Ulrike Czekay

The Revolution of Cash Flow Analysis: From Rigid Rules to Intelligent Vectorization

The precise analysis of financial transactions is essential for effective financial planning. However, identifying regularly recurring payments, such as subscriptions, has long been a challenge. Traditional, rule-based approaches are quickly overwhelmed by complex and dynamic financial transactions. wealthAPI has developed a solution that overcomes these limitations. By using artificial intelligence and vectorization, we transform raw transaction data into valuable insights. Our system goes far beyond simple rule sets. It enables precise and reliable identification of recurring payments, even with minor deviations or new payment providers.

Rule-Based Systems: The Limitations of Traditional Approaches

The cash flow analysis of our budget planner reliably recognizes and distinguishes between regular and irregular transactions. Frequent but irregular transactions are reliably ignored. The same applies to particularly large transactions that do not reflect regular spending behavior.

The identification of regularly recurring transactions is technically not trivial. We also faced the challenge of clearly identifying recurring payments in the bank transaction history. The reason: the previously used rule-based systems work with clearly defined rules to identify payments based on specific criteria.

An Example of Rule-Based Identification of a Netflix Subscription

The rules:

• Amount: Each payment must be exactly €15.99.
• Frequency: Payments must be monthly, on the first working day of the month.
• Recipient: The recipient must be "Netflix".
• Currency: The currency must be Euro.

The system searches the transaction history for payments that meet all the above rules. If a payment is found that meets all criteria , it is identified as a Netflix subscription.

The problem: This method is very rigid. It only works if the payments exactly match the defined rules. Even small deviations, such as a fee increase or a late payment, lead to transactions not being recognized correctly. In addition, with a large number of different subscriptions and payment providers, a large number of rules must be created and maintained. Furthermore, changes in payment modalities (for example, price increases, changes to the payment date) mean that rules must be adjusted.

Such a rule-based system is not flexible enough. It cannot handle the variety of payment methods and providers and map the diverse constellations of payments. In particular, the search for exact matches is problematic. Even small spelling deviations such as "Netflix" versus "Netflix Inc." lead to recurring payments remaining undetected. In short: identification based on rigid rules is not able to map the complexity and dynamics of modern financial transactions. It cannot guarantee reliable recognition of recurring payments.

Vectorization: Transactions as Data Points

For us at wealthAPI, this is an unacceptable situation. That's why we have developed a solution that uses AI to convert raw transaction data into usable insights. To do this, our system uses vectors to group or embed transactions into recurring payment patterns.

Imagine each transaction as a point in a multidimensional space. This space has many dimensions: for example, for the amount, for the merchant, and for the date. The more similar two transactions are, the closer they are in this space. Our system converts these transactions into so-called vectors. A vector corresponds to a numeric code that contains all relevant information about a transaction. These vectors allow us to calculate similarities between transactions mathematically. Vectorization is comparable to creating a digital fingerprint for each transaction.

Through the vector-based system, we achieve and ensure very high accuracy – especially for recurring payments with small feature differences. From subscriptions to insurance payments, our system delivers reliable results. At the same time, it offers the speed and scalability that our partners need.

Astra DB: The Perfect Home for Our Vectors

To store and search these vectors efficiently, we use DataStax Astra DB. This database is specifically designed to process large amounts of data at high speed. It allows us to quickly find and group similar transactions. Astra DB is like a state-of-the-art library where every book (in our case: every vector) has a unique place and can be found quickly.

A Netflix subscription, for example, could be characterized by the following features:

• Amount: €15.99
• Merchant: Netflix
• Frequency: Monthly
• Payment date: Beginning of the month
• Description: Streaming service

These features are converted into a vector. When a new transaction is received, its vector is compared with the already stored vectors. If a vector shows a high similarity, the new transaction is assigned to the corresponding cluster, for example, "Netflix subscription."

