Core Banking Radar

Vault Core – a hyper-configurable neo-core banking system from Thought Machine

Vault Core, built by the UK headquartered core banking technology company Thought Machine, takes quite a different approach to legacy systems, requiring a change of mindset to understand its operating mode. Vault Core is an open architecture platform, aiming to adapt best practices of software development from technology companies, giving banks the flexibility to build any product using smart contracts. By virtue of being designed to run natively in the cloud, Vault Core is able to take advantage of the benefits of cloud technology and is agnostic to the cloud infrastructure providers it runs on. 

Text: Christine Popp, BEI, Images: Wendy Buck, Zense GmbH, 

In cooperation with the Business Engineering Institute St. Gallen (BEI), the Core Banking Radar of Swisscom has been monitoring the system support of banks since 2017, and analyses the most relevant systems for the Swiss market using a comprehensive assessment model. 
 

This article describes new foundations for banking based on modern software technologies and explains how Thought Machine’s "Vault Core" core banking engine employs a microservices-based architecture, an open API approach and smart contracts promising performance as well as independence for the bank in terms of operating model and processes.

Generic IT architecture of universal banks 

Rapidly changing market conditions are driving banks to make significant improvements to customer experience. They focus on the customer interface and develop strong client interaction services by offering platform services using APIs and forging fintech partnerships. IT transformation in the bank has historically involved restructuring the front architecture separately from the back end. Back-end systems are rarely touched during ‘transformation’ projects; Continuity of processes, a well-integrated backend and high levels of automation deprioritised to focus on the immediate benefit of modifying front-end channels. Ageing core systems may have their functionality slowly supplanted by newer systems, while keeping the older core intact. This naturally increases the complexity of the overall architecture. 

Hervorstehende Merkmale von Tuum

Back-office architectures are often characterised by legacy systems or structures that have not been updated

Software developers from technology companies, who are looking at a bank's architecture, can see a lot of potential for improvement in this area: 

  • Consistent, efficient support of processes and clean structuring of the back end 
  • Rapid introduction of new products by the bank itself, without any dependence on the core banking system manufacturer using Smart Contracts 
  • Open programming interfaces (Open APIs), which facilitate the connection (and removal) of peripheral systems, and thus enable a lean and fast core. 
  • Continuous 24/7 processing facilitating real-time data and analytics capabilities and dispensing with known, and sometimes error-prone, batch jobs. 

These are the principles which underpin Thought Machine’s neo-core banking system. 

Origin and structure of Vault Core 

In 2014, Thought Machine CEO Paul Taylor decided to embark on a new technology project, after leading the text-to-speech division at Google, following Google’s acquisition of his company, Phonetic Arts. Paul Taylor aimed to create core banking technology that can run the world’s banks according to the software practices of the modern age. 

 

According to their own statement, Thought Machine has the ethos of a product-led company that strives for best practice in engineering. It counts nearly 500 employees as of Q1 2022, with a strong upward trend. 

 

Vault Core is positioned as the foundation layer of a bank’s technology stack and is designed to run any type and size of bank on a single platform. The platform is API-enabled and real-time, so that it can be integrated within a wider ecosystem.

 

Architecturally, Vault Core adopts a two-layer approach: a common platform layer, which is standardised, and available to all clients. This portion of the system is maintained by Thought Machine, running a number of key functions in the engine – including the interface with its APIs, account management functionality, scheduler functionality, and establishing roles and permissions.

 

The second portion is designated for the configuration of the bank’s products, and is specific to each client. In this configuration layer, which is owned and customisable by the end user, a bank can adapt the system in line with its specific needs by defining its own workflows, authorisations, data flows and build any kind of banking product using Smart Contracts. With Smart Contracts, banks own the product at code level without reliance on Thought Machine and dependence on vendor roadmap. 

 

Vault Core is a ‘headless core’, and so leaves customer interaction to the peripheral systems. It can easily integrate into customer facing channels as well as existing back-office applications and offers integrations with third party providers through its Vault Marketplace.

 

Vault Core's differentiators are the system's hyper-configurability, the ease with which it can be integrated with other systems and applications due to its API-first approach, and the flexibility by way of product and currency agnostic booking engine that can book and map anything (bank-specific and beyond). 

