By working with AWS, we are keeping our customer accounts secure, in line with Hong Kong financial regulations.
Hong Kong-based Neat offers an online alternative to a bank account. Neat provides multi-currency accounts for startups, SMEs, and entrepreneurs, and supports functionality like company payroll, expense management, and payments services. Unlike banks, however, Neat has no physical branches—appealing to digitally savvy consumers who take advantage of the internet for commonplace tasks.
Neat aims to be the leading financial center of Hong Kong. The Hong Kong Monetary Authority (HKMA) has strict online banking regulations to protect consumers and prevent money laundering. These regulations cover areas such as client onboarding, identity authentication, systems access authorization, and data privacy. They also require service providers to constantly monitor their systems in case of cyberattacks.
The challenge for Neat was to comply with HKMA regulations without adding significant cost to the business. Igor Wos, chief technology officer and cofounder of Neat, says, “Like startup businesses everywhere, we are very cost-conscious. We needed to meet HKMA regulations without a large upfront cost or significantly adding to our management overhead.”
Neat is meeting HKMA compliance by running the IT behind its services on the Amazon Web Services (AWS) Cloud. Neat has been working with AWS since the company launched in 2016. “We began in the AWS Activate for Startups program and received some AWS credits to kick things off,” says Wos, who had experience working with AWS at a previous company.
For compliance, Neat’s core fintech application sits inside an Amazon Virtual Private Cloud (Amazon VPC). Wos says, “We isolate applications inside a segregated part of the network, restricting connectivity to specific IP addresses. We completely control the flow of data, which is encrypted, between applications and databases.”
Neat also uses Amazon GuardDuty to detect potential threats from network intruders and viruses by monitoring events from AWS CloudTrail and Amazon VPC logs. “Using Amazon GuardDuty, we gain valuable insight into areas of vulnerability and can patch them quickly,” says Wos. “The service will flag open ports that we may need to restrict or close completely. We can also automate how we respond to newly detected threats, minimizing any management overhead.”
Neat built its fintech application to run on Amazon Elastic Compute Cloud (Amazon EC2) instances, with Amazon Relational Database Service (Amazon RDS) for PostgreSQL for all the application’s databases. “The pay-per-use model for AWS services helped us avoid any large CapEx from an on-premises solution,” says Wos. “What’s more, we didn’t have to worry about maintaining any of the infrastructure because AWS took care of that. We just focused on our DevOps.”
Wos continues, “AWS takes care of the security of the AWS Cloud while we make sure our applications are built securely. By working with AWS, we are keeping our customer accounts secure, in line with Hong Kong financial regulations.”
Neat has integrated its open-source Slack communication platform with Amazon GuardDuty. If the AWS service detects a threat, it triggers an AWS Lambda (Lambda) instance, which in turn raises a notification on the Slack platform for IT personnel to view. “Integrating a Slack channel with Amazon GuardDuty was simple through an API,” says Wos. “And as soon as Amazon GuardDuty detects something suspicious, we’re informed and can take action.”
With Neat’s managed AWS services, the startup is meeting regulatory requirements in Hong Kong with a modest IT budget. This includes HKMA regulations on connecting with third-party payment gateways. Says Wos, “We can grow the IT behind our business without a corresponding growth in management costs. With an on-premises infrastructure, you can build a great web application but would then require system admins to configure the servers, allocate storage, and run load balancers. In our case, we simply write our code and AWS Elastic Beanstalk does the deployment. It’s what a company needs in our fast-paced market.”
Wos concludes, “Whenever we’ve had a question on any AWS services, AWS Support has been readily available to help. We once had a problem migrating data across some Amazon EC2 instances, and the support team helped us locate the issue quickly to get it fixed.”
To learn more, visit https://aws.amazon.com/startups/