Financial Services Compliance Blog - Thistle Initiatives

Payment platform problems – fix or switch?

Written by Lorraine Mouat | Jan 31, 2023 12:29:16 PM

Summary

Today’s leading financial institutions still operate outdated card and payment platforms dating back to the 1990s. They need to change, argues James Woods in Payments Cards & Mobile. But why are so many opting to patch their systems up, rather than switch?

Scratch the surface of any payment system and you’ll see a web of interconnected technologies linking merchants, financial institutions and intermediaries. Inside major banks, these technology stacks are known as ‘card platforms’. They provide the software that connects with card networks, acquirers and merchants, bank internal systems and customer accounts themselves. 

First launched by most banks in the early to mid-80s, some card platforms now resemble a medieval library in the digital era. There are persistent rumours in London about COBOL programmers in their mid-to-late sixties coming out of retirement to provide software patches to enable ancient platforms to handle modern features. True or not, such rumours show how unwilling banks are to dump these outdated platforms and switch systems for the modern age.

So why don’t banks want to switch card platforms? There are some obvious answers any banker would always cite: cost and risk.

 

When it comes to risk, there were more than 16 billion card transactions processed in the UK last year, with a value of around £75bn per month, 20% more than the previous year. Any failure to shift platform with 100% certainty could see catastrophic failures with customers leaving banks in droves. Most customers now hold accounts with both traditional banks and a digital player, so that’s not something banks want to see.

Insights

Most firms would acknowledge the benefits of creating a sustainable target operating model, both operationally and from a technology perspective. The risks associated with using outdated technology, from crashes and system downtime, security holes, and increased compliance and reputational risk, all come at a huge cost not just to the firm, but to its customers, and the sector in which it operates. This is why in March 20022 the FCA introduced its new Operational Resilience requirements for payment services firms. Such reliance on legacy systems, with intricate third-party dependencies, needs to be fully considered to ensure that the firm can remain resilient in the face of any disaster recovery or business continuity event.  It’s now a requirement, not a nice to have.   

Lorraine Mouat - Head of Payment Services

Links: https://www.paymentscardsandmobile.com/payment-platform-problems-fix-or-switch/