Best Practices for Connecting Internal SQL Server Financial Systems to Online Payment Platforms

I currently have an internal enterprise system used for purchasing, payments, and finance operations. The system runs on an on-premises database using Microsoft SQL Server and stores all financial transactions and internal workflow data.

We now have a new requirement to enable online payment services for customers. These services will be exposed externally (likely in the cloud) and must interact with the same financial system so that transactions are reflected in our internal database.

My main concerns are related to architecture, security, and data synchronization.

Key points about the current setup:

The core system and database are hosted internally (on-premises).

The database contains sensitive finance and payment data.

Internal processes depend on the current database structure and workflows.

The new requirements:

Develop an online payment service accessible over the internet.

Ensure transactions from the online service update the internal system.

Maintain data integrity and security.

Avoid performance issues for the internal system.

I’m evaluating a few possible approaches but I’m unsure which is best practice:

Allow the cloud payment service to connect directly to the internal SQL Server database through secure networking.

Maintain a replicated or read/write copy of the database in the cloud.

Use SQL Server replication (transactional or snapshot) between on-prem and cloud.

Introduce an API or middleware layer that handles all transactions and updates the internal database.

Maintain separate databases and synchronize transactions asynchronously.

My main questions:

Is it recommended to expose the internal SQL Server database directly to cloud services?

Should I use replication, a secondary database, or a service/API layer?

What architecture pattern is commonly used for integrating on-prem financial systems with online payment platforms?

How can we ensure consistency between internal transactions and online payments?

Are there recommended SQL Server features or patterns for this scenario (replication, service broker, CDC, etc.)?

Any advice on best practices, architecture patterns, or real-world implementations would be greatly appreciated.