Once, I got pulled into a fintech company who done synchronization of remote psql databases by dump to csv -> send over ftp or email -> verify in Excel -> import back to centralized psql. No wonders, they have been missing some transactions...
johngladtj · 1d ago
Funny, I'm working on the back office of fund administration and everything he said seems pretty accurate to my daily life.
Coming into the office and seeing 20 emails because some technical fault cause a file to not be delivered by a counterparty is a daily occurrence
foobarkey · 1d ago
Worked in banking some years ago, many things are powered by (s)ftp integrations (mainly all swift things to partner banks)
Fizzadar · 1d ago
There’s a good 5 part series on this from 2014: https://news.ycombinator.com/item?id=7636066. Fascinating how slow and brittle the system is. Even more so that it’s not been upgraded to something real-time (see:Europe).
cafard · 21h ago
Yep, every morning. Really, it's scp, which is good, only the bank occasionally changes servers and host keys with them, then one must clean up some.
kotaKat · 1d ago
Same thing in healthcare. VPNs spun up between entities and FTPing files around. If you're lucky, you get an SFTP connection to drop your HL7 files around between partners.
nradov · 1d ago
Sure, batch SFTP exchange of HL7 CDA files is still common. But for HL7 V2 messages it's more common to use MLLP through a VPN, and of course HL7 FHIR is mostly through HTTPS.
_trampeltier · 1d ago
But it works
drfunk · 1d ago
Started reading the thread, and stopped because I realized I was hyperventilating
mike_hearn · 1d ago
Yes they are and it's very, very hard to change this. I spent several years of my life on this problem in various contexts, under the guise of 'enterprise blockchain'.
The starting point of the problem is that finance is a decentralized industry. You don't see what happens in tech where startups blitz-scale their way to market dominance and then set technical standards for everyone else. Finance is much more like an old coral reef, where there are lots of big-but-stable companies and then a giant long tail of smaller firms doing specialized things, trading with specialized strategies etc. And at the edges finance blurs into other industries like insurance and shipping.
So, inter-firm collaboration is a super important thing, but there are no naturally dominating entities that force standards through sheer market power. In theory the right way to solve this is by standards bodies defining how collaboration will work, and then have either some really good open source reference implementations or a market of competing implementations you can purchase (or both). In practice this model doesn't work and everyone has given up on it, for the same reasons we gave up on it in the tech industry. You get design-by-committee-ware that doesn't solve people's real problems, bad UI and slow iteration, and nobody has any incentives to fix it because you can't get rich if you're in a market that's commodified by design.
In tech we sort of hack around this problem by having ultra-rich monopolies employ lots of very skilled engineers at high cost to design standards for the industry, for a mix of ideological/altruistic reasons and (sometimes very indirect) benefit to the business. Chrome, Llama, MCP... lots of examples of this. Finance doesn't do it to the same extent.
This is why finance got so excited by Bitcoin and other protocols inspired by it. It was a way to synchronize a multi-party ledger, owned by nobody, yet with lots of innovative tech people doing stuff with it and creating modern UIs on top and a weird incentive hack that meant they could get rich by doing so. This was exactly what finance wanted. Unfortunately, the reality didn't quite work out like that. This is for a mix of technical, cultural and social reasons. Finance is incredibly split between the sort of firms whose entire value is the PhDs they employ to write algorithms where you find very sophisticated computing, and everyone else for whom IT is purely a cost to be minimized. Or worse, an alien culture to be kept at bay through various subtle measures. The result is that even if standards beyond FTP+XML did exist, many finance companies would struggle to implement them correctly because they outsourced their IT to the cheapest bidder a long time ago and so their employees no longer trust IT to do anything. The story about a customer needing to file tickets with a team in Budapest is a classic of the genre. In such organizations IT isn't trusted to do anything important, so they get outsourced, so they become unable to do anything important, leading to a self-fulfilling prophecy. You can't deploy a peer-to-peer network more sophisticated than SCP if your IT department is clogged up, can only be interacted with via tickets and is competing hard on price.
UltraSane · 1d ago
I know that a company I worked for had to verify files sent to us via FTP from a very big bank that were signed using a PGP key.
Coming into the office and seeing 20 emails because some technical fault cause a file to not be delivered by a counterparty is a daily occurrence
The starting point of the problem is that finance is a decentralized industry. You don't see what happens in tech where startups blitz-scale their way to market dominance and then set technical standards for everyone else. Finance is much more like an old coral reef, where there are lots of big-but-stable companies and then a giant long tail of smaller firms doing specialized things, trading with specialized strategies etc. And at the edges finance blurs into other industries like insurance and shipping.
So, inter-firm collaboration is a super important thing, but there are no naturally dominating entities that force standards through sheer market power. In theory the right way to solve this is by standards bodies defining how collaboration will work, and then have either some really good open source reference implementations or a market of competing implementations you can purchase (or both). In practice this model doesn't work and everyone has given up on it, for the same reasons we gave up on it in the tech industry. You get design-by-committee-ware that doesn't solve people's real problems, bad UI and slow iteration, and nobody has any incentives to fix it because you can't get rich if you're in a market that's commodified by design.
In tech we sort of hack around this problem by having ultra-rich monopolies employ lots of very skilled engineers at high cost to design standards for the industry, for a mix of ideological/altruistic reasons and (sometimes very indirect) benefit to the business. Chrome, Llama, MCP... lots of examples of this. Finance doesn't do it to the same extent.
This is why finance got so excited by Bitcoin and other protocols inspired by it. It was a way to synchronize a multi-party ledger, owned by nobody, yet with lots of innovative tech people doing stuff with it and creating modern UIs on top and a weird incentive hack that meant they could get rich by doing so. This was exactly what finance wanted. Unfortunately, the reality didn't quite work out like that. This is for a mix of technical, cultural and social reasons. Finance is incredibly split between the sort of firms whose entire value is the PhDs they employ to write algorithms where you find very sophisticated computing, and everyone else for whom IT is purely a cost to be minimized. Or worse, an alien culture to be kept at bay through various subtle measures. The result is that even if standards beyond FTP+XML did exist, many finance companies would struggle to implement them correctly because they outsourced their IT to the cheapest bidder a long time ago and so their employees no longer trust IT to do anything. The story about a customer needing to file tickets with a team in Budapest is a classic of the genre. In such organizations IT isn't trusted to do anything important, so they get outsourced, so they become unable to do anything important, leading to a self-fulfilling prophecy. You can't deploy a peer-to-peer network more sophisticated than SCP if your IT department is clogged up, can only be interacted with via tickets and is competing hard on price.