Regulators around the world are sharpening their focus on how RegTech solutions are being developed, marketed and implemented.
In recent months, detailed reports and opinions from authorities in the EU, Nigeria and the UK have raised red flags about the risks of poorly deployed technology in compliance. While RegTech has the potential to streamline processes and improve oversight, regulators have highlighted that misuse and weak practices often undermine these goals, claims Muinmos.
The European Banking Authority (EBA) has gone as far as stating that careless use of RegTech may contribute to money laundering and terrorist financing. Backed by data from national authorities, the EBA noted that more than half of serious compliance failures reported to its EuReCA database were linked to improper use of RegTech tools. Despite innovation, the watchdog argued that poor implementation, lack of internal expertise and weak oversight are leaving financial institutions exposed.
In Nigeria, the Central Bank has taken an even more prescriptive approach, publishing a detailed baseline for what an effective automated AML solution should look like. The draft standards emphasise the need for comprehensive, integrated systems that bring together KYC, KYB and AML processes. They also stress the importance of no-code configurations, ensuring financial institutions can adapt solutions quickly without being locked into vendor dependency. The regulator sees these steps as critical to raising compliance standards and moving Nigeria off the FATF grey list.
The UK’s Financial Conduct Authority has also entered the debate with its review of digital customer journeys. While narrower in scope, the FCA’s findings underline the importance of thoughtful design, even suggesting that friction can sometimes help customers make better decisions. The regulator warned against overly streamlined processes that prioritise speed and high pass rates at the expense of compliance. Poor client classification practices, for example, were flagged as areas where firms risk falling short of regulatory obligations.
The growing scrutiny reflects a broader shift in regulatory posture. For years, oversight of RegTech has been indirect, managed through guidance such as outsourcing frameworks or digital resilience rules. Now, regulators appear more willing to take a hands-on role, evaluating how RegTech is used in practice and potentially moving toward direct oversight in some cases.
This increased involvement puts pressure on RegTech vendors who promote “high pass rates” as a selling point. Critics argue that such claims reveal a “rubber-stamp” approach rather than a genuine compliance solution. Muinmos, a RegTech provider, has pushed for clearer standards in the sector and instead focuses on “completion rates” for client journeys. Its AI-driven platform completes over 97% of onboarding processes, without compromising the integrity of checks such as client classification, suitability and risk profiling.
The EBA’s July 2025 opinion reinforced these concerns, warning that some FinTech providers appear to prioritise customer acquisition over compliance. It identified three key risks in RegTech deployment: lack of in-house expertise, insufficient transparency and weak parameter settings. While recognising the potential benefits of automation, the regulator made clear that its supervision will continue and expand, with a view to encouraging responsible use and good practices.
For Nigeria, the Central Bank’s standards mark a decisive step towards raising the quality of AML solutions. By calling for integration, customisation and ease of reconfiguration, the guidance addresses longstanding weaknesses in fragmented legacy systems. The regulator argues that better solutions will not only strengthen compliance but also improve customer experience and efficiency across the financial sector.
In the UK, the FCA’s emphasis on customer journey design adds another dimension. It suggests that firms cannot hide behind digital flows that favour commercial convenience over regulatory requirements. Instead, technology must be designed with compliance built in, striking a balance between smooth user experiences and regulatory obligations.
The direction of travel is now clear. Regulators are stepping up their involvement in RegTech and warning that ineffective or “rubber-stamp” solutions will not suffice. Financial institutions that continue to rely on weak systems may face fines, remediation costs and reputational harm. For firms and vendors alike, the message is simple: compliance technology must be robust, transparent and fit for purpose.
For more, find on RegTech Analyst.
Copyright © 2025 FinTech Global
