Banking Enterprise Architecture: A Practitioner's Playbook for BIAN, TOGAF, and Surviving Core Modernization

Banking enterprise architecture programs rarely fail loudly. They fail quietly. Not with a dramatic outage, but with a Visio diagram nobody trusts, a capability map that hasn't been touched since the last reorg, and a roadmap that the delivery teams politely ignore. If you are an architect at a bank or building a challenger, your real problem isn't drawing the target state — it's making that target state binding on the systems that already exist and the ones you're about to build. Banking enterprise architecture only earns its keep when it changes what gets shipped, not when it produces another deck.

This is a playbook for doing exactly that. It assumes you already know what an architecture repository is, so it skips the definitions and goes straight to the trade-offs: which frameworks to combine and why, how to modernize a legacy core without a big-bang rewrite, and the specific pitfalls that sink these programs in regulated environments.

Why Banking Is a Special Case

Generic enterprise architecture frameworks were not built for the constraints a bank actually operates under. Three things make banking different, and any architecture that ignores them is decorative.

Regulation is a first-class architectural constraint, not a checklist. Data residency, transaction immutability, audit trails, segregation of duties, and reporting obligations (Basel III/IV, PSD2/3, DORA, SOX, AML/KYC) are not features you bolt on. They dictate bounded contexts, where data can physically live, which services can call which, and what must be provably reproducible. An architecture that can't trace a regulatory requirement to the control that enforces it and the code that implements it is incomplete.

Legacy core systems are load-bearing and irreplaceable on any short timeline. The mainframe running your demand-deposit accounting has 30 years of edge cases encoded in COBOL that nobody fully understands and nobody dares to touch. You will be coexisting with it for years. Your architecture's job is to contain it, not pretend it away.

Failure is asymmetric. A retail app that drops a session is an annoyance. A payments rail that double-posts a transaction is a regulatory incident and a front-page story. This asymmetry should push you toward determinism, idempotency, and explicit consistency boundaries everywhere money moves.

The Framework Stack: BIAN + TOGAF + ArchiMate (Use All Three)

The single most common mistake is treating these as competitors and picking one. They operate at different layers and compose cleanly. A serious banking enterprise architecture practice uses all three, each for what it's actually good at.

Framework	What it gives you	What it does NOT give you
BIAN	A banking-specific reference model: ~300 Service Domains and a standard API landscape. The shared vocabulary for "what a bank does."	A method for getting there, or a modeling notation.
TOGAF (ADM)	The method — a repeatable cycle (Architecture Vision → Business → IS → Technology → Opportunities → Migration → Governance) for moving from current to target state.	Banking content. Out of the box it's industry-agnostic.
ArchiMate 3.2	The notation — a formal, layered modeling language (Business / Application / Technology, plus motivation and strategy) so your models are precise instead of suggestive.	Process or method. It's a language, not a plan.

The combination is the point. BIAN gives you the what (a Customer Offer Service Domain, a Payment Execution Service Domain), TOGAF gives you the how (the ADM phase that moves you there), and ArchiMate gives you the language to express both rigorously enough that an engineer can act on it. The Open Group and BIAN have published joint guidance precisely because the two are designed to interlock — BIAN content accelerates TOGAF's IS Architecture phase and raises its quality.

A practical rule of thumb: don't model the whole bank in BIAN before you've delivered anything. Map only the Service Domains touched by your current initiative, express them in ArchiMate, and govern the transition with one or two ADM iterations. The architects who try to boil the ocean produce a beautiful, unused model. The ones who scope to a value stream ship.

Modernizing the Core Without Betting the Bank

Core modernization is where banking enterprise architecture meets reality. The instinct — and the consultant's pitch — is often a rewrite. Resist it. Big-bang core replacements have a long, expensive graveyard. The patterns below let you modernize incrementally while the old core keeps the lights on, like renovating an occupied building floor by floor.

1. Strangler Fig, organized by capability. Route new functionality through a new platform and progressively redirect existing functionality to it, capability by capability, until the legacy core is encircled and eventually decommissioned. The decomposition unit should be a business capability (or BIAN Service Domain), not a technical layer. Slicing by technical layer gives you a distributed monolith — the worst of both worlds.

2. Anti-corruption layers (ACL) at every legacy boundary. This is non-negotiable. The legacy core's data model is a 30-year accretion of compromises. If you let its concepts leak into your new services, you've imported the technical debt you were trying to escape. An ACL translates between the legacy model and your clean domain model, and it's where you also localize the gnarly synchronization logic.

