Operational resilience is no longer about restoring systems; it’s about ensuring payments can continue safely, even when fraud threats are active, evolving, and forcing real-time decisions. In this Q&A, Bottomline’s Eric Choltus explains that resilience has shifted from post-event recovery to real-time continuity, where banks must detect and manage fraud in-flight to keep payments moving safely and confidently.
Q: Why is disaster recovery no longer enough for payments resilience?
Eric Choltus: Traditional disaster recovery was built for a different world; one where disruption was episodic, and recovery could happen after the fact. But that model doesn’t hold up anymore. Today, institutions are operating in environments where disruption can be continuous, not one-off. Payments don’t just need to recover; they need to continue.
That’s why regulators are pushing toward what’s effectively continuity by design – to ensure payment services remain operational under stress and not simply restored after failure. The issue is that many institutions are still anchored in legacy assumptions around recovery, and that creates a gap between what they think resilience looks like and what’s required.
Q: Where do traditional resilience approaches fall short in practice?
Eric Choltus: One of the biggest misconceptions is that backup infrastructure equals resilience. You can have a disaster recovery site, but if it shares the same vulnerabilities, whether that’s identity controls, access paths, or governance, you haven’t really improved your position.
More importantly, what many of these approaches miss is that payments are increasingly disrupted even when systems are fully available.
Fraud now affects availability because banks have the ability to pause, throttle, or even reroute payments once confidence in the legitimacy of a transaction drops. A weak control environment quickly becomes a problem with continuity.
So it’s not just about systems being up. It’s whether you actually trust what’s flowing through them.
Q: How has fraud evolved into an operational resilience issue?
Eric Choltus: Fraud used to be something you dealt with after the payment went out. You had time. You could investigate, recover funds, and manage the impact. That’s no longer the case, especially with real-time payments.
You don’t have that luxury to claw payments back anymore. You have to scan for fraud in real time, interdict the payment, and make a decision immediately.
Now fraud decisions are happening in-flight, not post-event. And that changes everything. If your detection is too slow, you’re exposed. If your response is too aggressive, you disrupt legitimate payments. So, fraud isn’t just a financial crime issue anymore; it’s a core operational constraint.
Q: Why do banks stop payments even when systems are still running?
Eric Choltus: Because safe processing requires confidence. It requires confidence in identity, intent, and beneficiary legitimacy, not just system uptime. If you don’t have confidence in those elements, the rational decision is to stop or restrict the payment, even if everything is technically working.
When signals are conflicted, or visibility is fragmented, banks choose containment over exposure. That’s the trade-off institutions are constantly making. Do you allow the payment through and risk fraud? Or do you introduce friction and risk, disrupting the customer?
When visibility is limited, the default tends to be caution, which means payments get paused. That’s why we say today that payments are often stopped by design, not by failure.
Q: What does maintaining continuity under fraud threat require?
Eric Choltus: It requires a shift upstream. Fraud prevention can’t just sit at the end of the payment process. By that point, you’ve already lost valuable signals and time. You need to be detecting and assessing risk as early as possible.
You’ve got to do this as upstream as you possibly can… the earlier you act, the more signals you can use to detect suspicious behaviour.
That includes looking beyond the transaction itself, things like login behaviour, session activity, and changes to beneficiary details. All those signals help build confidence.
The institutions that do this well aren’t just focused on stopping fraud. They’re focused on enabling payments to continue safely. The best programs balance fraud reduction with customer experience and operational throughput. That balance is what defines real resilience today.
Q: How important is speed of response in this new model?
Eric Choltus: It’s critical. Even with strong controls, fraud will still get through. What matters is how quickly you can respond. I often talk about what I call the ‘fraud response cycle’ as the time it takes to detect an attack, understand it, and implement controls to stop it.
And the variation across the industry is huge. Some institutions can do that in weeks. Others take months. The longer that cycle is, the more exposure you have, and the more likely you are to see repeated disruption.
The key is for banks to have an organised process and make that response cycle as short as possible. Resilience isn’t just about prevention. It’s about how quickly you can adapt under pressure.
Q: What does the future of payments resilience look like?
Eric Choltus: We’re moving toward a model of continuous operation under threat. It’s no longer enough to design systems that recover well. You must design systems, and processes, which allow you to operate safely even when threats are active.
The next wave of disruption won’t come from systems going down. It will come from institutions being unable to trust their environment in real time.
And that ultimately is the shift: Resilience isn’t defined by uptime any more.
It’s defined by whether you can continue to process payments safely and confidently.
Summary
Operational resilience in payments has moved beyond recovery. It is now about ensuring continuity in the face of uncertainty, where fraud, not failure, is often the trigger for disruption.
In this new reality, the ability to maintain confidence in real time will determine which institutions can keep payments moving, and which cannot. Financial Institutions need to look toward a robust end-to-end Payments Fraud Defense solution.
To find out more, register for our upcoming webinar: Operational Resilience in an Era of Instability: How Payments Leaders Are Redefining Continuity in a Fragmented World on 8th July.