 I would like to first say, thank you very much to the Clear Bank team for being here with me today and we're going to talk about how the FinTech Clear Bank leverages open source to accelerate crypto payments through their cloud API and infrastructure. I'm James McLeod, Finoss director of community. Thank you everybody for being at our event today. It's good to see so many friendly faces from Finoss members and also new faces from people who have found us here today. But firstly, I'd like to introduce you to Stephen Hawkins, head of DevOps Transformation at Clear Bank. So Stephen, maybe you'd like to introduce yourself and tell us a little bit about your history. Yeah, of course, yes. So yeah, Steve Hawkins, I work for Clear Bank. I've been at Clear Bank for just over four and a half years, so a large part of Clear Bank's journey just before we had our first live customers. It's been a very, very big rollercoaster ride of growth and innovation. Before that, I was at Hiscox, an insurance company. Before that, I was at Nationwide, Bill of Society. So my career path's been in financial institutions, financial services, FinTechs, the whole time. And through that, they've always been either configuration management engineers then moving into infrastructure engineer, then moving into DevOps engineer into that sort of space. So the toolset has generally been open source and some paid for services as well. That's fantastic. And it's so great to have a FinTech as part of our discussion today. As people know, we have a lot of enterprise banks within the foundation. And I'd really like to explore the differences between a FinTech and also an enterprise bank. So maybe Stephen, can you tell us a little bit more about Clear Bank and the services provided to FinTech's crypto platforms, banks and credit unions? Yeah, of course. The key thing is we are a FinTech. Our biggest department is engineering. So we are hugely mindset focused towards innovation, driving differentials for our customers, and key part growth. But we are a fully licensed regulated audited bank. We have that license. We provide FSCS protected accounts to our customers. And we have to face off with the same regulatory compliance concerns as in that West, HSBC, all the other big players. So although we are, we always portray that we are a FinTech, we are absolutely a bank at the same time. Absolutely. And so what is it that sets Clear Bank as a FinTech aside to a large scale enterprise bank? Yes, sure. I mean, we started six years ago with the start date. So I say I'm going to have for the vast part of the journey. And with that FinTech mindset, we go towards cloud-based technologies. We go towards moving our code base forward as quickly as we can, as often as we can. And we offer all of our services up via a single API. So we want to make that interaction with those banking services as well as transactional solutions as easy as possible for our customers. So the kind of customers we're looking for are EMI's. They are also bigger banks, but they are a FinTechs that are looking to streamline that solution for their end customers. Amazing. And so as part of your role within leading DevOps, within Clear Bank, at Clear Bank, can you explain maybe some of the open source tool chains that you're using as part of your automation and DevOps strategy? Yes, sure. Maybe it helps if I start by explaining a bit about the area and structure that I work with in Clear Bank. So we firmly follow the idea of team topologies. So we have stream-aligned teams which focus on delivering those end-user products out. And then we have enabling teams and platform teams. So that's my main focus, is looking at enabling teams to figure out the frictions for those stream-aligned product teams. And then also those platform teams that are building that underlying infrastructure to again enable those teams. So if I just focus on one of the main areas to look after their infrastructure, we want to make sure that's completely compliant, secure, has high performance and quality, but it must change quickly as our products change. So we're a massive user of Terraform. So if we're linking in the open source community, I think Terraform are one of the better examples of how you can blend both an open source offering, which is outstanding, along with a paid-for and licensed offering as well. So we use Terraform and infrastructure code to build all of our infrastructure. So note no hands touch production. And yeah, we're a huge contributor back then to those. So we're using Azure as our cloud service provider, as the main one. And I think if you look at the top contributors, a few of our engineers are up there with the Azure Terraform provider. So I understand that Clearbank is also regulated. So you're accountable to your customers in the same way as any other bank within financial services industry. So with your use of Azure and the public cloud or the hybrid cloud, how do you make sure that you are hitting those governance and compliance obligations when moving in those circles? How do you provide evidence towards that? OK, yeah. So we are kind of hybrid because there are a few payments devices which have to be physical. HSMs, they have to be physical. Although you can get that device up in a public cloud, the rules around how you engage them require it to be physical. But yes, as far as our Azure build out, which is mostly public and that private one, compliance is our top priority. Security, safety, but also speed. The way we assure that is, I say, we don't have any hands touching production. So we've made sure all infrastructure changes are via a pipeline. That pipeline is automated with many gates in it. So we can do compliance checking on the type of code we're releasing, the type of open source packages we're using in that chain. But also we encourage individuals to become better at things like security, QA, become champions of them. So we've got some quite good internal programs where we can develop those individual skill sets to do poor request reviews on the security side. So yeah, we very much include not just technology as a compliance check, but people. Probably another benefit of the size of Clearbank against its status as well. We're trying not to have a huge amount of people in the organisation to what we're trying to achieve, is that the people which are facing off with the regulatory concerns in the organisation aren't just auditors that then go to an SME. They're auditors at SMEs