Choose a webhook payment automation platform based on production safety, not event speed alone. The best option clearly documents retry and replay behavior, supports signature verification, lets you process events idempotently through a queue, and gives finance the fields needed for reconciliation. For ledger-critical workflows, use direct API consumers and keep no-code tools for low-risk routing and notifications.
This guide is for the teams that carry the operational risk after launch: product, engineering, and finance ops. If you are comparing payment automation platforms built around event callbacks, the real question is not feature breadth. It is whether the platform still holds up when payment events drive status changes, notifications, internal record updates, and accounting workflows. Providers describe this model as HTTPS callbacks, essentially an API call in reverse, and as a way to avoid constant polling. That matters, but it does not make an implementation production-safe by itself.
Fast event handling only matters if finance can reconcile outcomes without manual detective work. In practice, success looks like this: the event is received, verified, applied correctly to internal records, and the resulting payout activity is traceable into accounting or ERP reconciliation. Treat event speed and reconciliation readiness as one design problem, not two separate projects.
The point of this guide is to help you build a credible shortlist, compare tradeoffs clearly, and set first-pass failure checkpoints before broad automation. Delivery behavior is one of the most important validation points because retry envelopes differ by vendor.
| Vendor | Documented failed-delivery retry behavior | Additional operational detail |
|---|---|---|
| PayPal | Up to 25 reattempts over 3 days for non-2xx responses | Validate against your ingestion and replay handling design |
| Stripe | Automatic resends for undelivered events up to 3 days; manual resend availability depends on event age | Use delivery logs and replay procedures to close gaps before payout or settlement logic runs |
| Dwolla | 8 re-attempts over 72 hours | Responses over 10 seconds are treated as failed; production allows up to 5 active webhook subscriptions |
Usually, choose the option that gives your team clear delivery behavior, reconciliation-ready data, and enough operational control to automate with confidence. For a deeper accounting-focused walkthrough, see Accounting Automation for Platforms That Removes Manual Journals and Speeds Close.
Start with one hard veto before you even discuss pricing. If a vendor cannot clearly document retry and replay behavior for event delivery, remove it from consideration.
Provider behavior differs in ways that matter in production. PayPal retries non-2xx deliveries up to 25 times over 3 days. Plaid retries for up to 24 hours, with delays that start at 30 seconds and increase by a factor of 4. Dwolla exposes retry and retry-history endpoints.
After that veto, a weighted scorecard is still useful.
| Criteria | Weight | What to verify |
|---|---|---|
| Event reliability | 30% | Documented retry windows, duplicate/out-of-order handling, replay controls, and failure behavior. |
| Schema consistency | 15% | Predictable payload structure (or documented versioning) and clear event definitions so downstream systems interpret events consistently. |
| Security controls | 15% | HTTPS endpoints, authenticity checks such as HMAC where supported, and optional IP allowlisting. |
| Finance reconciliation fit | 20% | Evidence you can retain and reconcile: lifecycle status/events, payloads, delivery timestamps, and retry history. |
| Compliance gating | 10% | Clear verification or compliance signals you can use to block or release sensitive money actions. |
| Integration effort (API vs no-code) | 10% | Prefer API consumers for money movement or ledger-impacting logic; use no-code where controls are sufficient for lower-risk notification workflows. |
For event reliability, assume duplicates and out-of-order delivery are possible. Design deterministic processing that does not depend on arrival order. Also verify operational constraints such as Dwolla's 10-second response expectation and its pause condition after 400 consecutive failures when 24 hours have passed since the last success.
Before final scoring, do one role-fit check. Assign explicit owners for event correctness, reconciliation evidence, and exception handling, including replay ownership.
Status visibility and sandbox speed are useful, but they are not decisive. Deterministic event processing, verified message origin, and audit traceability are the actual bar. Before finalizing your shortlist, map each must-have control to a concrete implementation owner using this reference: Explore Gruv docs.
