Exchange & FX: A White Paper on Multi-Currency Exchange and Cross-Border Settlement
Multi-currency exchange and cross-border settlement, owned by the institution
This paper examines the structural problems in cross-border foreign exchange for credit unions and community and mid-sized banks, and sets out how ACM Global Tech's white-label Exchange & FX is architected, secured, and deployed. It is written for the executives and architects who will scrutinize it: CIOs, CISOs, risk officers, and treasury leaders.
Cross-border value still moves on infrastructure built for a different era
For most institutions below the largest banks, foreign exchange is not a capability they operate but a service they rent. The economic and operational consequences of that arrangement are predictable, and they compound.
The conventional path is to source FX from a correspondent bank or a third-party provider and pass a marked-up rate to the member or client. The institution does not control the spread, cannot see the rate basis behind it, and inherits a settlement chain it did not design. Cross-border payments traverse multiple intermediaries, each adding a fee, a cut-off window, and a point of failure. Funds can be in flight for days, with limited visibility into where a payment sits or why it stalled.
The reconciliation burden is the quieter cost. When FX lives in a separate vendor system, conversions and multi-currency balances do not post to the same ledger as deposits, lending, and payments. Finance teams maintain a parallel record and true it up at period close. Examiners are asked to follow a transaction across systems that were never designed to tell one story. Every added vendor is another integration to maintain, another contract to govern, and another explanation owed to a regulator.
Underneath all of this, the rails themselves are changing. Tokenized settlement and stablecoin transfer are no longer experimental at the margins; the Boston Consulting Group projects tokenized real-world assets to exceed $16 trillion by 2030, and on-chain data put 2024 stablecoin transfer volume near $27.6 trillion. An institution that rents its FX has little leverage to position for that shift on its own terms.
Treat exchange as core infrastructure, not a bolt-on service
ACM's premise is that an institution should own its exchange layer the way it owns its core ledger. Pricing, settlement routing, controls, and data stay inside a platform the institution brands and operates, rather than behind a vendor it can only configure at the edges.
One ledger, not two
Conversions and multi-currency balances post to the same system of record that runs deposits, lending, and payments. There is no second FX ledger for finance to reconcile, and an examiner can trace a flow end to end in one place.
Spreads the institution sets
Pricing is aggregated across liquidity sources, and the institution governs spread, markup, and per-segment rate tiers through configuration rather than code. Customers convert at the rate they are shown, with the rate basis captured for review.
Conventional and tokenized rails
The same conversion flow can settle over ACH, wire, and correspondent rails or, for eligible flows, over stablecoin rails for speed, with non-custodial configurations available where the operating model requires them.
White-label and client-owned
Every screen, rate sheet, and statement carries the institution's brand. The relationship, the configuration, and the data belong to the institution, not to ACM and not to an FX intermediary.
How the exchange engine is structured
Exchange & FX is composed of distinct layers so that pricing, conversion, and settlement can each be governed, audited, and evolved without disturbing the others. The design favors clear boundaries over a monolith.
- Rate sourcing and aggregation: live multi-currency pricing across a broad set of currency pairs is aggregated from liquidity sources, with the provenance of each quote retained so downstream pricing decisions are explainable.
- Quoting and conversion engine: the institution's spread logic and rate tiers are applied at quote time, lock-in windows are enforced, and the rate a customer sees is the rate at which the conversion books.
- Settlement orchestration: a routing layer selects the appropriate rail, conventional or tokenized, and enforces position, counterparty, and intraday exposure limits inside the flow, so a breach is surfaced before a trade books rather than after.
- Integrated ledger posting: conversions and balances post through connectors into the institution's core and general ledger, eliminating the parallel-reconciliation problem at its source.
- Crypto-agile security substrate: cryptographic primitives are abstracted from the application layer so algorithms can be rotated as standards evolve, without rebuilding the systems that depend on them.
Because exchange runs inside the same ecosystem as the banking core, payments and stablecoins, and treasury, the boundaries between these layers are integration points the institution already understands, not new vendor seams. Settlement and tokenized-asset rails draw on ecosystem infrastructure from Lux Network, and the AI and data layer is supported by Hanzo.ai.
A posture built for examiners, and for the next decade
FX and settlement traffic carries some of the most sensitive and longest-lived data an institution holds: counterparties, amounts, identities, and settlement instructions. ACM treats its protection as a present-day decision, not a future project.
The reason is the threat model known as "harvest now, decrypt later": an adversary captures encrypted traffic and records today and decrypts them once a cryptographically relevant quantum computer exists. For data that stays sensitive for years, that future capability is a present-day exposure. In 2024, NIST finalized the first post-quantum cryptography standards to address exactly this risk: FIPS 203 (ML-KEM) for key encapsulation, FIPS 204 (ML-DSA) for digital signatures, and FIPS 205 (SLH-DSA) as a hash-based signature alternative. These standards are recent, and ACM's role is to build on and align to them rather than to claim them as settled history.
