Explore Finologee
Join Finologee
white divider
Linkedin Icon
Instagram Iocon
Facebook Icon
Finologee Logo White
Book a demo

Home

Iccon right arrow

Products

Iccon right arrow

BKO

Iccon right arrow

Technical setup

BKO

Technical Setup

Platform architecture

The Banking Orchestrator platform has been built using a modern Software-as-a-Service (SaaS) setup hosted on Post Telecom’s virtualisation environment located in redundant Tier IV-certified Luxembourg data centres.

It encompasses segregated environments for the platform’s front-end and back-end and the SWIFT connectivity stack. This setup provides inherent scalability and best-in-class security guarantees. The hardware, the virtualisation environment management and the network layers are operated by Luxembourg’s prime hosting provider Post Telecom. Finologee provides the software product operations and service framework with its DevSecOps team that also run the other business-critical platforms that Finologee manages: the Payconiq/Digicash issuing platform (mobile payments), as well as the regulatory compliance platforms PSD2 for Banks, CEDRS and KYCManager.

users to web interface, to Kubernetes redundancy load-balancing to banks
users to web interface, to Kubernetes redundancy load-balancing to banks
users to web interface, to Kubernetes redundancy load-balancing to banks

Banking Orchestrator endpoints - how to connect

Icon globe

Users: web browser connection

HTTPS connection using standard web browsers (Chrome, Firefox, Edge) with 2-factor authentication – Banking Orchestrator app, Luxtrust or client’s own OAuth2 / SAMLv2 compatible system
Icon phone

User authentication & signature: the Banking Orchestrator mobile app

To be installed on an iOS or Android smartphone
alternatively: Luxtrust certificate-compatible token/App, or clients’ own OAuth2 / SAMLv2 compatible system (for authentication only)

Icon text bubble

Systems interconnection: API access

Finologee API portal
As part of Finologee’s API environment – hosted and operated by Finologee Specifications available on request
Icon signal tower

Banks: SWIFT Connection

Over Finologee’s BIC Code: FNLGLU22
SWIFT RMA/POA to be established/signed

Hosting & operational environment

Hosting with Post Telecom in Luxembourg

The Finologee Banking Orchestrator platform is hosted with Luxembourg’s leading data centre and hosting operator Post Telecom, a subsidiary of POST Luxembourg, the incumbent postal operator. Post Telecom also holds a ‘Support PFS’ licence by the Ministry of Finance and is subject to financial industry-specific operations, security, risk management, AML/CFT and professional secrecy requirements. The company is furthermore certified for ISO 27001, ISO 20000, ISO 22301, ISO 27017 and ISO 9001 compliance.

Post Telecom operates several Tier IV-certified data centres on Luxembourg soil that fully comply with the requirements applying to critical financial industry platform hosting. The company has an outstanding expertise in managing virtualisation environments, which Finologee relies on for the infrastructure operations of its platform, with state-of-the-art service levels and operational guarantees.

The Banking Orchestrator platform is hosted in a redundant environment spread across different physical locations and connected via multiple Internet backbone links, maximising uptime and accessibility levels.

Note: Public cloud outsourcing requirements do not apply to the operational setup that the Banking Orchestrator platform is running on.

Hosting with Post Telecom in Luxembourg

The core components of Finologee’s technical infrastructure and environment:

  • Microservice architecture based on Spring Boot
  • Angular front-end application
  • Direct Alliance Cloud SWIFT connection
  • Highly available Kubernetes cluster spread across multiple availability zones
  • Real-time active and passive monitoring, metrics collection, and alerting
  • Product staging environments for development, UAT and production

Operational excellence

A selection of Assets and capabilities that contribute to Finologee’s operational excellence commitments:

01 Service Level Agreements
  • Multiple levels available, with strong availability commitments
  • Financial industry outsourcing arrangements compliance, including audit rights
  • Experienced in-house team
  • 24/7 service operations and critical incident management
  • Advanced monitoring & analytics setup and tools
  • ZenDesk-based customer care portal
  • Ticket opening, management & follow-up and SLA compliance monitoring
  • Dedicated in-house customer care/operations team (through portal & phone support)
  • Availability and other key metrics reports (intervals & content depending on the selected SLA Level)
  • Account manager at Finologee supervising the relation and in charge of organising account & reporting meetings
  • Proven customer requirements and existing processes/setup/environment analysis process
  • Comprehensive deployment process for Banking Orchestrator platform implementation and adoption, detailing steps, acceptance in UAT environment, tests on live accounts, reports/sign-off and go live process

License, certifications & compliance

decorative
logo luxembourg support pfs

‘Support PFS’ license

Finologee holds a double ‘Support PFS’ licence by the Luxembourg Minister of Finance since January 2019, as a ‘Client communications agent’ and ‘IT systems and communication networks operators of the financial sector’. This substantially eases the IT outsourcing process by Luxembourg-regulated financial industry players to Finologee.

