Press Releases

Press Releases

FINOS and EDM Council Partner to Develop First Open Source Suite for Accelerating Cloud Compliance for Financial Services

November 03, 2021

Compliance Processes to be Automated with the CDMC Standard through an Open Source Testing and Configuration Framework.

Napa, CA. -- November 3, 2021 -- The Fintech Open Source Foundation (FINOS), today announced its partnership with the EDM Council, a cross-industry trade association for data management and analytics, to accelerate the implementation of the Cloud Data Management Capabilities (CDMC) framework via an end-to-end open source testing and infrastructure-as-code suite. The CDMC framework ensures a comprehensive set of standard guidelines for financial firms and other industries as they move their data into the Cloud. This partnership was spearheaded by Morgan Stanley and LSEG, Members of both EDMC and FINOS. The announcement was made at today’s Linux Foundation Member Summit where Gabriele Columbro, Executive Director of FINOS, is the keynote speaker, and represents a fundamental component of the FINOS Open Regtech strategic initiative.

Financial institutions and fintech vendors need to demonstrate to regulators that they comply with industry regulations when working with cloud service providers (CSPs) for their data management. This partnership will deliver value to many different entities, such as risk managers at banks who will have an unequivocally provable way of demonstrating cloud compliance. CSPs, fintechs and technology companies will be able to confidently and compliantly deliver their services, while consulting firms can specialize in proving compliance and certification to the CDMC standard. Additionally, regulators can use the CDMC Open Source implementation for evidence of enforcement and for tapping into open source talent to do so.

“This pan-industry partnership shows the continued momentum and superior value of open source to prove regulatory compliance in the financial services industry,” said Columbro. “FINOS continues to solidify its role as an open source enabler not only for financial institutions but for industry consortia, open standard organizations and regulators. Cloud and data management are critical to all actors in the financial services value chain, and we believe having a truly open approach to demonstrate compliance is the only way to build trust in the industry.”

By leveraging the comprehensive CDMC framework and implementing open source conformance tests in the newly created FINOS’ Open Compliance for CDMC project, firms can significantly accelerate their compliance to cloud data management best practices. This partnership will allow automatic configuration of deployments to reach full compliance through the FINOS’ Compliant Financial Infrastructure project (formerly known as Cloud Service Certification) which will host infrastructure-as-code for the leading CSPs. Not only do the projects serve to accelerate the adoption and implementation of the recently released CDMC standard, but the open source approach will help reduce costs and build transparency in this critical area across financial services and all industries.

“Security and resilience for our businesses, our clients and the market as a whole is critical to all members of the finance industry,” said Bobby Gilja, CIO for Cloud and Architecture at Morgan Stanley. “The FINOS and EDMC partnership gives us the platform to leverage the power of open source to collaborate on these critical challenges with our peers and partners to provide a consistent, standardized, and automatically verifiable level of security in the cloud which will ultimately deliver better and faster solutions for our clients.”

“Financial services firms have decades of experience in protecting sensitive data. LSEG are pleased to have co-chaired the CDMC initiative to share these capabilities more broadly in the industry,” said Tom Dunlap, Group Chief Data Officer of LSEG. “We are excited to see the launch of FINOS’ Open Compliance for CDMC as a way to turn these best practices into working code.”

“The Cloud Service Certification (CSC) project is about bringing together financial service institutions to deliver a comprehensive suite of open source cloud controls that enable us to demonstrate adherence with regulatory and internal requirements,” said Mark Hoare, open source software programme lead at Deutsche Bank. “Through this new partnership we can combine the EDMC’s comprehensive standards and policies with the cross-industry representation of the CSC project, enabling us to leverage the natural synergy between them to overcome challenges and accelerate our momentum.”

"As leaders in the financial service industry, Synechron and its subsidiary Citihub Digital are extremely excited to support FINOS and EDMC in this very ambitious initiative" said Eddie Knight, senior consultant at Citihub and developer advocate for Probr, an open source testing framework. "We plan to offer our expertise as maintainers of the Compliant Financial Infrastructure and Open Compliance for CDMC, enabling contributors to build post-deployment validation tests that can be run from any infrastructure-as-code pipeline to ensure resources meet the strict CDMC standards."

