User Acceptance Testing: What UAT Proves That QA Cannot
Written by Ahmed at Analyst Engineering, a Senior Technical Business Analyst with 10+ years in banking and payments delivery.
Key takeaways
- UAT proves the system fits the business process; QA proves the system meets the specification. If the specification is wrong, QA passes and the business still cannot operate, which is exactly the gap UAT exists to catch.
- UAT scenarios are business processes end to end ('onboard this client, then run their first payroll'), written and executed by people who do the job, not re-runs of system test cases.
- A UAT cycle without entry criteria inherits QA's unfinished defects and becomes expensive bug hunting; one without exit criteria becomes an argument the loudest person wins. Define both before it starts.
- The most common UAT failure is treating it as a formality staffed by whoever was free. The cost surfaces in week one of production, when the real users meet the system for the first time.
User acceptance testing is the phase where business users prove the system supports their real processes, in a production-like environment, before go-live. QA testing verifies the system against the specification; UAT verifies it against the business need, and it exists because those are not the same thing: a spec can be met perfectly and still be wrong.
User acceptance testing (UAT) is the last test phase before go-live, in which the people who will operate the system run their actual business scenarios against it and judge whether they can run the business on it. That judgment is different in kind from what QA testing produces. QA proves the system does what the specification says, systematically and skeptically. UAT proves the specification described the right system, which nobody upstream can fully verify, because only the users know how the work really happens: the exceptions, the month-end rush, the workaround that is actually the process. When UAT is run as a real test phase, it catches the last and most expensive class of defect, the requirement that was wrong. When it is run as a formality, that class of defect ships, and week one of production becomes the real UAT.
What is the difference between UAT, SIT, and QA testing?
Each phase answers a different question, and the phases are sequential because each assumes the previous answer was yes.
| Phase | Question it answers | Tested against | Executed by |
|---|---|---|---|
| System / QA testing | Does each system behave as specified? | Requirements and functional spec | QA analysts |
| SIT (system integration testing) | Do the systems work together technically? | Interface specs and message flows | QA and technical analysts |
| UAT | Can the business operate on this? | Real business processes | Business users |
The boundaries matter operationally. SIT belongs before UAT because business users cannot validate a process while messages are still failing between systems; every technical defect they hit wastes their scarce time and erodes their confidence in the release. And UAT is not a re-execution of system tests by different people: if the UAT plan is the QA suite with a new column for initials, it verifies the spec twice and the business zero times. In a payments migration, SIT proves the pacs.008 reaches the clearing system correctly; UAT proves the payment repair team can work their morning queue in the new screens before the cut-off, which no pacs.008 test case will ever tell you.
What does a good UAT scenario look like?
A good UAT scenario is a business process end to end, with real-shaped data, executed the way the work is actually done. Not “verify field validation on the payment entry screen,” but “receive the morning MT-to-ISO exception file, repair the three failed payments, release them before the 11:00 cut-off, and confirm they appear in the afternoon reconciliation.” One scenario like that exercises dozens of functions in the combination that matters: the user’s combination.
Three properties separate real scenarios from re-labeled test cases. They cross functions, because processes do: onboarding flows into first payment flows into statement generation, and the seams between functions are where fit-for-purpose fails. They include the awkward reality: the client with two addresses, the payment that arrives during end-of-day, the volumes of a real Monday rather than a polite demo, the same instinct as negative test design but aimed at business reality rather than system boundaries. They carry the user’s judgment: each scenario ends with the operator saying “I could do my job” or “I could not,” which is data no pass/fail on a field validation produces.
The business analyst or functional analyst coordinates: helps users turn tacit process knowledge into written scenarios, maps scenarios back to requirements in the traceability matrix so coverage is visible, and runs defect triage. But the scenarios’ content and the acceptance decision belong to the business. An analyst who writes all the scenarios alone has quietly converted UAT back into system testing.
What entry and exit criteria make UAT real?
