Part VIII: Orchestration & The Second Gilded Age

Chapter 34 — Payments in a Fragmented World

Part VIII: Orchestration & The Second Gilded Age

Running scenario: NexaPay — a mid-size e-commerce payment service provider headquartered in Singapore, expanding into Southeast Asia, Europe, and Latin America

Priya, NexaPay's CEO, arrives Monday morning to three Slack threads that are already on fire.

The Singapore ops team leads with a screenshot of their dashboard: "Apple Pay now accounts for 42% of in-store volume for our top merchant. Our tokenization setup with the primary acquirer doesn't support Apple's latest token spec. Do we switch acquirers or build a workaround?"

The Europe team lead is more measured but no less urgent: "The EU just expanded its fee investigation into Visa and Mastercard. Our largest European merchant is asking us to route more volume through SEPA Instant to reduce scheme fees. But our current acquirer doesn't support A2A payments."

The Brazil country manager is the bluntest: "Pix now handles more e-commerce volume than cards for three of our merchants. Our processor says they can't do Pix natively — they want us to use a local sub-processor. That adds another vendor, another contract, another reconciliation feed."

Three markets. Three problems. One paradox: payments are supposed to be getting simpler. Tap-to-pay works everywhere. APIs are standardized. Cards are accepted globally. So why does it feel like the plumbing is getting more complicated, not less?

NexaPay is a mid-size payment service provider headquartered in Singapore, expanding into Southeast Asia, Europe, and Latin America. They process card payments, local bank transfers — PayNow, SEPA, Pix — and are fielding an accelerating stream of merchant requests to support digital wallets, BNPL, and account-to-account rails. On paper, they should be riding the wave of global payment convergence. In practice, every new market and every new method adds another layer of complexity that the previous architecture was not designed to absorb.

Priya pulls Kai, her head of architecture, into a call. He has been mapping the company's payment infrastructure for the past quarter and has arrived at a conclusion that is uncomfortable but hard to argue with.

"The surface is converging," Kai says. "Customers see tap, click, scan — it all looks the same. But the infrastructure underneath is diverging. More rails. More local rules. More platform-specific requirements. And the companies that own the infrastructure are getting bigger and harder to replace."

In the last chapter, we watched software start to spend money — and noticed something telling: the only agentic architecture with real traction was national, not global. Even when the buyer is an AI, geography keeps its grip. This chapter explains why that is happening — and what to do about it.

The Paradox of Modern Payments

Here is the most counterintuitive fact about the payment industry in 2026: the customer experience has never been more uniform, and the infrastructure underneath has never been more fragmented.

From a customer's perspective, payments have converged beautifully. You tap your phone in Tokyo and Singapore and London and it just works. You click "Pay" on an e-commerce site and the transaction completes in seconds regardless of whether the merchant is in Berlin or São Paulo. The visible surface of payments — the part customers touch — is converging toward a small set of gestures: tap, click, scan, authenticate.

But underneath that clean surface, three structural forces are pulling the infrastructure in the opposite direction. Each one makes payments more complex, not less. And none of them is going away.

New Payment Rails Keep Multiplying

The world is not consolidating onto a single set of payment rails. It is building more of them, faster than ever.

According to the BIS, households and businesses in over 100 jurisdictions now have access to fast payment systems — real-time, domestic rails that move money in seconds. A decade ago, that number was a handful. The UK had Faster Payments. A few Nordic countries had domestic instant systems. Today, Europe has SEPA Instant, India has UPI, Brazil has Pix, Singapore has PayNow, Thailand has PromptPay, and the list keeps growing.

These rails are powerful domestically, but they were not designed to talk to each other. Interlinking efforts are underway — we will walk through Singapore's experience shortly — but each link requires bilateral agreements, compatible governance frameworks, and technical standardization that takes years to negotiate.

For NexaPay, this means their Singapore merchants use PayNow, their Thai merchants use PromptPay, their Indian merchants use UPI, and their European merchants use SEPA Instant — four domestic rails, each with its own API, its own settlement model, its own dispute process, and its own regulatory framework. Supporting all of them is not optional. It is the price of doing business in each market.

The Surface Layer Diversifies Faster Than the Rails

Rails are the pipes. But the customer-facing payment methods that ride on those pipes are multiplying even faster.

The Worldpay Global Payments Report documents this acceleration year after year. Digital payment methods — wallets, account-to-account transfers, and buy-now-pay-later — grew from roughly 34% of global e-commerce transaction value in 2014 to 66% by 2024. At the point of sale, the shift is even more dramatic in percentage terms: digital methods went from about 3% to 38% over the same period. This is not a gradual trend. It is a regime shift in how people pay.

What makes this complex for companies like NexaPay is that the method mix varies wildly by market. In Southeast Asia, GrabPay and local wallets dominate mobile commerce. In Germany, Klarna and SEPA bank transfers are essential. In Brazil, Pix has overtaken cards for many e-commerce use cases. There is no single "global payment method" — there are dozens of locally dominant methods, each with its own integration requirements, fee structures, and settlement timelines. A merchant expanding internationally does not just need "payments." They need the right payments for each market.

Geopolitics and Sovereignty Constrain Cross-Border Reach

The third force is the one that is hardest to engineer around: governments want control over their domestic payment infrastructure, and cross-border coordination remains slow.

