Cloud-Based SME Onboarding Platform for a $19B Credit Union

Solution Overview

Itexus developed a secure, cloud-native onboarding platform to support the credit union’s growing SME member base. The system was delivered as a set of modular web and mobile applications for SME users, compliance staff, and administrators, all connected to a centralized backend deployed in Microsoft Azure. The onboarding flow allows business users to submit account applications via desktop or mobile, with automated regulatory form generation, e-signature support via DocuSign, and real-time status tracking. Built-in KYC/AML checks (via GBG and Idology) validate applicant data against external databases and sanctions lists, triggering alerts for high-risk profiles and generating audit-ready reports. The system also includes adverse media screening and USPS address validation to improve risk visibility and data accuracy. Staff use an internal admin console to monitor applications, configure onboarding rules, and manage user roles. The platform integrates with the core banking system and third-party services through a middleware layer, enabling smooth data exchange with existing infrastructure. Applications are accessible across devices, with full session continuity between web and mobile. The solution is built on a .NET-based microservices architecture deployed on Azure Kubernetes Service (AKS). Sensitive components can be hosted on-premises, connected via secure VPN. All data is encrypted, and APIs follow industry protocols such as OAuth 2.0. Role-based access control (RBAC), MFA, and TLS encryption ensure compliance with SOC 2 Type II, ISO 27001, and NCUA standards.

Project Challenges

The project involved replacing a poorly aligned serverless MVP with a secure, scalable platform that met strict compliance standards. The team had to deliver within a tight three-month window to support a scheduled regulatory audit. Limited documentation from the previous implementation added complexity, requiring reverse engineering to recover business logic. The new platform also had to integrate with legacy core systems and third-party services while significantly improving the onboarding experience for SME users.

Project Approach

The project began with a technical audit of the credit union’s SME onboarding system, which revealed major architectural and security shortcomings. With a regulatory audit approaching, the team prioritized addressing these vulnerabilities. Rather than attempt to stabilize the existing serverless implementation, we rebuilt the platform from the ground up within a three-month delivery window.

To support scalability and hybrid deployment, we transitioned to a Kubernetes-based microservices architecture using Docker containers. A phased Strangler Fig approach allowed us to replace components gradually without disrupting users. In parallel, engineers reverse-engineered the undocumented legacy codebase to recover technical logic and align it with clarified business requirements, working closely with client-side analysts.

We integrated several third-party services to automate identity and compliance workflows: OAuth 2.0 for authentication, Plaid for external account linking, and GBG and Idology for KYC checks. The system pulls data from document verification tools, corporate registries (e.g., OpenCorporates), and government sanctions lists (e.g., OFAC). Required regulatory forms are auto-generated and signed via DocuSign, eliminating manual paperwork. USPS address validation and adverse media screening were also implemented to improve risk assessment and data accuracy.

The new platform runs on Microsoft Azure, with a .NET backend and a React frontend. A secure VPN tunnel connects the cloud environment to the client’s on-premises infrastructure. During development, both Oracle and Microsoft SQL databases were used in parallel to enable smooth data migration. By project completion, the credit union had a modern, compliant onboarding platform that significantly improved both operational efficiency and user experience.

Results & future plans

The new onboarding platform delivered major improvements in efficiency, compliance, and user experience. SME account opening time dropped from days to minutes (roughly 90% faster) thanks to automated validations and seamless integrations that allow near-instant account activation. It passed all security and regulatory audits with zero findings. The system now meets SOC 2 Type II and NCUA standards, fully closing the compliance gaps of the old system. Business owners now complete onboarding through a fast, intuitive process, leading to much higher completion rates. Internally, staff can manage more accounts with fewer errors and less manual work by leveraging automation and real-time dashboards to boost productivity. Enhanced KYC and fraud screening tools catch issues more accurately and reduce false positives. This gives the compliance staff greater confidence and speeds up approvals. Looking ahead, the credit union plans to extend the platform’s capabilities. Upcoming phases will introduce new services such as business credit cards and loans, and integrate with external tools like accounting software. The team is also working on UI enhancements and advanced analytics to further improve the user journey and support continued growth.