Rewriting the Same Controls-Over and Over Again? How FINOS and Kosli Are Fixing Software Compliance

Every bank needs to prove it’s compliant.
So why is every bank reinventing the same rules?

🔹 Manual, duplicative compliance across teams
🔹 Engineers stuck gathering screenshots for audits
🔹 Custom rules for common risks
🔹 Missed opportunity to define shared standards

Mike joins FINOS Aaron Griswold and explains why Kosli joined FINOS—and how defining shared SDLC controls can help regulated organizations stop wasting time and start delivering software faster and safer. Unpacking the real problems in regulated software delivery:

FINOS to Exploring Common Controls and Governance in Finance, Mike Long, CEO, Kosli | OS in Finance Podcast

For more FINOS videos visit their page: https://www.youtube.com/watch

⏱ Video Timeline

00:00 – Mike’s background: robotics, DevOps, regulation

02:23 – Common compliance pain in finance, defense, medical

03:33 – The duct tape approach: open source + custom controls

04:13 – What Kosli does: automate risk control evidence

05:27 – Why engineers—not just risk teams—benefit

06:52 – Why FINOS matters: shared pain, shared standards

08:26 – Defining common SDLC controls across the industry

09:23 – Words matter: auditors, engineers, and boundary objects

13:15 – FINOS as a community for solving the next thing

14:35 – Workflow pain masked as “AI problems”

18:43 – Agentic auditing and the future of compliance

🔗 Links
✅ Get the secure SDLC process template: https://www.kosli.com/secure-sdlc-process-template/
✅ Visit Kosli: https://www.kosli.com/
✅ Learn more about FINOS: https://www.finos.org/