A toolkit designed to build, pilot, run and iterate

Only FINkit® provides financial institutions everything needed to design, build and run secure and compliant digital services using cloud-based technology.

FINkit’s unique Compliance Framework and Pipeline enables the enforcement of bank-grade governance, risk and compliance controls, enabling continuous delivery of high volume low risk change into production.

A toolkit designed to reduce the time and cost of doing more







FINkit Design Framework

The FINkit Platform provides a pre-approved API and Service Design Framework that supports Feature Teams and Enterprise Architects in quickly designing and iterating FINkit Services. Using a repository of repeatable and enforceable frameworks produces consistent, quality designs which can be produced and iterated on in hours instead of weeks and months.

  • API Design

  • Service Design

  • API Style

Developer Toolkit Key Features


    Virtualised Developer Environment delivered as a service. This ensures that even distributed teams of developers and testers creating business services using FINkit have everything they need including local testing with containers enabling fast feedback.


    Service Auto-Generation creates a coherent and consistent set of service artefacts including pre-approved service template, test and continuous integration jobs, deployment scripts and integrated with notification bots for collaborative updates.


    FINkit automatically generates service dashboards to assist developers with testing and debugging. Dashboard views contain real-time insights including number of instances, throughput, response times, performance and errors.


    A complete and automated Behaviour Driven Development (BDD) test framework designed to support the automation of feature, performance, security and service-level tests through continuous integration to production and also during run, to monitor service behaviour.


    All FINkit services must create transactions to be supportable in production. Transactions are persistent business events as well as operational events assisting teams with troubleshooting.


    Data remains one of the most challenging constraints and cost drivers in Financial Services, particularly customer data. FINkit’s Information library abstracts the complexity of working with and storing data by orchestrating and enforcing FINkit data segregation policies during build and run.


    FINkit supports Feature Teams throughout the software development lifecycle with the ability to work locally on the FINkit Virtual Developer Environment using Containers. Local testing tools use adapted Docker technology to support consistency in Continuous Delivery.

FINkit Compliance Framework

The Compliance Framework is the cornerstone of the platform abstracting the complexity and risk of Continuous Delivery and the time required for Operational Readiness.  The framework has a significant scope that spans the build pipeline, systemic data protection policies, security, service monitoring, alerting and service levels.

Data Protection on FINkit

In order to provide systemic protection of data, FINkit Data Protection Working Groups are held to agree appropriate Information Characteristics to apply UK Data Protection Act (UK DPA) and Payment Card Industry Data Security Standards (PCI DSS).  Once classified, data is automatically protected by your agreed policy within the build pipeline and at the boundary of FINkit – wherever FINkit is deployed.

The Data Compliance process creates policies that are enforced by FINkit Protection service in transit, in process and at rest, including the isolation of PCI affected data to a segregated PCI Zone.  Data is always protected to the level required by the defined Data Policy for each new service and for updates.

Compliance Framework at a glance


    FINkit’s build pipeline reduces risk offering improved evidencing and full automation removing handoffs and silos of the past. Supporting audit, controls, continuous integration, test and deployment with enforced code reviews, permissions and verifying agreed Data Policies.


    Each FINkit service can be configured to require consumers and subscribers of a service to agree explicitly or implicitly to terms. Agreements can be managed and updated in multiple languages and versions.


    The Data Compliance process creates policies that are enforced by FINkit Protection service at the boundary of FINkit. Data in transit or at rest on the FINkit Platform is always protected to the level required by the defined Data Policy


    A declarative framework enabling non-functional requirements to manifest as supportable, testable goals for design, build, test and operation of FINkit services. Characteristics include Resilience, Security, Data and Stability for API resources.


    FINkit provides extensive event logging and in combination with service characteristics, can be used to generate management, business or billing type reports based on recorded events.


    FINkit as a Managed service provides high availability across multiple zones to enable bank-grade resilience using a multi-active model. Availability can be specified as a Service Characteristic e.g. 99.99%.


    FINkit provides extensive event logging and in combination with service characteristics, can be used to generate management, business or billing type reports based on recorded events.


    Providing a comprehensive suite of capabilities and a single source of information for system events and service performance enabling teams to benefit from new levels of insight across infrastructure, network, security, monitoring and alerting.

Developer Components at a glance


    FINkit supports an identity federation model validating external identity assertion(s) and convert these into the internal assertion if it is correct and valid. The Identity service provides the mapping from externally provided SAML or device tokens to FINkit tokens as needed.


    Accelerates the storage and protection of sensitive information in line with compliance needs. Developers can create, modify, search and maintain consumer records/data with Data Protection policies enforced automatically.


    FINkit services allows setting of a lifecycle status to an API consumer which will affect the processing of their resource request on that service. Defined states for FINkit services include running, paused and stopped.


