Video by FINOS via YouTube
In this visionary session from the Open Source in Finance Forum (OSFF) New York, Rakia Finley, CEO of Copper & Vine Studio, introduces a groundbreaking convergence of Zero Trust Architecture (ZTA) and Open Source principles. She outlines a new "Compliance Blueprint" that allows financial institutions to move beyond perimeter-based security toward a model of continuous verification, powered by transparent, community-vetted technologies.
Get involved with the FINOS Security initiatives here: https://www.finos.org/security
๐ Zero Trust + Open Source: A New Compliance Blueprint | OSFF Deep Dive
๐ฌ๐ง Join us in London! Catch the latest on Zero Trust, Open Source, and Compliance at OSFF London on June 25, 2026, at the Queen Elizabeth II Centre.
๐๏ธ Register Now: https://hubs.ly/Q041YV9Z0
๐ฅ 20% OFF CODE: 26YTOSFFLN20C
๐ More about FINOS: https://www.finos.org/
๐ Explore insights from #OSFFNewYork by FINOS โ the leading open source in finance conference.
๐ง Join our newsletter: https://www.finos.org/sign-up
๐๏ธ Listen to our Open Source in Finance Podcast: https://www.youtube.com/@FINOS/podcasts
LinkedIn: https://www.linkedin.com/company/finosfoundation
๐ The Problem: The Erosion of the "Trusted Perimeter"
Traditional financial security relied on a "Castle and Moat" strategyโonce you were inside the corporate network, you were trusted. Rakia explains that in an era of hybrid cloud, remote work, and interconnected APIs, this model is dangerously obsolete. For highly regulated firms, the "Perimeter" no longer exists, and relying on it creates massive compliance blind spots that legacy auditing tools cannot see.
๐๏ธ The Solution: A Zero Trust Compliance Blueprint
Rakia proposes a shift to a "Never Trust, Always Verify" model, leveraging open-source components to ensure transparency and auditability:
Identity as the New Perimeter: Moving away from IP-based security to strong, cryptographically verified identities for every user, device, and service.
Micro-Segmentation via Open Standards: Using open-source service meshes (like Istio or Linkerd) to isolate financial workloads. This ensures that even if one component is breached, the attacker cannot move laterally to sensitive transaction data.
Continuous Adaptive Risk Assessment: Implementing a blueprint where access is not a one-time event but a continuous process that factors in device health, user behavior, and real-time threat intelligence.
โ๏ธ Why This Matters for Financial Engineering
Regulatory Proof of Control: Zero Trust provides the granular logs and "least privilege" enforcement that modern regulators (like those overseeing DORA) increasingly demand.
Open Source Transparency: By using open-source ZTA tools, banks can audit the security logic themselves, avoiding "security through obscurity" and vendor-driven backdoors.
Agility for Innovation: A Zero Trust blueprint allows banks to safely integrate third-party fintech services and AI agents by treating them as "untrusted" entities that must prove their identity for every single request.
The takeaway: Security is no longer about building higher walls; itโs about building smarter checkpoints. Rakia Finley proves that the combination of Zero Trust and Open Source provides the only viable path to a secure, compliant, and resilient financial future. Join us in London on June 25 to see how this blueprint is being adopted across the global industry! #FINOS #OSFFLondon #ZeroTrust #ZTA #OpenSource #CyberSecurity #FinTech #CloudSecurity #Compliance #DigitalTransformation #SecureByDesign
About FINOS
FINOS (The Fintech Open Source Foundation) is a nonprofit whose mission is to foster the adoption of open source, open standards, and collaborative software development practices in financial services. It is the center for open source developers and the financial services industry to build new technology projects. FINOS is also part of the Linux Foundation, the largest shared technology organization in the world. Get involved and join FINOS as a Member.