From Messages to Commitments
The Next Generation of Banking Infrastructure
The entire global financial system runs on messages. SWIFT, SEPA, ACH, FedWire — every one of them is a messaging service. Bank A sends a message to Bank B asking it to move money. Bank B interprets the message, updates its own ledger, and sends a confirmation back. The two ledgers are then reconciled — manually, in batch, often days later.
This architecture was a miracle of the 1970s. It replaced telex and paper with structured electronic instructions. But the underlying logic never changed. A payment message is a request. It carries no authority of its own. It cannot verify whether the sender actually has the funds. It cannot enforce the conditions of a contract. It cannot settle anything. It simply asks someone else to do so.
We have spent fifty years optimizing the speed and formatting of these messages — from MT103 to ISO 20022 — while leaving the fundamental architecture untouched. Faster messages are still messages. A real-time gross settlement system is still a system where one party sends a request and another party honors it on trust.
The result is an industry that spends billions on reconciliation, compliance reporting, and settlement risk management — all of which exist solely because the infrastructure cannot do anything. It can only say things.
What banking actually does
Strip away the technology and banking reduces to one function: managing commitments between parties.
A deposit is a commitment by the bank to return your money on demand. A loan is a commitment by the borrower to repay over time. A letter of credit is a commitment by one bank to pay another when shipping documents arrive. A payment is the fulfillment of a prior commitment.
Every financial instrument is either a commitment or the resolution of one. The entire edifice of banking — from retail accounts to syndicated loans to derivatives — is a web of signed, enforceable promises with liable parties behind them.
Yet the infrastructure we built to manage this web has no concept of a commitment. It knows how to carry messages. It does not know how to make, verify, or enforce promises. The commitment lives in a contract PDF somewhere. The infrastructure just shuttles payment instructions after humans have verified the conditions offline.
The three generations
First generation: Paper-based banking. The commitment and its fulfillment lived in the same physical document. A bill of exchange was both the promise and the instruction. The signature on the paper was the authority. Slow, but internally coherent.
Second generation: Message-based banking. We separated the commitment from the infrastructure. The contract stayed on paper (or in a PDF, or in an ERP system), and the infrastructure carried only the resulting payment instructions. Speed increased dramatically. Coherence collapsed. The message knows nothing about the commitment it is supposed to fulfill, so we need armies of middle-office staff to verify that the two match.
Third generation: Commitment-based banking. The infrastructure carries the commitment itself — as a signed, verifiable, machine-executable object. The commitment knows its own conditions. It knows which parties are liable. It knows when it should be fulfilled and what constitutes valid fulfillment. The infrastructure does not relay requests. It executes promises.
What a commitment looks like in practice
Consider a straightforward purchase. A buyer commits to pay €20,000 for a piece of equipment. In message-based banking, this commitment exists as a clause in a contract. When the equipment arrives, someone in accounts payable reads the contract, verifies the delivery, logs into the banking portal, and sends a payment message.
In commitment-based infrastructure, the buyer’s bank — represented by an active software agent — joins the transaction directly. At the moment the deal is struck, the agent places a verifiable lock on the funds. This lock is a signed commitment: the bank will execute the transfer when the agreed conditions are met. The commitment carries its own fulfillment logic. When the equipment delivery is confirmed by a signed proof from the logistics provider, the settlement executes automatically. There is no message to send. There is no instruction to interpret. The commitment fulfills itself.
The buyer’s bank never lost custody of the funds. The money stayed in the regulated banking system throughout. What changed is that the bank’s liability — the deposit — gained the ability to participate in the transaction as an active, condition-aware agent rather than sitting passively in a database row waiting for a SWIFT message to arrive.
Why messages cannot get us there
No amount of message optimization solves the structural problem. Messages are inherently disconnected from the commitments they serve.
A message cannot verify its own preconditions. It arrives at the receiving bank and says “pay €20,000 to account X.” The receiving bank must independently verify that this instruction is legitimate, that the funds exist, and that it matches an underlying agreement. Every verification step is a cost. Every mismatch is a reconciliation problem.
A message cannot enforce atomicity. In a delivery-versus-payment scenario, the asset leg and the payment leg travel as separate messages through separate systems. The gap between them is Herstatt risk — the risk that one leg settles and the other does not. We manage this risk with central counterparties and clearinghouses, which are enormously expensive insurance policies against the infrastructure’s inability to move two things at once.
