Digital Vendors are not enough 

Digitalization has been in focus for leading financial institutions for over a decade now. Since even before the pandemic, financial institutions have been investing heavily in digital services, all-in-one banking apps, and seamless at-home services for customers.

Most of this modernization has been focused on the front-end, leaving the big and bulky back-end systems largely untouched. In 2019, the FCA reported a 300% rise in the number of operational resilience breaks faced by financial institutions in the UK (1). Large banks like Barclays, Lloyds and Santander acknowledged that they suffer from at least one major business impacting outage or security issue almost every month. Legacy financial institutions are now realizing that the user experiences of tomorrow cannot be supported by the technologies from yesterday.

Legacy systems from the early 1960s are not suitable for handling the large transaction volumes in a world that is becoming increasingly digital. Frequent outages, glitchy experiences, and unreliable digital services not only push customers towards competing fintech players, but also attract a lot of regulator scrutiny. For example, in December 2020, India’s Central Bank directed HDFC, one of the largest retail banks in the country, to temporarily stop all launches of digital business-generation and sourcing of new credit card customers due to frequent data center outages.

The case for change 

“Financial institutions are becoming the museums of technology dating back to the 1960s. The complexity makes it impossible to manage risk”

– Antony Jenkins, Former CEO of Barclays

Banking systems have stayed the same for over 30 years with more than $2 trillion passing every day through legacy core systems used by traditional banks. It is understandable that financial institutions took a risk averse approach and avoided any radical changes as they run the risk of introducing defects and potential vulnerabilities. Even today,  nearly 50% of banks do not upgrade old IT systems as soon as they should (2). However, with challenger banks and FinTechs disrupting the industry, financial institutions now face a ‘Kodak moment’ – legacy transformation is now not just important but also urgent. Further, as technological advances lower the cost of upgrading legacy systems, modernizing large core systems is much more manageable and within reach for even the most firms.

There are compelling arguments to be made for upgrading core legacy banking systems:

High cost of maintaining old technology

The cost of maintaining legacy systems grows higher, the longer they are left outdated. These systems were developed with technologies that are no longer well supported, and hence the cost associated with keeping them running is only going to increase with time. In comparison, newer technology is getting cheaper by the day.

Exhibit 1. Rationale for updating legacy technology

Small and shrinking talent pool

Financial institutions are struggling to find people who can work with their legacy systems. While more than 40% of US banks still use COBOL, a programming language dating from 1959 and heavily used in mainframes, current generation of developers are not trained to use these outdated languages anymore (3).

Some institutions even indicate that there may not be enough COBOL programmers to sustain today’s financial institutions once the current generation of senior programmers, nearing their retirement age, leave the workforce – hence the urgency.

Extremely rigid systems and time-taking changes 

Legacy systems are difficult to change; it becomes harder to be flexible and nimble as the industry and technology advances. In contrast, modern tech firms are built entirely around the ability to deliver lots of small changes quickly. Legacy systems and the technologies that they are built on are usually based on older ways of working that have long development and release cycles.

Incompatibility with new technology

Legacy technologies like mainframes were not built with connectivity and integration in mind. It becomes challenging to leverage the wider array of new technologies as they are hard to integrate or are incompatible with legacy systems and architecture. Additionally, many of these old technologies are not used in any other industry. As the market pushes Financial institutions to collaborate with other industries such as real estate, consumer electronics, etc., seamless system compatibility across industries becomes a significant problem.

Rising customer expectations

Financial institutions have seen a large shift in customer preferences. While a decade ago, customers valued the personalized touch of customer relationship managers, today’s customers value the convenience of managing money from their smartphones, with minimal unnecessary human interactions. FinTechs have further fueled customer expectations – if a small fintech can deliver seamless and convenient services via an app, customers expect the same if not more from large financial institutions. In addition, some FinTechs offer daily NAV calculations as compared to quarterly from typical money managers. Legacy systems limit the capability of traditional institutions to compete with FinTechs that are built around flexible, and user-first technologies.

Legacy systems are not ideal for Data Analytics 

As ‘Big Data’ and customer analytics become ever more important, traditional institutions are being left behind due to technology limitations. For example, most often legacy systems rely on batch processing and cannot process data in real-time, furthermore data may be stored in archaic file formats that are not easily consumable by modern data analytics platforms.

Legacy systems often do not operate in real time

This is increasingly limiting as customers demand apps and services that are built around real-time capabilities. Most FinTechs have real time built in, so traditional financial institutions are forced to keep up with them.

