Why data is posing the biggest challenge for firms updating legacy systems

woman on old big desktop pc

Share this post

Transferring data from legacy systems is one of the biggest challenges payment firms are facing as part of the transition to ISO 20022. Companies need to manage the risk of data truncation carefully or face asking customers for their data again.

What is this article about? Payment firms are facing rising costs and lengthy system failures if they don’t make strategic decisions to modernise legacy systems.

Why is this important? The cost of maintaining outdated legacy systems grows by up to 7.8% a year, driving unnecessary costs for payment firms.

 What’s next? Payment firms must modernise their legacies systems before losing that knowledge base to a retiring workforce.

To remain agile, payments firms are looking to migrate or modernise their legacy systems typically to a cloud-based platform.

In March 2023, Nationwide announced that it is working alongside Accenture and Form3 to adopt a cloud native platform for its digital payments infrastructure to enhance the customer experience. The collaboration demonstrates how modernising legacy systems can become easier when leveraging on third party partnerships. This transition is a growing trend.

For example, in November 2022 Singaporean bank OCBC teamed up with Red Hat to modernise its applications and banking systems by using Red Hat’s OpenShift cloud-native container platform. The platform supported the implementation of its Enterprise Data Science Platform (EDSP), which helped streamline OCBC’s frontend and backend processes.

“Legacy payment systems are being modernised through the adoption of cloud-based platforms, integration of APIs, and the utilisation of data analytics and artificial intelligence,” says Stephen Whitehouse, head of payments for Europe at Oliver Wyman.

The inability to modernise legacy payment systems can hurt payment firms, merchants and customers. Legacy systems, most common in large financial institutions and banks, are core systems typically developed decades ago that are used to support back-end infrastructure for services.

These systems tend to lack the features of newer financial technology and can hinder deployment of new products and services.

Global financial institutions are projected to spend $57 billion on outdated payment systems by 2028, according to IDC Financial Insights. It estimates that the cost of maintaining a legacy system rises by 7.8% annually.

“Firms need to make strategic choices, including evaluating the feasibility of data transfers considering the complexities involved, utilising publicly available data, or establishing contracts with partners to transfer liability for customer and transactional data,” Whitehouse tells Payments Intelligence.

Data challenges

One of the key challenges for payments firms should consider when modernising legacy systems is how to undertake data transfers between old and new platforms. Modern systems can provide more targeted and nuanced financial data which gives companies more control over business strategies.

“With ISO 20022 launching shortly, a topic of discussion at the moment is whether financial firms are going to clean up both data going forward and historically,” says Sulabh Agarwal, global payments lead at Accenture. “You’re not always going to refresh all data and get the customer details again so it may be easier to reconstruct historical data into structured messages.”

Agarwal explains that the risk of data truncation will have to be managed actively or firms may need to inconvenience the customer to get that data directly from them in the correct format.

The ease of transferring data would also depend on how tightly coupled payment systems and databases are into the rest of the technology estate.

“You need to find a way to capture the data separately outside the payment system and then use the same for analysis like financial crime,” says Agarwal. “The key risk is data truncation, and that clearly is something that has to be tested thoroughly and has to work properly as part of the payment system design.”

Transferring data across jurisdictions would also pose an even greater challenge for firms operating cross-border. This is because data transfers will need to comply with data protection and privacy regulations, such as the EU and UK’s GDPR or the US California Consumer Privacy Act (CCPA).

“Cooperation between governments is essential to establish data privacy frameworks and adequacy decisions that facilitate insights generation from transaction data for payment firms and other businesses,” says Whitehouse.

Incremental changes

Another challenge payment firms face when looking to modernise legacy systems is the problem of no longer having the institutional knowledge of those core systems, as the workforce that has built it have left or are close to retirement age.

“Today much of the institutional knowledge needed to modernise legacy system has been lost, and staff are close to or at retirement age,” says Nick Hampson, vice president of product management at Izlabs. “

However, Hampson says that change is happening. “We see a move away from single solutions and big-bang projects to incremental changes and picking the right technology to modernise per application, be that replacement for items that don’t differentiate the business to gradual rewrite, refactor, or rehost for systems that help the business work the way it wants to.”

Payment firms are also looking to modernise legacy systems used to generate invoices and receipts for customers. “Payment firms are now grappling with the challenges that mandatory e-invoicing is bringing, with a move away from simple PDFs or receipts over email to the issue of e-invoices via government platforms and portals,” says Alex Baulf, head of product for e-invoicing at Avalara.

Once again, collaboration is key as Baulf explains that firms are investing in strategic partnerships with global e-invoicing service providers to connect to solutions that future-proof their billing processes and ensure compliance with e-invoicing standards, signatures, and formats.

Moving forward firms should avoid delaying moves to modernise its legacy systems. “Without investment in legacy systems, it’s like having new windows in a house whose foundations are unstable when you live on a fault line,” says Hampson. “You can’t see anything today, and you don’t know when it may happen, but one slight shake and it all comes down.”

More To Explore


Are you a member of The Payments Association?

Member benefits include free tickets, discounts to more tickets, elevated brand visibility and more. Sign in to book tickets and find out more.


Log in to access complimentary passes or discounts and access exclusive content as part of your membership. An auto-login link will be sent directly to your email.

Continue reading

This content is only available to members - please see instructions below!

Become a member to continue reading

Member of The Payments Association? Log in to continue reading

Having trouble signing?

We use an auto-login link to ensure optimum security for your members hub. Simply enter your professional work e-mail address into the input area and you’ll receive a link to directly access your account.

First things first

Have you set up your Member account yet? If not, click here to do so.

Still not receiving your auto-login link?

Instead of using passwords, we e-mail you a link to log in to the site. This allows us to automatically verify you and apply member benefits based on your e-mail domain name.

Please click the button below which relates to the issue you’re having.

I didn't receive an e-mail

Tip: Check your spam

Sometimes our e-mails end up in spam. Make sure to check your spam folder for e-mails from The Payments Association

Tip: Check “other” tabs

Most modern e-mail clients now separate e-mails into different tabs. For example, Outlook has an “Other” tab, and Gmail has tabs for different types of e-mails, such as promotional.

Tip: Click the link within 60 minutes

For security reasons the link will expire after 60 minutes. Try submitting the login form again and wait a few seconds for the e-mail to arrive.

Tip: Only click once

The link will only work one time – once it’s been clicked, the link won’t log you in again. Instead, you’ll need to go back to the login screen and generate a new link.

Tip: Delete old login e-mails

Make sure you’re clicking the link on the most recent e-mail that’s been sent to you. We recommend deleting the e-mail once you’ve clicked the link.

Tip: Check your security policies

Some security systems will automatically click on links in e-mails to check for phishing, malware, viruses and other malicious threats. If these have been clicked, it won’t work when you try to click on the link.

Need to change your e-mail address?

For security reasons, e-mail address changes can only be complete by your Member Engagement Manager. Please contact the team directly for further help.

Still got a question?