 

Vault Core has been designed consciously for “best-of-breed” infrastructure (front-to-back strategy of this Core Banking Radar article), which is why customers do not receive a comprehensive system ("bank-in-a-box"). Instead, banks bring their preferred peripheral systems, connect them and typically host the platform themselves on the (private, public or hybrid, depending on preference) cloud with their partners. Vault Core can also be obtained as a Software-as-a-Service (SaaS) offering via public cloud, if desired. 

Hervorstehende Merkmale von Tuum

Prominent features of Vault Core

Customer structure and market positioning 

With its solution, Thought Machine wants to offer banks an exciting alternative and provide the possibility of leaving legacy systems behind. Thought Machine’s target customers are both the Tier 1 and 2 banks (i.e. the approx. 200 largest global and national banks with a daily trading volume of over 30,000 transactions) as well as smaller banks and fintechs. At the beginning of 2022, all of Thought Machine's customers are outside of Switzerland, which is why the system has not yet been "Helvetised". However, Thought Machine has dedicated staff for the DACH region and are actively looking to work with Swiss financial institutions. When the first Swiss customers join, products with Swiss characteristics (e.g. pillar 3 pension plan) shall be developed fairly quickly thanks to the smart contracts approach and made available to all the Swiss customers via the product library. 

Banking giants such as the British Lloyds Bank and JPMorgan Chase in the United States have signed up to deploy Vault Core. In addition, fintechs such as the digital spin-off SEBx of the Swedish bank SEB, Atom Bank, the UK's first digital-only challenger bank, Mox, Standard Chartered's new virtual bank in Hong Kong, which combines various debit and credit cards in a single bank card and offers goal-based savings accounts and cash-back on purchases from partners, Impact Credit Solutions Singapore (ICS), a fintech enabling small business lending throughout Southeast Asia, and TransferGo are using Vault Core. 

 

Monese, which offers cross-European accounts and transfers via its app, the British fintech Curve, which lets customers combine all credit and debit cards in one app, ING Bank Slaski (Poland), Al Rajhi Bank (Malaysia) and as yet unnamed Tier 1 banks from Canada, Singapore and New Zealand are currently implementing Vault Core. 

Functionality of Vault Core 

Vault Core is intentionally designed to be lean and does not work like conventional core banking systems, which provide lots of ready-to-use functionalities. 

 

Its aim is to evolve to a modern architecture and way of operating, which allow for flexible and quick introduction of any product needed using smart contracts, giving banks access to the financial product logic. 

Funktionale und nicht-funktionale Abdeckung von Tuum

Functional and non-functional coverage of Vault Core in the payment and financial service areas 

Product development with smart contracts 

In Vault Core, any financial product, such as an account, is represented by a smart contract. 

 

A smart contract is a program that automatically executes an action according to certain rules and without human intervention based on trigger events. It strictly follows the if-then principle. A typical example for Smart Contracts are snack vending machines: If a coin is inserted and the corresponding button is selected, then a candy is released without a salesperson being on site. Smart Contracts thus reduce necessary intermediaries and costs.

 

In Vault Core, smart contracts, written in a sub-set of Python, encapsulate all the financial logic of a banking product. This includes the business logic and financial operation of the client’s products. Products (e.g. savings products) are individually identified with a product ID, possessing own version IDs when updated (e.g. to savings product V.2), enabling the maintenance of a historical record of a product. 

 

Smart contract logic is executed based on lifecycle events (hooks) in the system that may be initiated externally to the execution of the smart contract, such as the application of a posting instruction, or executed by the smart contract itself, such as scheduled events e.g. accrual of interest, defined in the smart contract. 

 

Parameters are the primary way of changing the behaviour of a smart contract given the logic defined in the smart contract code. The bank defines, which parameters are negotiable when facing customers (e.g. duration of the bond) and which ones are non-negotiable (e.g. interest rate). Apart from allowing for personalization of each product to the needs of a customer (e.g. fee waivers, interest rates, overdrafts at individual level based on customer information), smart contracts allow for the fast adoption of new regulatory requirements, as product related regulation can be directly embedded within the smart contract.

 

Vault Core’s smart contract simulator enables smart contracts to be simulated for testing and customer facing financial projections. The smart contract simulator executes the product in an identical, isolated version of the smart contract engine. This enables a bank to offer their customers simulation of banking products, calculation of re-payment schedules e.g., for loans in real-time before they commit to a product. 

 

Smart contracts follow a strict hierarchy beginning with the product family (e.g. personal loan), child products (personal loan version 1, personal loan version 2, etc.) and the actual instance/product. The product parameters are inherited from the next higher level, facilitating the creation of new child products, and maintaining integrity of the product family. 

