
Mondo bank taking £1m crowdfunding investment - trstnthms
https://getmondo.co.uk/blog/2016/02/15/invest-in-mondo/
======
cmdkeen
Disclaimer: I'm seriously considering investing in this. There was a very good
talk about their back end infrastructure at NDC London that makes me confident
in their tech chops. Some of the value add concepts on their website look
really useful for attracting customers.

Crucially I'm aware of just how much legacy cruft is holding back more
established retail banks. In the same way that things like newer airlines can
offer much better customer service at cheaper rates than the established
competition Mondo seems to have real potential to disrupt and innovate. Plus
there is a still a significant anti-banker mood where being a retail only
operation could be of significant benefit.

Finally banking has a pretty high barrier to entry, Mondo seems to have the
backing and management experience to get a licence. However it isn't something
that loads of Uber for X types or Samwer-esque clones can spring up overnight.

~~~
boothead
Got a link to the talk/slides? As someone who works in a bank I'd be really
interested what a truly green field approach looks like!

~~~
cmdkeen
Slides are at [https://speakerdeck.com/mattheath/handing-failure-in-
microse...](https://speakerdeck.com/mattheath/handing-failure-in-microservice-
architectures) Sadly not many of the videos are up yet. I'm pretty certain
they were recording all of the sessions so they should be coming at some point
via NDC.

------
dmitri1981
Here is a nice talk their founder did at London Hacker News Meetup
[https://vimeo.com/136918188](https://vimeo.com/136918188)

------
buro9
It's unclear from the blog, but will Mondo be using Crowdcube's A/B shares?

A lot of Crowdcube investments issue two types of share depending on the
investment size. At the higher end the A shares are regular shares, but
smaller investors usually get B shares that are not equal and grant fewer
rights.

The very simple question for Mondo, are all of the shares that you'll be
offering via Crowdcube on the same terms as the shares that Passion have for
their GBP 5m in the same round?

~~~
Jamieee
This as well as £/shares seems like two key things that haven't been answered.

~~~
tomblomfield
[I work at Mondo!] Investment will be at the same valuation as our VC investor
- £24m pre-money.

We'll be releasing details of terms & share-class next week before the
investment goes live. There are a few regulatory questions we need to settle
first.

------
gregdoesit
To me this seems like an opportunity to skip the waiting line of 30,000 people
for a payment of £10. In terms of the investment opportunity, it seems that -
like most of CrowdCube investments - it is hard to tell if and how this could
turn into anything profitable:

 _> We estimate we’ll raise another £10m to launch as a bank in Q4 2016,
although this may vary, and further capital raises will be necessary as the
bank expands its balance sheet_

E.g. in further investment rounds could the crowd investors be able to sell of
their shares? Do we even get shares for this investment? I will probably
invest, and probably a small amount, to understand more on how this crowd
funding really works (and to see if I can get a return in the next 10 years).

------
vegancap
I've been using their card for about 2 weeks, and I'll be investing whatever I
can afford for sure! It's a fantastic product.

------
consp
As usual with these things: What about app/server security. Simple token
verification is prone to abuse (malware) and spoofing is becoming a bigger
issue on mobile only platforms than ever before.

Server abuse is difficult, but not impossible and since getting a banking
licence usually does not verify any security measures, I'm wondering what they
already did (or didn't) do.

(I'm well aware of the state-of-the-art, and the usual less than so, security
of banking apps).

~~~
jhuckestein
[I work at Mondo] You raise a good point, indeed. Security is something we
take very seriously. As others have stated already on this thread, groups that
target banks are incredibly sophisticated and well capitalised. All other
banks face the same issues, of course, but unlike them we can't afford to
simply write off losses to cybercrime.

We see Mondo as an opportunity to build a great security culture from the
ground up. We're currently hiring a Head of Security role in London:
[https://getmondo.co.uk/careers](https://getmondo.co.uk/careers)

If you know anyone that

\- is an excellent communicator

\- likes to code and does so regularly

\- can think like a black hat (CVEs and PoCs please!)

\- doesn't mind writing the occasional policy document

please send them my way: jonas@getmondo.co.uk

BTW, at the moment we are not holding customer balances or approving
transactions so we're not a particularly juicy target, yet. That said, we've
already conducted pen tests and invited a number of security firms to come and
break our software :)