Use this table after the veto check in the prior section. For ledger-critical workflows, the current evidence most clearly supports Dwolla for bank rails. It supports Lightspark for Bitcoin and Lightning-specific flows, Paystack with validation, and no-code tools mainly for non-critical automation unless you add your own durable control layer.
| Vendor | Best for | Rail focus | Integration style | Security controls documented | Reconciliation depth | Known unknowns from current evidence | Go/no-go signal |
|---|---|---|---|---|---|---|---|
| Dwolla | ACH-heavy platforms needing direct payment-state events | ACH, Same Day ACH, RTP, FedNow | Direct API + event callbacks | Retry tooling is documented; this pack does not establish message authenticity controls | High relative to this list: bank-rail webhook coverage plus retry-by-webhook-ID; process idempotently because order is not guaranteed | Pricing model unknown; SLA details unknown; rate limits unknown; ordering explicitly not guaranteed; delivery guarantee unknown | Go for ledger-critical bank-rail automations if you can return 2xx within 10 seconds, handle duplicates, and own redelivery procedures |
| Lightspark | Bitcoin/Lightning confirmation-driven actions | Bitcoin, Lightning | Direct API/SDK + event callbacks | HMAC-SHA256 verification is documented; failed deliveries retry with exponential backoff | Medium to high for crypto event trails if payloads are retained; payment completion events are documented | Pricing model unknown; SLA details unknown; rate limits unknown; ordering unknown; delivery guarantee unknown | Go for Bitcoin-native event handling; no-go if you need a single vendor across ACH and card rails |
| Make | Internal routing and fast app-to-app automation | Generic connectors; WebPay connector available | No-code instant triggers and per-webhook queues | This pack does not establish payment-grade authenticity controls for incoming payment events | Low to medium; useful fan-out, weaker as primary finance evidence | Pricing model unknown in this pack; SLA details unknown; rate limits unknown; ordering unknown; delivery guarantee unknown | Go for internal notifications, ticketing, CRM updates; no-go as sole processor for fund-moving or ledger-posting logic |
| Zapier | Lightweight event capture into SaaS tools | Generic connectors | No-code raw hook trigger; request body limit is 2 MB | This pack does not establish payment-grade authenticity controls | Low; useful for ops capture, limited support for deeper finance controls | Pricing model unknown in this pack; SLA details unknown; rate limits unknown; ordering unknown; delivery guarantee unknown | Go for alerts and support workflows only; no-go for ledger-critical automations |
| Integrately | Fast no-code starts for small teams | Generic connectors | No-code API automation across 1500+ apps | This pack does not establish payment-grade authenticity controls | Low; convenience-first with limited evidence for audit-ready payment-state handling | Pricing model unknown in this pack; SLA details unknown; rate limits unknown; ordering unknown; delivery guarantee unknown | Go for low-risk back-office tasks only; no-go for payout release, settlement decisions, or ledger writes |
| Paystack | Teams already on Paystack needing payment event intake | Cards, bank, mobile money | Direct platform event delivery | Signature validation and IP whitelisting are documented | Medium when Paystack is already your rail and delivery evidence is retained; live-mode retry schedule is documented | Pricing model unknown in this pack; SLA details unknown; rate limits unknown; ordering unknown; delivery guarantee unknown | Go if Paystack is already in your stack and event fields map to ERP and ops needs; no-go until that mapping is proven |
| Global Payments WebPay | Existing WebPay merchants needing connector-first coverage | Cards and wallets; public regional page lists Visa, Mastercard, American Express, Diners Club, Apple Pay, Google Pay, PayPal, Click to Pay | Webhook transport types are documented; Make's WebPay app adds payment-status/refund modules and is partner-maintained | Validation docs exist, but specific controls in this pack are limited | Low to medium from public evidence; payment status visibility is documented, audit depth is not | Pricing model unknown; SLA details unknown; rate limits unknown; ordering unknown; delivery guarantee unknown | Go only after regional validation of event catalog, retry behavior, and sample payloads; no-go on public docs alone for core money-state decisions |
Two practical checks usually decide the shortlist. First, run these fit checks:
Then, before any option moves from shortlist to build, require three things:
For ERP decision patterns, see ERP Integration Patterns for Payment Platforms: Flat File vs. API vs. Webhook Sync.
Dwolla is a strong fit when your automation is ACH-centric and you want one consistent event-delivery path for Standard ACH and Same Day ACH. It becomes a good ledger-adjacent option only if your team can process events idempotently, return 2xx within 10 seconds, and validate commercial terms before build.
What makes it attractive is the reduction in branching. Dwolla states that Standard ACH and Same Day ACH use the same API endpoints, which simplifies event-ingest logic. For ops and finance, it also documents a common event format and positions this delivery model as part of payment visibility and automated reconciliation. Its correlation ID appears in webhooks, API responses, dashboard searches, and reconciliation exports, which supports cleaner matching across systems.