Security is also an industry-wide concern, as breaches can threaten to destabilize the entire financial system. The standard provides a comprehensive set of cloud data management capabilities, standards and best practices for cloud, multi-cloud and hybrid-cloud implementations while also incorporating automated key controls for protecting sensitive data.

"Open-source cloud testing technology is simplifying the challenges firms are facing so it's a natural fit to pair this capability with the CDMC framework. The collaborative efforts from both the FINOS and EDM Council teams will help accelerate trusted cloud adoption,” said Mike Meriton, COO and co-founder of EDM Council. “This is an important first step towards making the CDMC open source suite universally available and we look forward to offering similar automated test processes for other industry sectors.”

Coming on the heels of the recent OpenSSF launch, this announcement underscores once more the Linux Foundation’s, FINOS’ parent organization, leadership role in cross-industry efforts to build a secure and compliant technology backbone based on fundamental pillars like cloud and open source. 

“We are pleased to see the financial industry taking further concrete steps to accelerate the transition of their workloads and data in a cloud native fashion” said Chris Aniszczyk, CTO at the Cloud Native Computing Foundation (CNCF). “We are well aware that regulated industries have unique hurdles to overcome in this process, and we believe an open, collaborative approach across foundations has the unique potential to efficiently coalesce all constituents behind an industry wide approach”.

FINOS and EDMC are actively recruiting contributors for the Open Compliance for CDMC and Compliant Financial Infrastructure projects. For more information, contact or join the Slack channel



FINOS (The Fintech Open Source Foundation) is a nonprofit whose mission is to foster adoption of open source, open standards and collaborative software development practices in financial services. It is the center for open source developers and the financial services industry to build new technology projects that have a lasting impact on business operations. As a regulatory compliant platform, the foundation enables developers from these competing organizations to collaborate on projects with a strong propensity for mutualization. It has enabled codebase contributions from both the buy- and sell-side firms and counts over 40 major financial institutions, fintechs and technology consultancies as part of its membership. FINOS is also part of the Linux Foundation, the largest shared technology organization in the world. Get involved and join FINOS as a Member.


About EDM Council

EDM Council is the global association created to elevate the practice of data management and analytics as a business and operational priority. The Council is the leading global advocate for the development and implementation of data standards, best practices, and comprehensive training and certification programs. With more than 250 member organizations globally from the Americas, EMEA, and Asia, and more than 10,000 data management professionals as members, EDM Council provides a venue for data professionals to interact, communicate, and collaborate on the challenges and advances in data management and analytics as critical organizational functions. For more, visit and follow us on LinkedIn and Twitter


FINOS Media Contact:

Stephen Sumner

Caliber Corporate Advisers



EDM Council Media Contact:

P.J. Kinsella




 # # #





This Week at FINOS Blog - See what is happening at FINOS each week.

FINOS Landscape - See our landscape of FINOS open source and open standard projects.

Community Calendar - Scroll through the calendar to find a meeting to join.

FINOS Slack Channels - The FINOS Slack provides our Community another public channel to discuss work in FINOS and open source in finance more generally.

All FINOS Project Good First Issues - A good place to start contributing to, and making a difference in, open source in financial services is by taking a look at the FINOS Good First Issues (GFI) List on GitHub.

Project Status Dashboard - See a live snapshot of our community contributors and activity.

Events - Check out our upcoming events or email if you'd like to partner with us or have an event idea.

FINOS Virtual "Meetups" Videos & Slides - See replays of our virtual "meetups" based around the FINOS Community and Projects since we can't all be in the same room right now.

FINOS Open Source in Fintech Podcasts - Listen and subscribe to the first open source in fintech and banking podcasts for deeper dives on our virtual "meetup" and other topics.



Interested in FINOS open source projects? Click the link below to see how to get involved in the FINOS Community.

Get Involved