The path to the future

New initiatives such as APIs, microservices and self-contained systems, mobile and browser-based UIs for different user personas and overall digitalization are changing the face of banking. Similarly, issues such as data quality, automation and security clearly remain of critical importance. Avaloq’s architecture has been developed to address these new opportunities and the perennial concerns, while preserving Avaloq’s existing strengths such as consistency and out-of-the-box integration.

For our clients, the transition to self-contained systems provides both substantial efficiency gains and a versatile platform for future innovation - enabling Avaloq’s clients to make the most of the exciting opportunities offered by a rapidly-changing world. For instance, our new Open and Community APIs open up access to the Avaloq banking platform, paving the way to rapid and robust integration with partners and existing client systems and reducing the costs and risks of bringing new ideas to market.

Architecture evolution overview

Figure 1 shows an overview of the architecture of the Avaloq Banking Suite, as it will be developed over the next few years. The focus of the architecture is manifold; including, for instance, modularization through self-contained systems and microservices, with the preservation of today’s high consistency (e.g. single UX design system), data quality (e.g. clarity of ownership for modification for each data element with event-based replication) and out-of-the-box integration.

Figure 1: Architecture overview

Figure 2: Evolution of the architecture of the Avaloq Banking Suite

 

Figure 2 shows the planned evolution of the architecture of the Avaloq Banking Suite. The architectural approach will be consistent across both SaaS and on-premises offerings.

We are building our new and revised components as self-contained systems based on microservices, because of the many business benefits this architecture provides. Clients can adopt self-contained systems in a modular fashion, providing greater business agility, for example, with each self-contained system handling a single business function, such as advisory or cost and fee simulations.

Self-contained systems don’t rely on the Avaloq Core Platform (ACP) or on any other systems, and they also work in conjunction with third-party core-banking applications. Self-contained systems communicate with other systems through asynchronous messaging and REST APIs.

Architecture evolution overview

A microservice is an application that implements narrowly focused functionality. Examples of microservice-based systems that are already live with Avaloq clients are Goal-based Wealth Management, Front Workplace Global Search, and PSD2 Berlin Group. These provide clear demonstrations of the benefits of containerization. We describe the first two here and PSD2 in the REST API section later in this document. One Avaloq client already runs 36 different Avaloq containers.

The industry standard solution is to deploy microservices as Docker containers onto Kubernetes, to avoid the need to deploy, start and monitor hundreds of microservices manually. We selected Red Hat OpenShift as the single supported Kubernetes platform for running Avaloq applications. We avoid the dangers of vendor lock-in by abstaining from proprietary extensions and testing frequently against another Kubernetes distribution.

To address the selection of self-contained systems/microservices and the determination of compatible versions (based on semantic versioning of required and provided APIs) as well as required ACP stream solutions, we have built the Avaloq Constellator. The Constellator is integrated with the existing Delivery Tool. It can also be used to manage components provided by third parties and developed by banks without storing the meta data or the actual software in Avaloq repositories. The Constellator is a typical example of a tool that is required in an independent-software-vendor setting only, which explains why we had to create it ourselves.

Security is a paramount requirement in everything we do. Therefore, we scan container images for security vulnerabilities, sign them, work with closed network policies (default: deny any connection between any two pods), and perform runtime scanning in our service centres. We will introduce better support for the protection of secrets (likely https://www.vaultproject.io) and a central auditing service in 2020.

The benefits of microservices come at the price of the complexity of distributed systems. Many of these challenges are addressed by the container platform. We are also monitoring the development of serverless computing (aka function as a service and lambda) such as Knative and will use this approach, when mature, where beneficial in the future.

Event-based replication

Distributed and containerized applications bring many benefits, but also new challenges. Components will often need to access functionality provided by another component or data for which another component is the master. We use asynchronous replication and synchronous REST APIs to achieve this. Replication provides better performance and looser coupling, which in turn means higher availability. A key advantage of REST APIs is that they are based on widely accepted technology and therefore generally simpler to build, scale and easier to use.

REST as foundation of the ecosystem

REST with JSON payload is the de facto standard for synchronous communication among microservices and for providing data to mobile and browser-based UIs. With callbacks and fire-and-forget, REST can even be used for asynchronous communication. REST is replacing CORBA, SOAP and other RPC mechanisms.

REST is the current focus of the industry and Avaloq. Avaloq has provided out-of-the-box REST APIs for all its new self-contained systems and for existing ACP functionality and data since 2018.

Avaloq provides two sets of REST APIs for the ACP: Open APIs are mainly targeted at fintechs; community APIs are targeted at banks and their implementation partners for bank-internal integration.

Some Open APIs are only applicable for certain types of banks or geographies. For example, PSD2 Berlin Group is only relevant for parts of the European Economic Area. Open APIs are fully standardized for the API consumer. On the other hand, they may require a mapping in the ACP, like SWIFT and FIX, if a functionality is not standardized in the kernel. Hence, what can be provided as an Open API depends upon the business domain rather than the split of functionality between kernel and customization in the ACP.

Browser-based and mobile UIs for specific personas

Persona-based UIs, user journeys and design-driven development are becoming increasingly important. Different personas have different requirements. For example, banking clients expect a simple ‘quick-to-learn’ experience in Web Banking, while bank employees want a ‘quick-to-use’ and feature-rich UX in Front Workplace. Avaloq’s unified UI framework for browser-based applications can be used to build both types of UX. Avaloq prefers persona- and device-specific Banklets (business UI components) even though reuse across UIs is technically possible.