and the actual engineers that are going to be building these products. So we can have a lot more technical conversation with regulators on what exactly they're trying to cover and secure for our end users. And therefore we can hopefully, and I truly believe we've done this, we've actually got better compliance than I've seen at some previous organisations I've worked with because of that automated check, because of that cultural buildup of education as well. So with your relationship with the regulators and being able to provide evidence to them both as a firm but also as engineers within the team, are you finding that the regulators are actually wanting more automation of regulation? Are they asking for evidence in an automated way as code or as a particular standard? There's definitely been change in that way, but I would like to see better automation asks from the regulator. So the way we show evidence generally has been interviews or screenshots or those sorts of things. I'd much prefer it to see move towards, so this is the output of my pipeline results or the quality gate checks or things that have actually been stopped on its way through. It'll be much better if we can somehow get that information which is readily available directly to the regulators rather than having to do things like screenshots, create attestations and send those back. That's fantastic feedback. So within Finals we have a special interest group called Regulation Innovation which is actually created to speed up that relationship between engineering teams and the regulators. It'll be awesome to have clear bank comments, talk about how regulation and also engineering could be accelerated from your perspective, what those blockers are and what kind of tools could actually be provided to enable more efficient types of DevOps engineering. Absolutely. DevOps is there to try and make movement in product faster and realise that value to our customers faster. Just listening to a couple of conversations earlier I was really excited hearing Jennifer talk about digital dollar. This whole central bank digital currencies and how they're going to interact with fiat currencies is incredibly interesting. If we don't get that speed up of regulatory output, if we don't have that connection between different jurisdictions' regulations, it's just going to really slow down that part of the world which I think is incredibly exciting. Clear Bank are quite heavily focused on what does digital assets, stable coin, the central bank digital currencies mean for our end users, how can we best turn that into products for them to leverage themselves. I really want to catch up with Jennifer and Ella today, Ron. Yeah, that's fantastic. So, I'm really pleased to see that Clear Bank has a GitHub organisation. So, if people want to check it out, if you go to github.com. You have a clear presence online. It's also good to see that you have repose within there and you also have repose with stars. You also publish all of your API integration documents in there. So, with your community facing approach for Clear Bank, how has having your documentation presented to the open through github enabled you to be able to integrate with your customers? Do you mean why we choose to get our pages specifically or the API documentation? Has there been any clear advantage having your API documentation and repositories that enable authentication on github for people to use? I mean the accessibility. The reason why we use github is that that wonderful toolset has around getting the community to engage. Issues being raised, issues being tracked, the whole PR process and I guess that's how you get a pulse check on the health of a project is how quickly they're being passed through. So, having our API documentation on github pages was twofold. One, we had the repository and github anyway. Github pages and github actions are something we make heavy use of and it made sense that we had github in the title of our API docs. At the end of the day, all of our products are sold via an API. So the end customer really is the engineers in the company that are using the Clear Bank API. It makes sense that we advertise that we're on github and that's fantastic. And staying within the open source world. What have been your successes, challenges and lessons learnt since publishing either a project in a repo or your documentation through github pages? Yeah, it goes back to that pulse check on a project. I think we are fast paced, we're growing in that quite quick rate. We have a lot of investment behind us. So we're starting to have better manpower or people power to look after these projects. So I think that's the biggest challenge is when you start putting something out there especially if it's not just a fork but you're contributing to someone else's project it's your project you're putting out there. If you don't look after that open source community by responding to issues in the right amount of time especially if someone's is a great plus for open source contributing a code change to fix an issue that's even bigger use of someone else's time. So if you're not respecting that by reviewing that PR giving the constructive feedback and ultimately hopefully merging it into your project in time that's the biggest pain point I'd say for any open source project. So have you had the scenario where an external member of the open source community has either raised an issue opened a pool request watched your repose or starred them. Is there a feedback loop that kind of goes through the open source community? Exactly is that. We're getting a real chance to understand what the customers think where they have complete free reign to do at any time of the day and any which way they want to feedback on issues on the project. So it is the biggest plus and it is the best way to understand how your products actually being used. So knowing that we have a financial services community I'm in open source here I mean what can Finos or the wider financial services industry kind of like provide clear bank in order to make your contributions to open source even more successful? Maybe we go back to I want to quite completely flip it around but if we go back three years ago we were a very early stage at clear bank when we first met it definitely felt like a luxury item for us then to become a member of Finos and we didn't truly understand what was the driving the main goal was the driving force for Finos obviously you've approached