Deploy REXX/NetRexx to Europe β Mike Cowlishaw π¬π§ IBM Hursley + z/OS EU Banking on EU Infrastructure in 2026
In 1979, a software engineer at IBM's Hursley Park laboratory in Winchester, Hampshire, England wrote a scripting language for internal use on IBM mainframes. He wanted something that was easy to read β where the code looked like structured English prose, where variables did not need declarations, where string manipulation was natural rather than painful. He called it REX, then REXX: the Restructured Extended Executor.
That engineer was Mike Cowlishaw π¬π§, and the language he wrote in Winchester is today the operational backbone of European banking. Deutsche Bank π©πͺ runs it on z/OS. BNP Paribas π«π· runs it. ING π³π± runs it. ABN AMRO π³π± runs it. SociΓ©tΓ© GΓ©nΓ©rale π«π· runs it. The SEPA payment rails that move money across the European Single Payments Area β thirty billion transactions per year β are automated by REXX scripts running on z/OS mainframes that have not been rebooted in years. REXX was never glamorous. It was always essential.
In 1995, Cowlishaw created NetRexx β a version of REXX that compiles to JVM bytecode. NetRexx kept REXX's readable syntax while gaining access to the Java class library and the JVM ecosystem. NetRexx programs compile to .class files and run in any JVM. They can be packaged as JAR files, deployed in containers, and hosted on modern infrastructure. You can deploy NetRexx on sota.io today.
Mike Cowlishaw and IBM Hursley Park
IBM Hursley Park is a 17th-century country house near Winchester in Hampshire, England. IBM acquired it in 1958. It became one of IBM's most important development laboratories outside the United States β the birthplace of CICS (the Customer Information Control System, 1969), which became the dominant transaction processing middleware for IBM mainframes and is still running in thousands of banks worldwide today.
Mike Cowlishaw joined IBM Hursley in the 1970s. He was a member of IBM's elite technical staff β the IBM Fellow level, the highest individual contributor grade at IBM. He was elected an IBM Fellow in 1996, one of fewer than 100 people ever to hold that title.
Cowlishaw wrote REXX in 1979 as a personal project, initially for his own use on IBM's internal VM systems. VM/CMS β IBM's conversational monitoring system β was the interactive computing environment on IBM mainframes of the era. REXX became the natural scripting language for VM/CMS because it was simpler than the existing EXEC2 language and far more readable. IBM officially adopted REXX and included it in VM/CMS in 1983.
The language spread from there. TSO/E REXX became the scripting language for z/OS (then MVS). OS/2 REXX was included in IBM's OS/2 operating system. Open Object REXX (ooRexx) became an open-source implementation maintained by the ooRexx project, with contributors from Germany π©πͺ, the Netherlands π³π±, and the UK π¬π§. NetRexx was published by IBM as an open-source project. Cowlishaw also led the standardisation of REXX as ANSI/ISO standard X3.274 in 1996.
IBM Hursley is the EU's most significant IBM development laboratory. CICS, REXX, and IBM MQ (originally MQSeries, created at Hursley in the 1990s) β three of the most widely deployed enterprise middleware products in European banking β were all created in Winchester, Hampshire.
REXX on z/OS: The EU Banking Backbone
The IBM Z mainframe runs a substantial fraction of European financial infrastructure. The statistics are difficult to precisely verify, but industry analysts consistently estimate that z/OS systems process the majority of EU SEPA credit transfers, the clearing and settlement operations of European central securities depositories, and the payment authorisation traffic of the largest European retail banks.
REXX is the primary scripting and operational automation language on z/OS. System administrators write REXX scripts for:
- JCL generation: Job Control Language β the batch job submission system for z/OS β is frequently generated dynamically by REXX scripts that read configuration, build JCL streams, and submit production jobs.
- ISPF dialog management: REXX scripts drive interactive panels in the ISPF environment that operators use to monitor and control production systems.
- Batch automation: Data extraction, file transformation, report generation β the operational tasks that run overnight in EU banks are REXX-driven batch jobs.
- SMP/E and software management: REXX scripts automate software installation, patching, and configuration management on z/OS systems.
- CICS automation: REXX integrates with CICS to administer, monitor, and automate transaction processing environments.
The regulatory context is dense. SEPA (Single Euro Payments Area) credit transfers and direct debits flow through z/OS systems at Deutsche Bank π©πͺ (Frankfurt), Commerzbank π©πͺ (Frankfurt), BNP Paribas π«π· (Paris), SociΓ©tΓ© GΓ©nΓ©rale π«π· (Paris), ING π³π± (Amsterdam), and ABN AMRO π³π± (Amsterdam). TARGET2 β the European Central Bank's real-time gross settlement system β connects to national central bank systems that run on z/OS. SWIFT gateway processing for EU banks is frequently implemented on z/OS platforms with REXX operational automation.
MiFID II (Markets in Financial Instruments Directive II) requires EU investment firms to record and retain all communications related to transactions. The data pipelines that capture, transform, and archive this data in European investment banks are frequently REXX-scripted z/OS jobs. DORA (Digital Operational Resilience Act), which entered full application in January 2025, requires EU financial entities to test operational resilience and maintain ICT risk management frameworks. REXX-automated z/OS operations β documented, version-controlled, and auditable β are part of how EU banks demonstrate DORA compliance.
GDPR Article 5(1)(f) requires that personal data be processed with appropriate security. The z/OS security model β RACF (Resource Access Control Facility), hardware cryptographic acceleration via Crypto Express cards, logical partitioning (LPARs) for data isolation β provides security guarantees that hyperscaler public clouds cannot fully replicate. REXX scripts that operate within z/OS environments operate inside these security boundaries.
