MENA Region — On-Premise Core Banking with Dedicated Team

On-Premise Core Banking Platform for MENA

licensed financial institution in the MENA region required full control over its banking infrastructure — from source code ownership to on-premise deployment within local data centers. Finhost delivered the complete platform under a source code license, embedded a dedicated engineering team for ongoing development, integrated with local banking partners for AED and SAR payment rails, and connected regional KYC/AML tools to meet Central Bank regulatory requirements.

Objectives

  • Obtain a source code license for full platform ownership and independent roadmap.
  • Deploy on-premise infrastructure within MENA-based data centers to meet data residency requirements.
  • Integrate with local banks for AED and SAR domestic payment rails and SWIFT.
  • Connect regional KYC tools for identity verification compliant with Central Bank regulations.
  • Embed a dedicated engineering team for continuous development and customization.

What We Built (Scope)

  • Source code delivery: full platform source code transferred under license, enabling the client to own, modify, and extend the codebase independently.
  • On-premise deployment: infrastructure provisioned within MENA-based data centers, meeting local data residency and sovereignty requirements.
  • Local bank integrations: direct connections with regional banking partners for AED and SAR account issuance, domestic transfers, and SWIFT international payments.
  • Regional KYC/AML: integration with local identity verification providers and Central Bank screening lists, replacing global KYC tools with regionally compliant alternatives.
  • Web & mobile apps: fully branded client applications (web, iOS, Android) deployed from local infrastructure.
  • Dedicated team: embedded Finhost engineering squad (back-end, front-end, QA, DevOps) working as an extension of the client’s technology department.

Customer Journey

This engagement started differently from a typical SaaS deployment. The client — a licensed financial institution regulated by the local Central Bank — had strict requirements: no data could leave the country, they needed to own the source code, and their internal technology team wanted to extend the platform independently.

We began with a code audit and licensing negotiation. The client’s technical leads reviewed the Finhost codebase, assessed the architecture, and confirmed it met their standards. Once the source code license was signed, we started the knowledge transfer — full documentation, architecture walkthroughs, and codebase orientation for their team.

The on-premise deployment required provisioning infrastructure from scratch in a local MENA data center. We set up the full stack — application servers, databases, CI/CD pipelines, monitoring — within their private network, with security hardening aligned to Central Bank requirements.

The most complex phase was local bank and KYC integrations. Unlike our standard SaaS deployments where we use global providers like SumSub and OpenPayd, here we had to connect with regional banking partners for AED and SAR rails and local identity verification tools that interface with national ID databases and Central Bank watchlists.

Finally, we embedded a dedicated engineering team — back-end, front-end, QA, and DevOps — who operate as an extension of the client’s own technology department, working in their time zone, attending their standups, and building to their roadmap.

Challenges We Faced

  • Data sovereignty and on-prem complexity: Every component had to run within local MENA data centers — no external calls to EU or US-based services. We replaced all cloud-dependent modules (SumSub webhooks, AWS SES/SNS, Cognito) with on-premise equivalents, including self-hosted email services, local SMS gateways, and a private identity provider.
  • Local bank API standards: MENA banking APIs don’t follow the same patterns as European or North American providers. We encountered proprietary message formats, Arabic-language error responses, and manual settlement windows. Each banking connector required custom adapter development and extensive testing with the partner bank’s sandbox.
  • Regional KYC tool integration: Replacing SumSub with a local KYC provider meant adapting the entire onboarding flow — from document types (national ID, Iqama, trade licenses) to verification workflows (Central Bank screening, PEP checks against regional lists). The verification response formats were completely different, requiring a new adapter layer.
  • Knowledge transfer at scale: With a source code license, the client’s own developers needed to fully understand the codebase. We ran 4 weeks of structured knowledge transfer — architecture deep-dives, module-by-module walkthroughs, deployment procedures, and incident response playbooks — before the dedicated team could operate independently.
  • Time zone and cultural alignment: The dedicated team needed to work in MENA business hours, participate in Arabic-language meetings, and understand local banking workflows. We hired and trained a team specifically for this engagement, ensuring cultural and operational alignment.

Architecture Snapshot

  • Finhost core platform delivered as source code with full documentation.
  • On-premise infrastructure on local cloud/data center with private networking.
  • Local banking connectors for AED/SAR domestic rails and SWIFT.
  • Regional KYC engine with local identity verification and AML screening.
  • Dedicated CI/CD pipeline managed by the embedded engineering team.
  • Back-office console with compliance workflows tailored to Central Bank requirements.

Implementation Timeline

  • Discovery & licensing: ~2–3 weeks (contract, code audit, infrastructure planning).
  • On-premise setup: ~3–4 weeks (data center provisioning, CI/CD, security hardening).
  • Bank & KYC integrations: ~4–6 weeks (local provider onboarding, API connections, testing).
  • Dedicated team ramp-up: ~2 weeks (team embedding, knowledge transfer, sprint planning).
  • Go-live: full on-premise platform operational in ~10–12 weeks with dedicated team in place.

Successful Launch

The on-premise platform went fully operational in 12 weeks. The client now owns the source code, runs the entire stack within their local data center, and has a dedicated Finhost engineering team embedded within their organization. Local bank integrations for AED and SAR are live, with domestic transfers and SWIFT payments processing daily. The regional KYC flow handles national IDs, trade licenses, and Central Bank screening. The client has already started extending the platform independently — adding custom features specific to MENA market needs — while the dedicated team maintains the core infrastructure and ships regular releases.

Launch a Similar App with Finhost

Finhost offers source code licensing and dedicated team models for institutions that need full control. We deliver the platform, the infrastructure setup, the local integrations, and an embedded engineering team — so you own the product and the roadmap.

Talk to Finhost about deploying an on-premise banking platform in the MENA region with a dedicated team.

Please tell us a little bit more
about your project