The Financial Stability Board's cross-border payments roadmap, endorsed by the G20 in 2021, set ambitious targets for 2027: costs below 1% for retail payments, 75% of cross-border payments credited within one hour, and full transparency on fees and exchange rates before a transaction is initiated. The 2024 progress report tells a different story. Business-to-business costs sit at 1.6%. Only 33.5% of payments arrive within an hour. Transparency scores reach just 55.6%. The FSB itself has acknowledged that the 2027 targets are unlikely to be met.

The structural barrier is access. A 2024 BIS survey found that foreign banks without local presence had direct access to only 14% of fast payment and RTGS systems globally. Cross-border reach still depends on local intermediaries — correspondent banks, local acquirers, domestic processors — each adding cost, latency, and a potential point of failure.

For NexaPay, this means their ambition to offer seamless cross-border payments runs headfirst into the reality that each country's payment infrastructure is designed primarily for domestic use, governed by domestic regulators, and accessible primarily to domestic institutions.

NexaPay's Monday Morning, Revisited

Priya's three Slack threads are not random fires. They are symptoms of all three forces.

The Singapore thread — Apple Pay tokenization mismatches — is a surface-layer problem: wallet ecosystems impose their own technical requirements on top of existing rails, and those requirements change on the wallet provider's timeline, not yours.

The Europe thread — merchants demanding A2A routing to avoid scheme fees — is a rails-plus-regulation problem: new domestic rails create alternatives to card networks, and regulatory pressure on interchange fees accelerates the shift.

The Brazil thread — Pix dominance requiring a local sub-processor — is a sovereignty problem: the most important payment rail in the market is domestically governed, and access requires local infrastructure that NexaPay's global processor cannot provide natively.

DimensionWhat it looks like (Converging)What's actually happening (Diverging)Why it matters
Customer experienceTap, click, scan work globallyAuthentication, wallet defaults, and UX rules differ by market and platformA "universal" checkout still needs local tuning
Payment methodsDigital payments dominate globallyMethod mix varies wildly by country (wallets in SEA, A2A in Europe, Pix in Brazil)No single integration covers all markets
Rails and infrastructure100+ countries have fast payment systemsEach rail has its own API, settlement model, and governanceDomestic speed does not equal cross-border reach
RegulationGlobal standards (ISO 20022, PSD/open banking)Domestic implementation varies; access rules favor local institutionsCompliance is always local even when standards are global
Provider landscapeMega-deals create global processorsLocal rails, local licenses, and local methods require local presenceScale does not eliminate the need for local infrastructure

Table 1: Five dimensions of the fragmentation paradox. In each case, what looks like convergence on the surface masks increasing complexity underneath.

Fragmentation is not a temporary mess to be cleaned up. It is the normal state of payments for the foreseeable future. The question is: where does it actually live in the stack?

Where Fragmentation Really Lives in the Stack

If fragmentation is permanent, the next question is practical: where exactly does it show up? The answer is everywhere — but "everywhere" is not useful for an architect. You need a map.

The simplest mental model for a newcomer: treat payments as a supply chain, not a single product. A payment is not one thing that happens. It is a chain of handoffs between specialized participants, each operating under different rules, in different jurisdictions, with different commercial incentives. Fragmentation can — and does — appear at every link.

The Eight Layers

The payment supply chain has eight layers. Walk through them in order, and you will see where the complexity hides.

Layer 1: Customer's payment method. Card, wallet, bank transfer, BNPL, or something local you have never heard of. What matters varies by market — Apple Pay in Singapore, iDEAL in the Netherlands, Pix in Brazil. The customer does not choose based on your architecture. They choose based on what is normal in their market.

Layer 2: Merchant's acceptance layer. Checkout flows, POS terminals, tokenization, and authentication (3DS, biometrics, device signals). Each market has different rules about what authentication is required — Europe's Strong Customer Authentication mandate does not apply in Singapore, but Singapore has its own fraud liability rules.

Layer 3: Risk controls. Fraud scoring, velocity checks, device fingerprinting, behavioral analysis. The fraud patterns differ by region, by payment method, and by channel. A risk model tuned for US card-not-present transactions will produce false positives on Brazilian Pix payments because the signals are structurally different.

Layer 4: Gateway or orchestrator. Optional but increasingly common. This is the layer that normalizes requests across providers, applies routing rules, and manages failover. If you have one PSP, you may not need it. If you have three, you almost certainly do.

Layer 5: Acquirer or processor. The entity that submits your transaction to the payment network or rail. Acquirer licensing is jurisdictional — a US acquirer cannot process domestic Brazilian transactions without a local license or a local partner. Coverage is never truly global; it is a patchwork of licenses and partnerships.

Layer 6: Scheme or rail. Card networks (Visa, Mastercard, local schemes like RuPay or EFTPOS) or account-to-account rails (SEPA Instant, UPI, Pix, PayNow). Each has its own message format, its own dispute process, its own fee structure, and its own governance. ISO 20022 is creating some standardization — SWIFT's CBPR+ coexistence period ended in November 2025, and all cross-border payment instructions must now use ISO 20022 messages — but domestic implementations still vary significantly.

Layer 7: Issuer or payer bank. The customer's bank, which approves or declines. Issuer behavior varies by country, by bank, and even by time of day. Decline rates for the same card type can differ by 15 percentage points between two issuers in the same market.

Layer 8: Clearing, settlement, and disputes. Where the money actually moves between institutions. Settlement timing ranges from real-time (Pix, Faster Payments) to T+2 or longer (some card networks in some markets). Dispute rules differ by rail — card chargebacks follow network-specific rules; bank transfer disputes follow local banking regulation; BNPL disputes follow the provider's own policies.

Diagram 1: The eight-layer payment supply chain. Fragmentation annotations at each layer show where local rules, methods, and infrastructure create divergence. A single transaction traverses all eight layers — and the complexity at each layer compounds.

Singapore: Interlinking as Proof of Difficulty

Singapore offers a concrete example of how fragmentation plays out even when the political will exists to connect systems.

PayNow, Singapore's domestic instant payment rail, linked to Thailand's PromptPay in April 2021 — a bilateral agreement between the Monetary Authority of Singapore and the Bank of Thailand that allows cross-border person-to-person transfers using mobile phone numbers. In February 2023, PayNow linked to India's UPI through NPCI International, enabling transfers between Singapore and India.

Both links work. Both are operational. And both took years to negotiate — not because of technical limitations, but because each domestic system has its own governance, its own participant requirements, its own fraud liability model, and its own settlement mechanics. Connecting two systems is not just an API integration. It is a regulatory, commercial, and operational alignment exercise.

The BIS-led Project Nexus is attempting to scale this from bilateral to multilateral — building a hub that connects multiple domestic instant payment systems through a single integration point. The first wave targets Singapore, Malaysia, Thailand, India, and the Philippines. But multilateral governance is harder than bilateral, and the project has yet to go live at scale.

NexaPay's Access Graph

Kai maps NexaPay's actual payment supply chain across their three markets and puts the results in a spreadsheet that makes the complexity visceral.

Singapore: 3 payment methods (cards, PayNow, Apple Pay), 1 acquirer, 2 rails (card networks and PayNow). Relatively contained.

Europe: 7 payment methods (Visa, Mastercard, SEPA Instant, Klarna, iDEAL, Bancontact, Apple Pay), 2 acquirers, 4 rails (Visa, Mastercard, SEPA, local bank transfer schemes). The method-to-rail mapping alone requires a matrix.

Brazil: 4 payment methods (Visa, Mastercard, Pix, boleto), 1 acquirer plus 1 local sub-processor for Pix, 3 rails (card networks, Pix, boleto). The sub-processor adds a vendor relationship, a separate contract, and a second reconciliation feed.

Total across three markets: 14 payment methods, 4 acquirer relationships, 9 rails. And NexaPay is only in three markets.

"The vendor count is not the problem," Kai tells Priya. "The access graph is. Which of our acquirers can reach which rails, under which licenses, with which fraud liability, and with which settlement model? That is what I need to map — and that is what breaks when we add a new market."

The emerging architectural insight is this: orchestration is less about "optimizing authorization rates" — though it does that — and more about navigating a fragmented access graph. The graph describes who can connect to which rail, under which conditions, with which capabilities. It is the real architecture of payments, and it looks different in every market.

If the surface is fragmenting and the access graph is getting more complex, why are the companies that run the plumbing merging?

Consolidation: Why the Pipes Are Merging

Payment methods are proliferating. Payment companies are consolidating. That looks like a contradiction — until you understand the economics.

BCG's Global Payments Reports have been documenting the same trend for several years: core payment processing is commoditizing. The margins on moving a transaction from point A to point B are compressing. Growth is migrating toward value-added services — fraud tools, data analytics, embedded lending, treasury management, software integrations. The companies that survive and thrive are the ones that can bundle these services at scale, and scale in payments requires either building global reach from scratch (expensive, slow) or buying it.

That is why the pipes are merging even as the surface fragments. Four overlapping pressures are driving consolidation, and each one reinforces the others.

Economies of Scale in Compliance and Resilience

Running a payment operation means absorbing a growing stack of fixed costs: fraud detection systems, anti-money laundering programs, PCI compliance, data security infrastructure, operational resilience frameworks, and dispute management processes. These costs do not scale linearly with transaction volume — they have large fixed components that smaller players struggle to amortize.

A processor handling $10 billion in annual volume spreads its compliance infrastructure costs across far more transactions than one handling $500 million. The larger player can invest in machine learning fraud models, dedicated compliance teams, and redundant infrastructure that would be uneconomic at smaller scale. This creates a natural gravity toward consolidation: bigger providers can offer the same service at lower unit cost, or offer better service (faster fraud detection, more resilient infrastructure) at the same cost.

Global Coverage

Merchants expanding internationally want fewer contracts, not more. The ideal — unrealistic but aspirational — is one provider, one API, one settlement report, covering every market. Reality falls short because acquiring licenses are jurisdictional, local payment methods require local integration, and regulatory requirements differ everywhere. But providers that can cover more markets with a single contract have a structural advantage in winning enterprise deals.

Buying coverage is faster than building it. When Global Payments acquired Worldpay in a $24.25 billion deal that closed in January 2026 — simultaneously divesting its Issuer Solutions business to FIS in what amounted to a three-way restructuring — the logic was explicit: combine Global Payments' merchant acquiring strength with Worldpay's global e-commerce reach and FIS's issuer technology. Each company specialized where it had advantage. Scale was the mechanism; coverage was the goal.

