January 24th was a big day for me. After working on the Sidecar platform since August, we went live with our first customer. It has been quite the journey over the last few months.
Back in August I left the insuretech where I was employee number two to start a fintech startup. Sidecar started as an idea, we didn’t even have a name, we were calling it NewCo until after we raised our seed round 😂 Sidecar Financial is a fintech. Our mission is to democratize access to high quality private equity and venture capital investments to as many investors as possible. Starting in private equity and corporate venture capital. We are a turnkey platform that allows PE and VC firms to offer employee co-investment programs. We handle everything from the employee vehicle structuring, employee investor on-boarding - multi-country eligibility, Allocation Request, AML, KYC, Tax review, and e-signature of plan documents.
Structuring a fund for participation by employees all over the world is no easy task. I feel like I have been given several slices of swiss cheese and asked to find a way to arrange the slices such that there is one and only one hole all the way through. No you can’t make a new hole through the slices either 😉. Thankfully we are able to work with some of the best fund attorneys in the world. I did spend a couple very late nights on the Cornel Law Blog trying to understand US securities laws, only to realize it was best to leave this work to professionals…
The Launch on the 24th was a big deal, not in terms of features, we started with a modest MVP. We now have an investor dashboard for employees to review their investments, a partner API to drive the data in the dashboard, manage the users and their investment vehicles and Admin tools to manage workflows and allow our customers to support their employee investors.
In terms of technology, we have a very exciting engineering house. We are cloud native, AWS for the win. All of our infrastructure is defined in Terraform. We have encryption end to end, in transit, at rest even the connection from the load balancer to the container is encrypted, anyone on the host will only see ciphertext even if they have wireshark running. We have a CI and CD pipeline powered by CircleCI, and the only reason to login to the AWS console is to look at logs since we have full log aggregation across everything into cloudwatch logs. The architecture is pretty tight, we have different AWS accounts for different scopes of work, our network is segmented and locked down, we even have VPN, AWS credentials via STS with MFA, etc, etc. It was a ton of work to build all of these pieces for the launch, and well worth it. We were able to make it through vendor risk, information security and privacy review for a fortune 500 company to become our first customer, thanks to the foundation. We still have a long way to go, and now we have production support to add to our list, so the journey is just beginning. I’m looking forward to the next five months!
- Title - Photo by NASA on Unsplash