UK payments infrastructure: why it’s time for a reset

Richard Albery at ACI Worldwide explores why the UK economy can no longer afford for banks to run their systemically critical payments infrastructure on 30-year-old tech

 

Water. Power. Internet. Payments.

 

They’re all critical national infrastructures vital to the functioning of our economy; particularly payments. And for good reason, too. The UK banks’ payments infrastructure allows billions of pounds to flow between businesses and consumers every day. Without it, the economy would grind to a halt. Just as people would without water.

 

In fact, we’ve seen this happen recently. In April 2025, widespread power outages in Spain and Portugal disrupted electronic payment systems in an instant, leaving people unable to buy essentials like bread, water or medicine.

 

It’s a real-world reminder of how dependent we’ve become on systems that most people never think about until they fail. Of course, that outage was unexpected, but it shows what happens when critical infrastructure lacks the resilience to withstand disruption.

 

In the UK, the risk may be less about power failures and more about the strain placed on ageing payments systems. With legacy tech still underpinning the daily movement of money, restoring service after an incident could be slower, messier and far more damaging to the UK economy.

 

 

The limitations of legacy

Legacy infrastructure has long been viewed as a safe pair of hands to get the job done, with a ‘set it and forget it’ approach. But in today’s fast-moving digital economy, that’s wearing thin. Newer players redefine the banking experience, while these ageing platforms in long-established institutions—often built decades ago—have been extended far beyond their intended lifespans.

 

Now, many of the UK’s banks have adopted a ‘patch and upgrade’ mindset, layering new requirements onto legacy infrastructure, often designed for batch jobs. The result is a tangled web of spaghetti platforms—perhaps one for Faster Payments, another for cross-border transactions, and others still for cards and CHAPS—each with its own costs, constraints, compliance risks and no unified way to handle it all. It becomes an exhaustive process.

 

Recent high-profile outages have brought this into sharp focus, following the UK’s CMA9 top banks and building societies experiencing more than a month’s worth of IT failures in just two years. Many cited outdated infrastructure as a root cause, even resulting in Treasury Select Committee inquiries and extended periods of outages.

 

This matters more in today’s climate because the industry is shifting – fast. Globally, instant payments alone are forecast to generate over 167 million new bank account holders by 2028, a major commercial opportunity for financial institutions. Revenues from banking don’t typically come directly from bank accounts; however, their performance and convenience are the shop window for the high margin being mortgages, unsecured lending, savings deposits, commodity trading and corporate banking.

 

Without modern platforms built for real-time processing and API-led innovation, many banks risk missing out. In the UK, that gap is already evident, as consumers are increasingly frustrated by a lack of tools and support from traditional providers, particularly when preventing real-time scams. Those digital challengers better equipped to meet evolving expectations will capture that market share instead.

 

But failure to adapt isn’t just a missed opportunity – it’s a regulatory and reputational risk. Take the Digital Operational Resilience Act (DORA), for example. Banks must be able to demonstrate that they can withstand, respond to and recover from significant operational disruptions. That’s a tough ask when core systems still rely on decades-old code, the talent who understand it are retiring, and the next generation is trained on modern tools. The compliance gap is only widening.

 

Moreover, the UK’s National Payments Vision explicitly calls for a “resilient payments infrastructure” that’s “delivered on next-generation technology.” This added pressure for banks to move away from legacy systems and adopt more flexible models, whether that’s customer-managed, private or public cloud, or SaaS solutions.

 

Yet, tearing out core infrastructure and rebuilding from scratch isn’t a feasible solution, financially or operationally. But neither is waiting for the systems to inevitably fail. What’s needed is a pragmatic way forward. One that allows banks to evolve without risking instability.

 

So, what does that look like?

 

 

Critical infrastructure needs prioritised investment

If payments are critical infrastructure, then the systems that support them should be treated accordingly. That means building resilience, flexibility and regulatory readiness into the foundations, not just layering them on top without decommissioning. After all, modernising doesn’t mean sacrificing the depth of functionality banks have built over the decades.

 

This is where the idea of a unified cloud-native payments platform comes into play, a solution designed to deliver the agility of modern technology with the rich, proven functionality that banks depend on.

 

Of course, this isn’t a new idea, but what is new is the technology that powers it. For years, the vision of a unified platform to handle all payment types—from electronic A2A and cross-border to cards—was held back by the complexity of integrating with multiple ERP systems, managing fragmented data standards and navigating legacy architecture. But advances in cloud infrastructure, modular microservices and real-time data handling have shifted the conversation from aspiration to implementation.

 

This kind of architecture isn’t just a performance upgrade, as it gives banks the agility and resilience needed to compete in a real-time world. Traditional on-premise systems were never designed for round-the-clock availability, sized for peak-of-peak plus volumes.

 

By contrast, cloud-native and SaaS-based platforms offer built-in redundancy and seamless scalability, essential components for critical infrastructure that can’t afford to go offline. Hybrid cloud strategies, in particular, are also a practical way to balance control, compliance and scalability in a fast-evolving environment.

 

Importantly, such a modern, unified cloud-native payments platform doesn’t demand a clean break from the past, as it can coexist alongside legacy systems. It acts as an orchestration layer that connects every payment type and channel, or as a temporary bridge to safely control the migration of traffic from the old to the new. It can accept, route, process and clear any payment, from any source, in real time. That allows banks to modernise incrementally, adding new capabilities without triggering widespread disruption.

 

That kind of resilience is quickly becoming an expectation, especially with regulatory demands multiplying. Whether it’s handling ISO 20022, PSD3 or domestic scheme changes, having a unified payment layer with real and hybrid cloud options for failover and exit scenarios controls, allows them to embed compliance into the fabric of their payment flows, essentially removing the ‘compliance headache.’ This can be in the form of automating checks, surfacing anomalies and streamlining updates centrally rather than juggling fixes across fragmented systems.

 

But perhaps the most valuable benefit lies in visibility, a benefit often missed with in-house built solutions. Consolidating all payment types into a hub turns transactions into real-time intelligence. Banks can detect fraud more effectively, particularly as fraudsters continue to evolve their tactics. For example, if a customer is being forced to move funds, recognising anomalies across their card and bank transfer activity together—rather than in isolation—can stop fraud in its tracks. It’s a smarter, more responsive way to protect customers and build loyalty.

 

The technology has caught up with the vision. And it’s how banks can finally leave legacy limitations behind.

 

 

A new foundation for modern payments

Replacing a core payments system is no small task, but as an industry, we’ve moved away from the notion of multi-year waterfall programmes akin to performing open-heart surgery on a patient while they’re still running a marathon. Whilst transformation remains complex and high-stakes, technology now allows change to be performed iteratively, broken down and componentised at transaction or payment workflow level.

 

Payments are critical national infrastructure. They underpin everything from coffee machines to multi-million-pound transfers. And yet, much of the infrastructure behind them isn’t designed for the speed, scale or security expectations of today’s real-time, data-driven world.

 

It’s time for a once-in-a-generation reset. Ensuring always-on banking as a societal must, while aligning the principles of the National Payment Vision and accelerating the promise of innovation, where other European and global countries are already ahead. If we want to preserve the trust that consumers and businesses place in every transaction, we have to treat payments with the same strategic priority as any other vital infrastructure. It’s about future-proofing the backbone of the economy.

 

After all, critical infrastructure can’t run on 30-year-old tech. And it shouldn’t have to.

 

---

 

Richard Albery is Head of Business Growth Banking at ACI Worldwide

 

Main image courtesy of iStockPhoto.com and Hispanolistic