Retail Brokerage Platform with Mobile Trading, KYC, and Operations Console

The client is a Dubai-based investment management company expanding its retail investment business across African markets. To support this expansion, the company needed a new brokerage platform with a mobile investment app aligned with local regulatory requirements, payment infrastructure, and market conditions such as M-PESA-based funding and low-value investing through fractional shares.

Across African markets, digital payments and mobile banking are already widespread. However, brokerage services remain much less accessible to retail users. Many traditional investment products come with high minimum investment amounts, high transaction costs, limited funding options, and user interfaces designed for experienced investors rather than beginners. At the same time, the market opportunity is substantial: in 2023, Sub-Saharan Africa accounted for 835 million registered mobile money accounts. The client saw an opportunity to address this gap with a product built around M-PESA-based funding, investments from as little as $1 through fractional shares, commission-free trading, and access to stocks and ETFs, with monetization based on FX spread during currency conversion rather than per-trade fees. The goal was to make the path from registration to first investment simpler and more familiar to first-time users, while keeping the required brokerage, payments, compliance, and FX infrastructure behind the scenes. Itexus was selected through a competitive tender process for its experience in building complex, high-load, regulated trading and investment platforms, digital onboarding systems, and payment solutions, as well as for proposing a scalable microservices architecture capable of supporting the client’s projected millions of users.

The solution consists of two main parts: a consumer-facing mobile app for iOS and Android and a web-based console for compliance and operations teams. Together, they cover the full scope of brokerage operations: guided KYC and customer onboarding, M-PESA and Cashia funding, withdrawals, stock and ETF trading, fractional shares, Auto-Invest, AI-powered market analysis, reporting, product analytics, and back-office workflows.

The platform integrates with several third-party services that together support onboarding, local funding, brokerage execution, settlement, compliance, analytics, and advanced investment tooling:

• SumSub — for identity verification and compliance checks, including document capture, selfie verification, and AML screening;
• Alpaca — for brokerage account creation, order execution, settlement updates, and portfolio data;
• Polygon.io — for real-time market data, including quotes, charts, price feeds, and basic stock and ETFs information;
• EmpireFX — for local regulatory oversight, compliance processes, custody-related workflows, and local funding-to-brokerage coordination;
• M-Pesa — for mobile money funding and withdrawals;
• Cashia — for additional account funding flows;
• Mixpanel — for client-side product analytics, onboarding funnel tracking, conversion measurement, retention analysis, feature adoption tracking, and analysis of how users interact with funding, trading, and Auto-Invest flows;
• LuxAlgo / TradingView — for AI-powered charting, market analysis, technical indicators, scanners, strategy ideation, backtesting support, and alert delivery inside the investment experience.

Together, these integrations support a regulated operating model that combines local funding, brokerage execution, custody, commission-free access to stocks and ETFs, analytics, and advanced market intelligence inside one product.

The platform is built as a distributed brokerage system with native mobile apps for iOS and Android, a React-based admin console, and a Java microservices backend deployed on Google Cloud Platform. One of the challenges for the team was to make the product feel closer to a simple mobile banking app than to a brokerage terminal, while still handling identity verification, local funding, FX conversion, order routing, partial fills, settlement, portfolio updates, and internal compliance actions.

Client applications

The mobile applications are developed natively with Swift for iOS and Kotlin for Android. The client did not want the trade-offs that usually come with cross-platform development in a product where onboarding, funding, trading, and KYC all had to feel immediate and reliable. Native development makes it possible to deliver faster UI response, smoother navigation, better control over camera-based document capture, and secure token storage through Keychain on iOS and Android Keystore on Android. Both apps communicate with the backend through TLS-protected REST APIs and WebSockets, and use a Keycloak-based authentication layer with token refresh flows. The security layer enforces multi-factor authentication, strict separation of roles and permissions, and a full audit trail of access activity, while WebSocket connections are used to push execution, balance, and status updates to the client in near real time. The internal console is built as a React web application with separate access levels for compliance, support, and operations teams.

Backend architecture

The backend is implemented in Java as a set of domain-based microservices behind a single API layer. The stack uses Spring Boot for service development, Spring Security for authentication and internal access control, Spring Data JPA for persistence, and Spring Cloud for service configuration and inter-service communication. The core services include:

• User service — registration, authentication, profile data, session control;
• KYC service — applicant creation, verification status, provider callbacks, access decisions;
• Payments service — deposits, withdrawals, FX conversion events, and funding state tracking;
• Trading service — brokerage account creation, buy and sell order submission, order status updates, partial fills, and settlement handling;
• Portfolio service — positions, cash balances, transaction history, value, and performance data;
• Admin service — KYC approval and rejection, account blocking and unblocking, retry of failed payment actions, manual review actions, and access to audit history;
• Notification service — OTP delivery and user notifications for onboarding, funding, and order status changes.

