Banking on good data: How Hasura transformed data access for a Global Bank
From rising startups to Fortune 10 technology leaders, businesses of all sizes and industries have adopted Hasura as their API platform, for use cases ranging from federated data access to monolith decomposition.
In the Hasura Chronicles blog series, we share anonymized narratives of these use cases – highlighting their challenges and goals, and how Hasura fits their use case.
A Fortune 100 U.S. bank recently implemented Hasura to address critical challenges in its data governance and reporting processes. This article discusses how the organization overcame these challenges with Hasura.
The global technology arm of this bank is composed of many sub-organizations that operate as independent business units. The governance team must routinely collect and consolidate data from these units into reports to meet compliance and regulatory requirements.
Creating these reports would begin with data requests to individual units, followed by the painstaking task of assembling this information. This process was manual, tedious, and prone to errors.
Challenges
The bank's existing architecture suffered from several problems:
- Expensive manual processes: The data acquisition and compilation from each business unit was manual, and the bank employed a large team of 70 full-time analysts to produce a single suite of over 1000 individual reports.
- Error-prone data: Since data from each unit was sourced independently, assembling data from multiple units was prone to error and misuse, sometimes resulting in inaccurate reports.
- Regulatory risks and fines: As a financial institution, the bank faced significant regulatory scrutiny for the accuracy of some of these reports, with potential fines adding up to tens of millions of dollars.
The group’s Director of Data Management Architecture explained, "We needed a way to improve the control of our data while reducing costs and ensuring accuracy."
Why Hasura
The bank explored several methods to address these issues. Implementing a centralized data warehouse, a common solution to data sprawl, was immediately ruled out. At their scale, this would be too complex to orchestrate and prohibitively expensive. They needed to solve these problems at the data access layer, without moving or duplicating data.
Distributed SQL query engines like Trino help centralize data access, but lack a key ingredient that the bank needed: the ability to define a unified semantic model that locked down the relationship between the individual domains. Without this semantic model, inaccuracies in reporting due to aggregation errors would continue to exist.
GraphQL provided an elegant way to govern and enforce inter-domain relationships. However, manually building resolvers and maintaining GraphQL servers would’ve been unreasonable, especially for data teams needing to develop new skills or onboard more engineers. This effort would quickly negate any efficiency gains in streamlining report compilation. For this reason, they quickly ruled out Apollo GraphQL as a feasible solution.
For GraphQL adoption to become viable for the organization, they needed Hasura's connect-and-compile approach. Hasura not only made GraphQL feasible but also satisfied additional criteria the organization had established for their chosen GraphQL solution.
Hasura delivered many benefits:
- Low-code API development: Unlike alternatives like Apollo GraphQL, which requires extensive knowledge of resolvers, Hasura's low-code approach was more accessible and efficient.
- Domain-driven metadata: Hasura automatically generates a feature-rich API, with advanced query capabilities, from the underlying domain data models. Now domain teams can focus on providing well-defined, high-quality data rather than worrying about writing and maintaining data access logic. The metadata-driven approach is a powerful tool for reducing human error and enabling automation, from CI/CD to auditing.
- Granular, flexible access control: Hasura provided the governance features the bank needed, and aligned precisely with the bank’s role-based access control (RBAC) requirements. Hasura’s granular authorization rules prevented data misuse.
Additional Hasura features that were well-received:
- Private deployment: Hasura’s commitment to on-premise and private cloud solutions aligned with the bank’s security requirements.
- Next-gen observability: The team only used legacy logging solutions, and valued Hasura’s built-in observability metrics.
- Standards compliance: The bank valued Hasura's adherence to industry standards which prevents vendor lock-in and satisfies teams that need their data to adhere to specific standards.
"We needed a solution that could work with our existing tech stack, including on-premise Oracle databases, MongoDB instances, and integrate with the Trino query engine," the Director of Data Management Architecture noted. "Hasura's ability to connect these diverse data sources into a unified semantic layer was crucial."
Implementation and results
The global technology data organization started by implementing Hasura to compile a critical technology report for the board of directors. This “eating your own dog food” (i.e. dogfooding) approach allowed them to test the solution in a high-stakes environment before a wider roll-out.
As a result of Hasura’s internal success, the org expects to:
- Decrease manual work: The team anticipates reassigning half of the existing 70-person team of analysts that have manually produced these reports.
- Minimize reporting errors: By enforcing relationships in the GraphQL layer, data composition becomes more disciplined and accurate.
- Enforce proper data usage: Hasura's supergraph provides robust governance capabilities, allowing better control over data usage, and ensuring clean, auditable data.
"Hasura's next-gen observability features have also exceeded our expectations," the Director added. "This, combined with its performance and governance capabilities, has made it a strategic asset for our data operations teams."
Future plans
By implementing Hasura, this Fortune 100 U.S. bank has taken a significant step toward more efficient, accurate, and governed data operations. The solution addresses their immediate challenges and positions them for future growth and regulatory compliance in an increasingly data-driven financial landscape.