The High Cost of Replacing Core Systems in Regulated Industries

Written By Ioana Frincu

And why I never make tech decisions without a strategic scoring model

I’ve had to replace two core systems in two regulated financial businesses — not because I wanted to, but because I had to.

In both cases, the systems were already in place when I stepped in. They had been chosen with insufficient research, clear alignment across departments, and—most dangerously—a real understanding of what “regulated” really means in tech architecture.

My role was ensuring business continuity while carefully extracting and replacing the infrastructure that kept the organization functioning. These transitions taught me a difficult but essential truth: the cost of poor systems selection in regulated industries compounds silently until it becomes unsustainable.

Once that happens, correcting course is far more expensive than choosing wisely from the beginning.

Regulated Means Constrained — and That’s by Design

Regulated industries are built around checks, transparency, and customer protection systems. That means every core system must support auditability, compliance, risk management, and operational continuity while allowing the company to build fast on it. Failure to do so isn’t just inefficient — it’s non-compliant. The introduction of the Digital Operational Resilience Act (DORA), now fully enforceable across the EU, formalizes this concern. ICT systems must meet rigorous availability, integrity, and recoverability standards. In short, systems must not be the weak link.

A 2022 McKinsey report on digital risk in banking found that over 60% of transformation failures are rooted in governance, regulatory misalignment, and operational risk, not the technology itself.

Organizations often create manual workarounds when a system lacks built-in compliance capabilities, such as audit trails, role-based access, or data lineage. This is how spreadsheets become critical infrastructure, and how operational resilience quietly erodes.

The Price of Getting It Wrong

System evaluations often miss the second—and third-order costs—the hidden expenses that accrue after go-live. These aren’t always visible in budgets or implementation plans, but erode value quickly.

According to Gartner, 70% of ERP project failures result from misalignment between IT and business expectations, not technical flaws.

Here’s what I’ve observed when a system isn’t fit for purpose:

  • Finance teams reconciling data manually.

  • Client data and statuses managed in Excel because CRM workflows are broken.

  • Compliance unable to pull audit logs when needed.

Each of these is a strategic risk, not just an operational nuisance.

Shallow Research = Strategic Risk

In both cases where the team and I replaced systems, the root cause was the same: insufficient research, rushed decisions, and a narrow lens during selection.

This pattern is well documented. A study by MIT Sloan Management Review found that companies using cross-functional vendor evaluation frameworks were three times more likely to achieve long-term transformation success.

I’ve always relied on a strategic scoring model, developed collaboratively across functions. My scoring criteria typically include:

  • Regulatory alignment in current and future jurisdictions.

  • Vendor maturity, market cap, and client base.

  • Data portability — especially out of the system.

  • Cloud/on-prem compatibility and extensibility.

  • Ease of internal training and upskilling.

  • Match with our tech strategy (e.g., AWS-native, modular architecture, API-first).

I believe this approach isn’t optional — it’s a form of risk management.

Replacing Systems Midstream: What I’ve Learned

Replacing a core system while maintaining day-to-day operations is always a delicate balance. And it’s far more common than most people think.

Harvard Business Review has shown that organizations with unclear digital transformation roadmaps experience the highest levels of employee fatigue and disengagement. I’ve seen this happen when a replacement project lacks clarity and coordination.

In my experience, the following elements make or break a midstream transition:

  • Transparent rationale: Repeating the “why” helps gain trust.

  • Contingency planning: Always expect migration surprises.

  • Cross-functional engagement: No successful system serves only one team.

  • Documentation discipline: For auditability, team onboarding, and internal learning.

Systems Should Enable Strategy — Not Reshape It

When a system is poorly chosen, it begins to reshape your business in subtle but damaging ways.

You postpone launches because integrations take too long, build workarounds instead of features, and slowly shift the budget from innovation to maintenance. Strategic decisions are delayed because the underlying data lacks trust.

Research by Bain & Company found that modernized core systems can reduce IT costs by up to 50% and accelerate product delivery by as much as 40%. However, the inverse is also true: mismatched or legacy systems can cost you that competitive edge.

Final Thought

I didn’t choose the two systems I had to replace, but I did choose how to replace them. I did it with alignment, governance, and a scoring process reflecting business strategy and regulatory reality.

Core systems are long-term bets. They shape the rhythm and resilience of the entire company. When you choose without depth, rigor, or foresight, you don’t just buy a bad system — you mortgage your team’s future capacity.

So if you’re leading a system replacement, or considering one, let me offer this:

Slow down. Look deeper. In regulated industries, you only get to choose wrong once.

Ioana Frincu
Next

The Strategic Imperative of Direct CTO-CEO Reporting