    The SSO Token service intermediates consumer authentication to an Identity Provider (e.g. Google, HID). It supports the end user authentication flow by implementing OpenID Connect (OIDC) authorization.


    Multi-factor layered authentication is now the norm in Financial Services and is rightly under constant scrutiny. FINkit’s Verify service enables Feature Teams to request verification from a user of their service using SMS extensible to support any API-based MFA solution.


    The Comms Service exposes a set of operations (e.g. SMS messaging, configuration of SMS contents such as GSM UTF-7 character sets integrating with 3rd party messaging gateway providers with global coverage.


    FINkit services must create an Activity whenever any of its resources’ state changes. It can also occur when the invocation causes a side effect(s) effect that changes the state of the service, e.g. the creation of a consumer emits a consumer enabled Activity.


    Integration with one or more back-end utility services is common place in Financial Services domains. FINkit provides configuration support for service integration with flexibility and continuous test and monitoring of utility behaviours.

Ready-made Developer Capabilities


    Simple account opening data capture of pre-classified mandatory, optional and extendable data fields. Subscribers can throttle submissions where a subscriber is constrained by capacity and generate update messages.


    Supports the retrieval and linking of Customer Accounts across banking platforms. Provides a summary view for balances and limits and supports subscriber configuration and activities. Accounts is underpinned by FINkit Protection and Audit.


    FINkit service which enables PCI compliant card storage and supports storage of multiple cards per consumer and the setting of default cards. FINkit Protection policies automatically isolate PCI-DSS affected data to a segregated PCI Zone.


    Provides transaction history and ability for consumers to retrieve account histories, select and view monthly statements and subscriber level consumer activity reporting with north and southbound boundary data protection.


    SMS alerting capability for account opening status alerts. Including configurable Account open/welcome messages, account readiness checks and triggers to support consumer mobile number retrieval and Comms interactions.


    Supports location of branch and ATM information to consumers including search using location coordinates. Subscribers can add custom parameters such as opening time to locations and are provided with update and rollback database support.

FinTech Partner Integration

From large to small FinTechs, every great proposition needs partners and FINkit is no exception. To provide support for the very latest technologies while reducing the complexity and cost of working with FinTechs we’re providing FinTech integration as a service.

FINkit supports due diligence processes, on-boarding, technical integration and business operations for working with FinTech partners. You benefit from standardised processes, simplified supply chain and centralised incident management for your growing ecosystem.



Pilots, but not as you know them…

FINkit’s pilot service provides a production grade run environment as a managed service with operational support at a fixed price so you can take the innovation out of the labs and into the hands of your customers. What’s more, moving from pilot to production operations is only a matter of changing contracts not rebuilding the whole solution.

  • Create your service with the managed  FINkit Build Pipeline

  • Deploy pilot service on FINkit managed production sandbox environment

  • Run Pilot with your selected audience

  • Progress to Managed Production Operations or redeploy to your own FINkit production Environment

Managed Pilot Environment
Ready to use, near instant deployment, monitored and operated for you

Operational Support
Pilot services with high availability but without the full operational SLA to manage

Scaled on Demand
Whether you are piloting to hundreds or thousands of users, your service will be scaled as needed

Production Ready
Services built with FINkit from MVP onward can be deployed for pilot or production without rework

FINkit provides Build, Pilot and Run
capabilities as a managed service.

FINkit’s high performance, bank-grade managed service capabilities reduce time to market, implementation overheads and operational overheads for our customers.

FINkit has a low cost of entry, based on a pay as you go model

FINkit Platform Access is charged on a Subscription basis

SCOPE: Provides access to the FINkit platform for Build services. Run operational services either under Production Sandbox Agreement or Operational Services Agreement.

FINkit Pilot Service is a fixed price for development of services and unlimited pilot use of the Production Sandbox

SCOPE: Unlimited use of FINkit Production environment for Pilots and Trials. No restriction on Number of users. No restriction on number of pilots. Key difference between this and Operational Services contract is that the Sandbox does not provide a contractual SLA.

FINkit Operational Services is a standard contract, with a schedule for each deployed service

BUSINESS SERVICES SCOPE: Running business services, whether developed specifically for the client or use of FINkit pre-built capabilities. PUPM-basis, or where there is no identified user, per transaction pricing is calculated based on service complexity and usage, with minimums applied, Third Party (PARTNER) API’s are pass through pricing or billed directly by the partner.

HOSTING: Where clients wish to host with FINkit, there is an additional usage-based monthly fee based on Service footprint, Service throughput and Service Availability.

For more information get in touch

+44 (0) 20 3657 0900

Drop us a line to experience more on FINkit: