Banking on the Cloud: How Fintech Slashed Costs & Boosted Speed with AWS Optimization

Over 10% reduction in non-production costs and dramatically faster deployments were achieved when a leading fintech provider partnered with SMS to optimize AWS infrastructure. This collaboration enabled the financial services firm to strengthen security compliance while gaining the business agility needed to continue innovating for their senior banking customers.

A financial technology company experienced rapid growth that put pressure on their infrastructure systems. Their Infrastructure as Code (IaC) implementation using Terraform had initially served them well, but the expanding codebase within a single Terraform monorepo was creating significant inefficiencies:

• Infrastructure changes became increasingly complex and time-consumin
• Small updates required disproportionate testing and deployment time
• Compliance framework adoption (such as SOC 2) was being delayed
• Engineering resources were increasingly focused on maintenance rather than innovation

The leadership team sought a partnership with SMS to optimize infrastructure deployments, enhance cost management, and accelerate compliance framework implementation.

The implementation centered on creating a multi-account AWS environment managed by AWS Control Tower with centralized identity management through AWS IAM Identity Center.

The application architecture was built using the following AWS services:

• Amazon Elastic Container Registry (ECR): For storing container images.
• Amazon Elastic Kubernetes Service (EKS): To orchestrate and manage the application’s containerized services.
• Amazon Simple Notification Service (SNS): For asynchronous messaging between application services.
• Amazon Aurora: As the primary relational database.
• Amazon Simple Storage Service (S3): For object storage.
• Elastic Load Balancers and Amazon CloudFront: To distribute traffic and cache content, respectively.
• AWS WAF: to provide enhanced security for Internet facing workloads.
• AWS Lambda, Amazon EventBridge, and Amazon DynamoDB: Implemented in non-production accounts as components of a scheduled cost optimization system, dynamically stopping and starting resources based on cost management profiles in accordance with business requirements.
• Amazon Athena: For enhanced reporting on security logs.

The solution also incorporated AWS Client VPN, Site-to-Site VPN for external connectivity, AWS Transfer Family for secure file transfers, and AWS Transit Gateway for inter-account network connectivity.

The infrastructure optimization included:

• GitHub Repository Reorganization: Precisely restructured infrastructure code to improve organization, clarity, and ease of maintenance, with repositories aligned to specific AWS environments.
• Infrastructure-as-Code (IaC) Optimization: Existing Terraform code was refactored to minimize drift through custom-developed, opinionated Terraform modules tailored to the fintech’s security and compliance requirements.
• Terraform Cloud Implementation: Implemented centralized state management through Terraform Cloud, with 12 distinct workspaces configured to match the new repository structure.
• Enhanced Analysis and Reporting with Athena: Configured 8 new Athena workgroups with 15 pre-built queries to enable advanced security and compliance auditing.
• Custom Cost Management Solution: Developed a tailored solution using 24 Lambda functions and 12 EventBridge rules to automate resource optimization in non-production environments, with distinct profiles for weekday, weekend, and holiday scheduling.
• Standardized Networking: Implemented AWS Transit Gateway with 5 route tables and 8 VPC attachments for consistent and scalable inter-account networking.
• WAF Configuration Optimization: Created hybrid Terraform/CloudFormation implementation for WAF resources with 17 custom rule groups for enhanced security control.

The optimization of infrastructure and DevOps practices yielded measurable improvements across multiple business areas:

• 10.4% Reduction in Non-Production Costs: The automated cost management solution and decommissioning of unnecessary resources yielded immediate monthly savings, with projected annual savings of over $42,000.
• 68% Faster Deployment Times: Infrastructure changes that previously took 4.5 hours now complete in under 1.5 hours, allowing the engineering team to deploy changes more frequently with greater confidence.
• Enhanced Security Compliance: Implementation of 23 additional security controls directly aligned with SOC 2 requirements, positioning the fintech provider to achieve certification 3 months ahead of their original timeline.
• Increased Development Velocity: Engineering team reported spending 12 fewer hours per week on infrastructure maintenance, redirecting this time to product innovation and feature development.
• Improved Scalability: The system now supports 3x the previous transaction volume with no degradation in performance, preparing the platform for projected user growth over the next 18 months.

This infrastructure modernization project demonstrates how strategic AWS optimization can deliver tangible business benefits beyond technical improvements. The fintech provider now has the foundation needed to rapidly scale their innovative banking solutions for their senior customers while maintaining the security and compliance standards essential in the financial services industry.

Facing similar cloud infrastructure challenges? Let our team at CloudwithSMS.com help transform your environment with secure, efficient solutions tailored to your needs. Reach out to us at hello@CloudwithSMS.com to discuss how we can support your organization’s cloud journey.