Read time: 7 minutes
Executive Insights
- A fragmented lending tech stack does not just raise IT costs. It raises the cost of every loan your institution originates, services, and monitors, while simultaneously weakening the credit oversight your lending and risk leaders depend on.
- The average total cost to originate a commercial loan at a community bank is approximately $11,319 per loan, with personnel-intensive activities—application processing, credit analysis, documentation, and onboarding—representing the largest share of that expense [1]. Institutions that deploy business process automation reduce those origination costs by 10% to 50%, with an average reduction of approximately 23% [1]. Much of that personnel cost is driven by the manual reconciliation, re-keying, and exception handling that fragmented systems produce.
- Technology tools applied to an integrated lending process can remove 2.2 to 12.36 hours of production time, save $165 to $388 per loan in personnel expense, cut cycle time by up to eight days, and yield total per-loan savings of $230 to $570 [1]. That delta is not a product feature. It is an architecture outcome.
- 93% of banking executives cite legacy systems or integration complexity as a top data-modernization challenge [2]. For lending teams, that complexity shows up as loan officers re-entering data across systems, credit analysts reconciling exposure reports by hand, and compliance staff assembling regulated data from multiple sources before every submission.
- Data fragmentation across origination, underwriting, servicing, and compliance reporting does not just slow operations. It creates the blind spots that the OCC identifies as a leading cause of credit risk management failures [3].
- Regulatory enforcement has made the compliance cost of fragmented lending data concrete: the OCC assessed a $65 million civil money penalty against City National Bank in 2024 for systemic deficiencies in risk management and internal controls, explicitly citing failures in operational risk event reporting, inadequate data governance, and insufficient oversight of third-party technology [4]. These were lending data architecture failures that presented as regulatory violations.
- The right answer is not another point solution layered onto an already fragmented stack. It is an architecture that moves data cleanly across the lending lifecycle without manual intervention and gives credit and technology leaders a single trusted view of portfolio risk.
Where the Fragmentation Actually Lives in a Lending Operation
To understand the cost of a fragmented lending stack, you need to follow a loan through its lifecycle. The breakpoints are not abstract. They occur at specific handoffs that most lending operations know well and tolerate as unavoidable.
A borrower submits an application. Data is entered into the loan origination system. When the file moves to underwriting, a credit analyst pulls the application data and either re-enters it into a separate decisioning tool or works from an export, introducing the first opportunity for error and the first delay. Supporting documents are uploaded into an imaging system that may or may not be indexed to the LOS record. Spreading financial statements happens in a standalone tool or, frequently, a spreadsheet. Covenant and collateral details are tracked separately. When the loan closes and boards to the core, another manual data entry step occurs. Servicing data now lives in a different system from origination data. Portfolio monitoring is assembled from extracts. Compliance reporting is built from yet another reconciliation.
Every one of these handoffs is a place where data degrades, processing time accumulates, and staff capacity is consumed by coordination rather than credit judgment. This is what the research describes when it says 56% of U.S. financial institution leaders keep data in the system that generates it and 41% use spreadsheets for business-line data [5]. In lending operations, those numbers translate directly to loan officer hours, credit analyst time, and the delayed management information that CCOs must work around.
The Integration Tax: What Each Handoff Is Really Costing You
The cost of a fragmented lending stack is not visible on a single budget line, which is why it persists. It distributes across personnel expense, loan cycle time, exception management, and compliance overhead in ways that make it look like a staffing problem or a volume problem rather than an architecture problem. Bank Director’s 2025 survey found that only 18% of financial institutions measure ROI for technology projects, while 68% do not [5]. That measurement gap is precisely the environment in which integration debt compounds undetected.
At the loan level, the cost is real and measurable. Industry benchmarking by the Kohl Analytics Group found that community banks average approximately $11,319 to originate a single commercial loan, with costs spanning a range of roughly $9,000 to $19,000 for larger or more complex credits in sectors such as hospitality, energy, or professional services [1]. Personnel-intensive activities—credit analysis, documentation, and onboarding—represent the largest share of that expense, and those costs drop by an average of 23% at institutions that deploy business process automation [1]. When a loan officer or credit analyst is re-entering data across systems, chasing document status between platforms, or manually assembling a credit memo from multiple sources, that is personnel cost driven by architecture failure, not by loan complexity or volume.