And this is how it works:

• Data capture: When bank transactions are received, for example, through a data import, the wealthAPI backend publishes them in a message queue for asynchronous processing.
• Embedding creation: Each transaction is then converted into a numerical vector (for example, [0.12, 0.65, 0.78, …, 0.23]) using the vectorization function.
• Vector storage and search in the database: The embeddings are then stored in the database. Vector similarity searches allow the system to find and cluster similar transactions.
• Regularity analysis : The clusters are analyzed to identify recurring payments and classify them into contracts such as "Netflix – streaming service – monthly" or "foreign health insurance – health – annually".

Astra DB ensures that the entire process is scalable and responsive, even with large data volumes. Strict data security measures are also observed. This ensures that end users and their transactions remain anonymous and are protected from external access.

Handling Large Data Volumes

We process thousands of transactions every day. To meet this high data load, we needed a database that is both fast and flexible. Astra DB, based on Apache Cassandra, fully meets these requirements and can also be integrated into AI workflows. Astra DB enables us to process large amounts of data while performing highly accurate similarity searches.

But not only we and our partners benefit from this, but also the end users. They can use a search function to search for specific expenses without having to know exact categories. For example, if a user enters the word "health," all transactions related to health expenses are displayed. These can be insurance premiums or gym memberships.

This is made possible because our system also converts the user's search query into a vector. It then searches the database for the most similar vectors. This allows us to provide precise answers to semantic search queries and an intuitive, powerful search function. The vector search function makes this type of semantic search fast and accurate.

Conclusion: With Vectors to Intelligent Cash Flow Analysis

The vectorization of transaction data has taken the cash flow analysis of our budget planner to a new level. By converting transactions into vectors, we can calculate similarities between payments and identify spending patterns.

Our system, based on the powerful database Astra DB, offers numerous advantages:

• High accuracy: Even with small deviations in the transaction data, recurring payments are reliably recognized.
• Scalability: Our system can process large amounts of data efficiently and is equipped for future growth.
• Flexibility: The system automatically adapts to new payment providers and models.
• Intuitive search: End users can search for terms and get precise results without having to know exact categories.

With our solution, we enable consumers to better understand and manage their finances. The precise identification of recurring payments is an important step towards intelligent and personalized financial planning. And the beginning of a wealth management that stands on solid ground. Wealth-Management.

by Ulrike Czekay

The FIDA Discussion: Opportunity or Setback for the Future of European Finance?

Recently, there has been an uproar in the financial world surrounding the Financial Data Access (FIDA) regulation – an initiative that was supposed to shape the future of the European financial landscape in a sustainable way. As the CEO of a company operating at the intersection of traditional finance and digital innovation, I would like to share my perspective on the recent developments.

The FIDA Rollercoaster

The past weeks have been like a real rollercoaster ride: First, news circulated that the EU Commission intended to completely withdraw the FIDA regulation, then rumors followed about a possible 180-degree turn. Currently, however, everything indicates that the project will continue for the time being. FIDA was still listed as a "pending proposal" in the Commission's 2025 work paper published on February 12, 2025. A development that I fundamentally welcome.

The original idea behind FIDA is clear and forward-looking: The PSD2 reform (open banking for payment accounts) is to be extended to all financial services. This would mean that third-party providers could access not only account data, but also customer data from investment products, portfolios, and loans. Of course, always with the customer's consent. Unlike PSD2, financial institutions such as banks should be allowed to charge for providing this data, which I consider a sensible approach.

Between Lobbyism and Legitimate Concerns

Criticism of FIDA came primarily from the insurance industry and partly from the banking sector. This reaction is understandable, as any opening of data silos means change and potential new competitors. Especially for insurance companies, FIDA would be a paradigm shift, as they have not yet been confronted with "open finance" requirements.

However, the original FIDA proposal did have weaknesses that would have led to unnecessary bureaucracy and burdens for companies. According to many stakeholders, the complexity and implementation costs were disproportionate to the perceived benefits for customers.

