Open source software underpins most technology in financial services, yet the industry is still maturing in how it manages and leverages this strategic resource. Drawing on industry data, case studies, and insights from FINOS member firms, this white paper examines how limited visibility and restrictive contribution policies lead to unmanaged internal forks, driving duplication, technical debt, and security risk.
It outlines practical steps to address these challenges, from auditing OSS use and identifying internal forks to enabling safe, compliant upstream contribution. By adopting these practices, firms can reduce operational risk, strengthen software resilience, and reclaim valuable engineering capacity, unlocking measurable financial and organizational benefits for both their institutions and the broader ecosystem.