Negotiating Leverage

Scale begets leverage. A processor with $200 billion in annual volume negotiates different interchange terms, different network fees, and different banking relationships than one with $5 billion. That leverage flows through to merchants as lower costs — or, more often, as competitive pricing that wins new accounts while maintaining margins.

The leverage dynamic also applies upstream. Larger processors can negotiate better terms with cloud providers, fraud tool vendors, and compliance service providers. Every node in the payment supply chain offers volume-based pricing, which means scale advantages compound across the entire cost structure.

Platform Competition

This is the pressure that has accelerated consolidation most dramatically in the past five years. If the distribution surface — the point where merchants choose their payment provider — migrates from direct sales relationships to software platforms (vertical SaaS, e-commerce platforms, ISVs), then traditional acquirers and processors face a strategic threat: they become invisible plumbing behind someone else's interface.

The response has been to consolidate and move up the stack. Acquirers buy software companies. Processors build developer platforms. Payment companies invest in the distribution layers that sit above them. The alternative — remaining a pure-play processor in a world where ISVs and platforms control merchant relationships — means accepting permanent margin compression with no path to differentiation.

Three Mega-Deals That Tell the Story

The consolidation wave is not abstract. Three recent deals illustrate the pattern.

Global Payments, Worldpay, and FIS. Announced in April 2025 and completed in January 2026, this was not a simple acquisition. It was a three-way restructuring worth $24.25 billion in cash and stock. Global Payments acquired Worldpay to combine merchant acquiring strength with global e-commerce reach. Simultaneously, Global Payments divested its Issuer Solutions business to FIS, which had previously owned Worldpay and wanted to refocus on issuer technology. The result: three companies, each more specialized and more scaled in their chosen domain. Consolidation here was not about becoming a conglomerate — it was about concentrating capability.

Visa acquiring Prisma and Newpay in Argentina. Visa agreed to acquire Prisma Medios de Pago and Newpay from Advent International, with closing expected in the first half of 2026. The target capabilities — tokenization, biometrics, risk tools, and local payment infrastructure — show Visa moving "down the stack" from network operator into local processing and acceptance. When a card network buys a domestic processor, it is acquiring access and control points that were previously held by independent intermediaries.

Barclays and Brookfield. Barclays partnered with Brookfield Asset Management to invest in and transform its payments acceptance business. Brookfield takes a significant stake; Barclays retains co-ownership. The structure reflects a broader trend: banks reassessing whether they can compete in merchant acquiring at the scale and speed the market demands. Private capital is stepping in where bank balance sheets and governance structures create friction.

DriverWhy it mattersEvidenceImplication for merchants
Scale in complianceFixed costs of fraud, AML, PCI, and resilience favor larger playersNuvei taken private by Advent (~$6.3B) to invest in compliance and global expansionSmaller providers may struggle to keep pace; due diligence on provider viability matters
Global coverageEnterprise merchants want fewer contracts covering more marketsGlobal Payments + Worldpay ($24.25B three-way restructuring with FIS)Consolidated providers offer broader reach but may reduce competitive alternatives
Negotiating leverageVolume-based pricing compounds across every node in the supply chainVisa acquiring Prisma/Newpay to control Argentine local infrastructureScale advantages flow to merchants as lower costs — but also create dependency
Platform competitionISVs and vertical SaaS are capturing the merchant relationshipBarclays + Brookfield partnership to compete at scale in merchant acquiringYour provider's strategy matters — are they building toward the distribution layer or retreating from it?

Table 2: Four pressures driving consolidation and the recent deals that illustrate each. Consolidation is not random M&A activity — it is a structural response to commoditization, scale economics, and platform competition.

What Consolidation Means for NexaPay

The theory becomes personal when it hits your contract terms.

NexaPay's primary acquirer was acquired six months ago by a larger processor in one of the mega-deals reshaping the industry. The integration is underway, and the consequences are arriving in Priya's inbox.

The new parent company is renegotiating commercial terms: higher monthly minimums, bundled services that NexaPay does not need (but that improve the acquirer's revenue-per-merchant metrics), and an API migration timeline that requires NexaPay to rewrite integrations within 18 months. The previous relationship manager — the one who understood NexaPay's business — has been reassigned to a larger account.

"Did we just lose negotiating leverage?" Priya asks Kai. The honest answer: probably. When your provider gets bigger, your relative importance to them gets smaller. The consolidation that gives your provider global coverage and lower unit costs also makes you a smaller fish in a larger pond.

This is the key insight about consolidation: it does not end fragmentation. It creates larger, more powerful hubs in a still-fragmented network. The rails are still local. The methods are still diverse. The regulations are still jurisdictional. But the companies that operate the plumbing between those fragments are getting bigger, more integrated, and harder to replace.

If consolidation is about size, vertical integration is about control points.

Vertical Integration: The New Platform Empires

Consolidation is about getting bigger. Vertical integration is about controlling more of the value chain — and the most valuable control point in today's payments stack is often not the processor. It is the distribution surface: the point-of-sale terminal, the e-commerce platform, the vertical SaaS application, the default wallet on your phone. Whoever controls where merchants and customers interact with payments has outsized influence over everything downstream.

Three forms of vertical integration are reshaping who holds power in payments, and each one works differently.