~~~
raesene4
FWIW, I saw that ad. Looks very interesting, but I think you may have a
challenge getting someone who is a Vuln researcher/pen tester type (who most
commonly have CVEs, PoCs to their name) who also has a decent knowledge of
banking security, policies etc and also is looking to graduate out of
technical work into team management...

Most of the pentesters/vuln researchers I know aren't huge fans of writing
ISO2700x style policies documents (actually thinking about it there aren't
many people who are fans of that kind of thing!)

if you're looking for non-traditional advertising routes for this you might
want to post on /r/netsec's hiring thread
[https://www.reddit.com/r/netsec/comments/3zfj6v/rnetsecs_q1_...](https://www.reddit.com/r/netsec/comments/3zfj6v/rnetsecs_q1_2016_information_security_hiring/)

~~~
jhuckestein
Thanks a lot for the link :)

I'd rather hire a CISO that understands security and teach them how to think
like a regulator than vice versa! Heck, I have long hair myself and didn't
have any contact with policy documents until just over a year ago. And both
our CTO and CEO like to write code.

Basically, we're looking for our Alex Stamos. Any more ideas you have how we
might find somebody like that and avoid the stigma of the "Bank CISO" job
would be much appreciated.

~~~
consp
[rant mode] From personal experience I can say that true crypto knowledge is
not needed as a Bank CISO. Just keep repeating 'hardware token only, hardware
token only' and everyone will trust you opinion at the expense customer
experience and true security. The reason that most banks use the
identifier+card method is because they don't want to change. (or don't see the
benefit of an improved customer journey without actual loss of security and
improved/lowered cost) [/rant mode]

~~~
abritishguy
[I work at Mondo]

>at the expense customer experience and true security

I always call this "lazy security"[1] and it's what you get when you hire some
security professionals to "make it secure". It's a mistake to separate
security from product design, the two should inform each other to come up with
a compelling product that remains secure. Separating them misaligns interests,
the security team will push for a change that improves security irrespective
of any impact it may have on user experience.

I think Touch ID is a great example of how a novel solution can improve both
security and usability.

At Mondo we are committed to investing time and energy into finding these
solutions, security at the expense of user experience is a last resort.

[1][https://medium.com/@danielchatfield/lazy-
security-32acc31fbd...](https://medium.com/@danielchatfield/lazy-
security-32acc31fbd59#.r24fbb4lc)

~~~
consp
I have to comment on touch ID: Biometrics are in no way an authoritative
option for the simple fact that they cannot be replaced. You can identify the
user with it, sure. But you should never use them to authorize anything
because if stolen or compromised, the user cannot change it. While you might
say the scanner + data storage is secure, this is just temporal and can change
over time. As revocation of the biometrics is identical to revoking the user,
this is to be avoided for authorizing transactions.

You can, however, identify the user with something like biometrics, and
afterwards request an authorization of the transaction with something else
(possession of key (good), +pin (better), or easiest a simple 'yes'(less than
good)).

------
anteht
Very interesting. As far as Mondo goes, it's great so far - am on the alpha
program and have been using it for almost a month now and very impressed by
it. Using it abroad was the main selling point, as that's always a mess
otherwise. Basically how banking _should_ be in a modern day and age, even
though it's only with a prepaid debit card at the moment.

~~~
grey-area
Can you or anyone else using the alpha give a bit more detail about what you
love about it?

How is the app compared to say Barclays or some other mainstream bank? Is
everything via the app rather than the website?

They have an API I think which is pretty cool for a bank, and I'm seriously
interested. Disappointed to hear they won't be doing business accounts too,
but I guess they want to stay focussed for now.

