A collection of thoughts, ideas and rants inspired by my career in the fintech and banking industry.

Implementing ISO 20022

Payments Canada published an opinion piece outlining how they think ISO fits into the payments ecosystem.

Quote Implication
That message is received by the creditor and immediately dissolved and dispersed into the internal data models ISO should be used at the system boundaries; not as your internal data model
The messages defined in ISO 20022 are meant to […] complete a specific operation between two financial systems or two different entities within a financial ecosystem ISO is intended for communication between FIs
these messages are purely transient. All of the systems in the financial industry have been designed to store data - not messages. While the data persists for decades, the messages only persist for seconds Store normalized transaction data
ASN.1 and XML-based messages are useless for delivering a high-volume real-time payments rail Don’t use ISO for latency-sensitive systems

The ISO 20022 standard provides a common language for Financial Institutions to use when communicating with each other. It brings consistency and well-considered data structures to interfaces that previously had none.

[Read More]

ISO 20022 is not a standard

ISO 20022 defines a catalog of messages to standardize data exchange in the finance industry, and it is gaining popularity in Payments.

Here in Canada, Interac updated their APIs to support ISO 20022 several years ago. FedWire in the US will be rolling out ISO 20022 support in summer 2025, and Zelle is following suit with its integration to The Clearing House’s Real-Time Payments network.

But it’s not a standard despite what the name implies.

[Read More]

App Config Design

Keeping your configs clean and DRY

I wrote about DRY configs many years ago but astonishingly my clients don’t seem to read my blog. I mean, who even has a blog these days anyway?

Externalized application configs have a way of multiplying like rabbits to the point where people become afraid to touch them at all, let alone apply the DRY principle to them. The proliferation of poorly-designed configuration files in Enterprise Java systems is appalling, and the situation is compounded when an external configuration system like Consul or Spring Cloud Config is added to the mix.

[Read More]

Retail Returns

Why you should talk to your users

I recently had to return an item that I’d bought online. It’s free to return the item in-person to one of their retail locations, or $10 to ship it back. There was a store nearby so I elected to do an in-person return but the experience shows what can happen when software and processes are developed without involving the user.

The store clerk was friendly and helpful. He asked for my online order number, found it in the system, and told me that the money would be refunded to the original form of payment used for the purchase - in this case, PayPal. Everything is going smoothly to this point.

[Read More]

Process Optimization

Only by increasing flow through the constraint can overall throughput be increased – Eliyahu M. Goldratt, The Goal, 1984

Turning this around we get the corollory that optimizations made to areas other than the constraint only serve to worsen the constraint.

Agile practices, and particularly Scrum and SAFe, have been widely adopted in large enterprises over the last decade or so, spawning entirely new departments dedicated to locking down the process. Agile Centers of Excellence (CoEs) produce materials explicitly describing every aspect of their company’s specific flavour of Agile, and have coaches dedicated to enforcing it across the teams.

[Read More]

The Value Is The Process

Plans are worthless, but planning is everything – Dwight D. Eisenhower

The value of a process is primarily derived from the process itself, not the output.

Producing a slide deck or document on a topic requires hours of thought, multiple drafts and revisions, wordsmithing, and lots of research.

This iterative process helps to clarify your thinking around a topic. The hours spent thinking deeply about a problem and continuously refining your arguments is where the real value lies, not in the artifact that results from that process.

[Read More]

Let's Talk About Signs

If your sign needs a sign explaining the sign then it’s a poorly-designed sign.

Let me present a few examples. I’ll start with the intersection at Bloor and Parkside in Toronto shown below.

Traffic lights at Bloor and Parkside

There are four lights in this image: one for the through traffic, one for the cyclists, and two for the right-turn traffic. Both the bicycle signal and the right-turn signal have additional signs adjacent to them explaining what those lights are for. The placement of these explanatory signs is inconsistent: two are to the right of the signal, one is to its left.

[Read More]
design 

Non-Functional Requirements

Non-Functional Requirements (NFRs) are used extensively in enterprise software to define things like performance requirements and availability expectations but it’s important to be specific about what we’re asking for.

I spend a lot of time with my clients helping them understand why the details matter for NFRs so let’s walk through an example to demonstrate what I’m talking about.

Let’s assume we’re dealing with a system that is going to process 3-5 million transactions per day with peak volume during business hours at around 50 transactions per second. A sample NFR for such a system might be stated as:

[Read More]

On Modernization

I’m currently working with a large retail banking client to help them modernize their payments infrastructure. The word “modernize” is used in just about every client interaction. It appears in all the slide decks. It’s part of the business case justification.

But modernization is a relative term.

The big question is: What does the client mean by modernization?

The existing system is a vendor product running in an on-prem application server. It’s an opaque monolith that is challenging to operate, and to cap it off the vendor has announced that they’re ending support in a few years so my client needs to get off this platform in order to stay competitive in the payments space.

[Read More]

Moral Hazard

Is QA a moral hazard?

A moral hazard is when an..

…actor has an incentive to increase its exposure to risk because it does not bear the full costs of that risk.

It’s similar to perverse incentives.

A perverse incentive is an incentive that has an unintended and undesirable result that is contrary to the intentions of its designers.

I have spent the last 6 months working closely with a QA team inside a large financial instutition and have become increasingly skeptical of the value they provide - the development team don’t test as thoroughly as they should because they know that QA are playing backstop.

[Read More]
strategy  qa