Software-Led Distribution

McKinsey has tracked how independent software vendors (ISVs) evolved from niche distribution channels into core payments participants. The shift is structural: when a restaurant management platform or a healthcare billing system embeds payment processing directly into its software, the merchant does not choose a payment provider separately. They choose a software platform, and the payments come bundled.

ISV penetration among US small and mid-size merchants is very high — the majority of SMBs now access payments through a software platform rather than a direct acquirer relationship. In European markets, the penetration is significantly lower, but the trajectory is the same. The result is a power shift: software platforms become the distribution layer for payments, and traditional acquirers become the invisible plumbing underneath.

For processors, this creates a strategic dilemma. You can partner with ISVs — accepting lower margins and less direct merchant contact — or you can try to build or acquire software capabilities yourself. Both approaches have trade-offs. Partnering preserves focus but cedes the merchant relationship. Building or buying software requires competencies that most payment companies have historically lacked.

Payments Platforms Expanding Into Adjacent Financial Primitives

The second form of vertical integration runs in the other direction: payments companies expanding beyond transaction processing into a broader set of financial services.

Stripe positions itself as "financial infrastructure" — not just acceptance, but issuing (Stripe Issuing), treasury (Stripe Treasury), fraud prevention (Radar), and billing (Stripe Billing). The pitch to merchants is compelling: one platform, one API, one data model across acceptance, payouts, lending, and financial operations. Each additional product strengthens the data loop — more transaction data improves fraud scoring, which improves authorization rates, which reduces churn.

Adyen takes a similar approach through what it calls "unified commerce" — a single platform that handles online, in-store, and mobile payments with shared data across channels. The integration creates switching costs: once a merchant's operations depend on the platform's data and tooling across multiple financial primitives, migration becomes a major project, not a vendor swap.

The strategic logic for both companies is the same: bundling increases value per merchant, raises switching costs, and reduces the threat of commoditization. If your payment processor also handles your fraud, your payouts, and your working capital, replacing them means replacing four capabilities, not one.

Device and Wallet Ecosystems

The third form is the most visible to consumers and the most contentious with regulators: wallet ecosystems that control the device layer.

When Apple Pay is the default wallet on an iPhone, Apple controls what happens at the moment of payment. It influences which payment method the customer selects (the card at the top of the wallet), how authentication works (Face ID, fingerprint), and which merchants can access the NFC chip for contactless payments. The wallet owner is not just a pass-through — it is a gatekeeper that shapes the economics and experience of every transaction.

This is exactly why regulators have intervened. In January 2024, Apple offered legally binding commitments to the European Commission to open iPhone NFC access to third-party payment apps in the European Economic Area — driven by both an antitrust case and the Digital Markets Act (DMA). The practical result was immediate: PayPal launched contactless NFC payments for iPhone users in Germany in May 2025, the first market where a third-party wallet could tap to pay on an iPhone without going through Apple Pay.

The deeper lesson is that wallet gatekeeping becomes a regulatory target precisely because it is such a powerful vertical integration point. Control the device, and you control the default. Control the default, and you influence every downstream economic decision — which network, which issuer, which merchant costs.

Diagram 2: Three forms of vertical integration in payments. Software/ISVs control the merchant relationship. Payments platforms expand into adjacent financial primitives. Device/wallet ecosystems control the customer default. The dashed lines show where they compete for overlapping control points.

DimensionSoftware-Led (ISV/SaaS)Platform ExpansionDevice/Wallet Ecosystems
Control pointMerchant's operating softwarePayment API and data layerCustomer's device and default wallet
How it worksPayments embedded in vertical SaaS; merchant chooses software, payments followCore processing + issuing + treasury + fraud bundled under one APIWallet owner controls NFC, authentication, and default payment method
Key playersToast, Shopify, Lightspeed, MindbodyStripe, Adyen, BlockApple Pay, Google Pay, Samsung Pay
Merchant benefitSingle platform for operations + payments; reduced integration burdenUnified data, better fraud scoring, one vendor for multiple financial servicesHigher conversion at checkout; customers pay faster with familiar UX
Merchant risk (lock-in)Payments tied to software choice; switching software means switching paymentsMulti-product dependency raises migration cost; data portability uncertainNo direct merchant lock-in, but wallet defaults shape customer behavior and costs
Regulatory pressurePayfac and ISV registration requirements tightening in some marketsAntitrust scrutiny on bundling; interchange regulation affects platform economicsEU DMA / antitrust forced Apple NFC opening; UK PSR monitoring wallet dominance

Table 3: Three forms of vertical integration compared across six dimensions. Each form creates value for merchants — and each creates a different flavor of dependency.

What This Means for NexaPay

NexaPay's largest Singapore merchant uses Shopify for their e-commerce operations. Last quarter, Shopify expanded its payments offering to include direct acquiring in Singapore — meaning the merchant can now handle acceptance, payouts, and basic fraud tools within Shopify's platform without using NexaPay at all.

The merchant has not switched yet. But the conversation is happening. "Their conversion rates are 2% higher on Shopify Payments because the checkout is native," the merchant's CFO tells Kai. "And I get one dashboard instead of two."

Kai's architecture question is the one facing every mid-size PSP: "How do we compete when the platform is the payments provider?" The answer is not to out-feature Shopify on software. It is to offer something Shopify cannot: multi-platform portability, multi-market coverage, and the ability to serve merchants who operate across multiple sales channels and software environments. But that requires an architecture built for interoperability — not for lock-in to NexaPay's own stack.

