Cross-border payment infrastructure is the layer of the modern internet that fewest people understand and that the most businesses depend on. Behind a single API call that says 'pay this supplier in Indonesia' there is a stack of banking rails, stablecoin pools, OTC liquidity, risk engines, compliance tooling, treasury automation, and AI routing — each piece doing exactly one job, all composed into a single user-visible action.
This is a technical deep-dive on what that stack looks like in 2026. It is the architecture we run at Credible; the design choices are common across modern payments infrastructure companies but the details vary. Useful reading if you are building, buying, or evaluating this kind of infrastructure.
The shape of the stack
From the bottom up: banking rails, stablecoin custody, on/off-ramp orchestration, OTC and FX liquidity, risk engine, compliance stack, treasury system, and the routing/orchestration layer that ties them all together. Each layer exposes a clean interface to the layer above it.
| Layer | Responsibility | Typical providers |
|---|---|---|
| Banking rails | Domestic clearing in each currency | Partner banks per country |
| Stablecoin custody | On-chain holding of USDC/USDT | MPC custodians, multisig |
| On/off-ramps | Fiat ↔ stablecoin conversion | Licensed VASPs per corridor |
| OTC + FX liquidity | Wholesale pricing for large legs | Tier-1 FX desks, market-makers |
| Risk engine | Fraud, sanctions, transaction monitoring | In-house ML + Chainalysis |
| Compliance stack | KYC/KYB, AML, reporting | Persona, Sumsub, in-house |
| Treasury system | Pool management, rebalancing | In-house, with bank connectivity |
| Routing/orchestration | Decides path per payment | In-house ML |
1. The banking layer
Domestic clearing — ACH in the US, SEPA in the EU, Faster Payments in the UK, UPI in India, Pix in Brazil, AANI in the UAE, NIBSS in Nigeria — is the foundation. We integrate directly with partner banks in each market, holding operational balances and clearing through their domestic systems. The partner bank handles ledger, regulatory reporting, and the local clearing interface; we handle orchestration, customer experience, and the cross-border bridge.
Choosing the right partner bank per market is the single most important architectural decision. The wrong choice creates downstream cost, throughput, or compliance friction that no amount of software can fix.
2. The stablecoin custody layer
Operational stablecoin balances sit in institutional MPC custody (think Fireblocks, BitGo, Coinbase Custody) or in audited multisig contracts on Solana, Polygon, Ethereum, and other supported networks. Custody is segregated by purpose: pool float, treasury, customer balances, fee balances.
Smart-contract code holding pool float is audited annually and continuously monitored. Address-level activity is logged, alerted on, and reviewable on-chain. Every withdrawal above a threshold requires multi-party approval.
3. The on/off-ramp layer
On/off-ramps convert between fiat and stablecoin. In each corridor we use one or more licensed VASPs — Virtual Asset Service Providers — with audited reserves, clean compliance records, and competitive pricing. The on-ramp turns fiat receipts into USDC; the off-ramp turns USDC into local-currency payouts.
Diversity matters here. Single on-ramp dependency is a single point of failure. We maintain at least two licensed on/off-ramps per major corridor and rotate volume to manage counterparty concentration.
4. OTC and FX liquidity
For large payments or thin corridors, the on/off-ramp's published rate may not be the best execution. We route large legs through OTC desks for tighter spreads, particularly on EM corridors where retail pricing is materially worse than wholesale. The OTC layer settles same-day, atomically across the fiat and stablecoin legs.
5. The risk engine
Every transaction passes through a risk engine that produces three scores: fraud score, sanctions risk, and transaction-monitoring risk. Each score is produced in <100ms and feeds into the routing and authorisation decision.
- Fraud score: embedding-based anomaly detection trained on the operator's own history.
- Sanctions risk: real-time screening against OFAC, OFSI, EU, UN, and equivalent lists.
- Transaction-monitoring risk: behavioural signals — velocity, structuring, geography — modelled on the customer cohort.
6. The compliance stack
KYC, KYB, sanctions screening, transaction monitoring, SAR filing, regulatory reporting, audit trails. Each function is implemented as a service with explicit SLAs and exportable logs. We treat compliance as a software product — versioned, tested, monitored — not as a manual process.
Customer-side: KYC for individuals, KYB for businesses, with re-verification at risk-event thresholds. Internal-side: every employee and engineer with access to customer data is logged, every privileged action requires multi-party approval, and the entire stack is SOC 2 Type II ready.
7. The treasury system
Treasury automation manages the stablecoin pools, partner-bank balances, and OTC counterparty exposures in real time. The system forecasts the next 24–72 hours of flow per corridor, pre-positions liquidity accordingly, and rebalances when actuals deviate from forecasts.
We treat treasury as a product surface, not a back-office function. Customers can see their own settlement queue, exposure, and projected payouts; internally, every operator can see pool utilisation, partner-bank concentration, and exception queues.
8. Routing and orchestration
The orchestration layer ties everything together. For each payment it decides: which rail (card / local / stablecoin), which on-ramp, which off-ramp, which FX desk, which partner bank, which compliance step. The decision is informed by current latency, partner-bank queue depth, fee, expected approval rate, and risk score.
AI is a first-class participant. The routing decision is made by an ML model retrained on the platform's own outcomes — approval rate, settlement time, cost, and customer-experience signals. The model considers ~80 features per transaction and produces a decision in <50ms.
What a single payment looks like end-to-end
Trace one transaction. A US e-commerce business is paying a $4,800 supplier invoice in Vietnam.
- Originator calls Credible API with destination details. Idempotency key is recorded.
- Compliance step: sanctions + KYB verification on payer + payee, screening completed in <500ms.
- Risk engine scores the transaction: fraud, sanctions, monitoring — all green.
- Routing engine chooses path: ACH debit from originator → USDC pool credit → off-ramp to VND via licensed Vietnamese partner.
- Pool advances: $4,800 of USDC is committed from the pool, FX-locked at mid-market via partner OTC desk, settled to off-ramp in Vietnam.
- Off-ramp converts USDC to VND, settles to supplier's local bank.
- Inbound ACH from originator clears 1–2 business days later, replenishing the pool.
- Throughout: reconciliation, audit log, and customer-side updates streamed via webhook.
Where the architecture is heading
Three trends will reshape this stack over the next 24 months. First, more chains and faster chains: Solana, Base, and L2s like Arbitrum and Optimism are eating more of the settlement layer. Second, tighter bank integration: a growing number of partner banks now run their own stablecoin or tokenised-deposit programmes, collapsing the on-ramp step. Third, agent-native flows: AI agents transacting on behalf of users will demand programmable wallets, signed-intent protocols, and per-call budgets — none of which the card networks handle natively.
The infrastructure layer is the most exciting part of fintech right now because every piece of it is being rebuilt simultaneously. The companies that compose these pieces well will define how the internet economy moves money for the next decade.