this again more recently we've got this funding this is much more attainable to be a member now but the biggest thing I think anyone out in this room can do for us is look at the products we've got use them if they're beneficial come back with feedback on new feature requests for them or or contribute to them would be amazing I must carry out obviously the things we're releasing on our get up pages are more internal tools to help build infrastructure for financial services to get compliance so it's not the actual clear bank products available to pick apart from there It was really interesting to see Declan earlier in the keynote talk about that West's approach to also publishing documentation around their APIs as well and so clearly having API documentation in the open is a way forward so tell me about the engineering team at ClearBank what's a day in the life of ClearBank engineer how do they operate how do they collaborate how do they solve problems so we actually use Azure DevOps for source control workflow pipelines rather than get hub for our internal source code and pipelines so that's their main point of interaction but we also created something called a developer portal which is an idea started with Spotify and it's a great way of getting those kind of announcements put out across the floor so if you want to tell an engineering team that an end of life for something is coming up is a great way of putting it out there on a tech radar and moving it to retire so we have we don't have any sort of architecture people roles in the co-organisation but we do have architectures forums so we try and get our engineers to contribute their friction points in their day to day life through that forum so as a group we can collaboratively find the best way to move it forward for everyone because more than likely if one person there one team in our group has got a problem it's probably the same for someone else as far as open source goes I would like to see more open source contributions from the wider floor but also I understand that there's a lot of focus on product delivery from our engineers so I think most of the open source aside of clear banks engagement will be that platform and enabling team so with one of the conversations that we had earlier in the FOIA we were talking to Github about how they could potentially remove friction for regulated clients of theirs if Github or other people who are supplying tooling for open source firms within the regulation industry could remove friction for you what would that be? Do you have any examples of how things could be made a lot more easier for you to be able to contribute to open source? Yeah, I can assume open source, I've seen problems in other organisations where there's almost a risk problem there, is that project going to be there going forward those sorts of things so I think if we can somehow and we take a risk based approach on taking on any product supplier or open source led so is there a corporation backing up this open source product or is it a publicly owned one? Are you seeing poor requests and issues being addressed in a timely manner that helps you with the risk profile of what you're taking on if Finos or someone else was able to help financial services bring that risk down even further that would be a huge enabler I think for financial services if we can look at it in the same light of saying this it's going to be supported, we're not going to be left in hot war we're not going to have to look after this ourselves there's a group of people that can help us to maintain it if the worst does happen that would be a huge enabler I think So early you were talking about how Clare Bank looked to Finos maybe three years ago I mean when we met just before the pandemic and it was nice to have have you had the opportunity to look at any of the other Finos projects or special interest groups what's your appetite now for getting involved in a foundation like Finos? Like I said we've got the bigger investment now so it's much more attainable for us to become a full member of Finos where I see the benefit is seeing there's a couple of compliance whether it's asset management whether it's service catalogs I've seen a few of those repositories in there and they're things that we've we've even got paid for supplied products to look after or it's something we've built in to house ourselves so I see compliance as something that the financial services world needs to band together on to make sure it's more consistent across all organisations I say sometimes feel like we're treated as a ffintech so we've got a slightly different risk profile it's clearly not the case but it's very interesting to see how some of the more incumbent financial institutions have been around for a lot longer going through this process for a lot longer how they deal with compliance and how aligned are we? So within the ffintech industry not necessarily clear banks specifically for us to be able to invite the wider ffintech and maybe crypto world into open source and into Finos what would be kind of like the main hang-ups and hurdles that we would need to overcome in order to invite more people in? Transparency absolutely of what's on offer as in what the what the goal is for Finos but also what the success criteria is for the next 6, 12, 24 months what's the roadmap for Finos what is the driving force for the whole group getting together and why new people should come in I think that's critical because for us again we saw it as a luxury item initially and we also didn't quite understand exactly what it was about first our first initial force was is this open source or is this closed source? Honestly so we weren't really sure but obviously meeting again it's very clear that this is about trying to erode those misconceptions within maybe older or larger organisations that open source is a bigger risk which it's not it's just another risk like all the other products So that's fantastic so I'm pleased that being here today and also speaking within our previous conversations has helped to start to remove those and maybe we can do a lot more to invite other FinTechs and other players maybe challenger banks into Finos as well Can I ask around a different question then from my side what can Clearbank do for Finos How can we make Finos successful through Clearbank engagement? What's the biggest thing we can do? Yeah that's actually a really good question So within Finos we have a number of different projects