When the payment architecture no longer fits the business

Payment systems are typically built for a specific scope: one market, one currency, one payment service provider. That scope is often the right call at the time - it allows the product to ship. The problem surfaces eighteen months later, when the business has expanded to three markets, the original PSP cannot support the new payment methods required, and the open banking integration that the partnership team committed to is stalled because the payment architecture was not designed to accommodate it.

The engineering consequences of that mismatch compound quickly. A payment system that lacks idempotency controls produces duplicate charges under load. A PSP integration without intelligent routing produces unnecessary decline rates when the primary provider has an outage. A reconciliation process that relies on manual exports from the payment processor creates settlement lag and exception handling backlogs that grow faster than the operations team can clear them. These are not edge cases - they are the standard failure modes of payment infrastructure that was built for yesterday's transaction volume and product set.

What Gradion builds

PSP integration and multi-PSP routing.
Integration with Stripe, Adyen, Braintree, and Worldpay, including smart routing logic that selects the processing path based on transaction type, geography, card scheme, and real-time failure rate. When the primary PSP reports degraded authorization rates or experiences an outage, traffic routes to the fallback provider automatically, without manual intervention. This architecture is the difference between a payment incident that customers notice and one that the engineering team resolves before the first support ticket arrives.

Open banking and PSD2.
Account-to-account payment initiation under PSD2: integration with bank APIs across Berlin Group, STET, and UK Open Banking standards. Use cases include instant bank transfer for high-value transactions, account verification at onboarding (replacing micro-deposit flows), and real-time balance checks for credit decisioning. The PSD2 integration layer requires careful handling of Strong Customer Authentication requirements and redirect flows across bank partners with varying API quality - Gradion's implementation experience covers both the standards compliance and the edge cases that standards documents do not fully specify.

Payment processing architecture.
Idempotency design at the transaction level, ensuring that network retries and client-side duplicate submissions do not produce double charges. Retry logic with exponential backoff and circuit breaker patterns for PSP API calls. Webhook handling with signature verification and delivery guarantees. Reconciliation feeds that automatically match payment processor settlement data against the internal ledger, flagging exceptions for failed settlements, chargebacks, and refund discrepancies without requiring manual intervention.

Tokenization and PCI DSS.
Cardholder data environment scoping to minimise PCI DSS audit surface. Tokenization architecture that removes card data from internal systems and application layer, replacing it with network tokens issued by Visa and Mastercard. Network tokenization delivers a secondary benefit beyond compliance: improved authorization rates, because issuers treat network tokens as lower-risk credentials than raw card numbers. The result is a payment stack that is simultaneously more compliant and more commercially effective.

Fraud detection and risk.
Rule-based fraud detection for high-velocity scenarios (velocity checks, card testing detection, device fingerprint matching), integrated with Stripe Radar or Adyen RevenueProtect where those platforms are already in use. Custom ML-based fraud models for organisations with sufficient transaction volume and labelled data to train on. IDNow's AI-powered identity verification infrastructure represents the adjacent layer: the KYC and document verification stack that sits upstream of payment initiation and serves as the first line of defence against account takeover and synthetic identity fraud.

Settlement and reconciliation.
Automated reconciliation between payment processor settlement reports and the internal ledger, running on a configurable schedule and producing exception reports for human review. Exception handling workflows for failed settlements, disputed chargebacks, and refund timing mismatches. For multi-PSP environments, the reconciliation layer aggregates across providers, presenting a unified view of settled funds regardless of which PSP processed each transaction.

Regulatory and reporting.
Transaction reporting for EMIR and MiFID II where applicable to the client's regulatory classification. AML transaction monitoring integration - connecting payment data to monitoring platforms that flag suspicious patterns for compliance team review. Data residency architecture for payment data subject to GDPR and local financial services regulation, ensuring that cardholder data and transaction records are stored in jurisdictions consistent with both the client's regulatory obligations and customer contractual commitments.

Proof in production

The fintech case studies in Gradion's history span the range of payment infrastructure complexity. A leading DACH payment infrastructure provider processing billions in transaction volume, engaged Gradion on engineering that contributed to a €1.4 valuation uplift at PE exit. IDNow's identity verification system, built with Gradion engineering support across backend, ML, and mobile, operates in the same regulated environment as payment compliance infrastructure - the engineering discipline required to build KYC at enterprise scale translates directly to AML transaction monitoring and payment fraud prevention.

The Swiss FINMA-regulated banking technology provider engagement, which included Instant Payments enablement as part of a broader cloud migration programme, demonstrates Gradion's capacity to deliver payment infrastructure changes within a compliance-first architecture review that covered more than 300 banking applications. Payment system changes in FINMA-regulated environments require the same audit documentation and regulatory pre-approval discipline applied across the full engagement.

$10B+ in annual GMV flows through systems Gradion has built or maintained. ISO 27001 certified processes govern how that infrastructure is delivered and operated.

Next step

Describe the payment architecture and the scaling or compliance challenge. We will scope the engineering.