Banking / investment software

Views: 18

In this post I want to talk about banking / investment software used in the private banking and investment industry, called portfolio management software. Before I left this industry I looked around what software companies and solutions were available. This was primarily as a backup plan in case our own software provider would get into trouble. It is only my opinion, so forget the over 30 years of experience.

Find the companies

This is a serious problem. Since I worked for one of these companies it was a little easier. I already knew some of these companies because I met them at events. Others I knew because companies I worked for as a consultant used these systems. To find new ones was rather difficult. Searching the internet is one option but they really hide.

A little advice to companies selling this kind of software, make sure we can find you.

In this post I want to focus on having full access to the database. I think we all know that the database is the most important part of the system. Now why do many companies not allow their clients to access the database directly? Let us try to find out.

The database

Does it matter which database is used? Not really. I have seen them all, and I have not seen any big differences between them. That is for day to day processes. There are of course differences, and I think one stands out: how quick can you get help. I worked with free databases for many years, and we never had any big issues. That is great, because if we needed help, we knew that there was no support contract.

This is an important choice you have to make. If there is a problem with your database, you can probably not access your data or rely on that data. This can mean that your company can not work until the problem is solved.

Note

Some software solutions offer you the option to decide which database you want to use. This is perfect, at least you can select a database that you are already comfortable with. Since only a few SQL commands differ between database systems, it is not a really big thing. If you simply avoid using those you can run your software on any database. I like that a lot, it means the company really thought about it.

Do you have access to the database?

This is a nice question. And from what I found out, in most cases you have no access to the database.
Why is that? I know it takes a lot of time and effort to create the database, but they are all more or less the same. Software solution A and B both need to store customer information. You need an address, phone number, country you live in. Next to that you have to define investments, like shares, bonds, options. If it is a bond, what is the coupon, how many times a year, the currency, and the list goes on. You have to buy and sell these investments for your clients. Who is buying what, are there any costs, interest, taxes, result? So, if company A and B are building a database, the structure will be more or less the same. Especially since a lot of information is simply required by the government.

What do they hide?

I have no idea. So I asked them. Some did not answer, but others did.

Data security / privacy

To protect sensitive information. Financial databases contain sensitive information. You can think of personal client data, transaction history, and client investments. Restricting access helps protect this information from unauthorized access, data breaches, and cyberattacks.

And of course regulatory compliance. Financial institutions must comply with strict regulations regarding data protection and privacy (GDPR, CCPA). Software providers help ensure compliance with these regulations by controlling access to the database.

Let me translate this. The software company protects my own data by not allowing me to access it. Well, there is only one company responsible for the data, and that is not the software provider. Next to that, what if I need to change something in the database? This was like a weekly routine for me, so it happens. Do I need to wait for the software company to send someone over? Because it is safer?

Intellectual property protection

The database structure, schemas, and data handling techniques may contain proprietary technology and methodologies. Limiting access protects their intellectual property and maintains their competitive edge.

Restricting database access prevents users from reverse engineering the software or using the data in unauthorized ways.

Ok, interesting. There are more companies that produce this kind of software. And the data they need to store is more or less identical. As a result the databases are more or less identical.

And reverse engineering the software? You signed a contract with a company for their product and their knowledge. To keep their product up and running for the next 5 to 10 years. And then you want to reverse engineer their product?

Data integrity

To prevent corruption. By restricting access, the software provider can ensure that the data remains consistent and free from corruption due to improper handling or malicious tampering.

To maintain data quality. Software providers often implement strict data validation and quality control measures. Limiting access ensures these measures are followed, maintaining the accuracy and reliability of the data.

Again, the consistency of the database and the quality of the data is not the problem of the software provider. Imagine the provider makes a mistake, and as a result my database gets messed up. What can I tell my auditor? My software provider did this? Go talk to them? I am afraid there is only one company responsible for the database, and that is certainly not the provider.

Support and maintenance

To streamline support. By controlling the database environment, the software provider can more easily support and troubleshoot the system, ensuring a standardized approach to issue resolution.

For easier upgrades and patches. When the provider controls the database, they can seamlessly apply updates, patches, and upgrades, ensuring the system remains up-to-date and secure.

Ok, so if you have access to the database, and access to the source code, you can customize their product. But, why would you do that? That is the task of the provider. Exactly why you selected that company in the first place, for their knowledge and skills.

Where I worked this happened. Not because we wanted to do this, but the programmer was too busy. So we simply created the code, explained what we wanted, and used our solution until we received an update.

Business model

Subscription and Licensing. Some software providers use a subscription or licensing model where ongoing access to the software and database is contingent on regular payments. Restricting access ensures continued revenue from these models.

Service Differentiation. By retaining control over the database, providers can offer additional services (analytics, reporting, data insights) as value-added components, differentiating their offering in the marketplace.

The first point is like a form of blackmail. You pay me or no more access. I would never sign that contract. And for the second point, it is my data. I entered it into the system. The provider creates a report on the data I entered in the system. Next they call it “additional services” and charge me money to use the report. I have seen both in action, so companies do use these products.

My opinion

When you are looking for software make sure you know who has access to the database.

Think of the following situation. Your company wants to buy one of its competitors. You want to keep this a secret for the coming months. In the mean time you want to prepare an import of their clients data into your system. If you have no access to the database, where are you going to start?

I gets even better when your company is bought by a competitor. Now your data has to be moved into another system. The result is that your provider is losing you as a client. This can be a real problem, in the worst case you can expect a nice bill for that.

As a product specialist I assisted with some of these migrations. Even with complete access to the database it is a time consuming process. Both sides need people who understand their products and databases. Especially the provider who is going to lose a client will not be very helpful. They put in the exact minimum required amount of time.

Another nice example. What if you do not want to use reports made by the software provider, but create your own reports? Maybe you already have reports that were built in Crystal Reports, or a similar solution. You just need to connect them to the new database. Access to a data dictionary will help. You will probably run into issues getting that too.

I know that software companies make a lot of money on building reports. All clients need more or less the same types of reports. So if you have one client, you have the reports. And you can easily sell them to the next client.

Conclusion

Be extremely alert when looking around for software. Make sure you have full access to the database, and insist on a data dictionary. You are planning to use that product for the next 5 to 10 years, maybe longer. Trust has to be the basis for this relationship. It is also not free, and prices can easily be in the tens of thousands of dollars per month.

The next important thing is the software. Can you still use that if your provider gets in financial problems? Is the source code on your location? If not, can you get it? There are solutions for this, they existed 35 years ago too. If it is a good software provider they will offer a software escrow service. I would certainly check if they offer this type of service.

This brings us to the end of my post on banking / investment software.

Thank you for taking the time to read my post on banking / investment software.
I hope you found it enjoyable and insightful.
Stay tuned for more content that is coming soon.

If you like what you read, please consider sharing it with others who might find it helpful.

Diclaimer

All tips and methods mentioned in this blog are tested on Windows 11. Please note that results may vary on other operating systems or versions of Windows. Adapt the instructions accordingly.

Copyright

© 2024 Henny Staas/safecomputer.org. Unauthorized use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to Henny Staas/safecomputer.org with appropriate and specific direction to the original content.


Posted

in

by

Thank you for reading.