At AFME’s 8th annual conference in London, I had the privilege to share my thoughts on the trends in regulatory enforcement at a panel discussion on “Global Regulatory Enforcement Trends” alongside Dee O’Sullivan, the interim head of retail and regulatory investigations at the Financial Conduct Authority (FCA).

Compliance is getting more and more complicated as financial institutions have to comply with an increasing number of stringent and evolving regulations. The growing importance of data intelligence, the difficulties in regulating AI, and the continuing effects of Brexit on the industry were some of the important topics we covered. These domains, in my opinion, will continue to be important themes impacting the trajectory of financial regulation.

Financial institutions need to review their compliance and risk management strategies according to Dee O’Sullivan, who emphasised this point during the discussion. As regulators around the world shift to more proactive, data-driven enforcement, firms will need to make serious adjustments to stay up to date.

The importance of regulatory continuous monitoring, early intervention and governance improvements were highlighted and discussed on the panel. These factors will undoubtedly transform the regulatory landscape in the coming years, with significant consequences for firms that fail to evolve.

A shift to data-driven enforcement: the FCA’s new approach

Dee O’Sullivan stressed that one of the most notable changes in the FCA’s strategy has been the increased reliance on data analytics to combat financial crime. By analysing vast amounts of transactional data -7 billion transaction reports, to be exact – the FCA has been able to detect significant market abuses and transactions before they escalate into regulatory breaches.

This represents a major departure from the FCA’s previous, slower response times. Dee explained that this data-driven approach allows the regulator to intervene early and address potential issues before they crystallise into larger problems. This proactive methodology, coupled with collaboration with financial firms, is critical to mitigating risks promptly.

For financial institutions, Dee’s message was that having the right data intelligence tools, the right policies and procedures in place will enable firms to work with regulators to address harm before it becomes widespread.

Governance failures remain a major concern

As I mentioned during the panel, governance and compliance failures continue to pose significant challenges for businesses. According to regulatory monitoring data from Corlytics, governance failures are the most common issue leading to enforcement actions.

Despite efforts to modernise through technology, many firms still struggle to align their governance structures with the evolving regulatory environment, leaving them vulnerable to penalties.

Our data shows that firms often face issues such as poor record-keeping, lack of management oversight, and insufficient coordination between internal teams. These factors contribute to costly enforcement actions and reputational damage. It’s crucial that businesses address these governance weaknesses to stay ahead of regulatory expectations.

Navigating the post-Brexit regulatory landscape

Brexit remains another key challenge for financial institutions, particularly for UK-based firms seeking to access European markets. During the discussion, I highlighted the difficulties posed by shifting regulations, including the upcoming SRD6, which could restrict third-country firms’ ability to operate in certain markets.

The full impact of Brexit is still unfolding, but it is clear that the regulatory barriers for UK firms are growing. Institutions must ensure their compliance strategies are robust enough to effectively navigate these new rules and restrictions.

AI regulation is a new frontier

One of the most interesting developments we are seeing is the surge in AI-related regulations across multiple jurisdictions. The EU, with its groundbreaking AI Act, is leading the way in regulating AI technologies, and financial institutions must adapt their compliance frameworks to account for the complexities introduced by machine-learning algorithms and automated decision-making.

A critical question is how do we regulate machines? While regulators like the FCA have experience overseeing human actors, AI presents new challenges. Transparency, accountability, and bias in AI systems are all areas of concern that will likely drive future enforcement actions.

The FCA has already issued an update on AI policies, and I would really recommend that firms familiarise themselves with these developments. The future of regulation will increasingly focus on the role AI plays in financial services, and businesses must be prepared to adjust their operations accordingly.

Proactive compliance is the way forward

Looking ahead, firms need to adopt more proactive approaches to compliance and risk management. It is no longer sufficient to react to issues flagged by regulators. Instead, companies must anticipate risks, manage them preemptively, and foster a strong culture of compliance throughout the organisation.

As our panel discussion concluded, regulators are looking for greater openness and collaboration with firms. Financial institutions that succeed in this new regulatory reality will be those that invest in data analytics, strengthen their governance functions, and stay ahead of evolving AI regulations. The cost of failing to do so will only increase, and the window for adaptation is closing rapidly.


Susie MacKenzie, Head of Legal and Regulatory Analysis, Corlytics