The operational tradeoff is straightforward. Dwolla says delivery is asynchronous and not guaranteed in order, and it recommends idempotent processing. It also documents 8 retries over 72 hours, plus automatic pause after 400 consecutive failures and 24 hours since the last success. Those are usable constraints, but they still need to fit your ingest and replay design.
The missing piece is commercial certainty. The public materials here do not establish contractual delivery SLA guarantees. Confirm delivery terms, escalation paths, and replay procedures directly with sales and technical teams before you let payout release or ledger posting depend on assumptions.
A practical pattern for contractor payouts is to consume Dwolla status changes such as pending, processed, cancelled, and failed into an internal ops state first, then emit normalized internal events into ERP reconciliation flows. Preserve the correlation ID plus your internal ledger reference so redelivery does not create duplicate posting. In practice, the value is simple: event-based delivery can give teams continuous visibility into what is happening.
You might also find this useful: How Automation Is Finance's Greatest Asset for Payment Platforms: A Data-Driven Case.
Lightspark can be a fit when your payout or fulfillment logic depends on Bitcoin events and confirmations. In the retrieved docs, the emphasis is confirmation-triggered actions from Lightspark event delivery and ramp lifecycle updates from Lightspark Grid.
Its push-versus-pull framing is useful in practice. Polling keeps asking for status, while provider callbacks push updates as events happen. That matters when you want to wait for a defined payment event before releasing value.
The event model is also explicit: the event type is the trigger, and the payload is the data your app receives. In core Lightspark docs, this delivery model is positioned for near real-time account activity, including asynchronous actions like withdrawals and incoming payments. It also includes a Lightning payment finished event for both incoming and outgoing payments. In Grid, coverage includes ramp lifecycle events such as conversion events, OUTGOING_PAYMENT, ACCOUNT_STATUS, and KYC_STATUS.
X-Grid-Signature header and verify signatures.A practical pattern is confirmation-gated release: wait until a defined confirmation event, then release. Lightspark's example is releasing digital goods after 3 block confirmations, including a scenario where a callback fires after the third confirmation for a 0.5 BTC payment.
For auditability, record the raw payload, event type, receipt timestamp, signature header, provider payment reference, internal order or payout ID, and the confirmation threshold used for release. That gives finance and compliance a direct trail from event to action.
The limitation is not event clarity. It is missing commercial and reliability detail in the public material. The retrieved docs here do not establish uptime SLA figures, retry or redelivery behavior, ordering guarantees, or non-Bitcoin rail parity. Treat that as production risk to validate directly, and protect the flow with idempotent consumers plus an exception queue for unmatched events.
This pairs well with our guide on Accounts Payable Automation ROI for Platforms That Need Defensible Results.
Use Make, Zapier, and Integrately for speed on internal automation, not for payment-critical decisions. If an event can move funds, release value, or change ledger state, keep that logic in direct API consumers inside your core services.
Make is a practical option for fast routing with some execution control. It markets 3,000+ apps, and one implementation detail matters: webhook processing is parallel by default, with sequential processing available. For payment-adjacent events, that default can increase ordering risk if your workflow assumes strict sequence, so keep Make focused on alerts, ticketing, and CRM updates.
Zapier has the broadest connector network here, with 8,000+ apps. It works well for internal notifications, but the control model is narrower than many teams expect. Zapier states that trigger type is fixed, so you need to confirm whether an integration is webhook-based or polling-based before you depend on it. Recovery controls also vary by plan. On the Free plan, manual replay is limited to errored runs.
Integrately is positioned for quick setup, with one-click activation and 20 Million+ ready automations. Its published app count is inconsistent across its own properties. It is listed as 1500+ in one place and 1100+ in another, so verify connector availability for your exact workflow before you rely on it. Its webhook/API positioning supports low-risk custom routing, not core payment-state control.
The practical split is simple: route non-critical events to internal notifications, support queues, or CRM tasks through these tools, while payment-state decisions stay in your own services.
Need the full breakdown? Read Accounts Receivable Automation for Platforms to Collect from Enterprise Buyers at Scale.
