Everyone building financial data integrations immediately reaches for API connections. Direct system-to-system communication through REST APIs feels like the professional approach. Modern. Sophisticated. The right way to do things.
After watching dozens of integration projects, I'm convinced APIs are often the wrong choice.
The Beginner's Enthusiasm
New developers love APIs because they seem elegant. You send a request, get structured JSON back, and parse it into your system. No messy file handling, no manual imports. Everything programmatic and clean.
The appeal makes sense initially. APIs provide documentation, authentication, and standardized endpoints. You feel like you're building proper software architecture rather than cobbling together file transfers.
This perspective ignores how financial APIs actually behave in production. They have rate limits that throttle your requests. They change versions with minimal notice. Authentication tokens expire. Endpoints return different data structures based on account configuration.
The Expert's Reality
Experienced integration specialists know that CSV file transfers via SFTP are often more reliable than API connections. This sounds backwards until you've maintained both approaches for several years.
File-based integration gives you complete control over timing and retry logic. If transfer fails, the file sits on the server waiting. You're not fighting rate limits or timeout errors. When formats change, you update your parser once instead of debugging API wrapper libraries.
Consider error handling complexity. API failures cascade through your application. Network timeout? Your entire sync process halts. API returns unexpected data structure? Your parser breaks. Rate limit exceeded? You're implementing exponential backoff algorithms.
File transfers fail differently. File doesn't appear? Wait and retry. Format changed? You still have the file to analyze. Processing fails? The source data remains intact for debugging.
The Maintenance Burden
APIs require ongoing maintenance that nobody accounts for during project planning. Third-party systems update their APIs, forcing you to update integration code. Authentication methods change. Endpoints get deprecated.
Financial institutions are particularly bad at API stability. Banks regularly modify response formats, add mandatory fields, or change authentication requirements with minimal warning.
File-based integration is boring, which is exactly why it works. SFTP has worked the same way for decades. CSV parsing logic rarely needs updates. Your integration runs quietly for years without constant developer attention.
The controversial truth: modern doesn't mean better. Sometimes the old boring solution is the right architecture.