It is an issue you often hear about at industry events and webinars: many banks are grappling with outdated and challenging-to-sustain-and-maintain legacy systems.
Vikas Deshmukh, senior VP technology at Fino Payments Bank, recognises that trend as he discusses which tools and methodologies for software testing should take a front seat in 2025.
“As mobile banking usage continues to rise, issues related to mobile app functionality, performance, and security have become more prevalent,” he said, singling out crashes, login/authentication problems, or vulnerabilities that could be exploited by attackers as a host of examples.
“Non-compliance with regulatory requirements remains a significant risk for banks. Software errors or deficiencies in compliance monitoring systems can result in regulatory violations, fines, and legal consequences,” Deshmukh stressed.

“With the increase in online transactions from various channels, it has become imperative to put in place limits and controls at each level,” he wrote in a recent BF analysis, discussing the software testing strategy of his employer, Fino Payments Bank.
The India-based commercial bank was founded in 2007 in the country’s economic heart, the city of Mumbai, and provides a host of digital-based financial services across the fast-growing sub-continent.
“Many banks are struggling with outdated and difficult-to-maintain legacy systems,” Deshmukh continued.
“These issues often include poor scalability, lack of integration, and limited support for modern technologies, which can hinder operational efficiency and innovation,” he explained.
“Human testers can assess the business impact of security vulnerabilities and prioritise them.”
– Vikas Deshmukh
Moreover, manual reconciliation processes and siloed systems often lead to errors in transaction processing and account reconciliation.
“These issues can cause discrepancies between internal records and external statements, leading to financial losses or audit findings,” Deshmukh pointed out.
Moreover, “fraudulent activities such as account takeover, card skimming, and phishing attacks are common concerns for banks. These threats exploit vulnerabilities in banking systems and target unsuspecting customers, resulting in financial losses and reputational damage,” he said.
Software testing approach
As a result of the increasingly complex digital ecosystem, particularly in banking and insurance, system outages and downtime are frequent occurrences that disrupt banking operations and inconvenience customers, Deshmukh shared.
“These issues are often attributed to infrastructure failures, software bugs, or inadequate disaster recovery measures,” he said.

“Banks face challenges in keeping up with evolving regulatory requirements, particularly in areas such as anti-money laundering, customer due diligence, and data privacy. Compliance gaps or deficiencies in compliance management systems can result in regulatory penalties and enforcement actions.”
Deshmukh disclosed that Fino Payment Bank, which is listed on the Mumbai Stock Exchange, currently employs between around 30 testers and test leads.
While most testing is carried out manually, the bank has recently begun using cross-browser and Selenium for automation testing.
For load testing and API testing, Fino makes use of tools such as JMeter and Postman. Additionally, it is also using bots for testing.
“In-house testing covers functionality and performance load testing. Automated testing includes cross-browser and Selenium. Specialized tests like those for POS devices, HSM, and automation are outsourced,” Deshmukh said.
“Issues banks often struggle with include poor scalability, lack of integration, and limited support for modern technologies.”
– Vikas Deshmuk
Major banking services are highly dependent on OTP biometric authentication with UIDIA which limits automation.
“This bottleneck can be solved with a simulator,” Deshmukh stressed.
Moreover, compliance testing involves ensuring that banking operations comply with various regulatory requirements such as Anti-Money Laundering, Know Your Customer, and data protection regulations like Europe’s General Data Protection Regulation.
‘While automated systems can flag potential issues, human analysts are often needed to interpret complex regulatory guidelines and assess the nuances of specific cases,” he said.
Moreover, while automated tools can detect certain vulnerabilities, human penetration testers are essential for conducting comprehensive security assessments, Deshmukh argued.
“They can think creatively to identify potential attack vectors, perform in-depth analysis of security controls, and simulate sophisticated cyber-attacks that automated tools may overlook,” he explained.
“Human testers can also assess the business impact of security vulnerabilities and prioritise them based on potential risks,” he continued.
“Banking systems often involve complex workflows and interactions between multiple systems. Human testers are needed to design and execute test scenarios that accurately reflect real-world usage patterns and business processes,” Deshmukh.
“They can identify dependencies between different components, evaluate the impact of system failures, and assess the resilience of backup and recovery processes,” the Mumbai-based industry veteran concluded.
NEXT MONTH

DO NOT MISS

QA FINANCIAL FORUM LONDON 2024: RECAP
In September, QA Financial held the London conference of the QA Financial Forum, a global series of conference and networking meetings for software risk managers.
The agenda was designed to meet the needs of software testers working for banks and other financial firms working in regulated, complex markets.
Please check our special post-conference flipbook by clicking here.
READ MORE
- Automation is rapidly taking hold of banks’ QA strategies
- ‘Let’s redefine what quality assurance means’, says QA Mentor CEO
- Deep Dive: why do most AI testing projects fail to scale?
- Leapwork co-founder warns ‘AI is not in a state we can rely on’
- Ozone API eyes Australian banks with ProductCloud deal
Why not become a QA Financial subscriber? It’s entirely FREE
* Receive our weekly newsletter * Priority invitations to our Financial Forum events *