NetRexx: REXX on the JVM
In 1995, Mike Cowlishaw began working on NetRexx. The motivation was straightforward: Java was emerging as the dominant enterprise programming language, and the JVM was becoming the universal deployment target for enterprise applications. Cowlishaw wanted REXX's readability to be available on the JVM.
NetRexx 1.0 was released in 1996. The compiler reads NetRexx source code and generates standard Java .class files. NetRexx programs have access to the full Java class library. They can extend Java classes and implement Java interfaces. They interoperate with Java code transparently. The NetRexx syntax is cleaner and more readable than Java β variables are dynamically typed by default (though static typing is available), strings are first-class, and the language supports the clean control structures that Cowlishaw built into REXX in 1979.
IBM open-sourced NetRexx in 2011. The NetRexx Language project (hosted at SourceForge and maintained by a European-majority community including developers from Germany π©πͺ and the Netherlands π³π±) continues to develop and maintain the compiler. The current version is NetRexx 4.x, which targets Java 11+ and produces standard JVM bytecode.
A NetRexx program that calls a REST API:
-- NetRexx: HTTP GET request using Java standard library
import java.net.http.
import java.net.URI
client = HttpClient.newHttpClient()
request = HttpRequest.newBuilder(URI.create("https://api.example.com/data")).GET().build()
response = client.send(request, HttpResponse.BodyHandlers.ofString())
say "Status:" response.statusCode()
say "Body:" response.body()
The same program compiled and run in a Docker container:
FROM eclipse-temurin:21-jdk-alpine
WORKDIR /app
COPY netrexx-4.07.jar /usr/local/lib/
COPY HelloApi.nrx .
RUN java -cp /usr/local/lib/netrexx-4.07.jar org.netrexx.process.NetRexxC HelloApi.nrx
CMD ["java", "-cp", ".:/usr/local/lib/netrexx-4.07.jar", "HelloApi"]
This container can be deployed on sota.io without modification.
NetRexx + PostgreSQL on sota.io
sota.io provides managed PostgreSQL on European infrastructure. Connecting NetRexx to PostgreSQL uses standard JDBC:
-- NetRexx: PostgreSQL connection via JDBC
import java.sql.
Class NetRexxDB
Method main(args=String[]) static
url = "jdbc:postgresql://db.sota.io:5432/production"
props = java.util.Properties()
props.setProperty("user", System.getenv("DB_USER"))
props.setProperty("password", System.getenv("DB_PASSWORD"))
props.setProperty("ssl", "true")
props.setProperty("sslmode", "require")
conn = DriverManager.getConnection(url, props)
stmt = conn.createStatement()
rs = stmt.executeQuery("SELECT id, name FROM users WHERE active = true ORDER BY created_at DESC LIMIT 10")
loop while rs.next()
say rs.getInt("id") rs.getString("name")
end
conn.close()
GDPR Article 32 requires appropriate technical measures to protect personal data. The PostgreSQL connection above uses sslmode=require β all data in transit is encrypted. sota.io's managed PostgreSQL runs in the EU, so data does not leave the European Economic Area in violation of GDPR Chapter V.
EU Regulatory Compliance with REXX/NetRexx
DORA (Digital Operational Resilience Act) β Article 9 requires EU financial entities to implement ICT risk management frameworks. REXX's long history of operational automation in banking means there is a large corpus of REXX scripts used for z/OS operational resilience testing. NetRexx bridges this z/OS heritage to modern JVM infrastructure, allowing financial entities to port operational tooling to containers without rewriting in Java.
NIS2 Directive β critical infrastructure operators (banking, financial market infrastructure, energy) must implement appropriate security measures. REXX/NetRexx operational tooling that runs within JVM containers benefits from JVM security managers, RBAC, and container isolation β all verifiable as part of NIS2 technical security measure documentation.
EU AI Act β Article 13 requires transparency for high-risk AI systems. NetRexx's readable syntax β designed explicitly for human readability β makes AI-adjacent data processing pipelines (data ingestion, transformation, output formatting) more auditable than equivalent Java or Kotlin implementations. Code that reads like prose is easier for compliance officers to review.
MiFID II transaction reporting pipelines that run on z/OS REXX today can be ported to NetRexx on JVM, deployed on sota.io's EU infrastructure, and meet the same regulatory requirements in a cloud-native, containerised form.
Deploy NetRexx on sota.io
sota.io detects JVM applications automatically. A NetRexx application packaged as a JAR with a manifest Main-Class entry deploys with:
sota deploy --region eu-west
The platform provisions a JVM container, injects the managed PostgreSQL connection string as environment variables, configures TLS termination, and assigns a subdomain on .sota.io. Horizontal scaling, zero-downtime deploys, and managed SSL certificates are included.
For NetRexx applications migrated from z/OS REXX operational tooling, sota.io provides the EU infrastructure continuity that DORA operational resilience requirements demand: your operational automation runs in the EU, on auditable infrastructure, with data residency guarantees.
IBM Hursley created REXX in Winchester, England. European banks built their payment infrastructure on it. NetRexx brings that heritage to the JVM. sota.io brings it to the European cloud.
sota.io is the EU-native platform-as-a-service for developers who need European infrastructure, GDPR compliance by default, and managed PostgreSQL without the operational overhead. Deploy your NetRexx application to EU servers in minutes at sota.io. See also: Deploy ABAP to Europe β, Deploy COBOL to Europe β, Deploy Java & Spring Boot to Europe β