In financial services, infrastructure resilience is closely tied to customer trust. When systems fail, the impact is felt immediately in transactions, service availability and confidence in the institution behind them.

That challenge was central for a leading consumer financial services company managing 7,000 virtual machines, 8,000 servers and 20 petabytes of data across an environment supporting millions of customer interactions. At that scale, infrastructure is not simply a back-end function. It underpins the availability, accuracy and security that customers expect every time they check a balance, make a payment or rely on fraud controls to work as intended.

The challenge was growing more urgent as traditional architectures created single points of failure in an increasingly complex environment. Customers expected services to remain continuously available, while regulators placed greater emphasis on operational resilience and continuity.

This pressure is being felt across the sector. McKinsey research found that 73% of banks cite cybersecurity as their top nonfinancial risk. More broadly, the 2024 CrowdStrike incident demonstrated how technology failures can cascade across enterprises at scale, with an estimated $5.4 billion in damage to Fortune 500 companies. Regulation is also moving in the same direction: the EU’s Digital Operational Resilience Act came into force in January 2025, reinforcing the need for stronger continuity and resilience across financial services operations.

Why single points of failure matter more at financial services scale

For financial institutions, resilience is not only about recovering from major incidents. It is about reducing the likelihood that routine failures, performance issues or infrastructure changes will affect customers in the first place.

For this company, the scale of the environment increased that challenge. Thousands of virtual machines and servers supported critical workloads, while large volumes of customer data had to remain secure, available and recoverable. In a traditional architecture, hardware failures, software issues or configuration errors can have wider consequences when key services depend on centralized systems or insufficiently distributed infrastructure.

Monitoring complexity added to the problem. When visibility is fragmented, signs of degradation may go unnoticed until performance is already affected. In a financial services environment, that can quickly translate into delayed transactions, service disruption or increased operational risk.

The company needed a more resilient model that could reduce concentration risk, improve visibility across the estate and strengthen protection without interrupting day-to-day service.

How the infrastructure model changed

The transformation focused on reducing single points of failure, improving visibility across the environment and strengthening data protection and governance. To support this, the company partnered with HCLTech to modernize core infrastructure, improve operational resilience and build a more scalable foundation for future growth.

Reducing concentration risk through distributed architecture

A central part of the transformation was the migration of 7,000 virtual machines to an Availability Zones architecture designed to reduce single points of failure across production environments. By distributing workloads more effectively, the company created an environment better able to absorb localized hardware, network or facility issues without wider service disruption.

This meant that maintenance activity, security updates and unexpected failures could be handled with less impact on live operations. Rather than relying on isolated infrastructure components, the environment became more resilient by design.

Improving visibility and proactive monitoring

The transformation also strengthened operational visibility. A unified VMware Aria platform was introduced to monitor 10,000 systems through real-time performance and capacity dashboards, giving operations teams a more complete view of infrastructure health.

This improved the ability to identify issues earlier, support better capacity planning and reduce the risk that performance problems would only be discovered after affecting customers. The shift was not only technological, but operational: teams were better positioned to move from reactive issue management toward more proactive oversight.

Strengthening protection and recoverability at scale

Data protection was another critical part of the resilience model. The company implemented backup infrastructure spanning 20 petabytes, with recovery capabilities tested regularly to improve confidence in recoverability under adverse conditions.

At the same time, automated vulnerability management was extended across 13 petabytes of storage, and 7,000 software-defined firewall rules were introduced to improve security coverage across the environment. This helped create a protection model better aligned with the scale and sensitivity of the data being managed.

Supporting change through stronger governance

Because the environment was so large and complex, governance also played an important role in the transformation. A dedicated Project Management Office was established to coordinate operating system upgrades, database modernization and end-of-life decommissions across the estate.

This helped the organization manage risk during change, maintain compliance requirements and continue transformation work without disrupting customer-facing operations. In practice, the program showed that infrastructure modernization and operational continuity do not have to conflict when governance is built into the process from the outset.

Why resilience and trust are increasingly linked

In financial services, trust is reinforced or weakened through everyday interactions. Customers may not see the infrastructure behind a payment, balance check or fraud alert, but they experience the results directly through speed, reliability and continuity.

For this company, strengthening infrastructure resilience helped create a more stable platform for those interactions. By reducing single points of failure, improving visibility and strengthening recovery and governance, the organization was better positioned to support millions of transactions without compromising service continuity.

The underlying systems may operate in the background, but their role is central. In a sector where resilience is increasingly shaped by both customer expectations and regulatory scrutiny, infrastructure design has become an important part of how trust is maintained.

Read the full case study here.