In the post-financial-crisis era, the world’s largest financial institutions have learned that robust compliance and testing frameworks are not just regulatory requirements, they are strategic differentiators that define trust, resilience, and long-term competitiveness.
The cost of a single system failure or compliance breach can now run into billions, making software quality and regulatory assurance board-level priorities across the sector.
Increasingly, QA teams sit at the heart of these transformation programmes, linking compliance, cybersecurity, and operational resilience into one continuous testing framework.
From London to New York and Boston, banks such as HSBC, JPMorgan, Goldman Sachs, and State Street are investing heavily in technology-driven quality assurance, test automation, and data analytics to make their software systems faster, more reliable, and fully audit-ready.
HSBC: from remediation to automation
HSBC’s post-crisis overhaul remains one of the banking sector’s most comprehensive compliance transformations. The bank’s remediation process, launched in 2014 after significant regulatory challenges, focused on “data readiness and global standardisation.”
Under Group Chief Operating Officer Andy Maguire, HSBC developed “a single global standard approach to compliance management.”
The transformation built a new foundation for quality assurance, embedding automation and advanced analytics deep into the compliance lifecycle.
“Data readiness became the foundation of their transformation, ensuring accurate customer risk ratings and enhanced due diligence processes,” according to a RiskImmune analysis.
The bank also “invested in robotisation and machine learning technologies while maintaining strict compliance standards across all operations.”
By 2020, HSBC had implemented “sophisticated detection scenarios and automated compliance processes across all operational levels,” a shift that simultaneously improved financial crime compliance and software resilience. These changes, though costly, established a new industry benchmark for using QA and test automation to manage regulatory complexity.
JPMorgan: building a technology-first compliance engine
At JPMorgan, automation became the backbone of a technology-first compliance framework designed to handle billions of transactions per day.
The bank achieved significant improvements in its anti-money laundering program by modernising its testing and monitoring architecture, according to the RiskImmune post.
That overhaul included “increasing compliance staff by 300%,” “implementing advanced transaction monitoring software,” and achieving “a 99.9% change success rate in system updates.”
The results were visible across Chase’s digital channels. The bank’s modernisation strategy enabled weekly releases for Chase.com and bi-monthly mobile app updates, demonstrating a level of QA agility rare in global banking.
Cloud integration pushed JPMorgan’s trading capacity “from 500 million to 2.5 billion trades per day,” underscoring how test automation and continuous integration pipelines have become critical to operational resilience and compliance assurance.
Goldman Sachs: risk transparency
Goldman Sachs’ compliance reforms were rooted in culture as much as code. Following the 2008 financial crisis, the bank’s Business Standards Committee (BSC) led an internal transformation that established comprehensive review processes and enhanced corporate accountability measures.
The firm developed a rigorous code of ethics and implemented enhanced disclosure protocols for potential conflicts of interest, particularly after a £432 million fine related to mortgage-backed securities.
While the BSC’s focus was governance, its principles have extended into QA, the RiskImmune researchers found. The bank now uses continuous monitoring, AI-assisted analytics, and real-time data quality controls to strengthen both financial and operational testing. The underlying message remains: resilience and reliability begin with transparency, and are sustained by automation.
State Street: test automation at scale
Few institutions embody the next phase of test automation as clearly as State Street. Through its Alpha asset servicing platform, the Boston-based firm is demonstrating how agentic automation can redefine reliability in financial software.
“Early proofs of concept (PoCs) reduced test execution time by 67%,” according to Brandon McCormick, Global Head of Alpha Testing Practice.
“The team is exploring agentic testing and UiPath Autopilot to generate and execute test cases, identify issues, and trace them back to requirements,” he stated.
The automation initiative “will improve testing speed and accuracy, reduce service delivery time, and further energise teams by giving them back time for more value-added work.”
As McCormick put it, “the team doesn’t want to do manual testing, just as much as management doesn’t want them to.”
Faster cycles have already “shortened the service time to market, improving delivery timelines for clients” while “enhanced risk mitigation and broader coverage ensure platform reliability and strengthen client confidence,” he added.
QA as a compliance accelerator
Across the sector, test automation and AI-powered QA are becoming integral to compliance and operational resilience. According to multiple research studies, financial institutions worldwide spend over $270 billion annually on compliance costs, yet many still face escalating regulatory fines.
The lesson from leaders like HSBC, JPMorgan, and Goldman Sachs is that compliance and QA are no longer parallel track, they are the same road.
As the recently published 2025 Trends in QA for Banking report put it: “The financial sector is undergoing one of its most transformative periods, driven by digitalistion, artificial intelligence, and evolving regulatory landscapes.”
The authors noted that “AI-powered QA is transforming software reliability” and that “traditional testing methods struggle to keep up with the complexity of modern banking applications.”
AI-driven automation enables faster bug detection, enhanced security, and optimised test coverage, while automated compliance checks help validate that software changes moved into production do not introduce regulatory risks.
The same report warned that “manual testing is no longer sufficient for large-scale banking applications.”
With major institutions now automating up to 80% of their QA workflows, test automation has become a regulatory safeguard as much as an efficiency play.
Data and trust
Data analytics now underpins both risk assessment and compliance testing. Behavioral analytics, identity clustering, and dynamic risk assessment allow banks to “identify emerging risks and optimize their compliance strategies based on historical data patterns.”
The move toward graph network detection and dynamic thresholds across ACH, Swift MT, SEPA, and Faster Payments rails ensures real-time visibility across complex transaction ecosystems.
Yet technology alone cannot guarantee trust. As the RiskImmune analysis concluded: “Successful financial compliance programs require more than just robust systems and processes; they demand a fundamental transformation in organizational culture.”
In that sense, the lessons of HSBC, JPMorgan, Goldman Sachs, as well as State Street converge: effective QA is now both a technical discipline and a cultural imperative. Automation may reduce errors and increase speed, but it is the alignment of compliance, engineering, and ethical standards that ultimately keeps modern finance resilient.
NEXT MONTH
Why not become a QA Financial subscriber?
It’s entirely FREE
* Receive our weekly newsletter every Wednesday * Get priority invitations to our Forum events *
REGULATION & COMPLIANCE
Looking for more news on regulations and compliance requirements driving developments in software quality engineering at financial firms? Visit our dedicated Regulation & Compliance page here.
READ MORE
- Why real-time monitoring and scenario testing are becoming core QA disciplines
- BankDhofar takes an automated approach to strengthen QA
- Banks warned AI still fails on real-world software testing tasks
- SEC’s AI emphasis drives new QA and testing imperatives for US banks
- Inside the chaos: The new reliability discipline reshaping banking QA
WATCH NOW
