Financial institutions operate under guardrails that most tech companies never have to think about. When you're handling people's money and personal data, every single deployment carries existential risk. Move too slowly and fintech competitors will eat your lunch. Move too fast and you shatter the trust that keeps customers around.
At IDPCON 2025, engineering leaders from Xero, Bank of America, and Capital One talked about how they navigate this seemingly impossible balance. It turns out that the definition of "velocity" for their teams has nothing to do with raw speed. Rather, the panelists all agreed their top priority is to build systems that allow them to maintain safe, sustained momentum over time.
You can check out the full panel discussion here. If you only have a few minutes, here's a recap of their discussion.
Trust as an engineering discipline
Fred Mare, a Principal Engineer at Xero, argued that the challenge of building trust is a problem you can actually solve with technical solutions. Xero achieves this goal for its small business customers by giving them a platform that simultaneously protects their data and moves their money exactly when it needs to get moved, all of which happens on apps that match what they expect from modern consumer apps.
All of this infrastructure work happens invisibly, which is exactly how it should work. Purva Sawant, an Engineering Manager at Bank of America, added that customers really judge banks on just two things. They need to access their accounts reliably, and they need their information to stay secure. When both work perfectly, nobody thinks about the engineering behind it.
Solomon Park, Senior Engineering Manager at Capital One, was even more direct about what's at stake. The challenge for leaders like him, Purva Sawant, and Fred Mare is figuring out how to build systems that catch mistakes before they happen while still letting teams ship features at a pace that feels modern.
"When you build infrastructure or put anything out there into the world, if anything goes wrong, it's yours to own." — Solomon Park, Senior Engineering Manager, Capital One
Measuring what actually matters
Our panelists agreed that standard metrics like DORA scores and deployment frequency are useful baselines, but Purva argued that the human impact doesn't always show up in the numbers. A two-line code change looks totally trivial in a dashboard, for example, but it could completely change how someone experiences a critical banking function.
Bank of America handles this by building feedback loops that focus on learning instead of pointing fingers. When something breaks, they review what went wrong with the system that allowed it to happen, not which person made the mistake. Purva says this creates a level of psychological safety where teams feel comfortable moving quickly because they know failures will be used to make the system better.
Solomon says that Capital One does something similar with their 360 review process. Every project gets feedback from product, design, and engineering throughout its lifecycle, so ownership stays clear from start to finish. Their philosophy is pretty simple. If you build it, you own it.
Making compliance invisible through automation
Compliance in financial services has a reputation for being the thing that slows everyone down. Purva even admitted that compliance work isn't exactly what draws engineers to fintech, but it's absolutely critical to keeping the business running. To keep her team motivated to trudge through the work, Purva says it's critical to make it feel like just another part of the development process rather than a separate hurdle.
"Having these tools being integrated as a part of their day-to-day process really helps them to not primarily just think about compliance the entire time." — Purva Sawant, Engineering Manager, Bank of America
Bank of America figured out how to make this work by embedding compliance directly into their CI/CD pipeline. It becomes an automatic checkpoint instead of a manual bottleneck. They rank every risk, and the policy is crystal clear. High and medium severity issues get fixed before they hit production, period. “There’s no gray area,” Purva continued. “This is a black-and-white situation in the banking world."
Xero takes a similar approach using Cortex Scorecards to standardize their checks across the platform. They encode best practices into automated guardrails so engineers can focus on building features instead of navigating bureaucratic processes. The compliance work still gets done, but it happens invisibly as part of the normal workflow.
The principles behind sustained velocity
A few themes kept coming up throughout the conversation that explain how these organizations manage to ship quickly without breaking trust. Here's a quick summary of them. Spoiler: it's worth checking out the full talk to hear Solomon, Purva, and Fred talk about each of these in more detail.
Build reliability into the foundation. When infrastructure is trustworthy by default, teams can move with confidence instead of constantly second-guessing themselves.
Automate compliance and manual processes. Manual compliance is where bottlenecks and human errors live. Automation makes it consistent and removes the friction.
Measure what matters to customers. MTTR and deployment frequency are useful, but customer trust is the only KPI that matters in the end.
Make teams own what they build. When teams own something through its entire lifecycle, they naturally balance speed with responsibility.
Velocity as sustained momentum
What became clear during the panel discussion is that velocity in financial services just looks different from velocity in consumer tech. These teams focus on building momentum that compounds safely over time rather than sprinting toward quarterly OKRs. Your innovation needs to be predictable enough that customers and regulators can trust it, while still being fast enough that you don't lose ground to competitors.
The organizations that figure this out trust their guiding principle and treat compliance as a partner instead of treating it like the thing that ruins all their plans. When you get this right, you end up building systems where both become possible at the same time.
Want to hear more from these engineering leaders? Watch the full Banking on Velocity session along with other talks from IDPCON on demand. Access all IDPCON 2025 recordings.