A message cannot carry liability. When a SWIFT message arrives, the receiving bank trusts the sending bank to have authorized it. But the message itself is unsigned by the originator of the commitment. The chain of accountability from the business decision to the payment instruction passes through multiple systems, any of which can introduce errors or fraud.
Commitment-based infrastructure resolves all three. The commitment is self-verifying because it carries cryptographic proofs of its preconditions. It is atomic because the commitment and its counter-commitment resolve in a single, shared context. It carries liability because every state transition is signed by the accountable party.
The credit question
The most consequential distinction is this: commitment-based infrastructure is natively compatible with credit.
A stablecoin — the crypto industry’s answer to payments — is pre-funded. You cannot spend what you have not already deposited. This is the logic of barter: bring your goods to market or stay home. It eliminates the possibility of Net-30 terms, trade finance, and every other credit instrument that the real economy depends on.
A commitment, by definition, is forward-looking. “I will pay you in 30 days” is a commitment. “I will release the funds when the shipment clears customs” is a commitment. “I guarantee payment up to €1M if my client defaults” is a commitment. The entire architecture of trade finance — letters of credit, guarantees, factoring — is a web of layered commitments. Infrastructure that understands commitments can model all of it. Infrastructure that understands only tokens or messages cannot.
The end of correspondence
If commitments replace messages, what replaces correspondence?
The correspondent banking network is the most expensive artifact of message-based architecture. It exists because Bank A in Helsinki has no direct relationship with Bank B in Lagos. They need a third bank — one that knows both — to relay the payment message and vouch for the counterparty. A trusts C, C trusts B, therefore A can pay B. Every hop in this chain adds cost, delay, compliance overhead, and opacity. Cross-border payments remain slow and expensive not because of any technical limitation, but because the infrastructure cannot verify a counterparty directly. It must find someone who already knows them.
Correspondent banking is a serial trust chain. Each link is a bilateral relationship established over months of due diligence, maintained at considerable cost, and exercised one hop at a time. For many corridors — particularly in emerging markets — the chain has three or four links. Each intermediary takes a fee, adds latency, and demands its own compliance checks. Some corridors have no chain at all, which is why large parts of the global economy remain effectively disconnected from the international payment system.
Commitment-based infrastructure replaces the serial chain with a simultaneous venue. Two banks that have never met do not need a third bank to introduce them. They need a shared context — a neutral, ephemeral space where both can present verifiable proofs of who they are, what regulatory licenses they hold, and what they are committing to. The context verifies the credentials cryptographically. It enforces the settlement logic. It issues identical receipts to both parties. Then it disappears.
The intermediary existed because the message carried no proof. It was just an instruction — “please pay” — and someone along the chain had to guarantee that the instruction was legitimate. When the commitment carries its own proof of authority, its own conditions, and its own fulfillment logic, the guarantor becomes redundant. The context does in milliseconds what the correspondent chain does in days.
This does not mean correspondent banks vanish overnight. They hold deep expertise in local regulatory landscapes, currency management, and client relationships. But their function shifts from relaying payments to issuing the verifiable credentials that make direct settlement possible. A local bank’s attestation — “this entity is licensed, compliant, and solvent” — becomes a credential that any counterparty in any context can verify instantly. The bank stops being a link in a chain and becomes a source of trust that the network can consume directly.
What changes
The shift from messages to commitments is not an incremental improvement. It is a change in what the infrastructure is.
Message-based infrastructure is a communication network. It connects parties and relays instructions. The intelligence lives outside the network — in ERP systems, compliance departments, legal contracts, and human judgment. The network is a pipe.
Commitment-based infrastructure is a settlement network. The intelligence lives inside the commitment itself. The conditions, the authority, the liability, and the fulfillment logic travel together as a single, verifiable unit. The network does not relay instructions. It resolves agreements.
Reconciliation disappears because both parties hold identical, cryptographically signed receipts from the same atomic event. Settlement risk disappears because the commitment and its counter-commitment resolve simultaneously or not at all. Compliance becomes a mathematical property of the transaction rather than a post-hoc audit of message logs.
The banking system does not need new money. It does not need tokens, stablecoins, or central bank digital currencies. It needs infrastructure that understands what banking actually does: making and keeping commitments.
The message era gave us speed. The commitment era gives us meaning.