The document is 44 pages long so the “summary” isn’t really short.
Linux Foundation Research has partnered with the Fintech Open Source Foundation (FINOS) for the last three years to study the financial services industry’s use, contribution, and participation in open source.
Once again, in collaboration with Linux Foundation Research, FINOS has initiated a fresh study to delve into the adoption of open source within financial services, encompassing banks, asset managers, hedge funds, and fintechs.
Note: It’s a bit weird that the website doesn’t mention when the report was published. The PDF report mentions a publication date of Nov 2023.
- 88% of respondents agree that open source is valuable to the future of their organization.
- “Open sourcing internally developed projects” is the top factor for increasing productivity at work, with inner source close behind.
- 78% agree that their organizations are getting more value from open source compared to 2022.
- 94% of organizations represented have policies that allow consumption.
- Only 5% of organizations surveyed prohibit open source contributions.
- 52% of respondents report having an OSPO in their organization.
- A total of 91% of respondents are confident that the OSS they are consuming is well-maintained and up to date.
Smaller organizations are having a significant impact, while it takes larger financial institutions more time to shift internal culture and embed open source best practices and tooling across their tens of thousands of employees.
Nearly all organizations (94%) allow some level of open source consumption, and 78% report increased value from open source usage compared to a year ago. … This rise suggests an accelerating recognition of the benefits of using open source, including improved productivity, enhanced software quality, and faster time to market. Notably, our respondents are far more confident in the maintenance of open source libraries used within their organizations than across other industries, perhaps because of the meticulous approach to consumption driven by the high levels of scrutiny and control in this industry.
Multiple factors still hinder contributions to this highly regulated industry. One prime example is the requirement for financial services organizations to document external employee communications, constraining avenues for engaging with the broader open source community. … Interviews
consistently underscored the potential value open source can unlock in comprehending and standardizing regulatory requirements and compliance.
Common standards and collaborative innovation around regulatory requirements have clear benefits for participants across the entire industry, including for regulators, regulated entities, and consumers. This area is growing rapidly and has tremendous potential to increase transparency and significantly reduce implementation costs.
(cc @knadh and Zerodha)
There are a few GitHub projects where we observe multiple financial services organizations committing code and collaborating. The following are areas where three or more organizations have contributed code:
- jupyterlab / jupyterlab, jupyter-widgets / ipywidgets:
JupyterLab is an interactive environment for exploring data via a notebook-style interface, with the other projects providing widgets and extensions.
In a highly regulated environment, such as financial services, the risks are higher but possible to surmount with proper governance and strategy guardrails in place. Cyril Domercq shared, “We cannot run the bank without open source, so it has to be strategic.”
As more organizations realize the advantages of open source (FIGURE 3), many are looking for ways to integrate open source technologies and strategies into their business practices. They’ve learned, however, that simply throwing developers into an open source project and hoping for the best isn’t enough to reap those benefits
Mark Tate explained that “the bank aims to act like a tech company, and contributing to OSS helps attract top talent.”
As part of Capital One’s Open Source Program Office governance structure, we have established well-managed processes around security, compliance, privacy, and transparency. This includes automated scanning for all of our libraries prior to ingestion of open source software. It is important that we maintain a Software Bill of Materials to keep track of all the libraries ingested across different departments so that we can manage them efficiently. We also have a manual intake process to review large open source projects. Aside from the licensing and legal aspects, we evaluate the broader aspects of the software before bringing them in. For example, we try and understand the community health around each project - who is behind it and what kind of support does it have?”
Figure 21 and 22
24% spend a few days a week of work time contributing to employer-sponsored open source projects and 19% spend a few days a week of work time contributing to third-party open source projects
Areas of investment to increase open source contribution—comparing finance and all industries
70% of respondents say “Getting involved in industry or government policy making” when compated to 58% of respondents from the broader “2023 World of Open Source” report
The influence of leaders in open source
27% of respondents think that “Management consulting firms” and “Industry analyst firms” have influence on the direction of open source in their organization.
The overwhelming majority of respondents agree that open source is valuable to the future of the industry (90%) and their organization (88%).
Many of the individuals we interviewed highlighted the opportunity to leverage open source for comprehending, developing, and implementing shared, industry-wide standards around regulations and regulatory requirements. As Elspeth Minty from RBC explains, “There is such a clear advantage for the financial services institutions to come together with the regulators to work on common data models and develop shared modeling platforms. There are advantages to the financial industry, and there are advantages to the regulators. If we don’t engage with this initiative, we’re going to be left behind.” She adds, “For RegTech to be successful, it needs all the banks engaging in open source. Even though we’re all at different stages, we have the same questions and the same concerns.”