The Danger of a Missed Opportunity

A complete withdrawal of FIDA – or even just a years-long delay – would be a significant setback for the digital transformation of European finance. As a company that develops digital interfaces for asset managers, we experience the challenges of the status quo daily: Without uniform standards, we have to build separate interfaces for each individual bank. An enormous effort that slows down innovation and scaling.

Today's asset landscape is fragmented. Customers maintain multiple banking relationships, their assets are distributed across various custodians, and specialized service providers offer different services. Without standardized data access, it becomes increasingly difficult to provide customers with a holistic overview of their financial situation and to offer tailored solutions based on that.

Lessons learned from PSD2

The implementation of PSD2 has shown that well-intentioned regulation can miss its mark through over-regulation. A concrete example from our practice: The need for two-factor authentication for transaction data older than three months poses an unnecessary hurdle for users. Such details may seem small but have massive impacts on usability and thus on the success of the entire initiative.

The better approach would be for the EU to define clear goals: such as reducing fraud cases to a certain percentage. It should then leave it to companies to decide how to achieve these goals. This approach would promote innovation instead of stifling it with rigid requirements.

International Competition Is Not Waiting

While Europe debates, other regions are acting. We are in a global competition for the best financial solutions, and every delay costs us ground. Especially for European FinTechs, the lack of standardized data access becomes a growth inhibitor. Missing standards lead to complex and costly individual developments that can stifle innovative business models in their infancy.

The Future of Wealth Management Needs Open Finance

In a time when we can unlock completely new possibilities for wealth management through artificial intelligence and machine learning, access to comprehensive data is the key to success. A data-driven wealth management, as we strive for at wealthAPI, enables:

• Individual investment strategies, precisely tailored to each customer's goals and risk tolerance
• Automation of routine tasks, allowing advisors to focus on value-added activities
• Transparent decision-making, where customers have insight into their investments at all times
• Scalability, to ensure high quality standards even with increasing customer numbers

All these benefits can only be fully realized if we have simple, standardized access to all relevant financial data. Exactly what FIDA was supposed to enable.

The Way Forward

The current situation also offers an opportunity: We can learn from the discussions and criticisms and develop an improved FIDA proposal that takes into account the legitimate concerns without losing sight of the fundamental goal.

As an entrepreneur, I am ready to actively participate in shaping such an optimized proposal. We need a framework that promotes innovation while ensuring the protection of customer data and avoiding unnecessary bureaucracy.

I expect three things from the EU Commission:

1. Determination: A clear commitment to the basic idea of open finance.
2. Pragmatism: The willingness to learn from the mistakes of PSD2 and avoid superfluous regulation.
3. Speed: An ambitious timetable to avoid falling behind other regions.

The democratization of wealth management, i.e., high-quality financial advice for everyone and not just for the wealthy, will only succeed with an open data landscape. FIDA could create the decisive framework for this.

A Future-Oriented Outlook on Europe's Financial Landscape

The current discussion about FIDA is more than just a technical regulatory debate. It is about the fundamental question of how we position European finance for the digital future. A complete departure from the open finance principles would be a serious strategic mistake.

As a technology provider at the intersection of traditional wealth management and digital innovation, we see daily the potential that lies in an intelligent linking of financial data. Realizing this potential – for the benefit of consumers and to strengthen the European financial center – should be our common goal.

The future of wealth management will be hybrid: the perfect balance between human expertise and technological innovation. To make this vision a reality, we need a smart, balanced regulatory framework for access to financial data. Nothing less, but also nothing more.

by Ulrike Czekay

wealthAPI Corporate Values: The Foundation for Our Success

In today's dynamic business world, company values are more than just buzzwords on a website. They are the heart of an organization, shaping its culture, guiding decisions, and paving the way to success. Clear and authentic values create a common ground, foster employee engagement, and strengthen relationships with customers and partners.

