Secure Financial Reporting Platform for App Performance Analytics

In regulated financial services, data is both a strategic asset and a regulatory liability. Organisations need fast, reliable access to insights to compete, yet every additional layer of access increases the risk of overexposure, non-compliance, and operational complexity.

Most analytics platforms fail in this environment, not because of a lack of capability, but because they prioritise accessibility over control. Data is duplicated, permissions become difficult to manage, and auditability is treated as an afterthought rather than a foundation.

Mesoform was engaged by a regulated financial client to solve this challenge directly. The objective was to enable self-service analytics at scale, without compromising on security, compliance, or operational discipline.

The result is a modern analytics platform that allows business teams to move quickly and confidently, while ensuring sensitive financial and personal data remains tightly governed, fully traceable, and never unnecessarily exposed.

---

 

Vision

The regulated financial organisation set out to fundamentally redefine how internal teams interact with performance and financial data. The goal was not just to improve reporting, but to establish a long-term, governed analytics foundation capable of scaling with the business without introducing additional risk.

At its core, the vision was to deliver a platform that:

• Enables self-service access to trusted insights for traders, analysts, and marketing teams
• Maintains strict control over sensitive financial and personal data, ensuring it is never unnecessarily exposed or duplicated
• Embeds auditability and traceability into every stage of the data lifecycle
• Aligns with regulatory expectations around data minimisation, access control, and operational transparency

A key principle underpinning the design was intentional simplicity. Rather than defaulting to real-time architectures, the platform was deliberately built around controlled, batch-oriented data access. This ensured consistency, predictability, and cost efficiency, while still meeting business requirements.

This was not a reporting upgrade. It was a shift towards a security-first, compliance-aligned analytics model designed to support long-term, data-driven growth.

 

Scope

Our engagement focused on transforming an existing reporting ecosystem that had evolved organically over time and, as a result, lacked consistency, governance, and scalability.

Operating within a regulated financial context introduced a set of constraints that shaped both the design and implementation approach.

 

Regulatory and compliance constraints

The organisation was subject to strict requirements governing the handling of financial data and personally identifiable information. This introduced several non-negotiable conditions:

• Sensitive data could not be freely replicated across systems
• Access needed to be tightly controlled and fully auditable
• Data flows had to be transparent, traceable, and justifiable

Any new solution needed to enforce these principles by design, rather than relying on downstream controls or manual governance.

 

Fragmented and inconsistent reporting landscape

Over time, reporting had become decentralised and difficult to manage:

• Teams relied heavily on manual SQL queries and ad hoc data exports
• Data was not easily accessible for non-technical teams

This resulted in both operational inefficiency and a lack of confidence in the data.

 

Security limitations in the legacy approach

The existing architecture exposed several critical risks:

• Direct interaction with production PostgreSQL systems increased the likelihood of overexposure of sensitive data
• There were no effective column-level access controls for analytics users
• Data extracts could be exported and shared without sufficient governance

This made it difficult to enforce least privilege access or demonstrate compliance during audits.

 

Operational and cost inefficiencies

While real-time data pipelines were considered, they introduced unnecessary complexity for the organisation’s actual needs:

• Streaming and CDC pipelines increased infrastructure and operational overhead
• The business primarily required daily reporting, not real-time insights

The requirement was clear: deliver a secure, governed, and cost-efficient analytics platform that simplifies operations while meeting strict regulatory standards.

Solution & Implementation

To address these challenges, we designed and implemented a batch-oriented, federated analytics architecture using Google Cloud. The approach prioritised data minimisation, identity-driven security, and full infrastructure automation, ensuring governance was embedded at every level.

 

Federated data access with no replication

A central design decision was to avoid duplicating sensitive financial data into analytics systems.

Instead:

• Google BigQuery was configured to use federated queries to access Cloud SQL (PostgreSQL) directly
• Queries were executed over secure connections, exposing only a predefined subset of non-sensitive fields such as transaction_id, revenue, region, and order_date
• Only the data required for reporting was synchronised, ensuring sensitive financial and personal information was excluded from the analytics layer
• The Mesoform engineering team implemented SQL-based obfuscation during synchronisation, masking selected values before they were made available for analysis
• This provided an additional layer of protection, ensuring that even if a field was unintentionally exposed, it would not contain usable sensitive information

By keeping source data within PostgreSQL and using BigQuery purely as a query and aggregation layer, the platform adhered strictly to data minimisation principles and significantly reduced compliance risk.

