simplifying-cloud-security-and-compliance-assets.webp

Header-Logo-dark.webp

All products on the DLT Apps cloud platform are within the highly regulated space of financial services, and are expected to host confidential / PII data of customers including those from financial transactions. Our clients require us to meet high security and compliance standards akin to SOC2 and ISO compliance requirements.

**Our team built a secure platform adopting various AWS Security services to implement necessary security controls listed below:**

- All confidential data was encrypted using keys managed using BYOK client-managed keys.
- A secure network hub with centralised egress and ingress controls was set up using AWS Network Firewall, and AWS WAF.
- Azure Active Directory and Privileged Identity Management were used to set up a secure identity.
- Access management as well as the JML process. All access controls to various tools and cloud provider were managed via Azure AD.
- Microsoft Intune-based endpoint protection was rolled out to all developer assets and access was controlled via conditional access policies.
- A secure workstation solution with limited access to production was configured using AWS Workspaces including endpoint protection software to implement data loss prevention controls.
- Security events are streamed to Elastic SIEM, and alerts were generated via OpsGenie.

Well-defined Identity and Access Management

Endpoint protection and data loss prevention

**The secure platform was designed in line with due consideration to**

In a high-stakes environment we were hosting a Financial Services product with sensitive customer data including financial transactions on the cloud. The challenge was colossal with 127 security and compliance requirements to be implemented in a mere five months. DLT Apps met this challenge head-on with a solution that encompassed data encryption, network security, robust identity and access management, and advanced endpoint protection. 

AWS.svg

Elastic.svg

AWSsecurityHub.svg

MicrosoftDefender.svg

Amazonwebservices.svg

KMS.svg

Vaultyellow.svg

AzureAd.svg

ActiveAzure.svg

OVHcloud.svg

Kubernetes.svg

Amazonworkspace.svg

Simplifying Cloud Security and Compliance Assets

eaas-cloud-native-development-accelerator.webp

Within the dynamic realm of Financial Services, DLT Apps continuously nurtures innovative product concepts, both for internal use and client solutions. On this journey, we recognised the imperative need for a cloud-native development accelerator. This accelerator empowers our engineers to create and deliver robust, secure, and cloud-based applications with ease, liberating them from the complexities of cloud infrastructure management.

The custom CI/CD and cloud-native environments accelerator integrates tools such as Jenkins, Jfrog, Spinnaker, Vault, SonarQube, Selenium, JMeter, Git (Bitbucket), and Kibana. It incorporates automation for code scans, tests, and vulnerability scans. It also provides full traceability of artefacts deployed in any of our environments down to the actual commit. A promotion process allows controlled propagation to higher environments post testing/verification and confirmation from clients.

**The accelerator was constructed on the foundational tenets of:**

In the Financial Services world where speed and agility are paramount, the DLT Apps accelerator empowers engineers to effortlessly craft robust, secure, and cloud-native applications. This involved swiftly provision complex environments, cover a spectrum of runtimes and databases, and adhere to rigorous industry standards. Our solution, based on cloud-native principles and cutting-edge tools, achieved remarkable results. Dive into the future of cloud-native development with our accelerator. 

JFrog.svg

JFrogXray.svg

SonarQube.svg

Selenium.svg

BitBucket.svg

EaaS Cloud Native Development Accelerator

cloud-platform-build-for-financial-product.webp

DLT Apps was established with the aim of incubating multiple financial products. One of our first flagship products is a fund administration platform that would host confidential user data of our clients on the cloud. This would be the first major cloud-based deployment of confidential data at such a scale for our client, their own cloud solution was delayed by a few years. We needed to build a secure, reliable cloud foundation at pace. It was also important to ensure the platform was extensible and scalable to support additional product propositions in the future.

#### Secure, Scalable, Reliable Foundation

The DLT Apps team worked with our client to zero in on AWS as the cloud platform. We rapidly produced designs that met the Cloud controls (along the lines of the CCM cloud matrix) starting with network, identity & access, data security, and governance controls. The core production-grade network and infrastructure were designed and built within 6 months and were made ready for consumption for user testing.

The team further continued to enhance the operations/run capabilities with logging and monitoring, security incident management, incident management, endpoint protection & disaster recovery/business continuity management.

#### Services Hosting Platform

The solution was comprised of AWS Elastic Kubernetes services as the primary application hosting platform, Aurora for data, network services such as VPC, WAF, Transit gateway, Client & S2S VPN, network firewall, and security services such as Security Hub, Config, GuardDuty, KMS, CloudHSM. In addition, the platform also included many other services that DLT Apps hosted such as Kafka, Zeebe.