To create a strong and genuine company culture, we focused on developing authentic values that reflect how we truly operate at wealthAPI. These values are designed to be clear, actionable, and resonate with our team. During a collaborative workshop in summer 2024, our team collectively shaped the following "company values." We regularly engage in feedback sessions to ensure these values remain relevant and are consistently applied in our daily work, fostering a culture of continuous improvement and alignment.

wealthAPI's Values: A Compass for Innovation and Success

At wealthAPI, company values are not just a guideline but a living expression of the corporate culture. They reflect the passion, innovation, and commitment that drives the team.

1. Drive Innovation

"We embrace constant change and adopt new technologies - such as AI - but with us in the driver seat. We
constantly seek for new ways to get things done and are prepared to leave our comfort zone."
This value underscores wealthAPI's commitment to innovation. We are dedicated to pioneering new approaches and continuously developing to stay at the cutting edge of technological advancement."

2. Empower our customers

"We put our customers first. Our business relations are governed by mutual respect and fairness. Whatever we do, we think B2B2C to make our customers successful. Their growth is our growth."

This value highlights wealthAPI's dedication to collaborative success. We believe in fostering long-term partnerships that drive shared growth.

3. Communicate efficiently

"We communicate openly and do not hesitate to ask questions or give feedback. We show transparency on all levels including business development and KPIs. Written documentation is the preferred way."

Efficient communication is essential for any successful company. wealthAPI values open and transparent communication to avoid misunderstandings and promote collaboration.

4. Own your sh*t

"When we own a product or process we think it through and fit it into the bigger picture. Each of us is asked to take ownership on our own initiative. We act responsible and make it our problem."

This value emphasizes the importance of accountability and proactive engagement. We empower all employees to take ownership of their responsibilities and actively drive wealthAPI's success.

5. Focus on the right things

"We balance excellence and speed, using the right methods. We adjust our quality standards to meet the specific needs of our customers."

This value highlights wealthAPI's commitment to strategic focus and efficient execution. We prioritize key objectives to achieve excellence in quality while maintaining a rapid pace of delivery.

6. Enjoy the ride:

"We want to create meaning and impact with our actions. So: Have fun. Be yourself. Respect and help each other."

This value underscores the positive and supportive work environment at wealthAPI. The company values a pleasant working environment where employees feel comfortable and can develop.

A Strong Foundation for the Future

wealthAPI's company values are more than just words. They are a compass that guides the company into the future. They reflect the passion, innovation, and commitment of the team. These values foster a positive corporate culture, strengthen relationships with customers and partners, and form the foundation for sustainable success.

We express our heartfelt appreciation to all wealthAPI team members for their daily commitment to these values, which significantly contributes to our company's success!

by Ulrike Czekay

DORA: Setting a New Standard for Cybersecurity in Finance

The EU has implemented a vast array of regulations designed to oversee the financial sector. This is essential for maintaining a stable and secure financial market, protecting consumers, and fostering fair competition.

Now, DORA, the Digital Operational Resilience Act, is being introduced. This regulation focuses on strengthening the cybersecurity and digital resilience of the financial sector. Its aim is to better equip EU financial institutions to withstand cyberattacks and digital risks, thereby ensuring the stability of the financial system.

As of January 17, 2025, DORA will be applicable to all financial institutions, including banks, savings banks, insurance companies, asset managers, and financial service providers. This broad scope encompasses entities such as factoring or leasing companies, and even account information service providers like wealthAPI.

Cyberattacks in the financial sector: A growing threat

The interest of cybercriminals in financial institutions is unsurprising, given that these companies deal with two highly valuable assets: money and sensitive data. With the financial sector being highly digitized, it presents an attractive target for cyberattacks. 2023 The number of cyberattacks targeting banks is on the rise. In 2023, BaFin received 235 reports from banks about severe IT issues, including cyberattacks. Although the 2024 data is not yet final, it's expected to show an increase. This trend is mirrored globally, with JP Morgan reporting a staggering 45 billion suspicious cyber events per day in spring 2024.

hrough DORA, the EU seeks to enhance cybersecurity and digital resilience in the financial sector. By mandating stricter digital safeguards for financial institutions, the EU aims to mitigate risks such as data breaches, ransomware attacks, and operational disruptions. The protection of sensitive customer information, including account and payment details, is a paramount concern.

