Bankloch

Domestic payments have become increasingly   instant   in recent years, with countries like India (UPI) and Brazil (PIX) leading the way. Today, instant payments—24/7 transactions completed within seconds, often at little to no cost—are available in over 70 countries, with rapid adoption expected to continue. ACI Worldwide reported that real-time payments reached 266.2 billion transactions globally in 2023, reflecting a 42.2% year-over-year growth, with volume projected to reach $575.1 billion by 2028. This shift has raised expectations among consumers and businesses for   faster, more efficient, and transparent payments . However,   cross-border payments   — transactions where the sender and recipient are in different countries — still lag significantly. Unlike domestic transactions, international transfers can take days to complete, are costly (for example, a €100 cross-border payment might cost 8 to 11%), and often lack transparency and traceability. Given th...

Throughout my career, working in both financial institutions and fintech companies, one consistent theme has been the use of "Task Managers" (or "Case Managers"). At their core, these systems function as task inboxes, assigned to one or more employees and often following a structured workflow. Despite their importance, you might expect task management to be standardized across organizations, but the reality is much more fragmented. Task management is handled by a variety of tools, each serving different purposes: General productivity tools : Such as Outlook’s task manager, Notion, SharePoint, Confluence pages, and often even shared Excel files. Specific productivity tools : Such as Officient or Personio for HR tasks or JIRA, which is often used by Product and IT departments. Custom-built solutions : Many companies develop bespoke task management systems or extensively customize tools like JIRA to fit their unique needs. Complex BPMS solutions : High-end Business Pro...

Authorization   is a vital part of any software system. Once a user is authenticated, the next step is determining what that user is allowed to do. This process, known as authorization, ensures that users can only access the data, functionalities and outputs that their roles or permissions allow. While authorization is essential, it’s often highly complex. Each system tends to reinvent the wheel instead of leveraging reusable checklists and frameworks. Authorization isn’t solely about internal business requirements. External factors — such as   legal obligations or licensing constraints   — add layers of complexity to the process. For instance, software licenses might limit the number of users, API calls, or functions that can be accessed. Authorization spans also several levels, such as   data segregation, functional segregation, and output segregation . Each of these levels contributes to the overarching complexity of building a secure system: Data Segregation : Th...

  In the world of IT, there’s a saying you often hear: There are only two hard things in Computer Science: cache invalidation and naming things. — Phil Karlton While this may be a joke, it also holds a kernel of truth. Naming things in software design often sparks heated debates, and there’s a reason for that. Good naming conventions can significantly impact the readability, maintainability, and overall quality of the code. Recently, I organized workshops to define our new platform API specification. Defining good names for the endpoints and parameters was a major part of these discussions. Establishing a few conventions and best practices upfront and referring back to them when in doubt helped remove subjectivity and emotion from the discussion, facilitating a more objective and productive dialogue. So here are some typical best practices for naming variables, endpoints, parameters, classes, attributes, tables, etc.: Clear : A name should be self-explanatory and clearly describe i...