Use Paystack or Global Payments WebPay for fast event intake when you are already on those rails. Keep payout release, ledger posting, and exception approval in your core platform until event behavior and ERP reconciliation are proven end to end.
A good fit is regional payment event intake: ingest updates quickly, route them to support or finance queues, and sync confirmed states into your ERP. What you should not do is let a no-code connector chain become the source of truth for payout execution.
In the retrieved material, Paystack has more explicit documented event-delivery behavior in this pair. It recommends this model over callbacks or polling for delivering customer value. It also documents live-mode retries when 200 OK is not returned: every 3 minutes for the first 4 tries, then hourly for the next 72 hours. In test mode, retries are hourly for 10 hours, with a 30-second request timeout.
Before launch, validate the controls Paystack documents: signature validation or IP whitelisting, plus transaction checks for status and amount using event data or the verify endpoint before ERP updates. Avoid treating event receipt alone as proof of settlement; reconcile status and amount before posting updates.
Global Payments WebPay is best treated as connector-first convenience. The retrieved material confirms POST payload delivery and a signature header (X-GP-Signature), and Global Payments markets paths from no-code plugins to SDKs and APIs. In Make, the listed WebPay connector shows All Modules (8), Triggers (1), and Actions (7), and the excerpt says it is maintained by partner MSquare Automation Solutions.
The problem is not that WebPay lacks utility. It is that the current evidence set is thin. Retry and backoff behavior, ordering guarantees, rate limits, delivery SLA, and complete event coverage are not clear in the retrieved excerpts. Before approval, request the event catalog, retry rules, sample payloads, and the ERP reconciliation fields your finance team needs.
status plus amount reconciliation.X-GP-Signature validation, event coverage, and ERP field mapping pass testing.If you want a deeper dive, read ERP Integration Architecture for Payment Platforms: Webhooks APIs and Event-Driven Sync Patterns.
For events that can change money state, use a default path: Provider callback -> signature verification -> queue -> idempotent processing -> ledger posting -> ERP sync. Virtual Accounts, Payouts, and Merchant of Record (MoR) flows can share the same verified, queued, idempotent ingest path, then diverge after normalization.
Treat the endpoint as a narrow HTTP receiver. Verify authenticity first, and use the exact raw request body for signature checks so body mutation does not break verification.
After validation and durable handoff, return a 2xx HTTP status code quickly.
Put a queue between intake and processors. This decouples delivery from processing, absorbs spikes, and gives you an asynchronous path that is safer for payment-event workloads.
Process each event so retries do not create duplicate business effects. If an event is already processed, ignore it and still return success so retries stop.
Normalize provider state into your internal state model, post to the ledger, then send the accounting representation to the ERP.
Virtual Accounts: branch into transaction-status handling, such as virtual-account status update events.Payouts: branch into transfer progress or status handling.MoR: branch by configuration-aware responsibility, since legal responsibility can sit with the platform or connected accounts.If volume and failure impact are both low, synchronous handling may be acceptable for nonfinancial notifications. Once money movement, ledger mutation, or payout status changes are involved, default to an asynchronous queue plus replay. Ordering cannot be assumed across deliveries, and retry windows are provider-specific and bounded.
Set a fail-closed baseline before launch: if signature verification, transport security, or compliance gating fails in testing, incoming events should not trigger payout release or ledger-changing actions.
Require HMAC signatures, TLS, and strict payload validation on every request. An unverified message cannot be authenticated as provider-originated, and signature checks can fail if the body is changed. Verify against the exact raw UTF-8 request body, not a parsed or reformatted version.
IP allowlisting can add protection when a provider publishes source ranges, and Stripe instructs receivers to check source IP origin. The tradeoff is maintenance: Adyen notes static allowlists are brittle if IP lists are not kept current. Keep signature verification as the primary trust check, then add allowlisting where it is practical and provider-documented.
Map KYC and KYB states directly to payment permissions in your decision logic. Stripe ties payout and charge enablement to verification completion, and Dwolla requires identity verification for at least one party in a transaction. Your payout path should include an explicit hold state for accounts or businesses that are pending review, restricted, or missing verification data.
Keep sensitive fields masked in logs, and keep tax and identity data encrypted in transit and at rest. OWASP guidance supports removing, masking, hashing, or encrypting sensitive data before logging. Before go-live, validate that unsigned or malformed payloads are rejected without processing and that verification failures are actively monitored. For adjacent fraud controls, see Device Fingerprinting Fraud Detection Platforms for Payment Risk Teams.