Abdeckung von Tuum gegenüber Bedarf

Example of a smart contract template using all three parameter types

Products by Vault Core 

Thought Machine provides a library with fully tested and documented templates of standard products, that can be directly implemented, or unit tested. 

 

In the constantly growing Product Library, banking products such as current accounts, savings accounts, credit cards, e-wallets, P2P payments, reward management products, incentive-based saving (Rewards), blank credits, loans and mortgages have been predefined so far (also with country-specific variants). 

 

Products can also be bundled with Vault Core: for example, a group savings account increases the interest rate according to the number of co-savers. The smart contract itself would be aware of the number of stakeholders and based on predefined interest rates for a given number of savers the applicable interest would be applied in real-time. 

 

The mapping of investment products is not supported in the current version but is on the development roadmap of Vault Core and is to be added together with position keeping for portfolios when sufficient customer need arises. 

Business process management 

According to Thought Machine, the complexity that potentially arises for the customer advisors due to the large number of possible variations at the account level (e.g. varying interest rates) is handled through workflows. 

 

With its Workflow Engine, Vault Core offers a generic tool at the configuration level for defining, executing and controlling processes that also takes role and authorisation models into account. In doing so, process automation without media interruption enables the flexible merging of data for the execution of business transactions or the production of evaluations of all kinds. For exception handling and monitoring, Vault Core has predefined workflows. 

 

A bank can also connect an existing, external workflow engine via API if it wishes.

Further functionality to be integrated via Open APIs 

Vault Core does not provide general ledger accounting, and instead acts primarily as a subledger: all bank product transactions go through Vault Core (making Vault Core the “single source of truth” for all bank-related products that reside on the platform), and are transferred to the bank’s enterprise general ledger (e.g. accounting systems such as SAP FI) that also includes things where Vault Core is not involved (e.g. the bank’s payroll).

 

Support functions, such as data warehouse, document management, legal reporting and accounting, are left entirely to the bank by Thought Machine. 

 

Vault Core also deliberately offers little support in the functional area of sales and consulting. Personally identifiable information (PII) is stored outside the core, primarily in the bank's CRM system and connected via APIs, which is why the bank must bring its own systems for customer interaction. 

 

Additional desired functionalities can be connected via open APIs. Vault Core claims to be the easiest system to connect (plug n’ play). Many (large) banks already use peripheral systems, with which they are satisfied and which they can continue to use after switching to Vault Core. 

 

However, responsibility for the efficiency of the integration lies with the bank. Ensuring the clean integration of a wide variety of APIs requires very good architects and integration specialists. Alternatively, banks may rely on partners to help them with their system integration needs. Thought Machine has its own partner network for banks to draw upon should they choose.

Hervorstehende Merkmale von Tuum

Vault Core's product flexibility via smart contracts and easy integration of third-party applications 

Non-functional support 

The DNA of a technology company can be seen in Vault Core's comprehensive non-functional support. 

 

Delivery capability and ecosystem 

Vault Core stands out through the targeted, extensive use of the latest technologies and therefore certainly puts itself in a secure position for the future. Customers and their needs are included in product development and in the roadmap for new functionalities, which is facilitated due to the current, relatively small number of customers. 

Thought Machine has a partner network with over 35 system integrators and can help the bank in the identification of partners. 

 

Operability 

With Vault Core, there are smaller software deliveries every month and major releases up to twice a year. The data in the system can be updated, processed and transmitted to the bank's systems in real-time via streaming APIs using Apache Kafka. 

Uninterrupted maintenance is possible due to the fact that applications do not have to be restarted manually thanks to self-healing capability and orchestration in redundant containers (Kubernetes). The in-built Configuration Layer Utility (CLU) facilitates deployment across multiple environments. 

 

Architecture

Vault Core is cloud-agnostic and can therefore run on any cloud infrastructure provider, whether public, private or hybrid. Mechanisms for importing and exporting data types can be freely configured. 

Database and applications can be operated completely separately. Vault Core's functionalities are based on independent microservices (e.g. booking), which have their own databases by nature. With Vault Core, the data is typically linked to the respective service, which allows individual microservices to be updated or tested without impacting the rest. The fully automatable test environment also supports user acceptance tests. 

Currently Vault Core is using PostgreSQL but Thought Machine are looking to support Cockroach DB soon in order to provide active-active multi-cloud distributed databases. When using databases in the cloud, managed databases such as RDS (on AWS) can also be used. Support for Oracle databases is not planned. 