The trading layer does more than pass buy and sell requests to Alpaca. It creates and links each platform user to a brokerage account, submits market orders in broker format, receives execution webhooks, updates order state after partial fills or full fills, and reflects settled positions and cash balances back in the app. The platform also processes large volumes of market data in real time. To keep latency low under peak load, the backend uses a distributed in-memory processing layer backed by Kafka, Kafka Streams, Redis, WebFlux, and WebSockets. In production terms, this means handling more than 120,000 real-market data messages per minute while keeping trading, portfolio, and notification flows responsive under load. Provider-dependent operations run asynchronously. The system uses Apache Kafka for inter-service event delivery and background workers for external callbacks and long-running jobs. The main asynchronous flows include:

• SumSub KYC callbacks;
• deposit confirmation and withdrawal completion events;
• Alpaca order status changes, including new, partially filled, filled, canceled, and rejected states;
• settlement updates affecting cash available for trading or withdrawal;
• checks that funded amounts received through local payment rails match balances credited into the investment account.

This lets the app confirm user actions immediately, while funding confirmations, execution updates, and verification state changes are processed in the background and then written back to the account state.

Data and Security

The system uses PostgreSQL as the main transactional database, with separate schemas or logical domains for user data, payments, trading records, and audit logs. Sensitive data is protected with AES-256 encryption at rest and TLS encryption in transit. PII is stored separately from orders, balances, and transaction records, with stricter access rules for identity data than for general account activity. The system enforces:

• RBAC for internal users;
• separate permission sets for compliance, support, and operations;
• audit logging for KYC decisions, withdrawal approvals, account restrictions, and manual balance-affecting actions;
• isolated secrets for provider credentials, signing keys, and environment-specific configuration;
• separate environments for development, staging, and production.

In practice, this allows the client to see who approved or rejected a KYC case, who blocked or re-enabled an account, when a deposit changed from pending to credited, and when an order moved from submitted to partially filled, filled, or settled.

Infrastructure and DevOps

The platform is deployed on Google Cloud Platform using Docker containers orchestrated by Kubernetes. Each service is packaged and deployed independently, so the team can release changes to KYC, payments, or trading without redeploying the whole backend. The infrastructure includes separate development, staging, and production environments. CI/CD pipelines automate build, test, container image creation, and deployment. Production releases go through staging first and are blocked if automated unit tests, service-level tests, or UI tests fail. The team also built a dedicated load-testing environment with real market data and integrated provider flows, including Alpaca, SumSub, Polygon, and EmpireFX. In load tests, the platform sustained 50 TPS with 0% errors at an average response time of 130 ms, and 100 TPS with less than 2% errors at an average response time of 157 ms. The runtime layer includes centralized logging, metrics, and alerting for conditions such as:

• failed KYC callbacks;
• delayed deposit confirmations;
• withdrawal failures;
• rejected or partially filled orders;
• settlement delays;
• elevated API latency.

The team followed an Agile development process with two-week iterations, regular demos, retrospectives, and continuous refinement of both product scope and technical design. The work started with a discovery and solution design phase, during which Itexus prepared architectural specifications, UI/UX mockups, clickable prototypes, and detailed user journey maps. Based on this groundwork, the team defined the system architecture, integration contracts, and the end-to-end user flow from phone number entry to the first trade. The first MVP focused on delivering a complete trading loop for a closed beta group. Its scope included registration and OTP login, KYC initiation and status handling, deposits, market buy and sell operations, portfolio tracking with basic analytics, and a minimal but functional admin console. Each iteration included development, QA, security checks, and review sessions with the client to validate both the user experience and system behavior. Feedback from these cycles shaped the next product increments, including UX improvements, expanded admin functionality, and additional trading capabilities required for public launch.

AI-Accelerated Delivery

 The delivery process also integrated AI tools into the software development lifecycle, including GitHub Copilot, Claude, and other AI-assisted development workflows. These tools were used for unit test implementation, code review, bug analysis and resolution, SQL and Terraform scripting, derivation of ORM entities, and generation of architectural, UML, and sequence diagrams. Compared to initial estimates for manual work, AI has increased overall development velocity by approximately 30% and allowed engineers to focus more time on architecture, integrations, and production-critical logic. The first MVP was developed and launched for closed beta testing in four months. The full version of the platform with additional functionality was completed and launched in less than a year and is now publicly available in the African market. Itexus continues to provide post-launch support and maintenance services.

The platform was completed, launched, and is now publicly available in the African market through the web, the App Store, and Google Play presence of the live product. What the client received was not a pilot or a limited prototype, but a live brokerage product operating in production, reaching 2,000+ early adopters and 10k+ app downloads within 2 months after launch. Following go-live, Itexus continues to provide post-production support and maintenance. This includes production server monitoring, change request implementation, bug fixing, deployment of updates, and investigation of user-reported incidents. This gives the client a live product with ongoing technical support, controlled production releases, and a predictable way to ship further changes after launch.