~~~
tomblomfield
Someone just posted a write-up [https://medium.com/@johnwmidgley/going-
fullmondo-8a536bc758a...](https://medium.com/@johnwmidgley/going-
fullmondo-8a536bc758a0#.vtwypshl2)

~~~
Ntrails
Using a debit card just seems like throwing away what should easily be 1%+ in
terms of possible rewards value by using a credit card instead? Not to mention
stronger protections.

~~~
alexbilbie
On the other hand though (at least in my experience in the UK) there are still
retailers such as airlines/hotels/transport companies that will penalise you
for using a credit card.

I've even seen in small shops signs that say they only accept debit cards.

On the other hand most UK current accounts at the moment are giving decent
rates on balances (my bank gives me 3% on balances between £3000-£20,000 as
well as direct debit cashback on bills and utilities).

------
treenyc
Hmm, what's the difference between this and Simple? Other than that it is
available in UK?

~~~
grabeh
With Simple, the banking services are provided by a third party bank, so
Simple provides a usability layer on top of an existing bank's services.

With Mondo, they are looking to actually become a bank.

So on a usability level, you may not actually see much difference, but on
another, it would seem like Mondo are fundamentally different as they will
have a level of flexibility to decide which banking services to provide to
customers. Although that's not so say that Simple couldn't use third party
services, they may not have the same level of independence which Mondo
wants/will have.

------
JazCE
I must admit i'm considering investing, depending on what other details are
announced when they are announced.

What i'd really like to see is a London centric bank (or perhaps building
society), one that understands the rental market and the ownership market.
It's insane that people (myself) pay more to rent somewhere than to buy
somewhere, yet are hamstrung by the fact that either they don't earn enough to
afford to buy, or don't have a deposit to afford to buy.

I thought Metro Bank might be that, but i think they're more focussed on
expanding outside of London.

~~~
kennydude
Mondo are looking at expanding outside of London. They have/had had an event
in Manchester to onboard people

~~~
JazCE
No doubt, and they'd be silly not to. I like Mondo, but i'm not sure there's a
crying need for Mondo... I just think London needs it's own bank.

~~~
kennydude
Just out of curiosity why do you think London needs it's own bank?

~~~
JazCE
Unfortunately I don't think I'm well read enough to give a proper answer.

However, the housing market in London is all over the place, and there isn't a
bank that has a direct interest in helping people on to the housing ladder in
London. I think if you had a London centric bank that understood the housing
situation and it's customers needs well, you'd capture a great sample of the
capital.

------
spuz
The fact that Mondo does not yet currently have a banking license in the UK is
a big risk. If you're thinking of investing consider the value of that
investment should the licence application fail.

~~~
contingencies
It is unlikely to fail irrevocably because, as some of the background articles
explain, there is evidence that UK regulators are actively trying to foster
competition at the moment, "the Prudential Regulation Authority’s fast-track
licensing regime"[0], partly in response to past abuse of trust by the
incumbents. I was impressed with UK response to recent crises, issuing reports
detailing very concrete measures to resolve institutional problems. As so much
of the UK economy relies upon finance, they do have a bit of a reputation to
uphold and cannot simply say one thing and do another indefinitely. At some
point they have to give... it's a license, not exactly Elgin's marbles.

[0] [http://www.independent.co.uk/news/business/news/first-
direct...](http://www.independent.co.uk/news/business/news/first-direct-boss-
and-metro-bank-founder-to-launch-digital-bank-atom-9248711.html)

------
JamesBaxter
Separate to the risks of investing, what are the risks of actually using Mondo
as a bank?

I really like the idea but can't shake the worry of a huge financial loss is
it actually possible?

~~~
jhuckestein
I work at Mondo. We will be a member of the Financial Services Compensation
Scheme (FSCS) and all customer deposits will be insured up to £75k per person.

During our current alpha test (and before we have a banking license), your
funds are actually held by our partner bank Wirecard.

 _Edit: The internet beat me to it. My work here is done :)_

~~~
onion2k
This answer doesn't say anything about being better. Or even different. If
someone asks the question "What are the risks of using this service?" and the
response is "Here's the legal minimum we have to do" then that doesn't really
fill me with confidence that you're trying to be better than my current bank.

