FinQub
Guide · Payment orchestration

Payment orchestration: the complete guide

What payment orchestration actually is, the five problems it solves, the architecture under the hood, and the five questions to ask before buying.

Updated May 2026·11 min read

Payment orchestration is the infrastructure layer between a merchant or fintech application and its payment service providers — acquirers, processors, alternative payment methods, and routing networks. It manages those providers through one unified integration, one routing engine, and one reconciled ledger, instead of one bespoke integration per provider.

Instead of writing and maintaining a custom integration to Stripe and Adyen and Worldpay and Checkout.com, you authenticate once to the orchestration layer and let it handle provider selection (which acquirer, which processor, which alternative payment method), retry logic, declined-card recovery, FX optimization, and settlement reconciliation across the providers you use.

This guide covers what payment orchestration actually is, the five operational problems it solves, the architecture pattern, smart-routing fundamentals, the honest build-vs-buy math, how the major platforms compare, and where payment orchestration overlaps with broader fintech orchestration.

What payment orchestration is

A payment orchestration platform sits between your application and your payment providers. It exposes one consistent payment interface — create a payment, capture a payment, refund a payment, query a payment, handle a webhook — and translates that single interface into the per-provider API calls your acquirers and processors expect.

The minimum viable payment orchestrator does five things:

  • Provider abstraction. One API call ("authorize $100 on this card") becomes the right vendor-specific call to whichever provider the routing engine selects.
  • Tokenization. Card data is captured once, tokenized inside the orchestrator, and replayed to whichever provider is chosen — so card data never has to be re-collected when you switch providers.
  • Smart routing. A configurable engine that selects the best provider for each transaction based on rules: BIN, currency, transaction value, geography, time of day, provider availability, cost.
  • Retry and recovery. Soft-decline retries with exponential backoff, network-token-aware retries, multi-provider fallback if a primary returns specific error codes.
  • Settlement reconciliation. A unified ledger that reconciles per-provider settlements, fees, refunds, and chargebacks against the orchestrator's authoritative payment record.

The five problems it solves

1. Single-acquirer lock-in

A single-acquirer architecture means one provider sits between the merchant and the entire card network. If that provider raises its fees, has an outage, deprioritizes your category, or simply has poor authorization rates in a specific market, the merchant has no leverage. Payment orchestration removes the lock-in by enabling parallel relationships with multiple acquirers, with traffic routable on demand.

2. Authorization rate variance

Authorization rates vary across acquirers by 2-8 percentage points for the same card-not-present traffic, depending on the merchant category, transaction profile, and geographic mix. The variance is real money. A 4% improvement in auth rate on a $100M annual processing volume is $4M of additional revenue — every year. Payment orchestration captures the variance by dynamically routing to the acquirer with the highest auth rate for each transaction profile.

3. FX inefficiency

Cross-border transactions can settle through the merchant's home-currency acquirer (with the acquirer doing the FX conversion at its margin) or through a local acquirer in the cardholder's currency (with the merchant absorbing the FX conversion at the merchant's rate). The latter is typically 50-150 basis points cheaper. Payment orchestration enables local acquiring per geography without the merchant having to integrate every local provider directly.

4. Soft-decline recovery

Soft declines — "do not honor," "insufficient funds," "processor decline" — recover at substantially different rates depending on the retry strategy. Network tokens, account updater integrations, intelligent retry timing, and routing the retry through a different acquirer can recover 15-25% of soft-declined transactions. Without orchestration, each retry strategy is a per-provider engineering project.

5. Settlement reconciliation

Multi-acquirer fintechs typically reconcile across 3-7 settlement files per day, each with its own format, timezone, fee structure, and chargeback file. Without a unified ledger, finance and ops teams spend hours per day matching transactions and investigating variances. Payment orchestration consolidates the reconciliation into one daily reconciled view.

The architecture under the hood

A production payment orchestrator has six functional layers:

  • Tokenization layer. PCI DSS Level 1 tokenization with vault. Card data captured once, replaced by a token used everywhere downstream. Network tokens (Visa Token Service, Mastercard MDES) for issuer-side updates.
  • Routing engine. Rule-based and increasingly ML-based routing decisions. Inputs: BIN, currency, amount, geography, customer segment, time, provider availability, historical auth rate. Outputs: ranked provider list with a primary and one or more fallbacks.
  • Provider adapter layer. One adapter per provider, normalizing API differences. Authentication, request shape, error taxonomy, webhook format — all hidden from the application.
  • Retry orchestration. Configurable retry policies. Same provider with backoff. Different provider on specific error codes. Network token refresh and retry. Account updater on stored credentials.
  • Webhook handling. One canonical event stream that the application subscribes to, regardless of which provider produced the underlying event.
  • Reconciliation engine. Daily ingestion of provider settlement files, normalization to one ledger schema, automatic match against orchestrator-recorded transactions, exception queue for unmatched items.

Smart routing explained

Smart routing is the visible value of payment orchestration. It has three flavors, in increasing sophistication:

Static routing

Rules expressed as "if X then provider Y." Useful for jurisdictional routing (US transactions to a US acquirer, EU to an EU acquirer) and for category routing (subscription billing to one provider, one-time purchases to another). Cheap to implement, fully predictable, but brittle when conditions change.