 

All accounts are multi-currency by default and a bank can introduce non-fiat currencies, such as Bitcoins or alternative denominations, such as loyalty points, in addition to all ISO currencies. Vault is also multi-time zone and by default supports deployments in different geographies. Local specifics are incorporated within the product (i.e. smart contract) facilitating multi-country deployments. 

 

Security

With Vault Core, Thought Machine has implemented a secure software development lifecycle, which can be used flexibly, as well as continuous end-to-end security testing.

Posting control is possible thanks to end-to-end input and output validation, even when using third-party components.
Client authorisations and all connections, including technical access for support, are encrypted (public key infrastructure).

Business model 

Thought Machine's Series C funding round (the last in November 2021), closed at USD $200 million, making Thought Machine hit unicorn status (valuation of over USD $1bn). Thought Machine is backed by Venture Capitalists, but also invested in by banks that they serve: Lloyds Banking Group, JPMorgan Chase, ING, SEB, and Standard Chartered are all among its investors. 

Vault Core can be self-hosted by the customer bank or purchased as Software-as-a-Service (SaaS) from Thought Machine (currently available via Amazon Web Services). 

 

Thought Machine provides the licence for one Vault Core instance and unlimited testing instances (if hosted by the bank) on a subscription basis for a term of, typically, 3 to 5 years.

In terms of pricing, Thought Machine differentiates between large banks and small banks, on the one hand, and between projects involving the migration of data from an existing system and projects of new digital greenfield banks without any migration, on the other.

The basic fee, to be paid annually in advance, includes the use of the entire platform as well as maintenance and support. Customer accounts above a certain threshold are charged for retroactively according to the "pay-as-you-grow" principle: The more accounts a bank has, the cheaper the individual accounts become.

 

Vault Core is a ‘headless core’ and a single-product solution, which is why the concept of ‘modules’ doesn’t apply and individual modules cannot be licensed.

 

According to Thought Machine, the implementation and operating costs of Vault Core are comparatively low. Based on Thought Machine's experience, typical implementation projects to test a minimum viable product (MVP) take 9 to 12 months to complete, but can be as short as 3 months, depending on the nature of the product.

 

All the third-party components required to run Vault Core are available free of charge through Open Source licences, according to Thought Machine.

 

If the bank really does pursue a “best-of-breed” approach, it must be borne in mind that the connection of the various peripheral systems must be taken into account in the overall costs, even though the core banking engine is comparatively cheap. 

System support with Vault Core 

Vault Core is not a “bank-in-a-box” and therefore does not cover all functionalities itself. However, the functionalities it does cover are very powerful. 

 

This is particularly clear when compared with the need for solutions that customers have according to a survey of four Swiss banks. Cover is high in the area of product management, where banks stated they had a medium need.
Although various input and output formats exist at the moment for connecting payment transaction functions, the frameworks for integrating common formats, such as Swift and ISO, are still on the roadmap and will be available as an optional add-on outside of the kernel.

 

From a technological perspective, data management can be freely configured, but strategically, Vault Core does not see itself as a system that manages customer master data, but instead consumes them via APIs. 

 

Vault Core has the competence to map all possible processes in smart contracts or workflows. Functionalities missing on the graph below have just not been built in the existing product library yet or are available via third party providers to integrate into Vault Core.

Grafik

Coverage of Vault Core compared to demand in Switzerland 

Vault Core is suitable for reacting quickly to customer needs and trying out innovative banking products, which would not be possible or would be too expensive with a traditional core banking system. Depending on the business case, it may be necessary to connect third-party applications to obtain further data via APIs.

 

Vault Core can be used as a platform for the development of a new banking system, or to "collect” applications from banks with architectures that have become increasingly complex over the years, and cover them step-by-step with a modern, clear architecture. 

 

Banks typically enter the Vault Core universe by means of a sandbox environment, which Thought Machine offers as early as possible in the sales process so that potential clients can test the functionality of the product first-hand, followed by a minimum viable product (MVP), which should make a "quick win" possible: After a proof of concept of about 6 to 8 weeks, Vault Core is connected to the bank's existing core banking system via interfaces so that the new product to be introduced (e.g. eWallet) can query the required data (e.g. sufficient account funds) in real-time via an API.