Tech debt compounds the direct cost further. McKinsey reports that companies pay an additional 10% to 20% on top of project costs to address accumulated tech debt, with approximately 30% of technology leaders reporting that more than 20% of new-product technology budget is diverted to tech-debt remediation [6]. For lending operations, that means the budget that should fund better decisioning tools, portfolio analytics, or relationship manager productivity is instead maintaining the integrations that keep a fragmented stack marginally functional.
The vendor management burden is an underused angle for technology leaders specifically. Every point solution added to the lending stack creates a permanent governance workload: due diligence, contract monitoring, access control, incident response, and exit planning. The FDIC, Federal Reserve, and OCC are explicit in their third-party risk guidance that reliance on third-party technology does not reduce your institution’s responsibility for safe and sound operations or legal compliance [7]. In practical terms, each additional lending vendor adds recurring cost and oversight obligation that most operations teams absorb silently rather than attribute to the architecture decision that created it.
What Fragmentation Does to Credit Risk Oversight
For credit risk leaders, the most operationally consequential impact of a fragmented lending stack is not cost. It is the quality of the portfolio view they are working from.
When borrower data, collateral records, covenant tracking, exception logs, and watchlist information live in separate systems, producing a current and complete view of the borrower requires manual reconciliation. That reconciliation takes time. Even in a stable portfolio, the lag is unmanageable for a growing institution. During a credit cycle shift, a concentration that is building, or a period of regulatory examination, the lag becomes a nightmare of risk management.
The OCC’s Concentrations of Credit handbook is direct on this point: accurate identification of borrower risk is central to sound credit risk management, and examiners assess the accuracy and timeliness of management information systems and the breadth of data captured relative to portfolio complexity [3]. Fragmented lending architecture fails that standard not because any single system is inaccurate, but because no single system is complete enough to support enterprise credit oversight. Credit risk leaders are governing from a fractured picture assembled after the fact.
The concentration risk problem is particularly acute. If credit risk leaders cannot query across related borrowers, products, geographies, and collateral types from a single trusted data source, they cannot reliably detect concentrations building across those dimensions. The OCC notes that concentrations can arise from pools of exposures that react similarly, and that sound processes must identify, measure, monitor, and control them [3]. A lending stack where exposure data is distributed across origination, servicing, and portfolio systems makes that requirement structurally difficult to fulfill.
How Fragmented Data Creates Compliance Exposure
“93% of banking executives cite legacy systems or integration complexity as a top data-modernization challenge”
The compliance cost of fragmented lending data has moved from theoretical to concrete. Under Section 1071 of the Dodd-Frank Act (implemented via Regulation B), covered financial institutions are required to collect and report detailed data on small business credit applications—including loan amounts, pricing, denial reasons, and applicant demographics—with an authorized representative certifying its accuracy, and federal supervisory agencies use this data in fair-lending examinations and CRA performance evaluations [8]. When application data is captured in one system, pricing data in another, and demographic information in a third, certification becomes a risk that no sign-off can fully mitigate.
The OCC’s enforcement record makes this specific. City National Bank was assessed a $65 million civil money penalty in January 2024 for systemic deficiencies that the OCC characterized as unsafe and unsound practices, including failures in operational risk event reporting, compliance risk management, and data governance across its lending and investment operations [4]. The OCC explicitly connected those deficiencies to inadequate internal controls, insufficient oversight of third-party systems, and the absence of a coherent risk governance framework—conditions that are structurally produced by fragmented technology architecture. These were lending data and systems failures that presented as regulatory violations.
On BSA/AML, the FFIEC manual specifies that a consolidated compliance program requires a central point where risks throughout the organization are aggregated, with clearly assigned responsibility for management information comprehensiveness and monitoring [10]. Fragmented customer and loan data make customer due diligence and suspicious-activity monitoring structurally harder because the institution is trying to govern financial-crime risk across inconsistent records from multiple systems.
For technology leaders, there is an additional dimension. KPMG’s 2025 banking survey found that 93% of banking executives cited data privacy and risk as a top data-modernization challenge [2]. A fragmented lending stack multiplies copies of sensitive borrower data, expands the number of interfaces and handoffs through which that data travels, and makes lineage, access control, and retention harder to govern and audit. Every integration point is a security surface, and every manual data transfer is a point of potential exposure.
How Unified Lending Architecture Addresses Each Failure
The case for integrated lending architecture is not that consolidation is simpler or cheaper to implement. It is that fragmented architecture is compounding in cost and risk in ways that point solutions cannot fix, because point solutions are the source of the fragmentation.
