Testing FinTech: Risk-Based Approach in Automation

It is crucial to have a deep understanding and analysis of the business domain for effective software testing. By understanding the core expectations from both business and user standpoints, planning and organizing the tests become wiser and more effective.

Working on financial software has made me more cautious about testing given its sensitivity to risk factors and high-impact nature. I want to share some ideas that can help software development teams align their automation test layer with the business requirements and risk factors.

Identifying what is important

Aligning the testing process with the most critical areas of the software makes it easier to discover the main areas that can cause a problem if they don’t work as expected.

To identify the risks, knowing the product and business requirements is essential. Each software product is characterized by some desired quality aspects such as usability, understandability, efficiency, etc. There are different sectors and services under the Financial Technology umbrella, each with its own quality aspects to be recognized when formulating a testing strategy. However, Reliability emerges as a common crucial factor and contains different aspects:

• Safety and Security: User should trust the application to handle their sensitive personal/business data.
• Dependable Data: Providing accurate and real-time financial data in such products is crucial, ensuring that analyses and calculations are reliable for users to make informed decisions.
• Understandability: Any confusion or complication could potentially cause significant problems in the user’s actions and lead to unwanted consequences. Therefore, ensuring a smooth and clear user experience is essential for building a reliable financial product.

The risky areas in the application are those where a failure can impact the most important quality aspects expected from the software. So, the defined quality aspects of the software can be used to classify risks to target in testing.

Risk targeted Test Automation

The automation testing strategy involves selecting proper test cases that add value to the product by covering specific failures. Adopting the risk-based approach helps prioritize the test cases by focusing on the most important values and qualities in the product based on the impact and potential risks. This optimizes the time and effort that goes into automation.

Define what to test

Test automation scenarios should target specific failures. The role of risk assessment is to select which kinds of failures are worthy of targeting in automation scenarios. To define the value of these scenarios, we consider two factors: 1- The probability of failure, and 2- The severity of consequences in case of failure.

source: Neha Bharati, “Test Coverage Techniques Every Tester Must Know”

Consider asking these questions: “Why are we testing this?”, “What is the impact of the targeted failure?”, “How likely are users to encounter this failure?”. If the answers show that automating the test would mitigate the impact of the targeted failure, then you have a prioritized test case.

Define how to test

A risk-based automation suite should contain the scenarios prioritized and selected beforehand. The scenarios should represent the most straightforward and expected flow of user interactions so that they can catch a failure that can happen during a basic user interaction. This approach also will help to minimize the number of test scenarios in the end-to-end testing phase aligned with the test pyramid principle.

Conclusion

Risk-based approach helps to determine the test value and minimize the number of automation test cases. By identifying risks related to key business values, testers can efficiently prioritize testing efforts where they are most needed. There are basic steps to achieve this method in the testing process:

• Find the risky areas in the application where a failure can impact the most important quality attributes
• Determine the value of the tests based on the probability and impact of these risks
• Prioritize the high-value tests, and eliminate the low-value tests.
• Shape the test scenarios to specifically target the potential failure points. The scenarios should aim to fail in case of a “risky” failure.