Obsolete security standards. Legacy systems may be incompatible with security features surrounding access, such as Multi-Factor Authentication (MFA), Single-Sign On (SSO), and Role-based access, or lack sufficient audit trails and encryption methods. These systems are unable to accommodate today’s security best practices. In addition, old platforms and tech stacks often have known security vulnerabilities that have not been fixed due to the presence of newer versions or solutions.

Avoiding Common Pitfalls 

Legacy modernization is a complex undertaking with dependencies across several business units and functions. In fact, ~75% of organizations fail to complete legacy system modernization (4). Connecting and aligning reporting, visibility, and decision-making across the various modernization initiatives across the enterprise, is critical. Without a strong alignment between leadership, business, and technology, modernization programs face the risk of fragmented execution. This not only raises the cost and makes newly installed systems incompatible with each other, but also increases the possibility of the various teams repeating the same mistakes.

Based on our experience of supporting complex modernization programs, we have collated some of the most common causes for failure. Over the course of next few pages, we will elaborate more on each of the pitfalls that are mentioned in Exhibit 2.

Exhibit 2. Common pitfalls for modernization programs

Insufficient customer input

Most often than not, financial institutions that are struggling with issues related to legacy technology, such as frequent outages, expensive maintenance, poor UI/UX, receive regular feedback on their products and services from customers. The goal of  modernization is not only to enable new services and capabilities but also to enhance existing ones in order to stay relevant to customers. Therefore, to ensure that modernization programs are successful, incumbents should make sure that customer feedback is given enough weight right from the start. Sales teams can conduct customer surveys and interviews to understand key issues that impact customer experience, identify new capabilities that they are most excited for, and gauge their willingness to collaborate in modernization programs.

Mis-alignment on function and scope

While business and technology may agree on the necessity for modernization, their priorities may vary widely. Technology would prioritize enablement of modern capabilities. Business, however, may want to grow revenue by shortening the time-to-market. Finance, on the other hand, may be keen to lower the overall costs. These competing priorities often result in misalignment during planning and execution. For a modernization program to be successful, it is imperative that all participating groups stay focused on a common strategy, trade-offs, and goals. Effective program governance is crucial to ensuring that business and technology teams stay closely aligned, instead of breaking away and addressing their own priorities. Since modernization programs often impact a vast set of internal and sometimes external teams, they are more prone to issues. PMOs with strong experience in running modernization are a must.

Ambitious goals and timelines

In the bid to move fast, firms can end up setting unrealistic goals for their modernization programs. These programs are most likely to end up with sub-optimal results. In order to ensure success and retain the ability to trace back, firms must follow a piecemeal approach by breaking down their modernization programs into phases. The initial phases must target relatively simple ‘no-regret’ goals, e.g.,  code conversion from legacy language to a more contemporary technical stack, while the later phases can aim for more aspirational next-gen infrastructure, e.g., real-time payments processing.

While setting up program timelines, firms must also keep in mind the team’s ongoing BAU tasks and priorities. In addition, the timelines should allow for sufficient testing and pilots before these new systems can be exposed to customers.

Limited focus beyond technology

Modernization programs often put so much focus on ‘fixing the technology’ that they fail to modernize their related processes and people practices. Such organizations are left struggling with old approval processes and development practices. Firms that do not focus on modernizing their org models and processes can miss out on performance improvements of up to 50%. These institutions have to make-do with faster technology being used by teams that are trained to execute legacy waterfall processes with longer cycle times. DevOps and agile practices, such as sprint teams and CI/CD, while transforming technology are typically successful as these models work well with today’s flexible architecture.

Depending on legacy teams

Legacy modernizations introduce large changes to existing technology and processes used by the teams. These teams often resist adopting a new architecture system and processes, or they may unintentionally migrate legacy processes into a modern solution, causing delays. Firms must avoid assigning teams that lead existing operations in charge of implementing new systems and processes. e.g., Teams in charge of generating statements in batch may not be the most suited to design real-time insights that make batch processes obsolete.

Allowing program fragmentation

While modernization programs encapsulate institution-wide changes to people, process, and technology, there may be smaller initiatives being run within BU silos. In addition, a poorly run modernization programs can often disintegrate into smaller siloed initiatives. These teams can choose to build or buy their own solutions independently. Such a situation can not only undermine the modernization goals but can very quickly become a procurement nightmare. In addition, such fragmented modernization efforts will also be costly and problematic e.g., two separate teams that implemented AWS and Azure independently ended up with inter-cloud latency, struggled with compatibility, and incurred unnecessary egress charges while collaborating with each other.

