little experience with public cloud from either development or operational perspective, also meaning there was no cloud platform or cloud team in place.

Since they decided to work on their core banking systems from scratch, after our first meeting 365.bank realised it was essential for them to find a reliable and experienced cloud partner, otherwise they wouldn’t be able to tackle this challenge alone.

As it was a major project for a large company, there were many teams involved: application architects, development teams, security, networking, operations… Therefore proactive interaction and effective decision making needed to be established. Especially, as the cloud teams were slowly being formed along the way.

Building core banking systems from the ground up is not easy and for 365.bank it also required a migration and refactoring of existing systems from on premise to cloud.

Technology Stack

EKS stack, Serverless stack
SSO, IAM, TGW, WAF, NLBs, API GW, Cognito, Route53
CDK, Terraform, Atlantis, Gitlab, Nexus, ECR
Aurora, ElastiCache, SNS, SQS, EventBridge, KMS, DynamoDB, MSK
Grafana, Thanos, Prometheus, OpenSearch, Vector
EKS addons: Kyverno, Karpenter, External-DNS, …

[The list is endless.]

What We Did

During initial assessments and roadmap planning we designed the complete AWS architecture and co-designed the architecture for some of their microservices and evaluated existing services which were going to be moved into AWS. We focused on increasing productivity, scalability, flexibility and allowing the customers to innovate faster while preserving high-security standards. At the same time, we improved the performance and reliability of microservices taking into account cost-effectiveness. For existing services we had to evaluate their readiness for AWS migrations and plan their refactoring process.

The process began with building a scalable infrastructure based on best practices and AWS well-architected framework. Along the way, we helped them set-up the entire project management process while forming their new cloud teams from 0, bringing them up-to-speed as we went.

From Zero to Hero

Roadmap [ Design ]

To help 365.bank begin this complex journey, first we had to assess the current situation, determine the best approach and design a roadmap while co-designing the architecture for some of their microservices.

Cloud Platform [ Architecture ]

Designing the entire AWS cloud platform based on services provided by AWS to take full advantage of cloud-native features, along with custom network layout and security boundaries while providing responsibility split patterns for multiple teams.

Proof of Concepts [ PoC ]

Executed 25+ PoCs, where for each one of the PoC we needed to establish its pros and cons and evaluate whether to toss it or utilize it to our advantage.

Infrastructure [ Implementation ]

We used 30+ AWS managed services to build a service catalogue with built-in best practices in mind to use most of the benefits provided by AWS cloud.

Existing Services [ Migration & Refactoring ]

For the existing services, we proposed and executed a migration to AWS and undertook refactoring of the overall solution to make it more efficient and reliable.

Handover

We handed over the entire codebase, library of concepts, docs and necessary know-how to the cloud teams and helped them become self-sufficient in the upkeep of the infrastructure and ready for production.

Outcomes

An enterprise cloud platform based on the bank’s needs within the time frame of one year, taking into consideration they had no or very little cloud knowledge and no cloud teams in the beginning, starting from scratch in a highly regulated banking field. We helped them implement processes and defined the responsibility split among the teams.

Our agile approach enabled the development teams to spawn services within defined boundaries, enabling fast delivery while keeping high security standards. We also prepared both Kubernetes and serverless ecosystems while minimizing interaction differences to eliminate complexity for development teams.

Our final architecture contained newly built serverless services and old refactored Kubernetes workload.

Marcel Bezák

Chief Enterprise Architect at 365.bank

The experience they collected while building their reference architectures and IaC pattern library helped us accelerate the cloud strategy implementation in two major environments - Kubernetes and Serverless - so we could rather focus on application specific topics.

Future Steps

Labyrinth Labs continued being their consultants, helping with ad-hoc development and supporting 365.bank to ensure their complete autonomy when it comes to their cloud infrastructure.

Want to achieve
such results?

We are here for you
contact us

Ivan Sakin

Growth & partnership manager

email [email protected] phone +421 221 020 694

WHAT’S NEXT?