How leaders are mastering the compliance-innovation tightrope

by George Iddenden

Share this post

What is this article about?

The challenges and strategies balancing regulatory compliance with innovation in the payment technology sector

Why is this important?

It ensures the integrity and trustworthiness of financial systems while enabling the development of new and improved payment technologies that meet evolving consumer demands.

What’s next?

The industry will adjust to new regulations for scam victim protection, fostering innovation that aligns with customer needs and maintains trust

Leaders of companies operating in the payment technology landscape are well-accustomed to the challenges of complex regulations set by various governing bodies. Whether the companies are established financial institutions or agile fintech start-ups, navigating this terrain requires much effort.

Respondents to a recent ComplyAdvantage survey titled ‘State of Financial Crime in 2024’ indicated that compliance will become a central focus in the next few months. Interestingly, 44% of firms claimed they would invest in personnel to expand their compliance teams. A further 44% of respondents claimed they had plans to join a real-time payments program in 2024 in the name of innovation.

Innovation remains critical for progress in payments, driving evolution and meeting consumers’ ever-changing demands. However, how can leaders balance compliance and innovation, which can be difficult and strategically crucial for survival in an industry often defined by disruption and change?

The challenge of navigating regulations and the impact on innovation

The regulation challenge is compounded by the additional frameworks from a diverse range of sources. Interpreting these regulations and ensuring adherence can be daunting for firms, exacerbated by divergent interpretations adopted within the industry. Alongside these conflicting interpretations, the pace of regulatory changes needed to keep up with innovation demands a degree of agility and adaptability from payment service providers (PSPs).

Lorraine Mouat, head of payment services at compliance firm Thistle Initiatives, believes that maintaining a delicate equilibrium between satisfying regulatory requirements and fostering innovation has become paramount for industry players.

She tells Payments Intelligence: “Regulations extend beyond conventional Financial Crime Authority (FCA) rules, encompassing areas such as data protection, anti-money laundering (AML), and cybersecurity.”

She explains that the diversity of interpretations adds “an extra layer of complexity” for businesses looking to align their objectives with compliance requirements. Often, compliance teams need to recalibrate to stay abreast of the rapidly evolving requirements.

A proactive approach is usually the best means of combating the evolving nature of regulations. Mouat says, “Payments firms should actively engage in collaborative efforts to share insights, best practices, and interpretations of regulatory requirements. This collaborative approach can help facilitate a more unified industry response to regulatory changes, thereby enhancing overall compliance effectiveness.”

As leaders know all too well, an overly stringent focus on regulatory adherence can inadvertently stifle innovation. Unfortunately, the rigorous requirements imposed by regulations may discourage experimentation and impede the development of innovative solutions to address emerging consumer needs, which the UK’s industry prides itself on addressing.

Despite the existence of sandbox environments that foster innovation within the barriers of regulation, uncertainty deters some business leaders from venturing into uncharted territories. Mouat acknowledges that while the constraints of a strict regulatory landscape can be complex for less agile companies, “payments firms must recognise it as a necessity”.

She adds: “While sandbox environments provide a controlled space for testing, uncertainties linger. On the other hand, customers are increasingly demanding innovative payment solutions, adding pressure on industry players to strike a delicate balance between compliance and customer expectations.”

A recent Breakfast in the Boardroom event hosted by the Payments Association saw C-suite payments insiders discuss the difficulty of balancing innovation with regulatory constraints despite the introduction of sandbox environments to ease the process of creating new products and services without fear of non-compliance.

The threat of non-compliance to the integrity of the sector has detrimental impacts and can also jeopardise the trust and confidence of customers. Mouat claims that finding the right balance between innovation and compliance must become a strategic imperative for sustainable growth in the payments ecosystem.

Ian Armstrong, regulatory affairs practice lead at ComplyAdvantage, spells out the challenges here for tech companies: “The biggest challenge any tech company currently faces when trying to innovate while also meeting regulatory requirements is to create a product or service that is flexible enough to work in a variety of jurisdictions without being so flexible that implementation becomes prohibitively complicated.”