The overarching goal of these stringent requirements is to safeguard the stability of the financial system. Cyberattacks on individual financial institutions can have systemic implications, affecting the broader financial market. A case in point is the November 2023 cyberattack on the US subsidiary of the Industrial and Commercial Bank of China, which temporarily disrupted US Treasury bond trading and necessitated manual clearing.

Cyberattacks pose a dual threat: they can disrupt critical systems and erode public trust. It is clear that without robust security measures to protect financial data, consumers will be hesitant to embrace digital banking services. The traditional savings account under the mattress could once again become the preferred method of saving.

DORA: Laying the Groundwork for a Secure Digital Financial Future

While DORA presents challenges for financial institutions, it ultimately enhances their digital resilience, offering long-term advantages. But what does this regulation entail? What specific actions are required of financial service providers? The mandates can be categorized into several key areas:

• Comprehensive ICT Risk Management
  Financial institutions are required to conduct a thorough inventory of all their IT systems, processes, and data, identifying and assessing potential risks. This involves evaluating the likelihood of vulnerabilities being exploited and the potential consequences of such incidents. To mitigate these risks, financial institutions must implement specific measures, such as enhanced technical security controls and employee training.

• Enhancing Digital Resilience
  Financial institutions need to be able to maintain critical business functions during and after disruptions. Detailed contingency plans must be developed and regularly tested to ensure a swift and effective response to incidents. These regular stress tests are designed to evaluate the resilience of IT systems against a variety of threats.

• Transparent incident reporting
  DORA mandates that financial institutions report specific IT incidents to the supervisory authority, BaFin. These incidents can range from cyberattacks to critical system failures. Furthermore, incidents must be classified based on their severity and potential consequences.

• Enhancing Third-Party Relationships
  Financial institutions need to strengthen their relationships with external service providers by ensuring that these providers adhere to stringent security standards. Contracts with third parties must clearly outline cybersecurity requirements and establish protocols for incident response.

Implementing DORA necessitates a holistic approach to the IT environment, requiring close collaboration across all relevant departments. While DORA imposes stringent requirements on financial institutions, these measures ultimately contribute to enhanced security.

By enhancing their resilience as mandated by DORA, financial institutions become better prepared to mitigate the impact of disruptions and cyberattacks. This reduces the risk of data breaches, safeguarding sensitive customer information. Consequently, customers and business partners have greater confidence in these institutions. Successful implementation of DORA can significantly enhance an institution's reputation and competitive advantage.

Specific Measures for DORA Implementation

Although DORA does not dictate specific technical solutions, it establishes clear cybersecurity requirements. These requirements can be met through various concrete measures tailored to each financial institution's unique circumstances. For example:

• Data Encryption: All sensitive data, both at rest and in transit, must be encrypted to prevent unauthorized access.
• End-to-End Encryption: To protect highly sensitive data, such as online banking transactions, end-to-end encryption is essential.
• Role-Based Access Control (RBAC): Each employee should only have access to the information and systems necessary to perform their job duties.
• Multi-Factor-Authentification (MFA): To enhance security, access to critical systems should be protected by MFA, requiring additional verification beyond passwords.
• Real-Time Monitoring: IDPS systems should continuously monitor the network for suspicious activity and be able to detect and block attacks in real time.
• Unauthorized Access Protection: Firewalls should be used to filter network traffic and block unauthorized connections.
• Regular Updates: Software and systems must be kept up-to-date to address known vulnerabilities.
• Employee Awareness: A comprehensive employee training program is essential to foster a security-conscious culture and minimize the risk of human error.

Challenges in Implementation

The list demonstrates that the challenges of implementing DORA are significant. The EU adopted the regulation in December 2022 and published it in the Official Journal of the European Union on January 16, 2023. Financial service providers were thus given 24 months to implement the requirements.