For merchants and architects, vertical integration creates a hard trade-off. A unified platform simplifies operations and may increase conversion. But it tightens dependency — on the platform's pricing, on its roadmap, on its willingness to support your needs as your business evolves. The right answer depends on your complexity: if you operate in one market on one platform, integration wins. If you operate across markets and channels, portability wins.

Fragmentation, consolidation, and vertical integration create a power map. Understanding who holds power — and how to preserve your own — is the real skill.

Power Dynamics: Who Sets Rules, Who Pays, Who Can Switch

Payments is a multi-sided market. Merchants need customers. Customers need payment methods. Payment methods need networks. Networks need issuers. Issuers need regulators' permission. At every junction, power accrues to the actor who can make others accept their terms — and in a fragmented world, the strongest power often appears as "non-negotiable defaults" that everyone else must work around.

Three power centers dominate the current landscape. Understanding them is not academic. It is the difference between building an architecture that preserves your options and building one that locks you into someone else's roadmap.

Card Networks as Rule-Makers

Visa and Mastercard are not just payment networks. They are rule-making bodies whose mandates flow down through acquirers, processors, and merchants with the force of contractual obligation. Their rulebooks govern payment facilitation structures, chargeback procedures, data requirements, sub-merchant onboarding standards, and security mandates. When the networks update their rules — which they do regularly — every participant in the chain must comply or risk fines, de-certification, or loss of access.

This rule-making power is under increasing regulatory scrutiny. In 2025, the European Union broadened its information-gathering on Visa and Mastercard fees, signaling a potential expansion of its existing interchange regulation. Visa and Mastercard had already extended their inter-regional interchange fee caps for non-EU-issued cards until 2029 as part of an EU competition settlement — a concession that demonstrates the networks' vulnerability to regulatory pressure even as they maintain dominant market positions.

In the UK, the Competition Appeal Tribunal ruled that certain standard interchange fees breached competition law, with appeals expected or in progress. In the United States, card network practices remain a recurring antitrust flashpoint, with multiple ongoing cases and regulatory actions targeting fee structures, routing restrictions, and merchant acceptance requirements.

The pattern is clear: networks set the rules, merchants pay the fees, and regulators periodically intervene when the rules become too favorable to the rule-makers. For architects, the implication is that network fee structures and mandate timelines are not stable inputs — they are variables that can shift based on regulatory action, and your architecture should be able to adapt when they do.

Wallet and Platform Ecosystems

The second power center is newer but growing fast: digital wallets and the platform ecosystems that control them.

The UK Payment Systems Regulator has expressed concerns about the growing market power of digital wallets — specifically Apple Pay, Google Pay, and PayPal — and is monitoring for anti-competitive practices. The concern is not that wallets exist. It is that whoever controls the default wallet on a device controls a chokepoint: which payment method appears first, which authentication flow is required, and what data the merchant receives about the transaction.

As we covered in the previous section, the EU intervened directly by forcing Apple to open iPhone NFC access to third-party payment apps. But regulation moves slowly, and in the meantime, wallet ecosystems continue to embed themselves more deeply into the payment experience. Each new feature — biometric authentication, transit passes, loyalty integration, peer-to-peer transfers — increases switching costs for consumers and makes the wallet harder to displace.

For merchants, the risk is indirect but real: you do not pay Apple or Google directly for wallet access (in most markets), but the wallet's influence over customer behavior shapes which payment methods get used, which networks get volume, and ultimately which fees you pay. The wallet is not a neutral pass-through. It is an active participant in the economics of every transaction it touches.

Infrastructure Access Policy

The third power center is the one that operates most quietly: the rules about who gets access to payment infrastructure in the first place.

The BIS and its Committee on Payments and Market Infrastructures (CPMI) have documented that interlinking domestic payment systems can reduce transaction-chain length and improve speed, cost, and transparency for cross-border payments. But interlinking requires substantial upfront investment, compatible governance frameworks, and alignment on technical standards — all of which are controlled by central banks and regulators who have domestic mandates, not global ones.

Access to fast payment systems and RTGS systems remains uneven and heavily tied to local presence. As we noted earlier, the BIS found that foreign banks without local presence had direct access to only 14% of these systems globally. This means that cross-border payment access is still mediated by local intermediaries — correspondent banks, domestic processors, licensed acquirers — each of which adds cost, latency, and a dependency that the foreign institution cannot easily replace.

For companies like NexaPay, infrastructure access policy is not a background concern. It is a structural constraint that determines which markets they can serve directly, which require local partners, and how much those partnerships cost.

Power centerSource of powerHow they exercise itWho it affectsCurrent regulatory pressureMerchant counter-strategy
Card networksRulebooks governing all participants; brand acceptance merchants cannot refuseMandate compliance, fee schedules, chargeback rules, security standardsAcquirers, processors, merchants, PSPsEU fee investigation (2025), UK CAT interchange ruling, US antitrust actions, interchange cap extensions to 2029Multi-rail support (A2A, local schemes), regulatory engagement, network token adoption
Wallet/platform ecosystemsDefault position on customer devices; control of NFC, authentication, UXInfluence payment method selection, set data-sharing terms, charge wallet fees in some marketsMerchants, issuers, competing walletsEU DMA forced Apple NFC opening (2024), UK PSR monitoring wallet dominance, US scrutiny of tech platform market powerSupport multiple wallets, invest in own checkout UX, advocate for open access standards
Infrastructure accessControl licensing, access rules, and governance of domestic payment systemsSet participation requirements, define clearing/settlement rules, control interlinking termsForeign banks, cross-border PSPs, new market entrantsFSB cross-border targets (2027, unlikely to be met), BIS Project Nexus, ISO 20022 mandatesLocal licensing where volume justifies, partnership with licensed local entities, multi-rail architectures

Table 4: Three power centers and how they exercise leverage in the payments ecosystem. For each, the merchant counter-strategy column shows how to preserve optionality.

