RegTech is entering a new phase. With financial institutions facing growing regulatory pressure, firms are increasingly turning to AI, automation and real-time compliance tools to improve efficiency and strengthen oversight. The Global State of RegTech 2026 report – authored by RegTech Analyst and Parker and Lawrence Research – explored how the sector is evolving, and where the biggest shifts are taking place across financial services.
As part of the research for the report, Parker & Lawrence Research interviewed market leaders in the space on how they are tackling the industry’s biggest challenges.
On this occasion, the firm spoke with James Hogbin, Founder & CEO of Fingerprint, an end-to-end communications compliance platform for regulated firms and compliance service providers. In the report, Fingerprint was recognised as a market leader in the eComms Surveillance category.
This interview was part of the wider Global State of RegTech report conducted by RegTech Analyst and Parker Lawrence Research. To download the full report, click here.
Communications supervision has quietly become one of the most consequential — and least-solved — challenges in compliance. For years, the model was straightforward: capture emails, voice recordings and chat logs, store them, and retrieve them if a regulator came knocking. That approach served firms well enough when expectations were modest. It no longer does.
Regulators across major markets have levied billions of dollars in fines linked to communications failures in recent years, with much of the enforcement activity centred on off-channel messaging — WhatsApp in particular — and the absence of adequate supervision controls. But the underlying issue runs deeper than recordkeeping. Firms are now expected not merely to retain communications data, but to actively supervise it, and to demonstrate that supervision in a way that will stand up to scrutiny.
The scope of what that data must cover has widened considerably. A single conversation can now carry signals relevant to market abuse, customer harm, financial promotions, information leakage, non-financial misconduct and attempts to shift business onto unauthorised channels. These are not separate compliance problems — they are threads running through the same dataset. Pulling them apart requires something more sophisticated than an archive.
The operational challenge is significant. An estimated 80% of compliance teams still rely on some degree of manual processes, even as communications environments become more fragmented across email, voice, Microsoft Teams, Slack, WhatsApp and other collaboration tools. Data sits in different systems, reviewed by different teams, with limited ability to draw connections across channels or business lines.
Fingerprint founder and CEO James Hogbin said, “An archive isn’t an archive unless it’s supervised.”
That observation sits at the heart of the problem. Many regulated firms have archives — some have several. The difficulty emerges when a compliance officer is asked to demonstrate what was reviewed, why, by whom, and what the outcome was. Manual processes make that chain of evidence difficult to construct after the fact, particularly as communication volumes continue to grow.
The challenge is especially acute for smaller firms, where compliance teams are lean and expectations are rising in parallel. It is no less pressing for larger institutions managing multiple jurisdictions, which often struggle to maintain consistent visibility across departments and business lines. Regulatory hosts, principals, outsourced compliance providers and consultancies face a particularly sharp version of this problem: they may be responsible for oversight of dozens of separate businesses simultaneously, each requiring distinct supervision, ring-fenced data and clear audit trails.
Fingerprint founder and CEO James Hogbin said, “Wherever there’s potentially people at risk, you should be monitoring your communications.”
Commercial pressure is intensifying the dynamic. Operational due diligence teams and investors are increasingly asking firms to evidence that their supervision frameworks reflect what their policies say they will do. A firm may be entirely compliant in its intentions, but unable to demonstrate that clearly — and in a due diligence context, that gap can be as damaging as a regulatory finding.
Fingerprint’s response to this challenge is a communications supervision platform designed to bring policy, review activity, case management, reporting and evidence into a single workflow. The platform begins with the firm’s own supervision policy — configuring monitoring categories, risk phrases, review tasks and investigation timeframes against what the firm has already said it will do. Risk terms are defined as phrases rather than individual keywords, reducing blunt matching and improving relevance across use cases that span market abuse, client treatment, culture, human resources, sales and off-channel communications.
Reviewers can work across email, voice, chat and collaboration channels from one place, following conversations across channel boundaries where necessary. The platform supports investigation, review and sign-off workflows, creating a traceable record of how decisions were reached and why. Multi-tenant functionality allows a single compliance team to supervise multiple firms or departments with clear data segregation and role-based access, making it well suited to regulatory hosts overseeing appointed representatives.
Reporting within the platform is designed to demonstrate activity rather than outcomes alone — supporting KPI reporting, activity logs and examination-style outputs that address the questions regulators and due diligence teams are most likely to ask.
Artificial intelligence and machine learning are applied selectively within the platform. Natural language processing is used to extract relevant content from email reply chains and boilerplate, while anomaly detection flags unusual patterns such as language shifts or the use of encrypted attachments. Where machine learning cannot process a message with sufficient confidence, the system defaults to surfacing more content rather than less, keeping human judgement at the centre of the process.
The results seen by early users are instructive. One UK regulatory hosting firm responsible for more than 70 appointed representatives used the platform to centralise monitoring across segregated environments. A compliance team of five was able to supervise all appointed representatives proactively, with each analyst overseeing 14 separate businesses.
That kind of scalability matters because supervision capacity can otherwise become a brake on growth. If each new appointed representative adds materially to manual review burden, compliance becomes a constraint on commercial expansion rather than an enabler of it.
The broader direction of travel is clear. As conduct, operational and behavioural risks converge, communications data will increasingly be understood not as a compliance archive but as a strategic intelligence asset. The firms that build the infrastructure to use it effectively — and evidence that use clearly — will be better placed for the supervision environment that regulators are actively building towards.
Read the original post from Parker & Lawrence Research here.
Copyright © 2026 FinTech Global