Time that was needed. Adapting IT infrastructure and training employees is complex and costly. In the worst case, business processes had to be fundamentally revised. Close cooperation between different departments is essential to meet the new requirements.

Large institutions such as banks or insurance companies can address this problem with a lot of expertise and money. Smaller companies may find it more difficult to implement the new requirements due to limited resources and know-how. The higher costs can lead to competitive disadvantages and make it difficult to retain customers. There is a risk that smaller players on the market will be disadvantaged or even disappear altogether.

It is particularly critical for companies that are less digitally affine. DORA will put them to a severe test. Analog processes must be converted and adapted. Digital companies like wealthAPI can, on the other hand, view the regulation calmly. Although I cannot speak for others, our IT infrastructure is fundamentally geared towards security. We have been meeting the requirements stipulated by DORA for a long time. (Read more about our Security Requirements .)

Impact on Consumers: More Security, but Also Higher Costs?

DORA doesn't only have consequences for financial service providers. Users will also notice effects in the short or long term.

It's clear that increased security allows customers to conduct their financial transactions with greater confidence. Sensitive customer data such as account information, payment data, and personal data is better protected. This reduces the risk of identity theft and fraud. A stable financial system also protects consumers' savings and minimizes the risk of losses in financial crises or cyberattacks. This security ensures that consumers can better plan their financial future. In the long term, customers benefit from innovative products and services enabled by DORA. These could include, for example, improved mobile banking apps or personalized financing offers.

However, the higher security requirements could indirectly lead to higher fees or restricted services. To ensure security, certain services could be restricted or made more difficult. This could include, for example, international transfers or certain payment methods. Less profitable products or services could even be discontinued if they do not meet the new security requirements.

DORA – A Milestone, But…

DORA is a significant step forward in enhancing cybersecurity within the financial sector. However, the fight against cybercriminals is a constant race against time. While DORA establishes new standards, cyber attackers are also continuously evolving their tactics.

The success of DORA ultimately depends on how consistently financial institutions implement the new requirements and adapt to the ever-changing threat landscape. In addition to technical measures, the human factor is also crucial. Phishing attacks and social engineering specifically exploit human curiosity and carelessness. Only through a combination of robust IT systems and trained personnel can financial institutions effectively protect themselves against cyberattacks. Continuous employee training and a strong security culture are essential.

by Ulrike Czekay

Artificial Intelligence (AI): The Future of a better Fintech world

Artificial Intelligence (AI) and Machine Learning (ML) are transforming the financial services industry

Artificial Intelligence (AI): When machines exhibit human-like intelligence

Machine Learning (ML): A subfield of artificial intelligence

Machine Learning, a subset of AI, concentrates on developing algorithms capable of learning from data without being explicitly programmed. The quality of the training data significantly impacts the model's performance.

This is how AI and ML are used in finance

wealthAPI: Empowering personalized finance with AI and ML

Data aggregation and processing: The backbone of wealth-AI

• Using current account data (PSD2), we've developed a , that offers our customers' users a clear picture of their spending habits.
• Custodial account data:Contains details on holdings such as stocks, mutual funds, and exchange-traded funds.
• Historical data: Allows for the evaluation of previous investment returns.
• Contractual data:Allows for the identification of recurring payments, premium adjustments, and contract term lengths.
• Simulated portfolios: Our partners' clients have the ability to test different investment strategies using simulated portfolios.

Training artificial intelligence models using anonymized dataset

Future vision: AI-powered performance analysis and wealth accumulation

• Analyzing individual portfolio performance: The AI will be able to analyze the performance of each individual client's portfolio, comparing it to similar portfolios (peer group), and identifying potential areas for improvement.
• Integrating real estate values: wealthAPI plans to include real estate values in its analysis to provide users with a comprehensive overview of their assets.
• AI-powered wealth-building plans: wealthAPI will provide partners' clients with AI-generated plans to help them achieve their financial goals.

by Ulrike Czekay