NexaPay's Dependency Map

Priya asks Kai to map NexaPay's dependencies — not their vendor list, but their power exposure.

The results are uncomfortable. Visa and Mastercard rules govern 60% of NexaPay's transaction volume. Apple Pay and Google Pay account for a growing share of their merchants' in-store volume in Singapore — and NexaPay has no relationship with either wallet provider; they are simply subject to whatever terms the wallets impose. Their EU market access depends on a single acquirer — the one that was just acquired and is renegotiating terms.

"We have three single points of failure," Kai tells Priya. "And two of them are also our partners."

This is the dynamic that defines the "Second Gilded Age" referenced in this Part's title. Bigger players consolidate and vertically integrate, accumulating control points across the stack. Regulators try — sometimes slowly, sometimes sharply — to prevent durable bottlenecks from becoming permanent tollbooths. And companies like NexaPay navigate between the two, trying to build architectures that preserve optionality in a world where the most powerful players are also their most important dependencies.

So what do you actually do about it? The final section is deliberately practical.

An Architect's Playbook for the Second Gilded Age

If you are new to payments, start with one sentence: payments is a governed network of networks. The job of an architect — whether you are building for a merchant, a PSP, or a platform — is to decide which parts you own, which you outsource, and where you must preserve switching power.

The previous sections mapped the forces: fragmentation at the surface, consolidation in the plumbing, vertical integration at the control points, and power dynamics that shape who can move and who is stuck. This section translates that map into six design principles you can act on this quarter.

Principle 1: Separate "Experience" from "Plumbing"

Keep your checkout and payment UX decisions decoupled from any single acquirer or processor. Fragmentation is highest at the experience layer — the payment methods your customers expect change by market, by channel, and by year. Consolidation risk is highest at the plumbing layer — the processor, the acquirer, the settlement infrastructure.

For NexaPay, this means their checkout UI should not hardcode PSP-specific logic. When a new wallet or payment method emerges in a market, adding it should be a configuration change, not an engineering project.

Principle 2: Treat Providers as Risk Domains, Not Just Vendors

Your processor is not just a vendor that moves transactions. It embeds dispute operations, fraud tooling, settlement timing, and regulatory policy exposure into your business. When regulators pressure fee models or mandate new compliance requirements, your "vendor" becomes your constraint.

NexaPay learned this when their acquirer was acquired and the new parent company changed API migration timelines. The acquirer was not just a payment pipe — it was an operational dependency that shaped NexaPay's product roadmap.

Principle 3: Preserve Routing Leverage Deliberately

Orchestration is a structural hedge against concentration. If you can route transactions to more than one provider, you have negotiation leverage. If you cannot, you have a dependency. Define which levers you still need: alternative routing for cards, a secondary acquirer for resilience, local A2A rails for cost optimization, or wallet redundancy for checkout coverage.

NexaPay's Kai recommends maintaining at least two acquirer relationships in any market that represents more than 20% of revenue — not for optimization, but for survivability.

Principle 4: Choose Where You Want Vertical Integration

Integrated stacks — where one platform handles checkout, processing, fraud, payouts, and reporting — excel when the platform is genuinely your operating system and your business operates in one or two markets. For multi-market portability, design for multiple payment "backends" that can be swapped or added without rewriting core business logic.

NexaPay operates across Singapore, Europe, and Brazil. No single integrated platform covers all three markets equally well. Their architecture must support best-of-breed providers per market while maintaining a unified internal data model.

Principle 5: Engineer for Interoperability and Standards Early

ISO 20022 migration is well underway — SWIFT's CBPR+ coexistence period ended in November 2025, and all cross-border payment instructions now use the standard. But domestic implementations still vary. Building internal abstractions — clean payment event schemas, API-first interfaces, normalized transaction models — reduces the cost of future migrations and makes it easier to add new rails or swap providers.

NexaPay's second concrete action: build an internal payment event schema that normalizes transaction data across all providers and rails. This is not glamorous work. It is the foundation that makes everything else possible.

Principle 6: Watch the Regulatory "Fault Lines" That Move Economics

Interchange caps, scheme fee probes, wallet access mandates, open banking and PSD reforms — these regulatory interventions do not just affect one market. They set precedents that ripple globally. The EU's decision to force Apple to open NFC access is already informing regulatory thinking in other jurisdictions. The UK tribunal's interchange ruling will influence future fee negotiations everywhere.

NexaPay assigns one person on their architecture team to track regulatory developments across their three markets — not as a compliance exercise, but as an input to architecture decisions. When the EU expanded its fee investigation in 2025, NexaPay's team had already designed their European routing to support A2A alternatives. They were ready to shift volume. Their competitors were not.