that may be of use to you that we may need to take you through and introduce you to our catalogue of projects that you can leverage We are creating compliant cloud services which may be of use and value plus we also have associate members such as the EDM council and CDMC that also work with us to make sure that we're creating those services in a compliant way so by getting involved in such projects and even by just communicating your perspective on the work that we're doing can actually build it will enable our roadmap and could also influence how features are actually created in a great deal of our projects but even outside of projects where there are main code contributions we also have special interest groups which are open for everybody within financial services to get involved whether you're a bank, whether you're a ffintech whether you are a consultancy or a tech provider in order to give industry points of view and help prioritise what the issues are of the moment so the regulation innovation seek as we were talking about earlier on stage has helped bring in for new projects around regulation in order to help describe regulation and also accelerate the relationship between engineering and also the regulators we also have open source readiness which is about educating banks and other regulated firms within finance about how they can actually join the open source community and how they create policies tool to compliance teams and governance teams in order to bring both all sides of the bank on the journey of open source include in engineers and then many of the banks that we have here are applying DevOps sorry not DevOps in a source within their banks that also includes DevOps and so if you've got any kind of different perspectives of how engineers can work together on the inside of organisations please bring it in because the more points of view that we have from different sides of financial services the better because we can all learn off of each other and there isn't one single answer either and so the more perspectives you have in things the better kind of like and also more successful the projects are so you can bring in a whole new perspective to everything that we're doing Excellent So what does success look like next three, six, 24 months for Finos? Yeah so that is also a great question so we have a governing board that helps create our OKRs so at the moment top of the list is bringing the regulators and also the banks together so automating all of that evidence trying to do regulation as code writing regulation that can be published across multiple different exit points into different systems and services we also want to make sure that all of our various different projects join together so where within our journey into open source we've had lots of successful projects contributed into the foundation we want to make sure that those projects are joining together so they actually build an ecosystem that people can actually bring on board and you'll find that projects such as legend which is a project contributed by Goldman is being leveraged by Morgan Stanley and is also being integrated into their project which is called Morphher and so all of these different touch points within Finos are also being like technically and also system architected so we have cross collaboration across all of the various different firms and then we're just going to multiply that across the years so you know more vendors, try and break down more barriers, remove silos and bring people together in a more open and collaborative way I like this a lot of this engagement with regulators like I say I feel like we've had a very different experience than I've had at previous organisation so if we can have that joined up experience and actually have them in the same room as a group of financial services have a very interesting place Yeah so as associate members we have the Alliance for Innovative Regulation who are bringing in the regulators so we're working in partnership with them we have the Canadian RetroTech Association which are doing pretty much what we were just talking about you know speeding up regulation as code through engineering all the way from the cloud platform through to in a bank infrastructure we also run meetups so we come together in conferences but we also come together in more federated meetups within different cities and locations where we talk all of this stuff through so last month we were in New York City which was red tech themed previously we were in London and we were talking about waltz and then previous to that we were also in New York talking about compliant financial infrastructure plus we also have meetups in Edinburgh, Bristol, Leeds and London as well you know that we run on a ongoing basis so there's plenty of time to get together with the Finals community Excellent I'm where we've been talking with each other a lot are we open up to questions as well I think say we've just had the minute marker that if people have got questions feel free to just shout them out I don't think we've got time for people to put their hands up so feel yeah feel free to So you mentioned that if you were to go out and what would you take to scale up that success in an organization in three, five, twenty, nine or so So I imagine those organizations have quite robust functions around procurement around audit like I say for the size of the organization we are procurement, audit is the day job of the leader of that area that's reporting back and I said that's got its benefits because we've got direct conversations with engineers and the regulatory body we're trying to comply with so I would say break down the barriers, bring as many of the people who are actually building designing the products and architecture that need to be compliant in the room with those regulators try and stop any sort of Chinese whispers of translation from regulation to what it is you're actually doing on the floor That's actually a really good question and one that both myself and Mick Walsch have been breaking down a lot of this as well Right, I think we're at the end of our time so if the people at the back can just confirm that we're there now we are. I'd like to say thank you to everybody for being here today and thank you Stephen for such an insightful fireside chat it's been great speaking to you and I look forward to working with Clare Bank a lot more Now me too, it's been great, thank you very much for inviting me Thank you everybody