For the desktop, we prefer browser-based HTML5 UIs to native clients because browser-based UIs require no local deployment, support immediate upgrades, and enable simple UI integration of content from multiple sources. SmartClient will remain to provide access to the full functionality of ACP, especially for the back-office operations of existing clients.

Upgraded browser UX based on Material Design and Angular 8+
We are in the midst of a major overhaul of all our browser-based UIs, which we will complete by mid-2020. The trigger for this overhaul is the end of the support for AngularJS, Google’s web framework that we use as basis for our current browser-based UIs, in June 2021.

Mobile applications
We follow a mobile-first approach for applications for our clients’ clients. In our mobile apps we implement most content native in iOS and Android, because this approach provides the best UX and trumps other approaches with respect to security, new features, and longevity of the software. Because a large percentage of mobile users access the content provided by the banks through the browser of their smartphone instead of installing the app, we also optimize browser-based applications for the banks’ clients (e.g. Web Banking) for mobile.

Standardization and customization

Standardization and customization are generic requirements for standard software like the Avaloq Banking Suite. Customizability is the ability to adjust the software so that it behaves the way the client wishes. Or in other words, customization allows a business to buy standard software without forcing the business to be 100% standard.

In self-contained systems and microservices, we standardize semantics and avoid mandatory customization wherever possible. For example, Goal-based Wealth Management runs out of the box without any business customization – just a few server names and passwords need to be defined. Most banks will want to adapt the styling and goals, but this is purely optional. Furthermore, we keep optional customization to a minimum to minimize cost.

With the Constellator described above, we have taken the first steps towards standardized customization of microservices, largely adapting proven patterns from the ACP.

High availability and system performance

Avaloq has several initiatives aimed at increasing the availability of different capabilities. With ACP Release 4.4, for instance, we introduced online installation of kernel and customization changes. We will add support for additional source types if there is a demand. Our goal is to ensure that most small modifications can be installed quickly and easily, without downtime and delays. Online installation of major releases (every 6–24 months) is not envisaged, due to the greater levels of risk and testing that would be involved.

Several Avaloq clients use clones (Oracle Data Guard or storage split mirrors) to serve read-only requests during ACP database maintenance. Open and Community APIs with read caches are a new alternative for read-only access at these times. Furthermore, we are implementing persistent write-back caches for dedicated functionality, such as payment.

Avaloq has made many performance and scalability improvements to support over 8,000 concurrent Front Workplace and SmartClient users of 252 Raiffeisen banks (business units) on a single ACP instance. Avaloq clients will get many of these enhancements when they deploy the corresponding release (stream solutions). Other enhancements, such as order pools, require clients to adapt their customization to benefit. Key improvements are in reporting and stateless sessions, which are used in Front Workplace and AMI Web Services. Most large Avaloq clients have the potential to reduce average response times and CPU requirements by 30%.

Two clients switched to Oracle Exadata and reported significant performance improvements compared to a latest-generation server with a different architecture, including a reduction of the time required for the 700 nightly batch jobs by a factor of two, to process corporate actions and to load the securities master data from messages by a factor of four as well as significant positive feedback from happy end users.

Data

According to The Economist, the world’s most valuable resource is no longer oil, but data. We help our clients to improve the quality of their data, protect it, and use it for the benefits of their clients. We help our clients maintain and improve the quality of their data with our Client Lifecycle Management module, person model 2, clear ownership for each data element and modification only in the master, and the usage of transactional data stores and sagas in microservices.

Public cloud

Avaloq clients have used AWS for elastic capacity for ACP customization since 2015. Avaloq introduced its avaloq.one developer sandbox on public cloud in 2018. We run the complete Avaloq Banking Suite, including the ACP, AFP Web Banking and Front Workplace, and our containerized solutions in public cloud for integration testing and presentations. Avaloq builds on industry standards, such as Kubernetes, to run on any cloud and avoid vendor lock-in. We support the optional usage of managed services with the same API, e.g. Google Cloud SQL PostgreSQL, Amazon MQ, and Azure Windows Virtual Desktop.

Way forward

General implementation approach

We will implement the new architecture via an evolutionary approach, with small projects that all individually add value for our clients.

We are serious about respecting and protecting your existing investment in the Avaloq Banking Suite. All current ACP functionality will be maintained at least until 2025, or as long as our clients need it, but we will focus innovation on the new implementations. We give clients the choice for each functionality we rewrite, whether they want to use the old ACP implementation or the new self-contained system, and when they want to migrate. We will communicate changes clearly and at an early stage to the Avaloq community, and we expect the community to be keen to learn about the new concepts and technologies that will bring them so many substantial benefits.

Avaloq’s general principles are simplification, productization and agility. We expect most clients to adopt a multi-speed architecture and more frequent upgrades – annually for transaction processing (ACP) and quarterly, or more often, for interactive functionality.

Roadmap disclaimer:

The content of this paper is for information only and is intended to outline the general product direction; accordingly, it should not be relied upon for the purpose of making purchasing decisions. The information provided is not a commitment, promise, or legal obligation to deliver any material, code or functionality. Any references to the development, release, and timing of any features or functionality described for these products are for information purposes only, and Avaloq has sole discretion to make changes to any of these parameters at any time, for any reason or no reason. Product capabilities, timeframes and features are subject to change without notice. Avaloq neither represents nor warrants the accuracy or completeness of the information. This document is provided ‘as is’, without any warranty of any kind, nor any implied warranty of merchantability or fitness for a particular purpose. That said, it is our goal to deliver what we outline in this roadmap.