Case Study:
Volt Bank
Cybersecurity meets innovation: Fintech start-up Volt Bank
partners with Shearwater to deliver secure digital banking
CHALLENGES
Building secure on-line banking products required additional specialist security capabilities
Regulators sought proof that products and solutions were secure
Rapid agile development needed flexible penetration testing
RESULTS
Fast security issue identification and remediation
Penetration testing no longer a barrier to swift product development
Volt Bank received unrestricted banking licence
Background
Fintech start-up Volt Bank is the first of a new generation of digital banks (or neobanks) to receive a full banking licence in Australia. Unlike the big four banks, Volt Bank is 100% cloud-based, has no physical branches or legacy IT systems that drive up costs and affect agility, and focuses on delivering experiences rather than products. Founded in 2017, Volt Bank has over 100 employees.
Volt Bank plans to enable Australians to be better off, and believe it is technology that will make this possible. Its enterprise platform and banking services are built from scratch and rely on cloud-based data and services. In addition to providing greater flexibility to Volt Bank’s product development, this cloud-based approach means Volt treats cybersecurity as an utmost priority.
Challenge
Starting a bank is no easy task. The proof? When Volt Bank received its banking licence from the Australian Prudential Regulation Authority (APRA) in January 2019, it was the first ‘start-up’ organisation to do so since the early 2000s.
One of the difficulties associated with obtaining a banking licence is being able to demonstrate that enterprise and banking security solutions are up to the mark. To achieve this, Volt Bank sought an external cybersecurity vendor that would complement its existing security team’s capabilities and:
· Conduct penetration testing on all Volt Bank banking products
· Provide cybersecurity assurance, through penetration testing, as required by APRA
· Deliver ongoing security testing and advice
Shearwater definitely made the effort to go the extra mile, to make sure the engagement would run smoothly. They worked collaboratively and flexibly to make the end result work.
Bill Robson
Volt Bank Head of Cybersecurity
Results
Through its partnership with Shearwater, Volt Bank gained specialist cybersecurity expertise that helped it establish a secure digital bank.
Importantly, Shearwater’s work has provided assurance to the business and regulatory authorities that Volt Bank will be a trusted online provider of digital banking services.
Key engagement highlights included:
- Shearwater worked flexibly with Volt Bank, scheduling security and penetration testing activities within the bank’s agile product development cycles to ensure minimal disruption to the business. As a result of Shearwater adapting its approach to suit Volt Bank’s operating style, the bank could develop products faster, with fewer headaches and teething issues.
- Shearwater provided regular communication and timely, detailed briefings throughout the engagement so Volt Bank could action issues immediately.
- Shearwater’s approach was collaborative and adaptive. Its team was accommodating when there was a need to change dates or modify scope and went the extra mile to ensure that testing activities ran smoothly.
Future Plans
Volt Bank and Shearwater continue to work as partners as the bank moves to take savings accounts, transaction accounts and loans to market later this year. As part of this, Shearwater is integrating penetration testing into SecDevOps to support the development of new online banking products.
Request a Callback
After you complete the form, a security advisor will contact you to answer any questions you might have and understand your specific requirements.
Get in touch
Get answers! Our security advisors are ready to take your call and provide all the information you need on improving your security and compliance posture.
1300 228 872
Mon – Fri, 9:00am – 5:00pm AEST
