EPISODE · Jun 17, 2026 · 32 MIN
Governing the Pipeline: Fusing CALM with Open SDLC | Karl Moll, FINOS
from FINOS Open Source in Finance Podcast · host FINOS
Karl Moll (Technical Project Advocate at FINOS) sits down with Grizz Griswold to discuss how CALM (Common Architecture Language Model) is acting as the structural glue connecting compliance projects across the banking ecosystem. He breaks down the momentum behind the Open SDLC Controls Framework and how these tools together build a secure, governable pipeline for unpredictable AI deployments.🇬🇧 Join us in London! Attend our free technical pre-forum workshops on June 23-24, right before OSFF London on June 25, 2026: https://hubs.ly/Q041YV9Z0 (Use Code: 26YTOSFFLN20C)🕒 Timestamps:0:00 CALM as the Glue for Governable Pipelines0:35 Podcast Intro, Forum Dates, and Venue Logistics0:55 Thank You to Our Sponsors: VMware by Broadcom & Global Partners2:20 Who is Karl Moll? The Role of a FINOS Project Advocate3:50 The June 23-24 Workshops: Free Technical Hands-On Sessions4:40 Deep Dive into CALM: Machine-Readable Enterprise Architecture6:30 Why Standard Architecture Specs Speed Up Bank Delivery8:55 Introducing Open SDLC: Codifying Software Development Controls10:45 The Duplication Pain: Why Banks Waste Millions on Custom Compliance12:55 Connecting CALM and Open SDLC into a Single Delivery Vector14:10 Shifting Left on Governance: Validating Architecture via CI/CD Pipelines15:30 Managing Opaque and Mission-Critical Financial AI Deployments17:45 Project Maturity Lifecycles: Launching vs. Firm-Wide Implementation19:50 Wrap-Up: How to Join the Free Open Workshops in London📊 The Problem: The High Cost of Isolated Governance SilosGlobal banks burn an astronomical amount of capital independently drafting manual, text-heavy architectural guidelines and software compliance controls. Because these definitions are trapped in static text files or slide decks, there is a total disconnect between enterprise architects, security teams, and developers. When dealing with highly complex, non-deterministic AI workloads, this manual verification bottleneck stops innovative features from making it to production safely.🏗️ The Solution: The Interconnected, Machine-Readable Delivery PipelineKarl Moll explains how FINOS is uniting distinct open-source projects to create an automated pipeline that validates itself:CALM as the Common Language: Moving architecture out of static diagrams and into a structured, machine-readable syntax that software pipelines can evaluate instantly.Open SDLC as the Rulebook: Standardizing the compliance taxonomy across institutions to prevent banks from reinventing software risk controls from scratch.Shifting Architecture Left: Merging CALM blueprints directly into Open SDLC validation engines so architecture patterns are automatically verified and audited during the standard git commit loop.⚙️ Why This Matters for Financial EngineeringCritical Momentum Windows: Catching these projects at an ideal evolutionary step—where CALM is actively being deployed to monitor core systems and Open SDLC is launching its V1 specification.Free Foundational Training: Bypassing vendor-locked educational programs to get engineers hands-on with neutral, industry-wide compliance infrastructure before the main conference.🌐 More about FINOS: https://www.finos.org/📧 Join our newsletter: https://www.finos.org/sign-up🎙️ Listen to our Open Source in Finance Podcast: https://www.youtube.com/@FINOS/podcastsLinkedIn: https://www.linkedin.com/company/finosfoundation#FINOS #OSFFLondon #CALM #OpenSDLC #ArchitectureAsCode #DevSecOps #ComplianceAutomation #FinancialEngineering #EnterpriseArchitecture
What this episode covers
Karl Moll (Technical Project Advocate at FINOS) sits down with Grizz Griswold to discuss how CALM (Common Architecture Language Model) is acting as the structural glue connecting compliance projects across the banking ecosystem. He breaks down the momentum behind the Open SDLC Controls Framework and how these tools together build a secure, governable pipeline for unpredictable AI deployments.🇬🇧 Join us in London! Attend our free technical pre-forum workshops on June 23-24, right before OSFF London on June 25, 2026: https://hubs.ly/Q041YV9Z0 (Use Code: 26YTOSFFLN20C)🕒 Timestamps:0:00 CALM as the Glue for Governable Pipelines0:35 Podcast Intro, Forum Dates, and Venue Logistics0:55 Thank You to Our Sponsors: VMware by Broadcom & Global Partners2:20 Who is Karl Moll? The Role of a FINOS Project Advocate3:50 The June 23-24 Workshops: Free Technical Hands-On Sessions4:40 Deep Dive into CALM: Machine-Readable Enterprise Architecture6:30 Why Standard Architecture Specs Speed Up Bank Delivery8:55 Introducing Open SDLC: Codifying Software Development Controls10:45 The Duplication Pain: Why Banks Waste Millions on Custom Compliance12:55 Connecting CALM and Open SDLC into a Single Delivery Vector14:10 Shifting Left on Governance: Validating Architecture via CI/CD Pipelines15:30 Managing Opaque and Mission-Critical Financial AI Deployments17:45 Project Maturity Lifecycles: Launching vs. Firm-Wide Implementation19:50 Wrap-Up: How to Join the Free Open Workshops in London📊 The Problem: The High Cost of Isolated Governance SilosGlobal banks burn an astronomical amount of capital independently drafting manual, text-heavy architectural guidelines and software compliance controls. Because these definitions are trapped in static text files or slide decks, there is a total disconnect between enterprise architects, security teams, and developers. When dealing with highly complex, non-deterministic AI workloads, this manual verification bottleneck stops innovative features from making it to production safely.🏗️ The Solution: The Interconnected, Machine-Readable Delivery PipelineKarl Moll explains how FINOS is uniting distinct open-source projects to create an automated pipeline that validates itself:CALM as the Common Language: Moving architecture out of static diagrams and into a structured, machine-readable syntax that software pipelines can evaluate instantly.Open SDLC as the Rulebook: Standardizing the compliance taxonomy across institutions to prevent banks from reinventing software risk controls from scratch.Shifting Architecture Left: Merging CALM blueprints directly into Open SDLC validation engines so architecture patterns are automatically verified and audited during the standard git commit loop.⚙️ Why This Matters for Financial EngineeringCritical Momentum Windows: Catching these projects at an ideal evolutionary step—where CALM is actively being deployed to monitor core systems and Open SDLC is launching its V1 specification.Free Foundational Training: Bypassing vendor-locked educational programs to get engineers hands-on with neutral, industry-wide compliance infrastructure before the main conference.🌐 More about FINOS: https://www.finos.org/📧 Join our newsletter: https://www.finos.org/sign-up🎙️ Listen to our Open Source in Finance Podcast: https://www.youtube.com/@FINOS/podcastsLinkedIn: https://www.linkedin.com/company/finosfoundation#FINOS #OSFFLondon #CALM #OpenSDLC #ArchitectureAsCode #DevSecOps #ComplianceAutomation #FinancialEngineering #EnterpriseArchitecture
NOW PLAYING
Governing the Pipeline: Fusing CALM with Open SDLC | Karl Moll, FINOS
No transcript for this episode yet
Similar Episodes
Mar 26, 2026 ·1m
Mar 19, 2026 ·34m
Feb 18, 2026 ·11m
Feb 11, 2026 ·45m