• Robin Anderson, Head of Product Management at Tribe Payments


• 25.07.2025 07:15 am
#PaymentResilience #FinancialStability

We tend to only notice payments when something goes wrong – when the card machine freezes, the app crashes, or a transfer fails. But these minor disruptions expose just how much modern life depends on the invisible systems that power payments.

From commuting and grocery shopping to sending gifts or paying bills, payments thread through our daily routines. And it’s not a theoretical vulnerability: UK banks logged over 800 hours of outages in two years. When payments stop, life halts. Wages go undelivered, charities lose donations, and businesses stall.

The 2024 CrowdStrike update failure, which cost more than $1 billion in global disruption, reminded us how fragile and interconnected modern infrastructure is. Payments were one of the most visibly affected areas, triggering a loss of confidence at scale.

A global survey revealed 88% of executives expect a major outage in the next year, and many admitted to prioritising security over operational continuity. It’s prompted a shift: resilience must move from the back seat to the driver’s seat.

The case for preparedness

During the pandemic, “preppers” had backup plans, supplies, and contingencies. That mindset of planning before disaster strikes offers a valuable lesson for the payments sector. Airlines provide a useful model: anticipating failure and building systems designed to recover quickly. Routine testing, strong protocols, and proactive action make resilience second nature.

Financial services are increasingly reliant on external providers, and risks often lie in third-party dependencies, not just internal systems. Modular architectures offer a way forward. They allow isolated repairs, scalable upgrades, and fewer single points of failure. But resilience is more than just technology; it’s about team readiness, ownership, and decisive action.

Trust is fragile

The CrowdStrike outage wasn’t payments-specific, but the disruption was immediate. People noticed, trust wavered. At peak moments like payday, downtime isn't just inconvenient – it damages reputations. That’s why trust must be earned through transparency, speed of response, and accountability at every level from banks to backend vendors.

With regulation tightening, especially under the EU’s new Digital Operational Resilience Act (DORA), firms must treat resilience as a business priority. DORA calls for risk management, third-party oversight, and stress testing, building on PSD2 and GDPR but demanding more.

Meeting regulatory requirements isn't the finish line. True resilience means understanding system architecture, rehearsing failure scenarios, and ensuring cross-team coordination. When things go wrong, every department (not just IT) should know their role.

Resilience is also human

Economic uncertainty, evolving regulations, and geopolitical shifts (like the renewed tariff regime in the US) all add volatility. But people – not systems – often make or break responses. Effective collaboration, regular drills, and clear documentation are key.

When payments work, they fade into the background. That’s the goal. But as threats grow, businesses must proactively design for disruption. Like the best-prepared preppers, it’s not enough to hope for the best, we have to be ready for the worst.