That isn't to say you won't be better. Maybe you will be. It's just that your
answer here gives no indication.

------
financedfuture
>We aren’t a bank yet, but we are applying to the Prudential Regulation
Authority (PRA) and Financial Conduct Authority (FCA) for authorisation to
become one.

I don't want to be negative, but this is a huge consideration.

After 2008, unfortunately, regulations have made it much more difficult to
incorporate a bank and comply with the law. Is a million enough for that?

~~~
dmitri1981
Other way round. UK have regulators have realised there is a lack of
competition in banking arena and have made it much easier to start new banks.
Several challenger banks have already received their licenses under the new
rules

------
warrenmiller
Will they allow customers to buy and sell bitcoins without freezing their
accounts? That would be nice and novel for a UK bank.

~~~
abritishguy
[I work at Mondo]

Like any bank we will have an anti-fraud engine that proactively declines
transactions that have a high risk of fraud. We are going to work very hard to
ensure the false positive rate is very low.

That being said, the system will never be perfect and I'm sure you can
appreciate that it may be common for fraudsters to purchase bitcoin which
could cause some legitimate transactions get blocked.

If you have any questions feel free to email me daniel@getmondo.co.uk

------
zippoxer
The dude in the video editing 3 Go files on the same screen with Atom :P I
wish I was brave enough to do that.

~~~
mattheath
That was me ;) Atom's great until you save and goimports locks up the whole
UI. Think that is the protobuf interface used by the client and server in our
tracing tool, so handy having them all open!
[https://github.com/mondough/phosphor](https://github.com/mondough/phosphor)

~~~
zippoxer
I know, I used atom for a couple months until I found VSCode, it's lightning
fast compared to Atom and has a great go plugin I contributed to a couple of
times :) Oh, and goimports/goreturns don't lock anything, and the editor even
highlights their changes :)

------
simonswords82
There was a similar offering in the US called
[https://www.simple.com/](https://www.simple.com/). Looking at their blog it
seems that they launched back in 2010?

I wonder how they're getting on? Anybody got any metrics?

~~~
danpalmer
Simple were quite different, they weren't actually a bank, they were
essentially a nice front-end on an existing bank (from a regulatory
perspective), and onto traditional banking software (from a tech perspective).
The Mondo pitch deck available on their investor page explains some of these
differences.

~~~
simonswords82
Interesting thanks for the heads up, I don't know why I thought Simple were a
bank - good marketing I guess.

------
lowpro
I wanted to invest in Mondo when I first heard about it 6 months ago and was
disappointed. This has brightened my day, I just wish I could use it in the
US. I know it's coming, and I can't wait for the future.

------
ascorbic
I'm really excited about this. I can understand why they've started with iOS,
but I've not been able to find anything about their plans for Android, which
is a bit disappointing.

~~~
kennydude
Mondo has an API at least, so you can still use Mondo with a 3rd party app :)

~~~
zippoxer
I wouldn't give my bank credentials fora 3rd party app. Even if you forgo
trust, what happens when something goes wrong and the bank doesn't take
responsibility for the 3rd party app?

~~~
kennydude
At the very least it won't be nearly as bad as some of the existing 3rd party
apps which need all of your credentials to work properly. Mondo uses OAuth and
can just shut off the application really easily.

I know the whole 3rd party thing is a little dodgy sounding, but at the very
least Mondo could end up taking on a good 3rd party one and making it an
official app (like Reddit did)

------
treenyc
Does Mondo allow the user to keep track how their money is being invested?
With current technology that shouldn't be an issue.

~~~
jhuckestein
[I work at Mondo] Yes please! We're currently working out what form that will
take exactly.

Why do you ask this? I'm keen to hear what you'd like to see from us :)

During our current alpha test we don't invest your money at all. It's just
kept in cash with our partner bank Wirecard.

