You’re three commits deep into a payment form validator.
Someone on your team found an IBAN regex on Stack Overflow six months ago. It works most of the time. For de-DE locales, the currency formatter breaks because nobody bothered to check. The Luhn algorithm? Copy-pasted from a GitHub gist in 2019, and now nobody wants to touch it because it’s been in production for two years.
Welcome to fintech development.
Every banking app, every payment product, every company that touches money has written this code. And rewritten it. And inherited the third version while trying to figure out why it even exists.
The Problem Nobody Talks About (But Everyone Lives With)
Financial validation isn’t hard. It’s repetitive. And repetition breeds bugs. Currency formatting rules vary by locale. IBAN formats differ across 80+ countries. Card networks have validation logic that changes. Loan calculations need amortization schedules. Sort codes, ABA routing numbers, VAT IDs—each one requires its own implementation, edge-case handling, and eventual refactoring when you realize version one was wrong.
The real cost isn’t the initial build. It’s the maintenance tax. It’s the developer who inherits a loan calculator buried in a utility file and has to reverse-engineer whether the math is correct. It’s the security question nobody asks: “Are we validating user input properly everywhere?”
Enter finprim: One Library to Stop the Madness
finprim is a zero-dependency TypeScript library built specifically to kill this pattern. It’s not flashy. It doesn’t use buzzwords. It just handles the financial primitives your app actually needs:
- IBAN validation (80+ countries) with formatting
- BIC/SWIFT codes
- UK sort codes and account numbers
- Card number validation with network detection
- EU VAT numbers
- US ABA routing numbers
- Loan and EMI calculations with full amortization schedules
- Multi-locale currency formatting and parsing
One consistent API. Fully typed. Zero external dependencies.
“Every fintech team builds this stuff. Then rebuilds it. Then inherits the third version and tries to figure out why it exists.”
The Bit That Actually Matters: Branded Types
Here’s where finprim stops being just another validator library.
Every function returns a discriminated union—either { valid: true, value, formatted } or { valid: false, error }. Standard stuff. But the values themselves are branded types. Not just strings. Actual TypeScript types:
type IBAN = string & { __brand: 'IBAN' }
type SortCode = string & { __brand: 'SortCode' }
This means your TypeScript compiler becomes a financial validation cop. Try passing an unvalidated string where an IBAN is expected?
function processPayment(iban: IBAN, amount: number) {
// ...
}
processPayment(userInput, 100) // Compile error. userInput is just a string.
You can’t bypass it. You have to validate first. And that catches an entire category of production bugs—the ones where someone forgot to validate before processing.
This is the kind of thing that makes security people happy. And it costs you nothing at runtime.
Does It Play Nice? (Spoiler: Yes)
finnprim isn’t a walled garden. If you’re already using Zod, React, or NestJS, there are optional integrations that make it feel native.
With Zod:
import { z } from 'zod'
import { ibanSchema, sortCodeSchema } from 'finprim/zod'
const PaymentSchema = z.object({
iban: ibanSchema,
sortCode: sortCodeSchema,
amount: z.number().positive()
})
With React, the hooks format as you type and validate in real time. In NestJS, you drop a pipe decorator on a route parameter and the validation happens automatically.
No ripping and replacing. No massive refactors. Just… integration.
The Financial Calculations Nobody Wants to Get Wrong
EMI calculations are baked in. If your app does loan products, you need amortization schedules. finprim gives you both:
const monthlyPayment = calculateEMI(100_000, 10, 12)
const schedule = getLoanSchedule(100_000, 10, 12)
You get a full breakdown—principal, interest, balance for every month. That’s the stuff that usually ends up in a spreadsheet, gets handed to a developer, and somehow becomes a utility function nobody maintains.
What Actually Ships
The core library handles the validation. But finprim also ships with some non-negotiable safety features:
- String validators reject inputs over 256 characters (unbounded input processing is a bad time)
- Numeric helpers validate bounds (no
Infinity, noNaN) - The library never logs or persists input data (because it doesn’t need to)
- Format helpers are safe to call without validation (useful when you’re just displaying data)
These aren’t flashy features. They’re the kind of things that prevent security audits from flagging your code.
Why This Matters (And Why Teams Will Actually Use It)
The fintech dev cycle is predictable. New payment feature lands. Team implements validators. Six months later, someone finds an edge case. A year in, they’re maintaining five different validator implementations across the codebase.
finnprim short-circuits that loop. It’s not a framework. It’s not opinionated about your architecture. It’s a library that does one thing well and gets out of your way.
The branded types are the hook. Once your team experiences TypeScript catching validation bugs before they hit production, going back to string-based validation feels irresponsible.
🧬 Related Insights
- Read more: AI Testing Tools Promise Speed—But Your Team Still Needs Humans to Avoid the Hype Trap
- Read more: Your Access Tokens Are Probably Broken (And Nobody’s Telling You)
Frequently Asked Questions
What does finprim actually do? finprim is a TypeScript library for financial validation and calculations. It handles IBANs, card numbers, currency formatting, loan calculations, and more—with branded types that prevent bugs at compile time.
Do I need to configure finprim? No. Zero configuration. Import, use, done. Optional integrations exist for Zod, React, and NestJS, but they’re optional.
Will finprim work with my existing validation? Yes. It’s zero-dependency, so it won’t conflict with other libraries. You can incrementally replace validators without ripping out your codebase.