 

Vault Core supports the core strategic elements of system support, which were described in this earlier article for banks to consider, as follows: 

 

Openness: Vault Core provides all functionalities via APIs and therefore fulfils the requirement of standardised interfaces for digital networking.
With regard to APIs and data ecosystems, it must be made sure that the philosophy of openness is also supported by the systems to be connected.

 

Data: Customer data is not held in Vault Core's kernel, but typically in a bank's CRM. This not only allows the anonymised operation of Vault Core, as the CRM only transfers UniqueIDs, but also improves structured data storage. The principle of "platform on the cloud, personal data on site" is also advantageous when it comes to meeting regulatory requirements for handling personal data.

 

Where possible, the data is not assigned to the customer across the board, but instead is kept service- and object-specific. For example, the data (e.g. lending amount, interest rate, term, etc.) can be assigned directly to the property or mortgage. This distributed data management simplifies the integration of external data within the context of service provision in ecosystems (e.g. ensuring up-to-date cadastral land register data). 

 

Functions: Vault’s functionality focuses on enabling a bank to create any financial product. Financial products are underpinned by accounts and embedded in automated processes via in-built workflow management. The provision of further functions through peripheral systems requires integration expertise from the bank or its provider. A good intermediate route must be found that does justice to the "best of breed" approach (with complex integration architectures), but which also allows for easy-to-integrate peripheral systems to cover additional functions. 

 

Processes: Process automation is one of Vault Core's strengths. However, the process expertise for implementing Vault Core must be maintained within the bank. Above all with regard to ongoing operation, attention must be paid to consistency, simplicity and the highest possible level of process standardisation.

Conclusion 

As with any system, banks need to be clear about its origin and DNA. This is a system that was built by engineers rather than bankers, but was shaped in development by banks such as Lloyds Bank and Standard Chartered, to take into account what they were missing in their current core banking system. 

 

Those who decide in favour of Vault Core must be aware that a bank cannot be started immediately with this system as they can with conventional systems, but that many functionalities and peripheral systems must first be configured and connected – with the corresponding amount of effort. For development-savvy bankers, on the other hand, the "flexibility by design" that Vault Core offers is unique. 

 

With Vault Core, a front-to-back strategy will have to be pursued. This means the bank takes care of system support for customer interaction, while relying on Vault Core for the back end. This ensures a lean banking platform architecture can be provided.

 

Notable success factors for the use of Vault Core at a bank are, in particular: 

  • IT know-how within the bank or its provider
    The bank or its provider must take responsibility for the IT architecture as well as provider management. To ensure a clean merging of the required front and back applications and a uniform, future-proof integration architecture (platform, workflows,...), early involvement of software architects is recommended, as otherwise the "best of breed" approach will initially increase complexity and ultimately also the operating costs. 
  • Consistent API strategy
    To make use of the conceptual openness of the system, it must be connected to other systems that have openly accessible interfaces. This aspect also allows the bank to take Open Banking into account in the IT architecture, and to implement it sustainably in the interests of the end customer. 
  • Development of role-appropriate front ends
    To ensure the optimal use of Vault Core, it is essential for the bank to develop specific, integrated front ends for customers, for customer advisors and for experts, or to obtain these from third parties. 
  • Process expertise
    A high level of process expertise is required either within the bank or via partners to ensure consistent and efficient end-to-end control of its own processes, to ensure autonomy in governance and a good "fit" with Vault Core's release management while, at the same time, ensuring appropriate harmonisation with other architecture components. 
  • Exploiting the potential of the adopted strategy
    By using Vault Core's product development functionalities to flexibly deliver new services in a timely manner, or by using data in real-time – for example, to reduce process costs, further develop services or provide customised product proposals – it will be possible for the bank to tap into previously unexploited revenue streams. 

Banks interested in Vault Core do not have to make an initial all-or-nothing decision. By connecting Vault Core to their existing systems, they can try launching new products first, in order to get a feel for Vault Core's potential. We are curious to see which bank in the DACH region will be the first one to do this together with Swisscom! 


Business Engineering Institute St. Gallen

A long-term partnership exists between Swisscom and the Business Engineering Institute St. Gallen (BEI) within the “Ecosystems” Centre of Excellence. This centre deals with topics such as eco-systems, digitisation and transformation, as well as other issues relating to the structure of the financial industry in the future. In addition to its research activities, the BEI carries out projects related to the design and implementation of innovative, cross-sector business models.

 

Core Banking Radar methodology





More on the topic: