WSO2
CONTACT
CASE STUDY

Journey to Open Banking Compliance: AMP Bank Case Study

AMP logo

Product Area

Integration

Region

Australia and New Zealand

Industry

Financial Services

Highlights

Achieved Open Banking CDR compliance two weeks

ahead of schedule and reduced time to market.

The scalable WSO2 Open Banking solution integrated seamlessly

with existing IT systems while keeping costs low.

Consolidated APIs enabled the bank to expose services

to partners and subsidiaries without additional infrastructure or investment.

Overview

Founded in 1849, AMP is Australia and New Zealand’s leading wealth management company offering clients financial advice and superannuation, retirement income, banking, and investment products across our portfolio of businesses. The company also provides corporate superannuation products and services for workplace super and self-managed superannuation funds (SMSFs).

AMP has a long history of helping clients manage their finances and realize their financial ambitions. Our commitment to this is articulated in our purpose statement – Realise human ambitions. It explains the kind of company AMP wants to be and the positive impact we seek to make in the world. We do this by helping our clients manage risks and reduce uncertainties of financial outcomes to reach their goals.

quotes

WSO2 Open Banking solution played a significant role in AMP's success story of achieving compliance with the Australian Consumer Data Rights Regime and meeting the compliance deadline well ahead of schedule. The solution was further able to consolidate existing capabilities into a set of APIs and expose them to partners and subsidiaries on the same platform without the need for additional infrastructure, developer experience, or investment."

Seema Naik

Head of Tech

Group & Integration Platform

Challenge

AMP Bank Limited holds an Australian Credit License and is an Australian Financial Services Industry Authorised Deposit-Taking Institution (ADI). As an ADI, AMP Bank was expected to join the Australian Consumer Data Right (CDR) Open Banking system as a Data Holder (DH) by July 1, 2021. Achieving compliance was challenging owing to the Consumer Data APIs' complicated and changing nature.

While AMP Bank had previously relied on WSO2 solutions to facilitate both the consumer data and product reference data APIs mandated under the CDR, the bank wanted to build a system that could manage the fundamental features that were required to be compliant, which included supporting around seven different business APIs. While the bank had all the essential APIs in place for internal use, it did not expose them externally.

AMP looked at several vendors and chose WSO2 Open Banking for a number of reasons:

  • The offering covered everything from InfoSec APIs to business APIs to API analytics.
  • WSO2 Open Banking provided compliance for CDR APIs, allowing AMP to decouple internal banking domain APIs and focus on developing internal capabilities rather than business API compliance.
  • The solution included built-in schema validation and error handling.
  • W2O2’s open banking API Micro Gateway enables an on-demand and scalable architecture to improve project efficiency.
  • When WSO2's data holder API implementation layer was able to be supplied as Docker containers, which enabled AMP to construct data mapping between AMP domain APIs and CDR APIs easily.
  • Finally, statistics related to open banking API usage were made available in the format required by the CDR Get Metrics API. As a result of not having to develop a separate statistics management component for InfoSec APIs and business APIs, AMP saved time and effort. The offering included consumer-friendly extension points for ingesting data sets that were not part of WSO2, such as the IT Incident Dataset from AMP Service Management and SIAM Operations and the InfoSec API Performance Dataset from AMP Identity and Access Management.

For the most part, the products AMP assessed had the Open Banking basics in place, such as InfoSec and compliance APIs. WSO2 was able to offer a more complete suite, which included the analytics module. It was possible to easily integrate the WSO2 Open Banking solution with the AMP technological ecosystem. To help AMP achieve its goals, WSO2 provided pathways to enable technologies that help monetize APIs and further improve API management maturity.

Solution

As an ADI and data holder, WSO2 Open Banking offers end-to-end open banking capabilities. WSO2 was able to offer a retrofitted solution to align to AMP requirements instead of duplicating a full set of capabilities at an increased cost. WSO2 Open Banking's componentized architecture and degree of flexibility, banks can customize deployments to their specific needs.

The following components were used in AMP's solution: WSO2 OB API Micro Gateway (OB API MGW) is used along with WSO2 OBBI, WSO2 Traffic Manager, WSO2 API Manager 3.2.0, and WSO2 IS-KM 5.10.0, as well as WSO2 Micro Integrator (WSO2 MI). All of the components are deployed on AWS Public Cloud. For the API Publisher, Dev Portal, and Admin Portals, AMP’s API control plane uses vanilla WSO2 API Manager 3.2.0 and WSO2 IS-KM for the key management interface, which performs token introspection against AMP's identity and access management stack. WSO2 Traffic Manager is used API throttling and rate limits, and finally, WSO2 OBBI is utilized for API analytics and runtime statistics calculations for metrics.

On AWS, AMP manages the deployment of all the control plain elements. WSO2's Official Docker Repository was used to download individual OB MGW Docker Containers, which were then hosted on AWS's Elastic Compute Resource (ECS). Since they had already downloaded the base Docker images that were previously hosted in the AMP ECR and added configurations, certificates, and key stores relevant to each OB MGW, the AMP integration team created the Docker images for the AMP OBs and uploaded them to another ECR repository for use. AWS ECS service with AWS Fargate launch type is used by the AMP integration team to launch the Docker instances.

An OB MGW Container is a logically isolated set of business APIs that are deployed together, such as,

  • Accounts
  • Balances
  • Transactions
  • Payees
  • Payments
  • Direct-Debits

With Fargate launch type being used for all OB MGW containers, AMP reaps the full benefits of its serverless nature. As a Container Orchestration Service, AWS ECS is used by AMP to reduce the number of manual interventions required to keep the container platforms operational. WSO2 OB MGW Containers are seamlessly integrated with AWS ECS and AWS Fargate Services.

Journey to Open Banking Compliance: AMP Bank Case Study

Results

Since implementing WSO2 Open Banking, the bank achieved its compliance goals faster than expected and reduced time to market. AMP was able to meet its July 2021 commitment date 2 weeks ahead of schedule. The AMP team was able to implement a solution that can be scaled up and down to suit both standard and high usage periods while keeping costs low. AMP was able to smoothly integrate WSO2 Open Banking with current AMP systems to take full advantage of the existing IT systems and capabilities.

AMP is fully compliant with all Open Banking CDR regulations amidst the 32 accredited financial associations in Australia. In partnership with WSO2, the bank was able to successfully launch and deploy a solution, helping it not just to meet compliance standards, but also to position the business for future growth. Instead of relying solely on a compliance solution, the overall digital transformation capabilities provided by WSO2 API Manager and WSO2 Identity Server enable the bank to work on a broader range of open banking-based business models. The solution enables AMP to consolidate existing capabilities into a set of APIs and expose them to partners and subsidiaries on the same platform without the need for additional infrastructure, developer experience, or investment.

Products featured in this case study

AMP Integration to achieve these results. Explore our products to see how they can make a difference for your business too.

Our Products


Foundational technology for your digital platform. Digital experiences delivered as apps, workflows, and automations require powerful cloud native infrastructure to do the heavy lifting. Our products help you focus on the business requirements and leave the complexities to us.


Explore Our Products

Expand Your Network and Grow Your Business

Unlock limitless opportunities for growth and amplify your business success by harnessing the transformative power of WSO2.

Contact Sales