Case Studiesarrow forward icon
How a Leading Wealth Manager Turned Legacy Risk into Strategic Advantage

How a Leading Wealth Manager Turned Legacy Risk into Strategic Advantage

Financial institutions operate under a unique set of constraints: strict regulation, fiduciary responsibility, and an absolute requirement for operational stability. These constraints often collide with the realities of modern software lifecycles—particularly when widely used open-source frameworks reach end of life.

This case study examines how Sanlam Private Wealth, a leading wealth management firm and subsidiary of the Sanlam Group, addressed the security and compliance risks created by an end-of-life AngularJS application without forcing a disruptive rewrite.

The Challenge: An End-of-Life Framework in a Mission-Critical Application

Sanlam Private Wealth relied on a long-running AngularJS application that supported critical client interactions and internal business processes. The application was stable, well understood, and deeply embedded in daily operations.

However, a routine security assessment revealed a serious issue: AngularJS had reached end of life.

This created several immediate risks:

  • Framework end of life meant no future security patches
  • Regulatory exposure under South African financial regulations
  • Client data risk, as sensitive high-net-worth information flowed through the application

As Sanlam Private Wealth noted, the application worked perfectly—but from a security perspective, it had become a liability.

Why Immediate Migration Was Not an Option

Sanlam Private Wealth evaluated the standard responses to end-of-life software:

  • Complete application rewrite
    High cost, 12–18 month timeline, and unacceptable disruption to client services
  • Accept the risk
    Not viable for a regulated, fiduciary organization
  • Find a bridge solution
    A way to eliminate security risk without operational impact

For a wealth manager, prolonged instability or rushed change was not acceptable. The firm needed security coverage without sacrificing continuity.

The Solution: Continued Security Support for AngularJS

After evaluating available options, Sanlam Private Wealth adopted Never-Ending Support (NES) from HeroDevs to secure its end-of-life AngularJS application.

The goal was explicit:

  • Eliminate immediate security exposure
  • Maintain regulatory compliance
  • Preserve uninterrupted client operations
  • Buy time for a planned, strategic modernization

This approach aligned with how financial institutions manage risk: mitigate known threats while preserving flexibility.

Implementation: Securing the Application Without Disruption

Before onboarding, Sanlam Private Wealth upgraded the application from AngularJS 1.5 to 1.8 in non-production environments, ensuring compatibility and minimizing transition risk.

The transition to Never-Ending Support was executed with:

  • No production downtime
  • No client impact
  • No operational disruption

During onboarding, additional AngularJS dependencies were identified. HeroDevs extended coverage to these libraries, ensuring full stack security, not just core framework support.

Results: Risk Eliminated, Stability Preserved

The outcomes were immediate and measurable:

  • 100% framework vulnerability remediation
  • Full compliance alignment with internal security policies
  • Zero business disruption
  • Restored audit confidence

Beyond security, the engagement delivered strategic value. With immediate risks addressed, Sanlam Private Wealth gained the ability to plan a long-term migration deliberately rather than under pressure.

As the firm summarized, the solution provided peace of mind and the breathing room needed to modernize responsibly.

Lessons for Financial Institutions

This case highlights how wealth managers and banks approach end-of-life software differently from less regulated organizations:

  • Stability matters as much as modernization
  • Unsupported software is a governance issue, not just a technical one
  • Security gaps must be closed immediately, even when upgrades are long-term
  • Specialized partnerships can reduce risk without creating new ones

For fiduciary institutions, technology decisions are extensions of trust.

Key Takeaway

End-of-life open-source software does not have to become a crisis.

Sanlam Private Wealth demonstrates that with continued security support, financial institutions can:

  • Secure unsupported frameworks
  • Maintain regulatory compliance
  • Protect client data
  • Modernize on their own timeline

This approach turns legacy risk into a managed, defensible strategy rather than an emergency response.

Read the Full Report

This blog post summarizes key findings from the full case study.
For deeper analysis, data, and real-world examples, download the complete report.

Download Case Study
Download PDF