#### DevOps Tooling

A fully automated approach and integrated tooling using Git, Docker, Jenkins and Spinnaker was setup to allow teams to provision environments on demand and safely deploy their changes across environments. The process provides end-to-end traceability from the code change through to the deployed versions in production.

#### Operations

Elastic was chosen as the centralised monitoring solution and integrated across the entire platform providing a singular view of all infrastructure, platform and application logs and metrics. This was integrating with our alerting and incident response solution.

**We outlined four areas of focus during the strategy phase**

Faced with the challenging task of securely hosting massive volumes of sensitive data in the cloud, DLT Apps navigated a complex terrain of security, cost-efficiency and rapid deployment. Selecting AWS as the cloud platform, DLT Apps established a reliable foundation that effectively addressed cloud controls, data security, and governance needs. The result was a versatile and resilient system that met client demands, passed third-party reviews, and aced business continuity tests with zero data loss and a 30-minute recovery time.

Zeebe.svg

AmazonAurora.svg

Kafka.svg

AWSAmazonaccelerator.svg

Cloud Platform Build for Financial Products

implementing-an-effective-composable-architecture-for-a-retail-lender.webp

Our client is a well-known UK brand that amongst a few businesses also provide retail lending products including personal and car loans. Our client faced challenges with their outdated legacy application. These challenges hindered their growth, innovation, and ability to offer a differentiated customer experience. These challenges meant that they were unable to meet their business objectives of customer acquisition and achieving straight-though lending decision processes.

#### End-to-End Automation

- **Modular Integration**: Decomposed the lending process into individual domains, such as application quotes, lending, credit checks, and loan disbursal, to facilitate end-to-end automation.
- **Dynamic Workflows**: Employed adaptable workflows that automatically routed applications based on predefined criteria that enabled minimising manual interventions.
- **Real-time Analytics**: Integrated real-time analytics modules to provide insights into loan processing times, approval rates, and other critical metrics, allowing for continuous process refinement.

#### Differentiated User Interface (UI)

- **Adaptable UI Components**: Leveraged composablearchitecture's ability to swiftly integrate new UI components, facilitating a tailored user experience based on customer feedback and market trends.
- **Responsive Design**: Ensured the interface adapted seamlessly across devices, providing a consistent experience for both mobile and desktop users.
- **Personalised User Journey**: Integrated AI-driven modules that analysed user behaviour to present personalised loan offers and recommendations.

#### Enhanced Retail Lending KPIs

- **Rapid Iteration**: The modular nature allowed for quick implementation of changes, ensuring that the business could adapt and refine strategies based on real-time KPI analysis.
- **Data-Driven Decisioning**: Utilised AI and machine learning components to refine loan underwriting processes, resulting in better risk assessment and increased loan approval rates.
- **Customer Experience Modules**: Incorporated feedback and support modules, directly improving customer satisfaction KPIs by ensuring grievances were promptly addressed and feedback was acted upon.

An architecture that was loosely coupled based on composable architecture to enable our client switch retail lending service providers as required

Insource loan application decisions within the business to enable consistency and transparency

Enable reliable releases of application code to facilitate innovation and listening to customer feedback

Implement a leading cloud infrastructure architecture with necessary security controls in line with cloud architecture best practices

**DLT Apps were involved in defining the target architecture driven with Domain Driven Design that facilitated:**



Our client, a leading lender in the UK, faced the bottleneck of legacy systems which hindered the improvement of their customer experience and potential for further growth. Our solution was a composable architecture that enabled rapid feature deployment, automated workflows, real-time analytics, and a personalised user interface. The results of our solution implementation speak volumes with enhanced KPIs, streamlined operations, and a user-centric experience, positioning the company for significant future growth in the competitive retail lending landscape.

Java.svg

Go.svg

Gitlab.svg

AmazonDynamoDB.svg

NewRelic.svg

KinesisFirehose.svg

React.svg

Figma.svg

Atlassian.svg

Implementing an Effective Composable Architecture for a Retail Lender

aiml-powered-data-migration-engine.webp

Migrating data from one platform to another is a complex endeavour, especially within regulated Financial Services. A global Fund Administration product that DLT Apps had incubated was migrating a complex dataset of £20 billion of assets under management (AUM) from a leading Asset Manager. This needed a solution that could securely migrate data at speed and at scale.