Performance-based routing

Routing decisions informed by recent provider performance — auth rates by BIN range, latency, error rates, downtime. The routing engine maintains a rolling window of provider performance and biases traffic toward better-performing providers. Requires statistical care to avoid overfitting to short windows.

Cost-optimized routing

Routes to the lowest-cost provider that meets a configured minimum auth-rate threshold. Useful when providers have meaningfully different fees per transaction type — domestic debit vs international credit, regulated debit vs regulated credit.

ML-based routing

A model that predicts the auth probability for each transaction × provider combination, picks the highest-expected-value provider, and updates as outcomes come in. Promising but only worth the complexity at high volume; adds a model-management dependency that has to be operated continuously.

Build vs buy: the honest math

Building a production payment orchestrator in-house typically requires:

  • PCI DSS Level 1 attestation for the tokenization vault. This alone is a 6-12 month project including a Qualified Security Assessor engagement and roughly $250-450K in initial cost plus annual recurring expenses.
  • Provider integrations. 3-5 engineer-months per provider for production-quality integration including webhook handling, retry logic, and reconciliation file ingestion.
  • Routing engine. 4-8 engineer-months for v1 with static and performance-based routing.
  • Reconciliation pipeline. 3-6 engineer-months for production reconciliation across multiple providers with exception handling.
  • Ongoing maintenance. 1-2 FTE indefinitely for provider API changes, new payment methods, regulatory shifts.

Three-year TCO for build: $1.5M to $4M depending on volume and provider count. Buying a payment orchestration platform is typically $3-15K per month plus per-transaction fees, plus 1-2 engineers for 4-8 weeks of integration. Three-year TCO for buy: $200K to $800K at most growth-stage volumes.

Building makes sense when payment processing IS your core product, when you process more than $5B annually, or when you have a regulatory or strategic reason to own every layer. Otherwise the math favors buying — and the time-to-first-routed-transaction is months faster.

Primer vs Spreedly vs Gr4vy vs FinQub

The dedicated payment-orchestration vendors take similar approaches with meaningful differences. A short comparison:

  • Primer. Strong workflow builder for checkout-side orchestration, deep partnerships with European acquirers, focused primarily on merchants of record and direct merchants. Excellent for omnichannel commerce.
  • Spreedly. The original payment orchestration platform, broadest acquirer coverage, strong PCI vault, less opinionated about workflow. Good for marketplaces and fintechs that want vault-plus-routing without prescribed checkout UX.
  • Gr4vy. Cloud-native architecture with a strong no-code builder, fast-growing acquirer coverage, strong telemetry. Newer entrant.
  • FinQub. Payment orchestration as one capability inside broader fintech orchestration — payments alongside KYC, KYB, fraud, sanctions, banking, and compliance evidence. Best fit when payments are part of a larger regulated workflow rather than a standalone checkout problem. Hash-chained audit trail and framework-tagged compliance evidence are baked in.

For a pure-play merchant focused only on checkout conversion, Primer or Spreedly are typically the right answer. For a fintech where payment processing is one of 5-10 vendor categories that all need to be orchestrated and audited together, FinQub or a comparable broader-scope orchestrator is the better fit.

Where payment orchestration meets compliance

Payment orchestration touches compliance in three places that pure checkout-orchestration platforms often underestimate:

  • Sanctions screening at authorization time. Card-funded transactions to OFAC-screened parties, or originating from sanctioned BINs, must be blocked before authorization. The screening logic ideally lives in the orchestrator, not in N parallel implementations across providers.
  • Transaction monitoring for AML. Patterns across multiple providers — structuring, layering, unusual velocity — are only visible if every provider's transactions feed the same monitoring pipeline. A multi-acquirer setup without orchestration creates AML blind spots.
  • Examination evidence. When the sponsor bank or the examiner asks for the complete payment history of a customer, the answer needs to come from one ledger that includes every provider's view of every transaction. Without orchestration, that's a multi-day cross-provider data assembly.

These are the reasons fintechs running multiple payment providers increasingly view payment orchestration not as a checkout-conversion play but as a compliance-infrastructure decision.

Implementation timeline and costs

Realistic timeline for a fintech adopting a payment orchestration platform:

  • Weeks 1-2: Vendor selection. Three-vendor RFP, proof-of-concept on the 80%-case payment flow, contract negotiation.
  • Weeks 2-6: Provider connect. Connect the orchestrator to your existing primary acquirer. Migrate one payment flow (typically the highest-volume, lowest-risk flow) to run on the orchestrator. Validate authorization rates, latencies, error handling.
  • Weeks 4-8: Add second acquirer. Connect a second acquirer through the orchestrator. Begin parallel routing on a small percentage of traffic. Tune routing rules.
  • Weeks 6-10: Recovery and retries. Configure soft-decline retry with multi-provider fallback. Validate auth-rate uplift. Configure network token usage where the providers support it.
  • Weeks 8-12: Reconciliation. Move daily reconciliation onto the orchestrator's unified ledger. Train finance and ops on the new view.

First measurable auth-rate or cost benefit typically lands inside Q1. Full benefit accrues over the following 6-12 months as routing rules mature and additional providers are added.

Keep reading

Frequently asked questions

Stop building your orchestration layer. Start running on it.

Let's talk about what FinQub looks like for your stack — which tools you're running, where the pain is, and how quickly you can eliminate it.

Not ready to book a call? Apply for the Partner Program →