Ask a compliance officer how their programme is performing and you are likely to receive a carefully hedged response. Ask them what excellence looks like, and the conversation may go quiet altogether.
The reason is straightforward: financial services firms have long lacked a shared framework for describing their position on the compliance maturity journey, what progress looks like, or where they are ultimately heading.
AscentAI set out to change that by developing a standardised model — and then benchmarking it against reality through its 2026 RegTech Benchmark Survey, which gathered responses from hundreds of financial services organisations across the globe.
AscentAI recently delved into where the peers of RegTech firms stand on the RegTech maturity journey.
The results paint a picture of an industry in the midst of significant transition. The overwhelming majority of firms continue to struggle with the rising volume and speed of regulatory change, though nearly all are actively working to address this. A smaller but notable cohort is already pulling clear of the field.
The four stages of compliance maturity
AscentAI’s model divides compliance maturity into four distinct stages. The first, Basic, describes organisations whose compliance activities remain primarily manual — reliant on email chains, spreadsheets, and documents, with limited dedicated technology in place. Some 26% of survey respondents placed themselves in this category.
The second stage, Dependent, applies to firms whose compliance efforts depend heavily on external consultants or outside counsel to function effectively. A further 16% identified their organisations here. The third and largest group — Emerging, at 42% — represents firms that have deployed some software tools or point solutions, such as horizon scanning or data feeds, but have not yet achieved an integrated approach. The fourth and most advanced stage describes organisations running highly automated compliance operations across a fully integrated technology stack; 16% of respondents placed themselves there.
Taken together, 84% of organisations surveyed are operating without fully automated, integrated compliance processes. Most use some software but continue to rely on significant amounts of manual work alongside it.
The industry is moving quickly
When survey participants were asked where they expect to be in 12 months, the findings shifted considerably. The proportion expecting to remain at the Basic stage is forecast to fall by 15 percentage points, while the Dependent group is expected to nearly halve, dropping from 16% to 7%. The Emerging cohort is projected to grow modestly from 42% to 46%, while the Advanced group is expected to more than double — rising from 16% to 35%.
What progress looks like at each stage
Knowing where a firm sits on the maturity curve is only half the picture. Understanding what improvement looks like in practice is equally important.
For firms at the Basic stage, the first meaningful step is gaining access to continuously updated information on which regulations apply to their business. AscentAI refers to this as a Regulatory Map — a structured view of product offerings mapped against relevant jurisdictions, regulators, and regulatory content.
Firms at the Dependent stage are typically looking to build greater internal capability and reduce their reliance on outside counsel. This usually begins with maintaining a clear, continuously updated register of regulatory obligations, which enables in-house teams to assess regulatory impact with greater confidence.
At the Emerging stage, the challenge is often one of integration. Firms may already have point solutions in place, but these tend to operate in silos. The goal here is to connect systems so that regulatory intelligence flows automatically to the people and platforms that need to act on it. Automated monitoring, change detection, and GRC integration all become critical priorities.
For those already operating at the Advanced level, attention shifts from building capability to refining it. The defining questions at this stage are about speed and agility: how quickly can the firm respond to a regulatory change, how confidently can it demonstrate compliance to an examiner, and how efficiently can it expand into a new jurisdiction?
With regulatory complexity continuing to accelerate, the pressure on compliance teams is unlikely to ease. The survey suggests that while most firms are still catching up, the direction of travel is clear — and those that move fastest may find themselves with a meaningful competitive advantage.
Read the full AscentAI post here.
Copyright © 2026 FinTech Global
