Fintech Engineering Handbook
5 days ago
- #software-engineering
- #fintech
- #financial-systems
- Introduces the Fintech Engineering Handbook, a guide on patterns for building money-handling software.
- Targets fintech newcomers, practitioners, and outsiders to explain trustworthiness in money systems.
- Core principles: No invented data, no lost data, no trust.
- Money representation: avoid floating-point; use arbitrary precision, minor-units, or rational numbers.
- Rounding strategies: explicit, business-decided, minimal; track residuals to avoid losing or inventing money.
- Currency handling: pair amount with currency; validate codes; treat crypto distinctly; pack in a Money type.
- FX rates: directional, time-sensitive; distinguish transactional vs reference rates; track source.
- Ledger uses double-entry bookkeeping: immutable entries, balances derived, accounts typed (assets, liabilities, equity).
- Timestamps: value time, booking time, settlement time; record all to preserve information.
- Audit trails: capture what, when, who, why; event sourcing as a systematic approach; immutability required.
- Reversals/corrections: post compensating entries; link to originals; consider reporting periods.
- Invariants enforced by construction, runtime checks, and post-factum verification.
- Funds reservation prevents double-spending; distinguish total vs available balance; requires strong consistency.
- Overdrafts: intentional (credit product) vs unintentional; handle explicitly, don't clamp to zero.
- Idempotency: use explicit keys; handle errors; validate payloads; ensure atomicity; test retries.
- Full resumability: persist flow state; resume stalled flows; each step idempotent; roll forward or compensate.
- External APIs: don't trust schema; expect failures; store requests/responses; consider provider redundancy.
- Webhooks: don't assume ordering, validity, or single delivery; acknowledge fast; verify caller; persist raw payload.
- Reliable notifications: use outbox, CDC, listen-to-yourself, or event sourcing; ensure at-least-once delivery.
- Reconciliation: compare systems; handle missing/different data; match heuristically; fix discrepancies properly.
- Controls: segregation of duties, four-eyes; record approvals; enforce least privilege; audit access changes.
- Change trail: use source control; enforce reviews and pipelines; trace deployments.
- Testing: property-based, invariant checks, generative idempotency, crash injection, round-trip, golden, backward-compatibility, production testing.
- Appendix A: Glossary of fintech terms (accounting, money/FX, transactions, payments, trading, custody, compliance).
- Appendix B: Example flows: crypto withdrawal, card deposit, in-app conversion with cashback.
- Appendix C: Author background, writing process, and intent as a living document.