After endpoint security, trust usually breaks in processing. If duplicate-processing risk is unresolved, do not automate fund-release actions, even when delivery appears stable.
Treat duplicates as normal. Providers warn that events can be duplicated, and some flows can call fulfillment logic multiple times, possibly concurrently, for the same object. Detection checkpoint: track idempotency collisions and inspect the underlying records. Repeated deliveries for the same provider event ID should end as a clean already processed outcome, with no second side effect. If you cannot prove that in logs or database state, keep money movement manual.
Do not use receipt order as business truth. These callbacks are asynchronous and not guaranteed to arrive in order. Detection checkpoint: process against current resource state, or your transition map, not arrival sequence. Flag unmatched or regressive state transitions, especially anything that moves backward against your allowed state graph.
Delivery can look healthy until downtime exceeds a provider retry window. Retry behavior differs by provider: Plaid retries for up to 24 hours with 4x backoff starting at 30 seconds, Dwolla retries 8 times over 72 hours, and Stripe retries for up to 3 days in live mode. Detection checkpoint: monitor event lag from provider event time to internal receipt and add timed fallback logic for expected states that never arrive. If an expected terminal event does not arrive in your window, trigger polling or manual review.
A frequent failure mode is partial success: callback accepted, but a downstream step fails. Detection checkpoint: alert when messages move into a dead-letter queue and capture replay-critical fields such as provider event ID, original payload, first-seen timestamp, current processing state, and failed step. Define escalation ownership before launch. Repeated failures can pause delivery; for example, Dwolla can auto-pause after 400 consecutive failures and 24 hours since the last success.
"Mostly worked" still turns into a finance incident at close. Detection checkpoint: keep a finance-visible exception workflow for payment records where provider state and internal records do not align (including ERP posting state when applicable). Track owner, age, and replay status so nothing stalls silently. This matters because accounts reconciliation, especially cash reconciliation, already consumes 20 to 50 hours per month for many finance teams. Keep the incident response pack minimal and testable: a replay procedure, named escalation ownership, and a finance-visible exception workflow.
In the first 30 days, prioritize safe, auditable processing over full automation. Do not advance each week without named artifacts and a clear owner handoff.
Finalize platform choice, then lock the event contract before coding. Define which inbound events you accept, which events can change money or ledger state, and which API version you consume. For each money-moving flow, publish one reviewed state-transition map that marks valid transitions, regressive transitions, and manual-review or fetch paths, not arrival order. Handoff: engineering gets the approved contract and transition map; finance gets reconcilable state definitions; ops gets the initial exception-queue event list.
Implement secure ingest first: HTTPS endpoint, signature verification before business logic, and raw-body preservation where required for Stripe signature checks. Queue events for asynchronous processing, enforce idempotency with a stable event or execution identifier, and wire a dead-letter queue so failed messages are isolated for debugging and controlled reprocessing. Validate ledger and ERP payload mappings with samples finance can read directly. Handoff: evidence pack with valid and invalid signature tests, duplicate-delivery outcomes, meaning already processed with no second side effects, and mapping validation outputs.
Test failure recovery before cutover. Run replay drills and document who can trigger them. Align incident steps to the provider windows and limits you actually operate under, for example, Stripe's undelivered-event guidance covers automatic resend up to three days, manual resend visibility for events less than 15 days old, and payload-only access for 16-30 day events, while Dwolla documents pause risk after 400 consecutive failures and 24 hours since the last success. Validate compliance and tax gates where enabled: KYC/AML verification gates, W-8 and W-9 collection points, and 1099 ownership paths. Handoff: approved outage and replay procedure, escalation owners, and verified compliance and tax gate behavior.
Launch a limited cohort first, then monitor the exception queue, dead-letter queue, event lag, and payout-failure events daily. Sign off only when provider state, internal ledger state, and ERP posting state reconcile on live transactions and the audit trail is complete, including API version selection, signature-verification logs, idempotency outcomes, replay records, and compliance-gate evidence. Handoff: finance reconciliation signoff plus on-call replay ownership; keep fund movement or ledger posting behind manual approval until unresolved mismatches are closed.
Choose correctness over speed. A fast demo is not a safe launch if you cannot prove who sent the event, how retries and replays are handled, and how each event maps to payout and settlement evidence.
