Search
Close this search box.

Affirm’s Entry into the UK Market: A Study of Opportunities and Challenges

Introduction

With a history spanning over 35 years, GFT has distinguished itself in the crowded field of technology providers by focusing on key platforms and services that support critical activities within banks and insurers.During this time, GFT has evolved from its German roots into a global data and modern platform engineering services provider, specialising in the financial services sector. This strategy has paid dividends. Despite global market challenges, GFT has outpaced many of its competitors.

Its strength lies in its ability to bridge the gap between legacy systems and cutting-edge technology. Today, it works with banks to support their cloud transformation strategies, as more organisations see the value of shifting away from their centralised mainframes. While, in the past few years, some legacy institutions have been resistant to change, market pressures are forcing even the most conservative institutions to reconsider their technological strategies. Indeed, while shifting core operations to the cloud represents an exciting prospect, it brings security concerns to the forefront. While many banks are adopting a gradual approach to cloud adoption by operating multi-cloud hybrid models, new digital banks are being formed fully on the cloud.

GFT has a partnership with Engine by Starling, the technology arm of digital bank Starling Bank, which provides a cloud-native and flexible SaaS banking platform to not only enable cloud transformation, but one where security is assured by design. When creating next-gen digital banking platforms, one of the pivotal security challenges is securing the cloud infrastructure, built predominantly using Infrastructure as Code (IaC). It’s about ensuring it embodies coding best practices and is devoid of vulnerabilities and misconfiguration. This security must also reach consumer portals – and be meticulously embedded into digital banking mobile apps that ensure compatibility and security across iOS and Android platforms. This approach, inherent in the design of Engine, focuses on pre-empting security vulnerabilities and establishing a robust defence against potential breaches, all whilst providing an engaging and reliable user experience.

GFT has already leveraged Engine by Starling in the creation of Salt Bank, a next-gen digital bank operating in Romania. Built and debuted in under 12 months, the founding of Salt Bank represents more digital banking opportunities for consumers in emerging markets while highlighting the reality that new digital offerings can go to market at a rapid pace. For Salt Bank, security was a cornerstone in its creation, not an add-on. From inception, GFT and its partner Palo Alto Networks incorporated leading security features, such as zero trust architecture, threat modelling, cloud security posture management and security operations automation by design.

This anticipatory strategy involved the weaving of advanced security measures into the fabric of the bank’s cloud infrastructure, providing robust defence against the developing landscape of digital threats. The results speak for themselves. Launched in 2023, Salt Bank has exceeded its annual target of onboarding 230,000 customers by the end of 2024. The bank offers a current account paying 3% interest (for transactors above a certain limit), digital wallet compatibility, mixed-term deposits, a multicurrency card (supporting 17 different currencies) and a savings account.

GFT’s security-first approach is integrated into every stage of its work with clients. As Dean explains: “We start having those security conversations as part of the design of the neobank. What are the customer’s requirements? We’ll drill down into their business rationale, their technology requirements but we’ll also ask them about their security risk posture.” To fortify the codebase for application code and backend microservices, GFT leverages GitHub’s advanced security capabilities. These are embedded into the build and deploy pipelines for static code analysis and secrets scanning, alongside Prisma Cloud’s Cloud Code Security for scanning and hardening IaC templates against misconfigurations.

Read: AI in Insurance

Industry Comments

Dean Clark, Chief Technology Officer for GFT UK, provides a unique insight into the creation of Salt Bank and GFT’s work with Palo Alto Prisma Cloud. Dean Clark, Chief Technology Officer for GFT UK, has been at the forefront of the company’s transformation over the past five years.

“At GFT, we typically focus on hiring and training engineers with core domain expertise, not just technology expertise,” says Dean.

Dean notes: “Consumers want mobile-first banking. The new wealthy don’t want to pick up and speak to a wealth manager. They want an app on their phone. This consumer trend is forcing more legacy players to think about their new technology strategy and push for change.”

“Customers appreciate the simplicity and speed of onboarding, with an average time of less than seven minutes to create a live account,” says Dean.

Read: Top 10 Financial Software Solutions

He adds: “To achieve this level of customer satisfaction, GFT harnessed its global delivery model across 18 nationalities to maintain momentum on a highly complex and diverse build and deployment, demonstrating the deep expertise required to create a truly integrated and innovative new bank.”

Dean elaborates on the use of GitHub: “Even if you use some of the Atlassian products like Bitbucket, it’s GitHub under the hood. So it made sense to focus our engineers’ expertise and training on and around how to get the most out of GitHub.

“We make sure that our engineers can use all of the functionality. We make sure they understand the full scope of the feature set.”

He outlines the five core activities of NIST: Identify, Protect, Detect, Respond and Recover. Incorporating these principles into its design process, GFT applies them both to overall systems and individual components.

Dean expands: “As part of our design process, we’ve adopted a similar approach for both the overall systems design when looking at it holistically and for each of the individual components that go into the design.

“We regularly run through NIST’s compliance tools with some of our designs to make sure we’ve not missed anything.”

FAQs

  1. What is GFT’s core strength in the tech industry? GFT specializes in bridging the gap between legacy systems and modern technology, particularly in the financial services sector. Its strength lies in cloud transformation and security, helping banks and insurers modernize their platforms while ensuring robust security.
  2. How does GFT approach security in its digital banking projects? GFT adopts a security-first strategy from the design phase, ensuring that cloud infrastructures, mobile apps, and customer portals are built with strong security measures. They integrate features like zero trust architecture, threat modeling, and security automation to preempt vulnerabilities.
  3. How did GFT help launch Salt Bank? GFT played a crucial role in creating Salt Bank, a next-gen digital bank, within 12 months. They used the Engine by Starling platform and incorporated leading security measures from the start, helping Salt Bank exceed its customer acquisition targets for 2024.
  4. What role does GitHub play in GFT’s security process? GFT uses GitHub’s advanced security tools for static code analysis and secrets scanning. These tools are embedded into build and deployment pipelines to ensure that application code and cloud infrastructure are secure and free from misconfigurations.

Conclusion

GFT continues to lead in the tech space by focusing on cloud transformation and security for financial services. Through strategic partnerships and an unwavering commitment to security, GFT has successfully launched innovative digital banking solutions like Salt Bank. By integrating cutting-edge technologies and robust security features from the outset, GFT ensures that its clients can offer secure, customer-friendly digital banking experiences while keeping pace with industry trends.

To participate in our interviews, please write to us at news@intentamplify.com

Top Fintech Stories:

Share With
Contact Us