 

Identity-first security architecture

Security was enforced through an IAM-driven access model that significantly reduced the reliance on static credentials.

• Cloud SQL access was tightly controlled through restricted database users with read-only permissions
• Google BigQuery connections operated via dedicated service accounts mapped to those restricted users
• Permissions were carefully scoped to enforce least privilege access across both database and analytics layers
• Static credentials were limited to the BigQuery connector, reducing the number of usernames and passwords that needed to be created, managed, and rotated

This approach strengthened security, simplified credential management, and reduced the attack surface while maintaining compatibility with the underlying technology requirements.

 

Infrastructure as Code

Most infrastructure components were managed using a configuration-driven approach rather than a traditional Infrastructure-as-Code toolchain.

This introduced:

• Consistency across development, staging, and production environments
• Full auditability of configuration changes
• Controlled, repeatable deployment processes from development through to production
• Faster iteration using standard cloud SDKs for development and testing, with production deployments handled through declarative configuration

The platform was defined using a configuration as data model, implemented via Google Config Connector and supporting cloud SDKs. This covered BigQuery datasets, federated connections, scheduled query pipelines, IAM role bindings, and reporting tables.

This ensured the entire platform could be versioned, reviewed, and reliably reproduced, while keeping the deployment model aligned with operational and compliance requirements.

 

Controlled batch ingestion and transformation

Rather than introducing real-time complexity, the platform used a daily batch processing model:

• Scheduled queries executed MERGE operations into curated reporting tables
• Ingestion logic was designed to be idempotent, ensuring consistent results across repeated runs
• Duplicate records were prevented and historical data remained stable

This provided a reliable foundation for financial reporting, where consistency and accuracy are critical.

 

Database-level access controls

Security controls were enforced directly within PostgreSQL:

• IAM-mapped service users were granted restricted, read-only access
• Column-level permissions ensured only approved fields were accessible
• Sensitive identifiers and PII were completely excluded from analytics queries

This created a clear separation between operational systems and analytical consumption.

 

Secure secret and credential management

Where credentials were required:

• High-entropy secrets were generated and stored in Google Secret Manager
• Secrets were never exposed in code, logs, or configuration files
• Rotation and access were fully traceable

This strengthened the organisation’s security posture while simplifying operational management.

 

Governed business intelligence layer

To make insights accessible to non-technical users:

• Looker Studio dashboards were built on curated BigQuery datasets
• Access was controlled through role-based permissions and service account authentication
• Dashboards provided consistent, standardised views across revenue performance, regional trends, KPIs, and application metrics

This ensured business users could explore data confidently without compromising governance.

 

Impact

The implementation delivered measurable improvements across security, compliance, operations, and business performance.

 

Security and regulatory alignment

• No sensitive financial or personal data exposed within the analytics layer
• Fully IAM-governed access model across all services
• Complete audit trail for data access, transformations, and infrastructure changes

 

Stronger data governance

• Strict enforcement of data minimisation principles
• Clear separation between production systems and reporting layers
• Improved trust in data through consistent, governed datasets

 

Operational efficiency and cost control

• Elimination of unnecessary real-time infrastructure
• Reduced compute and storage overhead through batch processing
• Simplified platform management using managed cloud services

 

Data reliability and consistency

• Idempotent ingestion ensured stable, duplication-free datasets
• Consistent historical reporting across all time periods
• Predictable outputs supporting financial accuracy

 

Business enablement

• Traders and marketing teams gained secure, self-service access to insights
• Faster, more confident decision-making based on trusted data
• Reduced dependency on engineering teams for reporting
• Standardised KPI definitions across departments

 

Outcome

The final platform represents a modern, secure, and compliance-aligned approach to analytics in regulated environments.

By combining federated data access, identity-first security, infrastructure-as-code, and governed reporting, we delivered a system that is:

• Secure by design, with no unnecessary exposure of sensitive data
• Audit-ready, with full traceability across all components
• Operationally efficient, avoiding unnecessary complexity
• Scalable and future-proof, supporting continued growth

This demonstrates that organisations can deliver powerful, self-service analytics capabilities without compromising the strict controls required in financial services.

 

---

Curious how to deliver self-service analytics without exposing sensitive data?
At Mesoform, we design secure, audit-ready platforms that give business teams access to trusted insights while keeping financial and personal data tightly controlled.

Speak to Mesoform → https://www.mesoform.com/