Finologee has appointed Deloitte for its internal auditor function and EY as its statutory external auditor.

logo iso27001

‘Support PFS’ license

Finologee also chose to undergo an ISO/IEC 27001:2022 certification for its information security management framework (ISMS) that has been carried out and delivered by Bureau VERITAS in 2020, and was renewed in 2021. It was upgraded to the latest version in 2023.

logo swift

‘Support PFS’ license

With its own connector to the SWIFT network, SWIFT CSP compliance is part of the mandatory security and certification framework that Finologee has put in place.

logo dora

‘Support PFS’ license

Finologee’s setup and operations are aligned with DORA requirements, covering both regular outsourcing (art. 30 2) and critical or important functions (art. 30 3). Our operational processes, technical controls and contractual frameworks including SLAs are designed to ensure the resilience, transparency and oversight expected from regulated financial institutions.

logo luxembourg support pfs

‘Support PFS’ license

Finologee holds a double ‘Support PFS’ licence by the Luxembourg Minister of Finance since January 2019, as a ‘Client communications agent’ and ‘IT systems and communication networks operators of the financial sector’. This substantially eases the IT outsourcing process by Luxembourg-regulated financial industry players to Finologee.

Finologee has appointed Deloitte for its internal auditor function and EY as its statutory external auditor.

logo iso27001

‘Support PFS’ license

Finologee also chose to undergo an ISO/IEC 27001:2022 certification for its information security management framework (ISMS) that has been carried out and delivered by Bureau VERITAS in 2020, and was renewed in 2021. It was upgraded to the latest version in 2023.

logo swift

‘Support PFS’ license

With its own connector to the SWIFT network, SWIFT CSP compliance is part of the mandatory security and certification framework that Finologee has put in place.

logo dora

‘Support PFS’ license

Finologee’s setup and operations are aligned with DORA requirements, covering both regular outsourcing (art. 30 2) and critical or important functions (art. 30 3). Our operational processes, technical controls and contractual frameworks including SLAs are designed to ensure the resilience, transparency and oversight expected from regulated financial institutions.

IT security and risk management

icon shield with check

Security by design

As one of the critical financial industry platforms operated by Finologee, the Banking Orchestrator is built to meet Finologee’s own security standards as well as the requirements of regulated financial institutions.

State-of-the-art intrusion-prevention and detection mechanisms are implemented across all layers of the operational framework to ensure a robust and resilient security posture.

icon 4 squares

Segregation and containment

Platform components and client environments are strictly segregated, significantly reducing the risk of propagation and preventing multi-environment compromise in the event of a targeted incident.
Access control, authentication and transaction signing. The platform’s access, authentication and e-signature components rely on trusted third-party providers.

Depending on the customer’s setup, user authentication may be performed using:

a) Luxtrust certificates

b) the FinologeeBNK mobile app relying on 
 INCERT-issued certificates

c) the customer’s own authentication framework
via OAuth2 or SAMLv2

All transactions processed through the Banking Orchestrator are individually signed using Luxtrust or INCERT certificates via the FinologeeBNK mobile app. Certificate validity is re-checked before transmission to the SWIFT network, ensuring full end-to-end security.

badge

Regulatory compliance

Finologee is a Luxembourg-regulated Support PFS, holding the 29-1 (Client-communications agent) and 29-3 (IT-systems and communication-networks operator) licences delivered by the Ministry of Finance.


Its organisational, security and operational framework is aligned with the Digital Operational Resilience Act (DORA – Regulation (EU) 2022/2554) and supports customers in fulfilling their obligations for both regular outsourcing and the outsourcing of critical or important functions.

decorative

Audit, certification and testing

As a regulated financial-sector professional, Finologee is subject to internal and external audits under supervisory oversight. The company is ISO/IEC 27001-certified (Bureau Veritas) for its Information Security Management System.


Finologee also complies with SWIFT CSP requirements and performs regular external penetration testing of its IT operations infrastructure.

Outsourcing by regulated financial industry professionals

Finologee has aligned its organisational, operational and contractual setup with the Digital Operational Resilience Act (DORA – Regulation (EU) 2022/2554).

Our framework is designed to support financial institutions in meeting DORA’s requirements for the management, oversight and control of ICT third-party providers, covering both regular outsourcing and the outsourcing of critical or important functions.

DORA-aligned outsourcing framework

  • Technical and operational controls mapped to DORA’s ICT-risk and resilience obligations
  • Documented processes and policies enabling client oversight, monitoring and audit rights
  • Modular contractual structure, including:
    • A financial-services compliance addendum (FSA)
    • Service level agreements with selectable service levels and commitments
    • A dedicated data-processing addendum (DPA)
    • Cascading outsourcing disclosures
  • Reporting artefacts supporting client governance and continuous monitoring

Enhanced client support

  • Clear visibility on service performance and operational risk
  • Documentation designed to integrate seamlessly into client outsourcing registers and due-diligence processes
  • Optional custom reporting packages to simplify regulatory monitoring

Do you want to know what we could build together?

Or get a product demo? Get in touch and we will evaluate how we may help you.

Get in touch

Fill in your details

Once you submit your details you will receive access.

By continuing, you accept our Privacy policy.