Insufficient reporting/ visibility

Leadership at large banks is usually cautious of modernization programs, especially when it deals with core banking systems. With core system modernizations any misstep can bring down the whole business for a considerable time. When the stakes are so high, leadership expects frequent system health checks, detailed reporting across transformation workstreams, and full visibility into any potential roadblocks and risks. In fact, for large modernization programs a good reporting regimen can become the difference between continued funding and re-evaluation of program budget and scope.

Losing track of overall costs

Legacy modernizations are a costly undertaking, but one which yields significant benefits. However, if left unchecked, the overall cost can quickly spiral out of control. In order to completely modernize a legacy application or service, teams may also have to modernize existing dependencies. At the same time, some lower priority apps and services may unintentionally get included, hence increasing the costs. Teams must closely vet apps/ services that have been included in the program (see exhibit 3). In addition, program and finance teams should have a strong grasp on the costs incurred to date and the expected cost of ownership post modernization.

Exhibit 2. Modernization Decisional Matrix

Not partnering with the right vendors

Often firms choose technology vendors based on price as opposed to industry knowledge or previous success with modernization. Modernization programs are inherently complicated; vendors with less expertise can easily underestimate the complexity of requirements and implement a suboptimal solution.

It is crucial for modernization teams to partner with strategic vendors, who can establish themselves as equal contributors and beneficiaries. Such vendors can not only bring the most optimal solutions but can also act as knowledge partners and help guide these programs to success.

Hidden dependencies

Another frequent reason behind failure or delays with modernization programs is undiscovered dependencies. All critical dependencies or dependent entities on legacy systems that are in scope must be comprehensively tracked and assessed for impact during the planning stage. Critical app/system dependencies that are discovered during development can significantly stall or even end modernization programs. More mature organizations would have a comprehensive system mapping available, whereas for others, it may be a manual exercise to track and map all critical dependencies for legacy systems.

Inadequate collaboration with customers

Firms must avoid thinking of modernization as an internal initiative. For a successful technology transformation, firms must extensively collaborate with their customers. These collaborations must be executed at all or most stages of the program e.g., during planning stage, customers must be consulted to determine their willingness to adopt a change in existing or new functionality; during the development stage, active clients can be asked to collaborate in pilot programs. In addition, modernization teams must remember that even though the systems are owned by the firm, the data residing in these systems is owned by the customer. Therefore, teams must send adequate communication, and seek approvals before any customer data can be migrated to the new systems.

Keeping old systems active (in parallel)

As modern systems get deployed and modernization teams look to deprecate old systems, they may face pressure to keep legacy tech running. Some teams or customers may avoid migrating their data and processes to newer systems due to their familiarity and comfort with legacy tech. However, modernization teams must make every effort to ensure that old systems are deprecated e.g., customers can be offered incentives or professional support to help them ease into the new infrastructure. In the longer run, keeping legacy systems active and running in parallel can dilute modernization benefits.

In Closing...

As firms were slowly easing into the idea of cleaning up their core legacy platforms, system failures and business disruptions brought about by the massive jump in online activity exposed deep fault lines in the legacy infrastructure. As a result, IT spending has shot up and firms are investing heavily to replace their core systems with modern infrastructure in order to prepare for the next disruption event. In fact, an independent survey conducted in 2021, concluded that 78% of enterprises started at least one modernization program as a direct result of Covid-19 (5).

As firms embark on the journey to modernize their legacy platforms, it is important that they remain prudent and cautious of the common pitfalls discussed in this paper. In order to steer modernization programs to success, it is crucial that business and technology teams have strong alignment on all modernization initiatives. Additionally, disciplined program management is required to bring requisite stakeholders together and ensure teams don’t lose focus of the end goal. Finally, frequent checkpoints and budget reviews must be scheduled to course correct and optimize initiatives to deliver  the best benefit to cost ratio.


  1. Financial Conduct Authority (FCA) Report, 2019
  2. Financial Conduct Authority (FCA) UK Report, 2019
  3. Anna Irrera, “Banks scramble to fix old systems as IT ‘cowboys’ ride into sunset”, Reuters, 11 April 2017
  4. Mainframe Modernization – Business Barometer Report, BusinessWire, 28 May 2020
  5. Mainframe Modernization – Business Barometer Report, BusinessWire, 24 June 2021

Read More