Why architecture can no longer sit only in IT

The previous articles on the architecture operating model and the new talent stack addressed how to structure and staff the architecture function. This article addresses where that function lives — because its organizational placement determines whether architecture decisions serve the bank’s full set of interests or only the technology department’s priorities.

The tradition of keeping architecture decisions inside the technology organization made sense when architecture was about servers, databases, and network topology. Those were technical decisions with technical consequences. A bad database design affected query performance. A bad network topology affected latency. The business felt the impact indirectly, but the decisions were genuinely technical in nature.

That era is over. AI has made architecture decisions into business decisions with technical specifications. The consequences are no longer indirect. They are immediate, measurable, and they touch every function in the bank.

AI has made architecture decisions into business decisions with technical specifications. The consequences are no longer indirect.

Architecture Decisions Are Now Business Decisions

Consider three architecture decisions that a bank’s technology team might make in a given quarter. First, the decision about which customer data attributes to include in the enterprise data model. This determines what customer information AI can access. It determines whether the bank can legally use certain data for AI-driven personalization — a compliance question, not a technology question. A technology team that includes a data attribute without consulting legal and compliance may create fair lending exposure that surfaces months later during an examination.

Second, the decision about API design for the lending domain. This determines whether an AI-powered credit decisioning engine can be deployed. It determines whether the bank can respond to a competitor’s product launch in weeks or months — a business strategy question, not a technology question. A technology team that designs the API for internal convenience rather than AI consumption may delay the bank’s competitive response by a full quarter.

Third, the decision about governance infrastructure for AI models. This determines whether the board can attest to AI governance during a regulatory examination — a risk question, not a technology question. A technology team that builds governance as an afterthought creates risk exposure that the board may not discover until the examiner discovers it first.

Each of these decisions was made by a technology team. Each of them created consequences for business, compliance, and risk. None of those stakeholders had a voice in the decision. This is not a theoretical concern — we have seen institutions where a single data model decision, made in a technology meeting that no business leader attended, created a fair lending examination finding that took months to remediate.

What Cross-Functional Ownership Looks Like

Cross-functional architecture ownership does not mean that every executive needs to understand microservices or event streaming. It means that business leaders own the outcomes that architecture enables or prevents, and that architecture governance includes business, risk, operations, and technology at the table with genuine decision authority.

In practice, this means the Architecture Review Board described in the previous article includes a business representative who can articulate the competitive implications of architectural choices, a risk representative who can evaluate the governance and compliance implications, and an operations representative who can assess the operational impact on front-line staff and customer experience. These are not observers who receive a briefing after the technology team has decided. They are decision-makers with the authority to shape architectural direction based on their domain expertise.

The technology team retains ownership of the how — the specific technical implementations, the technology selections, the engineering practices. The cross-functional body owns the what and the why — what capabilities the architecture must enable and why those capabilities matter to the bank’s strategy, risk posture, and competitive position.

The most common reason cross-functional governance is resisted is not operational — it is cultural. Technology leaders accustomed to autonomous decision-making experience cross-functional oversight as a loss of authority. Business leaders accustomed to delegating technology decisions experience it as an unwelcome expansion of responsibility. Both reactions are understandable and both must be addressed explicitly. The executive sponsor — typically the CEO or COO — must make clear that cross-functional architecture governance is not optional and that both technology autonomy and business delegation must give way to shared ownership.

The Committee Trap

The obvious objection is that cross-functional governance will slow everything down. More people in the room means more opinions, more debate, and more delay. This objection is valid if the cross-functional body operates as a traditional committee — meeting monthly, reviewing slide decks, debating without deciding, and producing recommendations that nobody is obligated to follow.

That is not what effective cross-functional ownership looks like. Effective governance uses decision frameworks that pre-resolve most routine decisions. If the architectural standards are clear and specific — as described in the previous article on operating models — then eighty percent of decisions are handled by compliance with the standards. No committee required. The cross-functional body focuses on the twenty percent that involve genuine tradeoffs: should we prioritize lending API modernization over payments event publishing? Should we accept a six-month governance infrastructure gap to accelerate the fraud detection deployment?

What executives most commonly misunderstand about cross-functional governance is the scope. They imagine every architectural decision flowing through a cross-functional committee. The reality is the opposite: clear standards eliminate the need for most discussions. The cross-functional body only convenes for the decisions that genuinely require multiple perspectives — the tradeoffs where business priority, risk tolerance, and technical feasibility must be balanced. Those decisions are better made together than in isolation, and making them well actually accelerates execution because the organization aligns once rather than renegotiating after the fact.

The Board-Level Imperative

Architecture has become a board-level concern for a specific reason: regulators are asking board members about AI governance, and the answers require architectural understanding. When a board member is asked whether the bank’s AI systems are explainable, the answer depends on whether the architecture includes explainability infrastructure. When a board member is asked whether AI decisions can be audited, the answer depends on whether the audit trail is infrastructure-enforced.

What board members most commonly underestimate is how specific these regulatory questions have become. An examiner does not ask “do you have AI governance?” in general terms. The examiner asks whether the bank can reproduce the data inputs, model version, and decision logic for a specific credit decision made on a specific date. That question can only be answered if the architecture includes immutable audit logging, model versioning, and data lineage tracking — capabilities that must be designed in, not bolted on.

Board members do not need to understand the technical implementation. They need to understand the architectural capability — whether it exists, whether it is adequate, and whether it is being invested in. This understanding requires regular briefings from the cross-functional architecture body, presented in business terms rather than technology terms. The architecture function that reports only to the CTO and presents only in technical language is invisible to the board. In an AI-driven bank, that invisibility is a governance gap.

What Comes Next

The series now turns from foundations and operating models to the future patterns that are already emerging in leading banks. The next article examines the most immediate of those patterns: autonomous AI agents that interact directly with the core banking system, making decisions, executing workflows, and managing exceptions. This is not a future scenario. It is happening now — and the architectural requirements for safe agent operation are more demanding than most banks have anticipated. The architecture must support it before the agents arrive, not after.

Where to Start

If your bank’s architecture decisions are still made exclusively within the technology organization, the gap between technical choices and business consequences is growing with every AI initiative. The question is whether you close that gap through deliberate governance design or discover it through a regulatory finding.

The CSP Transformation Readiness Scorecard evaluates your architecture governance model against the cross-functional ownership requirements outlined in this article — including decision authority distribution, board-level reporting maturity, and the alignment between architectural choices and business strategy. Leadership teams get a structured view in under an hour, with clear prioritization of where to act first.

If architecture decisions in your institution still live exclusively in IT, the business choices embedded in those decisions are being made without the people who will live with the consequences.

If your institution is ready to move from awareness to action, visit coresystempartners.com/contact to start the conversation.

Next article in the series: Autonomous Banking: How AI Agents Will Interact With the Core

Return to: Why AI makes modern core banking architecture non-negotiable

 

#CoreBankingTransformation #CoreBankingArchitecture