Status-change notifications can arrive immediately, but immediate delivery does not solve duplicate processing or sender trust on its own. Use providers that document retry behavior and validation controls you can verify in your environment. Stripe documents automatic resends for undelivered events for up to three days and warns teams to avoid processing a single event multiple times; Dwolla exposes retry attempts with timestamps and delivery details; Global Payments documents message and sender validation and production IP allow-list constraints.
Run the weighted scorecard, complete the comparison table, and assign the implementation plan to named owners. Engineering should own sender and message-validation checks, dedup keys, queueing, and replay handling. Finance should own reconciliation evidence requirements, including event ID, timestamp, status, amount, fees, net impact, and linkage to the originating payment or payout. Ops should own exception handling and escalation.
Launch only after you pass tests for invalid sender rejection, duplicate-delivery handling, replay, and end-to-end traceability from event intake to payout or settlement records. If connectors are in scope, verify platform limits before you make production assumptions, for example, Zapier Catch Raw Hook has a 2MB payload limit including headers. Do not cut over until controls and reconciliation evidence are proven under realistic conditions.
That is the practical filter for payment automation platforms built on event callbacks. It is not who emits events fastest. It is who lets you verify event integrity, avoid duplicate side effects, and reconcile money movement with an audit-ready trail. Request a technical walkthrough to confirm coverage, controls, and market-specific constraints for your shortlist.
For a step-by-step walkthrough, see Business Process Automation for Platforms: How to Identify and Eliminate the 5 Most Expensive Manual Tasks. If you want a technical walkthrough to validate rollout assumptions, controls, and market-specific constraints, contact Gruv.
In practice, it is a provider plus your own intake service turning payment state changes into events your team can act on. Engineering needs an HTTP endpoint, signature verification, and idempotent processing. Finance needs those events tied to payout, ledger, and ERP records with an audit trail.
Use event delivery as the primary path for payment status updates. Keep polling for repair work such as gaps, backfills, or outage recovery. Design for fast acknowledgment and asynchronous processing so retries can work as expected when 200 OK is not returned.
Require HTTPS, verify provider signatures before business logic, and use IP allowlisting where supported. Do not let events release funds unless idempotency and replay handling are in place. Route malformed or unexpected states to manual review.
Assume duplicate deliveries will happen. Store a stable dedup key such as the provider event ID or your outbound idempotency key, and treat later deliveries as already processed with no second side effects. Keep the same idempotency key across retries for follow-on API calls.
There is no universal cross-ERP mandatory field set, but finance should at least get provider event ID, event timestamp, source object ID, status, gross amount, currency, fees, and net impact. If available, include balance-transaction-style records because they help reconcile funds moving through the account. Keep linkage to the original payment or payout for exception tracing.
Use no-code connectors for low-risk routing such as alerts, ticket creation, and sending non-critical events to CRM tools. Build direct API consumers when events can move funds, post to the ledger, or depend on strict sequencing and replay control. In Make, webhook scenarios are processed in parallel by default, so order-sensitive payment flows need explicit sequential configuration.
Treat missing technical clarity as a blocker for ledger-critical automation. If a vendor cannot clearly document retry behavior, replay options, signature verification, duplicate-delivery behavior, and reconciliation-ready event fields, pause selection. You also need documented retry windows for undelivered events because pricing pages usually do not answer those implementation questions.
Yuki writes about banking setups, FX strategy, and payment rails for global freelancers—reducing fees while keeping compliance and cashflow predictable.
Includes 2 external sources outside the trusted-domain allowlist.
Educational content only. Not legal, tax, or financial advice.
The hard part is not calculating a commission. It is proving you can pay the right person, in the right state, over the right rail, and explain every exception at month-end. If you cannot do that cleanly, your launch is not ready, even if the demo makes it look simple.
Step 1: **Treat cross-border e-invoicing as a data operations problem, not a PDF problem.**
Cross-border platform payments still need control-focused training because the operating environment is messy. The Financial Stability Board continues to point to the same core cross-border problems: cost, speed, access, and transparency. Enhancing cross-border payments became a G20 priority in 2020. G20 leaders endorsed targets in 2021 across wholesale, retail, and remittances, but BIS has said the end-2027 timeline is unlikely to be met. Build your team's training for that reality, not for a near-term steady state.