Transcription
Building the Optimal Architecturefor Open BankingPresented @ DRIE Symposium
Banking Evolved Banks are quickly becoming technology companies.Advances in new technologies are having adramatic impact on every facet of banking.There are three main pressures driving this: Rising Customer Expectations Competition from FinTechs Regulatory EnvironmentTo drive innovation, banks have to learn all about Agile, Dev-Ops, Cloud & (of course) APIs.2
The Rise of the API APIs are the pipelines that power Open BankingIn response to the three main pressures , banksare rapidly adopting APIs, in an attempt todecompose their business into re-usable chunks.These chunks of functionality can be shared insidethe bank, but can also be shared beyond the bank,which is what has come to be called Open Banking.Sources: Backbase (left); Delloitte (right)However, Open Banking means different things to different people in different places.3
Global Landscape Some regions regulate and some are (Pull)While different in key ways, note thatboth approaches have the same goals: Competition InnovationSource: AT Kearney TransparencyThese two approaches end up greatly affecting the focus of the solution architecture.4
Architecture Focus Regulations drive APIs, but markets drive speed.Architectural ConcernsRegulatory mandates force banks topublish Open APIs and support anecosystem of TPPs, demanding strongcapabilities around API management (Full Stack)By contrast, market-driven solutions,unencumbered by regulation, have focusedmore on accelerating delivery speed.Open APIs & Open Data Developer Experience Common Standards Agile Requirements Definition Consumer-Driven Contracts Precise scaling and enhancementOBJECTS & MODELS Distributed Data using EventsData Layer Unstructured “Big” Data Lakes Automated DevOps deployment Public cloud native (containers) Continuous Improvement (CI/CD)DEVELOPER EXPERIENCERegulation-Driven However, nothing in the regulationsforces them to modernize their legacysystems, drastically slowing down delivery. Market-DrivenPresentation LayerBUSINESS CAPABILITIESLogic LayerENVIRONMENTSInfrastructure LayerTo truly support Open Banking, a bank needs both API management and delivery speed.5
The Role of API Gateways Beware the “Magical Black Box” approach.Centralized GatewayDistributed GatewayAll cross-cutting concerns and isolation are in a single, “smart” layer.Cross-cutting concerns are distributed to the individual DevicesNETWORK & SECURITY SERVICESPERIMETER API GATEWAY (INNER/OUTER)CENTRALIZED API GATEWAY(“MAGICAL BLACK BOX”)PROPRIETARY INTERFACEDOMAIN SERVICE CESERVICESERVICESERVICEMICROSERVICESMOMLegacy & Custom PlatformsService-Oriented PlatformsA distributed approach pushes all gateway functions down to each individual microservice.6
Microservices Explained APIs & microservices are not the same thing.APIs are the contractMicroservices are the implementationGood contracts based on modern standards (i.e. REST,JSON, etc.) make integration easier & drastically improvethe Developer experience on the Consumer side Source: martinfowler.comMicroservices allow you to decompose monolithicapplications and enable delivery speed because they are However, the same API could be implemented on anyback-end, and the wrong one (i.e. legacy systems) willgreatly hamper agility & speed, and therefore innovation. IndependentlyUpgradeable PreciselyScalable CompletelyPortableAPIs make integration easier, but only microservices lead to high-speed release cycles.7
MSA Roadmap Microservices Architecture (MSA) is evolving rapidly.Delivery SpeedMicroservice Architecture EvolutionAPI ManagementMonolithService MeshServerlessSource: KongAPIThe rise of service mesh will increase market volatility, and early adopters will gain a lead.8
Optimal Architecture The service mesh is perfect for Open Banking.The service mesh acts as auniform infrastructure fordirect service-to-servicecommunication (via APIs).Control PlaneIt utilizes lightweight proxiesdeployed side-by-side ortogether with the servicesknown as sidecars.Perimeter API GatewayIt ensures consistent handlingof cross-cutting concerns in afully distributed manner,using a control plane: Consistent Routing Security Logging MonitoringContainer Orchestration Environment (Kubernetes/OpenShift) which provides resiliency, elastic scalabilityand cloud portability.DomainThe service mesh offers precise control & visibility, while supporting speed & innovation.9
Ideal for Disaster Recovery Microservices are built for resiliency.From a DR/BCM perspective,microservices running on aContainer Orchestrator likeKubernetes/OpenShift are avast improvement over J2EE.J2EE/legacy applications aremonolithic, so they are scaledand managed by replicatingcopies on multiple servers.Microservices break downthe monolith and distributethe functions across servers,scaling replicas up and downdynamically based on load.They are so resilient thatsome actively attack theirown Production environment(Netflix’s Simian Army).Microservices are self-contained, auto-managed & cloud-native, greatly easing DR/BCM.10
CIBC Case Study Building a service mesh API platform for a bank.Instead of gambling on one of many vendor platforms in ahighly volatile market, CIBC built our in-house platform, theAPI Foundation on open-source, cloud native technology.We then subjected our API platform to intense, independent 3rdparty evaluation. So far the evaluations have been very positive.Then we took our framework to Europe “Great framework –thoughtful, holisticand quite advanced”“Security model isbuilt-in and highlyrobust”“Uses opensourceintelligently”“Building custom as a hedge against avolatile market makes sense right now”There are three main reasons we took a build posture: Hedge against a volatile market Steer the technology to suite our needs Develop critical internal skillsThe award-winning API Foundation is the first service mesh built specifically for banks.11
Real Results The API Foundation is now in full swing across the bank.We have taken great strides forward overthe last several months, achieving severaldeclared milestones.Although we have only deployed a fewmicroservices, we are already projectingsignificant savings (50-70%) in both costand time per integration.Ongoing DeveloperTraining for APIs &MicroservicesManaged ContainerEnvironment (CaaS) FullyOperationalAPI Foundation CoreBeing Used AcrossDelivery TeamsAPI GovernanceCouncil in Place & APIsare MandatedPilot of internal APIMarketplace isAvailable TodayDid the APIF Foundationreally win awards? Yes! Recognized by NordicAPIs as a leader in MSA 2018 EA Award fromForrester & InfoWorld 2019 Celent Model BankAward for IntegrationWhile we have made progress towards a clear vision, there is still a long way to go.12
Bank of the Future Success demands a technological balancing act.Bank of the FutureOpen Banking onlyfocuses on this part.API STRATEGY & PLATFORMAPIsAGILEDEVOPSCLOUD. but to be successfulat Open Banking, youwill need all of these TECHNOLOGY & OPERATIONSORGANIZATIONAL STRUCTURECORPORATE VALUES & CULTURE. and, crucially, youwill have to tacklestructural & culturalchallenges as well.The pillars give you speed, but only a culture that embraces change drives true innovation.13
Build for Change The metaphors used for IT systems are changing.Industrial MetaphorsBiological Metaphors Bridges Cells Buildings Molecules Cities Organisms“There is no design at the beginning. You begin by coding a small amount offunctionality, adding more functionality, and letting the design shift & shape.”Martin Fowler, Software Design Guru, ThoughtworksSystems that can evolve quickly are critical to the delivery of Open Banking technology.14
Thank you.QUESTON & ANSWEREyal Sivan, Senior Director, Enterprise Architecture
microservices running on a Container Orchestrator like Kubernetes/OpenShift are a vast improvement over J2EE. J2EE/legacy applications are monolithic, so they are scaled and managed by replicating copies on multiple servers. Microservices break down the monolith and distribute the functions across servers, scaling replicas up and down