**TerraAi brought together multiple facets to tackle the challenge of a seamless migration**

- Adopting the config over code principle, which enabled standardisation of our platform.
- Automation of proof points for migration success criteria eliminates manual effort.
- Adoption of distributed microservices architecture enables horizontal scaling.
- Real-time dashboards to provide record-level status and progress during migration events.
- Auditing every run of the migration cycle for transparency.

Adopting modern architectural principles that enabled rapid test cycles that reduced the overall migration timelines to a few hours.

This was achieved by implementing end-to-end automation that removed all the associated manual processes and focussed on data migration issues.

Enabled real time data profiling which helped data fixes at source.

Visualising real-time migration dashboards.

**TerraAi – an AI/ML-enabled data migration engine powered the migration of this complex dataset. We achieved this by**

aiml-migration-image.png

Navigating the complexities of transferring a £20 billion AUM (asset under management) dataset within the highly regulated financial sector demanded innovation, and we delivered it with TerraAi - our AI/ML-powered data migration engine. Through the use of modern architecture, end-to-end automation, and real-time dashboards, we achieved standardisation, automation, and transparency. The result was the seamless management of £20 billion in assets, setting new benchmarks for operational efficiency, accuracy, and scalability in the financial domain. TerraAi is changing the game by offering unmatched transparency and agility in asset management, propelling us into the future of migration.

pandas.svg

Duckdb.svg

Deltalake.svg

Minio.svg

AmazonS3new.svg

Argogreen.svg

Flask.svg

Python.svg

PostgreSql.svg

MongoDB.svg

Amazoncognito.svg

Apachespark.svg

AI/ML Powered Data Migration Engine

accelerate-the-tokenisation-of-assets.webp

The sale of automobiles, whether new or used, is a complex process that has adhered to established norms for a significant period. In a typical scenario, multiple parties are involved, including a buyer, a seller, a government agency responsible for registering ownership, and a financial lender who holds a lien in cases where the buyer has taken out a loan. Recognising this friction within the automotive buying and selling ecosystem, one of our clients who specialised in automotive financing aimed to modernise process and significantly reduce time taken for the transfer of ownership.

By addressing the challenges of a complex multi-party transfer system, our team created a transformative approach to tokenise assets. We established a distributed network that brought together all stakeholders, offering real-time access to the underlying assets - the car title in our client’s business context. Moreover, we introduced a digital title representation on private and public blockchains, enabling an immutable ledger. We also paved the way for selling the car on other digital marketplaces minting non-fungible tokens for NFT marketplaces and made available on a digital wallet.

HyperLedger.svg

Node.svg

Solidity.svg

OpenSea.svg

JMeter.svg

Accelerate the Tokenisation of Assets

cryptocurrency-trading-made-easy-for-uk-customers.webp

In 2018, buying cryptocurrencies was difficult and expensive due to several factors. There existed many barriers of entry for new investors who were unfamiliar with the complex and technical nature of the cryptocurrency market. As a result, many potential investors were deterred from entering the market, limiting the growth potential of cryptocurrencies as an alternative investment asset class. Our client wanted to build a platform for buying, selling, and storing cryptocurrencies as well as traditional fiat currencies, that could address these challenges.

**User-centric design and journey mapping**

Each aspect of the platform was built with the foundational tenet of simplifying the user journey. We created processes and designs that brought end-to-end clarity and transparency. This made the buying, selling, and storing cryptocurrencies easily understandable and more importantly actionable for new users as well.

**Our client needed a clear and simple process to address the challenges faced by the potential investors, and we split the task into three parts**

In 2018, the crypto market was a maze for newcomers, with high fees and limited user-friendly platforms. Our client set out to revolutionise this space, and they succeeded spectacularly with our help in building their platform. By simplifying the onboarding journey and trading steps with user-centric design, they became the fastest-growing platform in the UK, boasting over 50,000 customers and a valuation of £100 million ($137 million) by March 2021. A potential acquisition of the platform by an American Financial Services company that rolled out a cryptocurrency wallet to more than 2 million users fell through. Despite this, our client's resilience continues to drive their growth using our solution.

Simplifying Cloud Security and Compliance Assets

Problem Statement

Context

Challenges

Solution

Technologies

Impact

More Case Studies

EaaS Cloud Native Development Accelerator

Cloud Platform Build for Financial Products

Implementing an Effective Composable Architecture for a Retail Lender