Navigating the regulatory maze and the importance of balance

Adhering to compliance standards is, of course, tricky due to payments being a multifaceted regulatory sector, with standards emerging from various sectors within the ecosystem, not just the core payment service rules.

Differing interpretations across multiple jurisdictions add to the issue in what Mouat calls a “tangled web that demands meticulous attention”. Regulators, including the FCA, have seen an uptick in the number of warnings issued for illegal financial promotions due to the number of firms and individuals delving into the financial services space. In 2022, there was a significant increase in its intervention activity in response to poor compliance with financial promotions in both authorised and unauthorised firms.

The FCA’s intervention number in 2022 climbed by a whopping 1398% to 8,582 year over year, despite the regulator’s struggles with differing jurisdictions. In the same year, the regulator issued 1,882 alerts to unauthorised firms and individuals, marking a 34% increase.

While the regulator has the power to fine financial service providers operating within the UK, social media firms are exempt from its jurisdiction. The regulator said that while it can identify an unlawful promotion, it has “no powers” to require sites to be taken down. As a result, it must rely on requesting the platform hosting the content to remove it.

Armstrong refers to the “patchwork nature” of numerous regulatory bodies having different approaches to similar issues being an issue. He tells Payments Intelligence: “While they may all have the same desired outcome, the lack of a joined-up approach can result in added bureaucracy for the company and friction for the consumer.”

While necessary, Mouat claims that the challenge intensifies when considering the impact of stringent regulations on innovation. “The inherent focus on compliance can potentially stifle the spirit of experimentation and the development of ground-breaking solutions,” she says.

In 2018, the FCA introduced the Open Banking initiative. Its main objective was to promote competition and innovation in the financial sector by requiring banks to give customers greater control over their data. It also allowed third-party providers (TPPs) to access customer data with their consent.

However, TPPs raised concerns regarding the FCA’s initial complexity of compliance requirements and technical standards. These initial challenges could have potentially discouraged smaller FinTech startups or TPPs from entering the market.

Mouat implores that balancing compliance and innovation cannot be a strategic choice but a necessity. She says: “Breaches in compliance not only incur legal consequences but also inflict severe damage to brands and erode customer trust.”

In 2021, the FCA fined NatWest £264.7 million for failing to properly monitor suspicious activity in a customer’s account linked to money laundering. The account had been used to deposit and withdraw large amounts of cash over several years, triggering red flags that NatWest had not investigated thoroughly.

The scandal tarnished NatWest’s reputation and raised doubts about its anti-money laundering (AML) controls and commitment to compliance with financial crime. The bank received criticism from regulators and the public, damaging its brand image and trust.

In the financial crime sector, an increase in new technology used to both commit and fight fraudulent transactions has forced 98% of firms to make detecting and preventing corruption a strategic priority for their organisation’s financial crime compliance function, according to ComplyAdvantage’s study.

While the intentions are positive, screening against sanctions and watchlists was a primary limitation in detecting financial crime, according to 41% of firms responding to the survey. Barriers, including differing jurisdictions and tighter sanction nets, ultimately hold back this area of innovation and could increase financial crime rates.

On the other hand, IFX Payments product director Rosie McConnell believes that regulatory compliance can catalyze innovation in some cases, “enabling providers to enter markets like B2B payments more safely and efficiently.” According to McConnell, regulations’ dual role fosters trust among insiders and “sparks technological advancements.”

How to strike the right balance

The industry can expect the UK’s regulatory framework to shift once the Payments System Regulator’s (PSR) new rules regarding financial security for scam victims are implemented. Mouat believes innovation can be driven forward only by aligning regulations with customer needs while maintaining user trust.