PrincipleWhat it meansNexaPay exampleRisk if ignored
Separate experience from plumbingDecouple checkout UX from processor-specific logicCheckout UI supports new methods via config, not code changesAdding a new market or method requires a full engineering project
Treat providers as risk domainsAssess operational, regulatory, and strategic exposure per providerAcquirer acquisition forced API migration and contract renegotiationProvider's business decisions become your constraints
Preserve routing leverageMaintain ability to route to 2+ providers in major marketsTwo acquirers in any market above 20% of revenueSingle point of failure; no negotiation leverage on pricing or terms
Choose where you want vertical integrationPick integrated stacks for simplicity; multi-backend for portabilityBest-of-breed per market with unified internal data modelLocked into one platform's roadmap and pricing across all markets
Engineer for interoperability earlyBuild clean abstractions (event schemas, normalized APIs) before you need themInternal payment event schema normalizing data across all providersEvery new provider or rail requires bespoke integration work
Watch regulatory fault linesTrack regulatory changes as architecture inputs, not just compliance tasksEU fee probe prompted pre-built A2A routing capability in EuropeRegulatory shifts catch you flat-footed; competitors who prepared move faster

Table 5: Six design principles for navigating payments in the Second Gilded Age. Each principle is grounded in a concrete NexaPay action and a specific risk.

Diagram 3: Decision framework — "Should I add a second provider?" Single-market merchants with few methods can stay with one provider. Multi-market or multi-method merchants typically need orchestration.

For Payments Professionals Entering the Field

The skill premium in payments is shifting. Knowing how card authorization works is table stakes — any competent engineer can learn the four-party model in a week. The differentiators are higher up the stack:

The ability to reason about power and incentives — who can force whom to accept terms, and how that changes when regulators intervene. Multi-rail architecture — designing systems that work across cards, A2A, wallets, and BNPL without treating any one rail as the default. Regulatory literacy — understanding not just current rules, but where the fault lines are and what precedents are being set. And operational design — reconciliation workflows, dispute management, monitoring, and resilience that work across providers and markets, not just within one.

These are not abstract skills. They are the difference between an architecture that works today and one that still works when the next mega-deal reshuffles your provider landscape or the next regulatory intervention changes your fee structure.

NexaPay's Resolution

Priya and Kai implement three changes over the following quarter.

First, they add a second EU acquirer with A2A payment capability, giving their European merchants the SEPA Instant routing they have been requesting and reducing NexaPay's dependency on their primary acquirer for EU access.

Second, they build an internal payment event schema that normalizes transaction data across all providers and rails. When they add a new provider or enter a new market, the integration effort is contained to an adapter layer — it does not ripple through their core business logic.

Third, they negotiate contractual portability terms with their new primary acquirer — explicit provisions for data export, token portability, and migration timelines if NexaPay needs to move volume elsewhere.

Cost: higher than a single-provider stack. Value: the ability to move when the market moves.

Chapter Closing

The payment industry is not becoming simpler. It is becoming more layered. Fragmentation at the surface, consolidation in the plumbing, vertical integration at the control points, and regulatory intervention at the fault lines — these forces are not temporary. They are the structural reality of payments for the foreseeable future.

Orchestration is the control surface for that complexity. And consolidation plus vertical integration are the forces trying to own that surface.

In the next Part, we shift from understanding the system to using it: practical playbooks for founders (Chapter 35), operators (Chapter 36), architects (Chapter 37), and consultants who want to turn this knowledge into a practice (Chapter 38).

Sources

  • BIS/CPMI — Cross-border payments monitoring survey (14% direct access), fast payment interlinking analysis, Project Nexus
  • ECB — Fast payment system proliferation (100+ jurisdictions)
  • FSB — Cross-border payments roadmap (G20 2027 targets), 2024 progress report
  • Worldpay/FIS — Global Payments Report (digital payments share data, 2014–2024)
  • BCG — Global Payments Reports (2024, 2025): acceptance commoditization, software-payments integration
  • McKinsey — ISV evolution to core payments role, US vs European merchant acquiring surveys
  • Global Payments / Worldpay / FIS — Three-way restructuring ($24.25B, completed January 2026)
  • Visa — Prisma Medios de Pago and Newpay acquisition (Argentina, closing expected H1 2026)
  • Barclays / Brookfield Asset Management — Payments acceptance business partnership
  • Nuvei / Advent International — Take-private (~$6.3B, completed 2024)
  • EU Commission — Apple NFC antitrust commitments (January 2024), Digital Markets Act enforcement
  • EU competition authorities — Visa/Mastercard fee investigation broadened (2025), interchange cap extensions to 2029
  • UK Competition Appeal Tribunal — Interchange fee ruling (competition law breach, appeals in progress)
  • UK Payment Systems Regulator — Digital wallet dominance monitoring (Apple Pay, Google Pay)
  • MAS / Bank of Thailand — PayNow↔PromptPay linkage (April 2021)
  • MAS / RBI / NPCI International — PayNow↔UPI linkage (February 2023)
  • SWIFT — ISO 20022 CBPR+ coexistence ended November 2025
  • Stripe — Financial infrastructure positioning (acceptance, issuing, treasury, fraud)
  • Adyen — Unified commerce / integrated platform approach
  • PayPal — NFC contactless payments in Germany (May 2025, DMA-enabled iPhone NFC access)
The Money AtlasChapter 34 — Payments in a Fragmented World