3. Get bounded contexts right before you touch infrastructure. Most "microservices" disasters in banking are domain-modeling failures wearing a Kubernetes costume. The expensive mistakes:

• Distributed transactions across contexts. If Account and Ledger are separate services and a transfer needs both atomically, you've created a two-phase-commit problem at the worst possible place. Either keep them in one consistency boundary or design explicit sagas with compensation — and make that an architectural decision, not an accident.
• Modeling the org chart instead of the domain. Bounded contexts should follow business invariants, not reporting lines that change every reorg.
• Underestimating data synchronization. Plan the legacy-to-new data flow first. Dual-write, CDC (change data capture), and reconciliation are where these programs actually bleed time.

4. Stand up an API and event layer aligned to BIAN. Whether you go REST or event-driven, naming your services and payloads against BIAN's Service Domains buys you interoperability with vendors and a shared language across teams. This is the cheapest standardization decision available and most banks skip it.

The Pitfall Nobody Talks About: The Model-to-Code Gap

Here's the failure mode that the framework vendors won't put on a slide. You can do everything above correctly — pick the right frameworks, model meticulously in ArchiMate, scope your ADM iterations, design clean bounded contexts — and still fail. Because between the architecture model and the running code, there is a chasm, and humans cross it by hand.

An architect specifies Payment Execution as a BIAN Service Domain with idempotent posting, an audit trail, and an anti-corruption layer to the legacy ledger. Then a delivery team three time zones away interprets that diagram, makes a hundred undocumented decisions, and ships something that is almost what the architecture said. The drift starts on day one. Six months later the model and the system have nothing to do with each other, and the architecture team is reduced to writing standards documents nobody reads.

This gap is why banking enterprise architecture has a reputation as an ivory tower. The discipline produces intent; the codebase encodes reality; and there is no enforced bridge between them. The traditional answers are weak:

• Governance boards catch drift late and by sampling — they're a tax, not a guarantee.
• Reference implementations rot the moment the first team forks them.
• "Architecture as code" linters check naming and dependency rules but can't verify that a service actually implements the capability it claims to.

The durable fix is determinism: treating the architecture model as a formal, executable specification and generating the conforming skeleton — service boundaries, API contracts, persistence, the anti-corruption layer scaffolding, the audit hooks, the compliance controls — directly from it. Not a one-time scaffold a team then diverges from, but a reproducible transformation where the same model always yields the same code. This is mature engineering practice (model-driven architecture, used in avionics and automotive for two decades); it has simply been hard to apply to mainstream banking stacks. When the bridge is deterministic, the model stops being a suggestion and becomes the contract.

A 90-Day Operating Model for Architects Who Have to Ship

If you're standing up or rebooting a banking enterprise architecture practice, here's a sequence that produces value fast instead of a year-long mapping exercise:

1. Pick one value stream with executive pain (e.g., onboarding, or a specific payment flow). Ignore the rest of the bank for now.
2. Map only its capabilities to BIAN Service Domains. Express the current and target state in ArchiMate. Keep it to a few dozen elements.
3. Run one TOGAF ADM iteration scoped to that stream — Vision through Migration Planning. Produce a real transition architecture with intermediate states.
4. Design the bounded contexts and ACLs explicitly, deciding consistency boundaries where money moves before choosing any technology.
5. Close the model-to-code gap for this slice. Generate the conforming service skeleton from the model so the first delivery provably matches the architecture, then measure the drift on the next change.
6. Show the executive sponsor a working, conformant slice — not a deck. That's what funds the next stream.

The architects who win in banking are the ones who make the model binding and the first delivery conformant. Everyone else is producing documentation.

---

Archiet exists for that fifth step. It turns a structured specification — your requirements and architecture intent — into a formal model (ArchiMate 3.2, DMN, BPMN) and then deterministically generates conforming, gate-checked application scaffolding across stacks (Flask/Next.js, FastAPI, Django, NestJS, Laravel, go-chi, Java/Spring, Rails, .NET), with the same model always producing the same output — the structure, contracts, and controls, with your domain logic still owned by your team. For a bank trying to make its enterprise architecture actually govern what ships — bounded contexts, audit trails, and controls included — that determinism is the bridge across the gap this article is about. If your architecture deserves to be enforced rather than merely admired, it's worth a look.