AccessPay CEO Anish Kapoor shares these views. He tells Payments Intelligence the industry has seen a more open approach from fintechs, financial services firms, and banks to working more collaboratively and that co-developed innovations result in the most favourable outcomes.

Yet, to ensure resources are not spent fixing compliance complications, McConnell believes firms must champion compliance as a core principle. She says, “This means fewer resources are spent on fixing compliance complications, and instead, she focuses on how best we can innovate for ourselves and the industry.”

TerraPay’s chief legal officer, Akbar Hussain, points to a more systematic approach to public-private partnerships, “given that they enable regulators to work closely with industry stakeholders”.

Likewise, Hussain believes this can lead to more flexible regulatory frameworks that adapt to changing circumstances. He says, “Mature innovation demands an upfront understanding of and investment into applicable product offerings mapped against applicable regulatory regimes.”

Importantly, firms in the payments industry cannot understate the importance of foresight and effective planning. Equals Group PLC chief operating officer Matthijs Boon shares this concern, advising payment firms to work with external data providers who can provide valuable insight into upcoming regulatory changes worldwide, not just in the UK.

Boon claims that this can be extremely beneficial in helping to plan for what’s coming when conversations around new regulations or compliance are in their infancy. He also advises firms to examine the language used to inform teams to ensure they’re being provided the information on impact “in a language they understand”.

This could be by examining the issue from the perspective of how regulations are affecting clients, creating more of a sense of urgency to allocate the funding and resources for projects to be rolled out and supported.

Leaders are having to enforce a multitude of different strategies in the modern world of payments to ensure they’re complying with the many forms of regulation that exist for better or worse. The answer here could be championing compliance as a core company principle, breeding a culture of compliance from the start, and helping to foster closer public-private relationships, which can help to enable a closer relationship between both industry stakeholders and regulators.

According to Mouat, only when regulations are more closely aligned to customer needs can more progressive products and services be implemented for the good of the whole financial sector.

More To Explore


Merchant Community Membership

Are you a member of The Payments Association?

Member benefits include free tickets, discounts to more tickets, elevated brand visibility and more. Sign in to book tickets and find out more.


Log in to access complimentary passes or discounts and access exclusive content as part of your membership. An auto-login link will be sent directly to your email.

Continue reading

This content is only available to members - please see instructions below!

Become a member to continue reading

Member of The Payments Association? Log in to continue reading

Having trouble signing?

We use an auto-login link to ensure optimum security for your members hub. Simply enter your professional work e-mail address into the input area and you’ll receive a link to directly access your account.

First things first

Have you set up your Member account yet? If not, click here to do so.

Still not receiving your auto-login link?

Instead of using passwords, we e-mail you a link to log in to the site. This allows us to automatically verify you and apply member benefits based on your e-mail domain name.

Please click the button below which relates to the issue you’re having.

I didn't receive an e-mail

Tip: Check your spam

Sometimes our e-mails end up in spam. Make sure to check your spam folder for e-mails from The Payments Association

Tip: Check “other” tabs

Most modern e-mail clients now separate e-mails into different tabs. For example, Outlook has an “Other” tab, and Gmail has tabs for different types of e-mails, such as promotional.

Tip: Click the link within 60 minutes

For security reasons the link will expire after 60 minutes. Try submitting the login form again and wait a few seconds for the e-mail to arrive.

Tip: Only click once

The link will only work one time – once it’s been clicked, the link won’t log you in again. Instead, you’ll need to go back to the login screen and generate a new link.

Tip: Delete old login e-mails

Make sure you’re clicking the link on the most recent e-mail that’s been sent to you. We recommend deleting the e-mail once you’ve clicked the link.

Tip: Check your security policies

Some security systems will automatically click on links in e-mails to check for phishing, malware, viruses and other malicious threats. If these have been clicked, it won’t work when you try to click on the link.

Need to change your e-mail address?

For security reasons, e-mail address changes can only be complete by your Member Engagement Manager. Please contact the team directly for further help.

Still got a question?