McKinsey’s modernization research found that institutions pursuing a structured, integration-first approach cut typical transformation timelines in half and reduced costs by 70%, and that the right data architecture can halve implementation time and lower costs by 20% [6]. The mechanism is not magic. It is the elimination of reconciliation overhead, vendor management redundancy, and manual data re-entry that fragmented stacks require as standard operating procedure.
For lending operations specifically, unified architecture means data entered at origination flows through underwriting, document management, boarding, servicing, and portfolio monitoring without re-entry. Exceptions are tracked in the same system that generated them. Covenant and collateral data is visible alongside exposure data without an extract. Compliance data is captured as part of the origination workflow rather than assembled afterward.
For credit risk leaders, the portfolio view becomes trustworthy enough to govern by. Concentration monitoring runs against a current, complete data model rather than a reconciled snapshot. Early-warning indicators surface from real-time data rather than periodic manual reporting. Examination preparation draws from a consistent audit trail rather than a reconstruction across systems.
McKinsey describes the architecture target well: not a single monolithic platform for every function, but a governed architecture with defined golden sources, common data definitions, strong APIs, fewer manual reconciliation points, and a clear rationalization path for redundant systems [6]. An institution using an API layer to expose and standardize data access, before attempting full system replacement, reduced program cost by two-thirds and cut implementation from five years to three [6].
Recommendations for Lending and Technology Leaders
Map your integration debt to the loan lifecycle, not the IT inventory. A technology inventory that lists systems is less useful than one that maps where data crosses a system boundary in a typical loan workflow. Identify every handoff from application intake through portfolio monitoring. At each handoff, document whether data transfers automatically or manually, what reconciliation is required to maintain consistency, and what staff time is consumed by the transfer. This is your true cost baseline, and it will almost certainly reveal that your integration debt is larger and more operationally distributed than your IT budget reflects.
Treat data quality as a credit risk issue, not a technology issue. If your credit team cannot produce a current, complete borrower exposure view from a single trusted source, that is a credit risk management gap. Assign ownership of key lending data elements, borrower exposure, collateral values, covenant status, and exception tracking, at the credit risk leadership level, not the IT level. The OCC’s examination criteria for management information accuracy and timeliness apply to your credit risk function, and accountability should be placed accordingly [3].
Rationalize vendors with the same discipline you apply to the loan portfolio. For each lending vendor in your current stack, assess the governance workload it creates relative to the function it provides. Apply the same question you would apply to a credit relationship: is the risk-adjusted return worth the exposure? Vendors that provide narrow capability at the cost of significant integration overhead, manual reconciliation, and ongoing oversight burden are candidates for consolidation. Your goal is fewer, better-integrated relationships with clearly defined accountability.
Prioritize integration before replacement. API-first modernization, establishing clean data flows between existing systems and defining golden sources for borrower and transaction data, delivers immediate operational benefit without requiring a full platform replacement program. Start with the highest-cost handoffs identified in your lifecycle mapping: typically, the LOS-to-underwriting transfer, the loan boarding process, and the compliance data assembly for regulated reporting. Closing these gaps reduces personnel cost, shortens cycle time, and improves data reliability across the portfolio before a single legacy system is decommissioned.
Sources
- Nichols, Chris. “The Cost of a Commercial Real Estate Loan.” SouthState Correspondent Division / Kohl Analytics Group, September 2022. southstatecorrespondent.com.
- KPMG Banking Survey 2025. KPMG, 2025.
- Concentrations of Credit. Comptroller’s Handbook. Office of the Comptroller of the Currency.
- OCC Enforcement Action: City National Bank. Office of the Comptroller of the Currency, January 31, 2024. occ.gov/news-issuances/news-releases/2024/nr-occ-2024-8.html.
- “Bank Director’s 2025 Technology Survey: Banks Grapple with Data, AI Maturity.” PR Newswire / Bank Director, 2025.
- “Managing Bank IT Spending: Five Questions for Tech Leaders” and “How Banks Can Achieve Next-Generation Legacy Modernization.” McKinsey & Company.
- Third-Party Risk Management: A Guide for Community Banks. FDIC / Federal Reserve / OCC.
- Small Business Lending Under the Equal Credit Opportunity Act (Regulation B): Section 1071 of the Dodd-Frank Act. Consumer Financial Protection Bureau, March 2023. consumerfinance.gov/rules-policy/final-rules/small-business-lending-under-the-equal-credit-opportunity-act-regulation-b/.
- BSA/AML Examination Manual: Program Structures. FFIEC.
