Banking & financial services

Retained architecture mandates
in regulated banking.

Architecture authority for banking transformation programmes — from SWIFT CSP compliance and PCI DSS control alignment to programme recovery under audit pressure. 23 banking institutions, US$63M budget governed, 39% year-one savings.

Why regulated environments demand more

In banking, every architectural decision is also a risk, compliance and audit decision. Regulators, external auditors and internal risk functions all scrutinise the same evidence. My mandate covers the technical architecture and the governance model that makes it defensible — so that boards, CISOs and CFOs are not surprised by a finding they could have foreseen.

Key standards: SWIFT CSP · PCI DSS Level 1 · ISO 27001 · SOC 2 · DORA · NIS2 · GDPR

What I offer

Banking architecture services

🏦
Target-state architecture authority

Full-scope architecture mandate — capability mapping, reference patterns, ADR governance — for core banking, digital channels and hybrid cloud environments.

~50% decision lead-time ↓
🔒
Regulated compliance alignment

SWIFT CSP, PCI DSS, ISO 27001, DORA control mapping embedded into the architecture. Evidence packs ready before the auditor arrives.

Audit-ready by design
💰
Cost & rationalisation

Component catalogue → rationalisation roadmap → 39% year-one savings. Licence sprawl, shadow IT and vendor lock-in identified and addressed.

39% savings achieved
🔄
Programme recovery

Stalled or derailed banking transformation programmes brought back on track under governance — on time, within budget, with evidence trail intact.

Delivered on schedule
📊
ISO 20022 & SWIFT migration

Migration architecture, phased transition plans and interoperability patterns for ISO 20022 adoption and SWIFT CSP hardening.

Zero compliance gaps
🧩
Operating-model alignment

Business domains mapped to technology domains. Architecture governance embedded in the operating model — not bolted on after the fact.

One coherent backbone
23Banking institutions engaged
848Catalogued components
39%Year-one savings
10M+Customers served
US$63MBudget governed

Key engagements

Banking mandates

PIR2-IT — Banking Portfolio · 2024–present · Worldwide / Bucharest
Lead Cyber Security Consultant across 23 global and Romanian banks — UNFCU, EIB, Société Générale, HSBC, BNP Paribas, Credit Suisse, Raiffeisen, JPMorgan, Citibank, ING and others. Defined PCI DSS and ISO 27001 control frameworks; designed PAM/IAM architecture integrated with Azure AD and on-prem AD FS; Product Owner and 3rd-line authority for Palo Alto, CyberArk, CrowdStrike, DLP, SIEM, SOAR, and DDoS-mitigation platforms. 58% MTTR reduction. Mentored 10–15 engineers. Planned, facilitated and executed workshops for governmental agencies, academia and industry.
PCI DSS · ISO 27001PAM / IAM · Azure ADCyberArk · CrowdStrike · Palo Alto−58% MTTRSIEM · SOAR · DLP23 banks
European Central Bank · 2014–2015 · Frankfurt
Cloud and digital architecture for ECB payment and settlement systems — SWIFT CSP, PCI DSS, ISO 20022 migration. Cryptocurrency architecture assessment. Regulatory audit support under ECB SIPS Regulation.
SWIFT CSPPCI DSS · ISO 20022CryptocurrencyECB SIPSRegulatory audit
Groupe Société Générale / BRD · IBM era · Bucharest
Core banking architecture, digital transformation, DORA compliance. Telecom and secure-banking network integration. Enterprise architecture for regulated banking transformation across French and Romanian entities.
Core bankingDORA · TOGAFSecure networkDigital channels
Raiffeisen Bank Romania · IBM era · Bucharest
Risk and card management upgrade — risk scoring engine, card processing architecture, CSIS (Centre of Security Information Systems). Compliance alignment with Basel III risk frameworks.
Risk & card upgradeCSISBasel IIICard processing
ING / Multi-bank advisory · IBM era
Architecture reviews and control alignment across ING and multiple international banking clients. Regulatory compliance architecture — ISO 27001, GDPR, SWIFT CSP. Security and cloud advisory.
ISO 27001 · GDPRSWIFT CSPArchitecture reviewControl alignment
JPMorgan · Citibank · IBM era
Enterprise architecture and security advisory for global banking operations. Cloud and hybrid architecture, integration with IBM financial platforms. Biometric security and building automation for Citibank Romanian operations.
Enterprise architectureCloud · HybridBiometric securityIBM platform
Transfond — Romanian Interbanking Compensation · Alcatel era · Bucharest
Electronic payment system architecture and inter-banking compensation infrastructure. Secure telecom and network integration for Romania's national payment clearing system.
Payment clearingInterbankingSecure networke-Payment
BNR · BCR · CEC · BRD — Romanian National Banks · Alcatel era
Telecom, network and security integration for Romania's leading banks — National Bank of Romania (BNR), BCR, CEC Bank, BRD. Core banking telecom infrastructure, MPLS, security systems and data centre connectivity.
BNR · BCR · CEC · BRDCore banking telecomMPLS · SecurityData centre
VAUBAN — IT PMO Head / IT Director · Banking Transformation · Bucharest
IT PMO Head and IT Director for full banking transformation programme — ePassport integration, immigration portal, eHealth, ePrescription and Cadastre modules. Portfolio governance, Prince2 delivery, 120+ resources. Defined technology strategy and managed delivery across regulatory and operational workstreams.
IT PMO HeadPrince2 · Portfolio120+ resourcesePassport · eHealthRegulatory delivery

Visual reference

Banking architecture infographic

Banking & Financial Services Architecture — Marius Russo-Got

Architecture mandate for a regulated bank?

Send a brief — I'll assess scope and respond within 24 hours.