// on regulated industries
Building software in the Danish pension sector taught me something most developers never learn: how to ship fast in an environment where failure has real consequences for real people. Every line of code touches someone's retirement.
// the realities
In pension and finance, every feature ships with a compliance checklist. Every data flow needs an audit trail. Every process must be explainable to a regulator months after it ran. This isn't bureaucracy — it's the cost of handling people's retirement savings. You learn to design compliance in, not bolt it on.
The core systems running a pension fund were built decades ago. They work. They process millions of transactions. They're not going anywhere. The challenge isn't replacing them — it's wrapping them with modern interfaces, connecting them to new services, and making them accessible through APIs. You build bridges, not replacements.
When a pension system goes down, customer service agents can't process claims, members can't access their accounts, and regulatory reporting stops. There's no 'move fast and break things' in this industry. You ship carefully, test thoroughly, and always have a rollback plan. Reliability is the feature.
// what this industry teaches you
Every process should produce a complete trail of what happened, when, and why. Not as an afterthought — as a first-class concern. BPMN process models, structured logging, and immutable event stores make this natural rather than painful.
Big-bang rewrites don't work in regulated industries. You modernize one process at a time, one integration at a time. The serverless middleware pattern — Lambda functions translating between old and new — lets you move at your own pace without disrupting what works.
Pension products have complex rules around contributions, vesting, tax treatment, and payout options. If you can't understand and speak this language, you'll build the wrong thing. Technical skill without domain knowledge is just fast typing.
A pension member who transferred from another fund, has multiple contribution types, and is nearing retirement age — that's a Tuesday. Your test suite needs to cover the weird cases because in this industry, the weird cases are the common cases.
Personal financial data, health information, family details — pension systems hold some of the most sensitive data there is. Encryption at rest and in transit, principle of least privilege, and security reviews on every change aren't best practices. They're baseline expectations.
Regulated doesn't mean ugly. The member facing their pension fund's website at 10 PM deserves the same quality experience as someone using a consumer fintech app. Compliance constraints shape the design — they don't excuse bad design.
// the transformation
Pension administration was historically paper-heavy — forms, signatures, manual reviews. Digitalizing these workflows with BPMN means they become trackable, measurable, and fast. A change request that took two weeks by mail now resolves in hours through an orchestrated digital process.
Legacy systems run in batch cycles — nightly processing, weekly reports, monthly reconciliation. With event-driven architecture, updates happen as they occur. A member's contribution shows up immediately, not after the next batch run. The data is always current because the system is always listening.
A pension fund's systems were built independently — one for contributions, one for claims, one for customer service. AWS integration layers connect these silos through APIs and events, giving customer service agents a complete view of a member's situation instead of switching between five different screens.
Want to talk about building software in regulated industries?