- Version
- Download 10
- File Size 498.42 KB
- File Count 1
Secure Hybrid Integration for Banking Platforms: Speed, Safety, and Regulatory Proof
Amol Diwakar Agade — Illinois Institute of Technology, Chicago, IL
Samta Balpande — Oakland University, Rochester, MI
Abstract—
Hybrid banking platforms should ensure that they speed up delivery, lower the operational risk and create the solid evidence when two banks merge together and when their systems are unified. But again these system come under heavy scrutiny from regulators. This paper introduces a secure hybrid integration pattern that combines configuration automation (Ansible), infrastructure as a code (Terraform), an OpenShift based hybrid runtime and GitOps delivery mode (Github, Argo CD) with policy as a code gate pass, evidence as code collection, and supply chain attestation. We calculated the outcomes using a reproducible two bank merger study based on two public banking datasets published between the year March 2023 and January 2026. These datasets includes the Santander customer transactions on Zenodo and a Zenodo-published banking fraud prediction dataset. The publication dates of the datasets are provided, and the retrieval date is recorded in the reproduction process. A deterministic workload generator created time-series events for releases, incidents, security findings, and audit evidence during pre-merge conditions with two pipelines or control sets, and the post-merge conditions with a shared control or evidence plane. The result shows that the median deployment lead time decreased by 48%, while the release failure rate dropped by 39%. Infrastructure Provisioning time decreased from 5.4 days to 26 minutes. All the manual interventions reduced by 77%. Deployment incidents have fallen by 38%, and the mean time to recover (MTTR) decreases by 45%. The security posture improved as the median vulnerability exposure time has fallen significantly from 20.3 days to 2.6 days which is about 61 hours. Manual audit efforts were also dropped by 74%; thanks to automated evidence capture. From this paper, we offered formulas, artifacts, and a computation map that allow for independent reproduction and extension to other regulated industries for the usage.
Keyword Terms—
hybrid cloud, DevSecOps, GitOps, operational resilience, DORA, mergers and acquisitions, policy as code, evidence as code, OpenShift, Argo CD, SLSA.
