The background
Risk Centric Design
With 30 years plus experience in Risk and Compliance in Wealth Management, led to a 5 year journey to develop an integrated platform, particularly capturing elements of workflows such as reviews and risk assessments, it became evident that Risk and Compliance has become fragmented away from actually managing Customer Risk in the business and that actually creating an effective system that can scale down to the smallest business up to a multinational. We set out on a goal to deliver a risk data centric system, from client to prudential risks.
In 2016 we started looking at Graph databases (not graphs you drew in school or that odd looking pie chart). You may know them from the databases used in the Panama Papers and what in mathematical terms are nodes and edges. This approach highlighted that when you aim to create a Golden Source model for every entity, legal arrangement or document (Node). This means, one record and one record only for every noun or object and that these can have thousands of different types of connections (Edges) to other Nodes.
This was our Euripides moment in terms of risk management. That Nodes carry certain inherent risks and Edges carry certain inherent risks as well as mitigations. So after some initial attempts using Neo4J, it became clear that we needed to find a platform that could be adapted and deployed. I started building models using python and flask, I then realised that frameworks such as Django were the direction to go but I wanted it to do so much out of the box I needed the next level up in frameworks, well something that was an ERP system.
This isn't a small ask for a small business particularly one that specialises in risk management.
- Security has to be baked in also with a highly distributed model that is well tested.
- Install and build anywhere, so the source code has to be open
- No proprietary databases, licensing costs for Oracle and SQL limits our flexibility and also adds expenses to the operating model
- No black box systems, software such as SAP, Salesforce, Microsoft 365 Dynamics
- Solid inheritance and upgrade model, with regular upgrades and developments.
So after much research, I settled on Odoo which when I started was on version 11, this is running on version 16.
Why Odoo
Firstly it comes in two flavours, open source (community) and enterprise (paid and supported), the model all runs on the base model which is open source, then there are enhancements from the enterprise model which is not available without a paid licence.
It can be built and run anywhere, I prefer Ubuntu Server but can be run on a Windows server, basically any OS that can support Python 3.9 or greater, Postgresql 12 and