Post-quantum in transit and at rest
Quote, conversion, and settlement traffic is protected with post-quantum cryptography that builds toward the NIST-finalized standards, prioritizing long-lived settlement records and identity data first. See post-quantum security for the full program.
Crypto-agility and hybrid rollout
Classical and post-quantum algorithms run in combination during migration, preserving proven security while adding quantum resistance, and primitives can be rotated as the standards mature.
Embedded controls and screening
Sanctions and watchlist checks, KYC reuse, and transaction monitoring connect to the institution's existing AML stack, so cross-border conversions clear the same controls as every other flow.
Immutable, traceable audit trail
Every quote, conversion, rate adjustment, and settlement event is logged with user, timestamp, and rate provenance, and is exportable for examiner and internal-audit review.
ACM is regulated-first by design and compliance-ready, with controls mapped to support SOC 2, ISO 27001, PCI-DSS, and HIPAA-aligned requirements. ACM does not hold these as certifications on the institution's behalf; the platform is engineered to help the institution evidence its own program during review.
Fitting the engine into the systems already in place
Most institutions already run a core, a treasury workstation, and established KYC and payment vendors. The practical question is not whether the rate is competitive but how quote, conversion, and settlement events reach the systems operations and finance teams already trust. Exchange & FX is exposed through documented APIs and SDKs to answer that directly.
- Connectors to existing systems: REST and webhook APIs surface live quotes, rate locks, and conversion and settlement events to the core, general ledger, treasury workstation, and existing screening providers, so activity reconciles where it is already booked.
- Deployment and data residency: the exchange layer runs in cloud, hybrid, or single-tenant private configurations, with FX and settlement data held in the jurisdiction the institution's residency and cross-border-data obligations require.
- Roles, SSO, and maker-checker: role-based access, SSO into the institution's identity provider, and maker-checker on rate and limit changes govern who can quote, convert, and settle.
- Phased rollout under the Agile Speed Framework: read-only rate display can go live first, with conversion and cross-border settlement enabled in testable increments as controls are signed off, rather than through a single high-risk cutover. See the Agile Speed Framework.
This sequencing matters to risk and audit functions: each release is small enough to review and reverse, and no stage requires ripping out the core to add the next capability.
What an institution can reasonably expect
ACM does not publish invented client metrics, and this paper will not either. The outcomes below are the structural results of the architecture, stated as design intent and direction rather than as guaranteed numbers.
Margin and rate control
Owning the spread means the economics of FX move from a rented, opaque markup to a priced capability the institution governs. The realized margin depends on the institution's own strategy and liquidity, not on a vendor's number.
Lower operational drag
A single integrated ledger removes the parallel reconciliation that separate FX systems create. The size of the saving depends on the institution's current process, but the source of it is structural.
Infrastructure efficiency
ACM targets up to 95% lower infrastructure cost versus legacy core stacks. This is a platform value proposition and a target, not a measured result for any named institution, and actual figures will vary by environment.
Readiness for new rails
Because conventional and tokenized settlement share one conversion flow, the institution can adopt stablecoin and tokenized rails on its own timeline as they mature, without re-platforming FX to do so.
Further reading: for ecosystem research that informs this work, see the applied-AI research library at papers.hanzo.ai and the tokenized-finance and settlement materials at lux.network. These are related works in adjacent domains; the analysis and prose in this paper are ACM's own.
Pressure-test this architecture against your environment
Bring your core, your treasury workstation, and your cross-border requirements to a technical discovery, and we will walk through how Exchange & FX would integrate, settle, and stand up to your examiners. Powering Global Transformation.
Start a technical discoveryFrequently asked questions
How is this white paper different from the Exchange & FX product page?
The product page describes what the platform delivers and how to buy it. This paper is written for technical and risk evaluators: it analyzes the structural problems in rented cross-border FX, sets out the layered architecture of ACM's exchange engine, details the security and compliance posture including post-quantum cryptography, and frames outcomes as design intent rather than marketing claims.
Does ACM claim SOC 2, ISO 27001, PCI-DSS, or HIPAA certification for Exchange & FX?
No. ACM is regulated-first and compliance-ready by design, with controls mapped to support SOC 2, ISO 27001, PCI-DSS, and HIPAA-aligned requirements. ACM does not hold those as certifications on the institution's behalf; the platform is engineered so the institution can evidence its own program during examination.
What post-quantum standards does the exchange layer build toward?
It builds toward the standards NIST finalized in 2024: FIPS 203 (ML-KEM) for key encapsulation, FIPS 204 (ML-DSA) for digital signatures, and FIPS 205 (SLH-DSA) as a hash-based alternative. These standards are recent, so ACM frames its work as building on and aligning to them, using a crypto-agile design that lets algorithms be rotated as the standards evolve.