Entry criteria protect the users’ time; exit criteria protect the go-live decision. Both must be agreed before the cycle starts, because afterward every criterion becomes a negotiation under deadline pressure.
Practical entry criteria: system testing and SIT complete, with no open critical or high defects in scope; the UAT environment deployed with the exact release candidate and production-like data (masked production data where permitted, realistic volumes either way); scenarios written and walked through; named users booked, with their day jobs actually backfilled. That last one is the criterion most often faked. UAT staffed by “whoever was free” or squeezed into the users’ normal workload produces shallow execution and a rubber-stamp result, and the project discovers the fit problems in production instead.
Practical exit criteria: all scenarios executed; pass rate at or above the agreed threshold; zero open critical defects and agreed handling for lower ones; every known issue documented with a workaround and explicitly accepted by the business owner, in writing. The explicit acceptance is the point. “UAT complete” should mean “the business has seen what it is getting, including the flaws, and has chosen to proceed,” not “time ran out.” When the go-live wobbles later, that distinction is the difference between an informed risk and a surprise.
One more discipline: defects found in UAT are triaged into “system does not meet spec” (a build defect, back to the team) and “spec does not meet the business” (a requirement defect, into change control). Mixing them hides the second kind, and the second kind is the reason UAT exists.
Why does UAT get treated as a formality, and what does it cost?
UAT sits at the end of the plan, so every upstream slip compresses it, and its executors have day jobs, so it is the easiest phase to quietly hollow out. The pattern is predictable: testing slips two weeks, go-live does not move, UAT’s four weeks become two, the users get partial backfill, half the scenarios are marked passed after a walkthrough demo instead of hands-on execution, and the exit review notes “minor issues, business accepts.” Every individual step felt reasonable under pressure.
The cost arrives in the first weeks of production, when the real users meet the real system at real volume for the first time, which is UAT, just without an environment you can stop. Payment repair queues grow because the screens need four clicks where the old process had one; the workaround process nobody wrote down has no home in the new system; the month-end run that was never rehearsed fails at month end. These are exactly the defects a protected UAT would have caught, now being fixed under incident pressure with customers watching, the most expensive possible way to learn them. Protecting UAT, its entry criteria, its duration, and above all its people, is one of the highest-leverage arguments an analyst makes in a delivery, and it is much easier to make before the schedule slips than during the crunch.
The takeaway
UAT is the business proving it can operate on the system, and it is the only phase that can catch a specification that was wrong, because only the users know the real process. Keep it distinct from QA and SIT: technical verification finishes first, and UAT scenarios are end-to-end business processes with real-shaped data, executed and judged by the people who do the job. Make it real with entry criteria that protect the users’ time and exit criteria that make acceptance an informed, written decision. A hollowed-out UAT does not remove that test phase; it just moves it into production.
About the author
Analyst Engineering is written by Ahmed, a Senior Technical Business Analyst with 10+ years of banking and payments delivery experience: ISO 20022 and SWIFT messaging, payments API integration, Kafka event validation, and production support. Every article comes from real delivery work, and each one is reviewed and updated as tools and standards change.
Related articles
- The Requirements Traceability Matrix: From Requirement to Test, Proven What a requirements traceability matrix is, how to build one, and why it proves every requirement is designed, built, and tested. With a payments example.
- Regression Testing in Payments: Protecting What Already Works How to do regression testing in payment systems: what to retest, building a regression suite, risk-based selection, and automating the checks that protect live behavior.
- Payment Testing: How to Test a Payment Flow End to End A practitioner guide to payment testing: following one transaction through ingestion, events, settlement, and status, plus the rejection and stuck-payment cases that matter.
- Negative Test Design: Engineering the Unhappy Path How to design negative tests systematically: boundary values, invalid inputs, state violations, and failure injection. The unhappy path is where the real defects live.
Newsletter
Subscribe
Practical, no-fluff playbooks for technical analysts who analyze, code, test, and support. New articles straight to your inbox.
No spam. Unsubscribe anytime.