AI for good: Boosting payments compliance with technology

by Michelle Plevey, Stuart Taylor, Andre Mendes, KPMG

Share this post

What is this article about?

AI’s potential to improve regulatory compliance and efficiency in financial services, particularly in safeguarding funds, consumer duty, API monitoring, and fraud prevention

Why is this important?

It’s crucial for showcasing AI’s role in making financial services more efficient, compliant, and secure, benefiting both firms and customers.

What’s next?

Expect deeper AI integration in finance, with a focus on addressing explainability and aligning with regulatory and consumer expectations for transparency and efficiency

AI has been a hot topic in the financial services sector for some time and is still gaining momentum. It is clear that AI has many potential use cases, such as helping firms scale up their business, making better-informed strategic business decisions, and supporting the efficient and effective delivery of regulatory compliance.

We often ask ourselves about potential AI use cases to help payments firms, not just to improve customer engagement and operational efficiency but also to help firms to comply with the regulatory requirements and meaningful changes to come. Below are just a few, focussing on key aspects of regulatory focus.

Increasing safeguarding reconciliation efficiency

Authorised Payment Institutions (APIs) and e-money institutions (EMIs) are subject to safeguarding requirements that include reconciling records and accounts of the entitlement of e-money holders/payment service users to relevant funds and assets with the records and accounts of amounts safeguarded. Records should be maintained to show and explain the method of internal reconciliation and its adequacy. In the eyes of the FCA, this is a key operational function and remains a significant area of focus given the risk of consumer detriment that exists where firms fail to safeguard relevant funds properly.

AI has the potential to help firms deal with large volumes of daily transactions by automating data extraction and data cleansing. AI can be leveraged to analyse vast datasets to identify inconsistencies and anomalies, detect scenarios where there is a mismatch between internal reconciliation records and the total sum of relevant funds held on an ongoing basis, and better inform root cause analysis. In addition, machine learning capabilities can also enable learning from discrepancy scenarios and applying exception rules in the future, ultimately minimising the likelihood of further failures.

Consumer duty compliance: monitoring outcomes

A central consideration for payment firms in complying with the FCA’s new Consumer Duty regime is satisfying themselves so that they can understand and evidence the outcomes their customers are experiencing.

APIs/EMIs dealing with vast amounts of data may leverage AI to collect, organise, and analyse unstructured datasets and unlock actionable insights from them. For instance, technologies like natural language processing (NLP) can be leveraged to process larger volumes of customer complaints to identify patterns and help spot consumer harm. At the same time, consumer behavioural patterns, if converted into business intelligence, can help articulate that a selected product is effectively addressing the needs of its target market, as set out during the product design stages.

AI-powered text analytics can analyse unstructured/structured data like customer reviews, customer surveys and social media interactions to unfold outcomes testing via customer sentiment and experience to identify areas of improvement. Monitoring could be done in real-time to enable faster intervention and take corrective action.

Shifting from reactive to proactive API performance monitoring

The FCA rules regarding common and secure communication standards between account servicing payment service providers (ASPSPs) and account information/ payment initiation service providers (AISPs/ PISPs) set out requirements about monitoring and remediation of scenarios of unplanned application programme interface (API) unavailability and/or systems breakdown.

Plus, the Joint Regulatory Oversight Committee (JROC) April 2023 roadmap for the future of open banking in the UK set out clear priorities for the UK market. These included levelling up availability and performance via central collection, sharing and monitoring of API performance data (see more details about the initiative here).

This interesting combination of existing regulatory requirements and future direction towards increased expectations and avoiding being ‘named and shamed’ creates a compelling case for exploring cost-effective capabilities for API monitoring purposes, root cause analysis and rapid incident response.

‘Real’ real-time financial crime prevention and detection

Thinking about the increased regulatory focus and activity targeted at mitigating the consequences of authorised push payment (APP) scams, it’s impossible to ignore the role AI technology could play. For instance, the Payment System Regulator (PSR) mandatory reimbursement regime for APP scam victims aims, among other matters, to translate into incentives for PSPs to invest more significantly in preventing APP scams, such as in detection technology and fraud analytics.

AI can enable a quicker response to scammers’ increasingly diversified tactics while minimising case analysis/investigation costs and the risk of false positive scenarios. This includes faster analysis of the APP scam flow of funds and faster identification and takedown of mule accounts by receiving PSPs.

Unpacking explainable AI

One important consideration for payment firms using AI is the challenge of understanding how an AI solution’s processes and algorithms result in trust that the outputs will be fit for the intended objectives. This is commonly known as ‘AI explainability’, and we believe it will be a matter of increased concern for PSPs (and regulators) as they rely on increasingly complex AI-based solutions to meet regulatory compliance goals.

Retracing the decision-making process of an AI solution may be difficult if this requirement is not considered during all phases of design and implementation. This could create challenges if the FCA seeks ‘validation’ of AI decision-making.

Predicting the future

Trying to predict how AI in payments will look in the future is not easy. We are talking about a very dynamic environment catalysed by a constant push for innovation. But let’s be clear: if used correctly for the right purposes and the correct construct to address the ‘explainability’ challenge, AI could be a powerful tool to help payment firms achieve and maintain compliance, with efficiencies gained through this technology.

More To Explore


Are you a member of The Payments Association?

Member benefits include free tickets, discounts to more tickets, elevated brand visibility and more. Sign in to book tickets and find out more.


Log in to access complimentary passes or discounts and access exclusive content as part of your membership. An auto-login link will be sent directly to your email.

Continue reading

This content is only available to members - please see instructions below!

Become a member to continue reading

Member of The Payments Association? Log in to continue reading

Having trouble signing?

We use an auto-login link to ensure optimum security for your members hub. Simply enter your professional work e-mail address into the input area and you’ll receive a link to directly access your account.

First things first

Have you set up your Member account yet? If not, click here to do so.

Still not receiving your auto-login link?

Instead of using passwords, we e-mail you a link to log in to the site. This allows us to automatically verify you and apply member benefits based on your e-mail domain name.

Please click the button below which relates to the issue you’re having.

I didn't receive an e-mail

Tip: Check your spam

Sometimes our e-mails end up in spam. Make sure to check your spam folder for e-mails from The Payments Association

Tip: Check “other” tabs

Most modern e-mail clients now separate e-mails into different tabs. For example, Outlook has an “Other” tab, and Gmail has tabs for different types of e-mails, such as promotional.

Tip: Click the link within 60 minutes

For security reasons the link will expire after 60 minutes. Try submitting the login form again and wait a few seconds for the e-mail to arrive.

Tip: Only click once

The link will only work one time – once it’s been clicked, the link won’t log you in again. Instead, you’ll need to go back to the login screen and generate a new link.

Tip: Delete old login e-mails

Make sure you’re clicking the link on the most recent e-mail that’s been sent to you. We recommend deleting the e-mail once you’ve clicked the link.

Tip: Check your security policies

Some security systems will automatically click on links in e-mails to check for phishing, malware, viruses and other malicious threats. If these have been clicked, it won’t work when you try to click on the link.

Need to change your e-mail address?

For security reasons, e-mail address changes can only be complete by your Member Engagement Manager. Please contact the team directly for further help.

Still got a question?