Insights
Articles & insights.
Stay ahead with the latest trends in compliance and KYC technology.
The STR Is the Entry Point, Not the Exit: What AMLA's FIU Cooperation Standards Reveal About Your Compliance Data
Analysis of AMLA's 13 May 2026 draft Implementing Technical Standards for FIU cooperation and EPPO reporting. Argues that the structured data requirements these ITS impose on the enforcement chain trace back to the compliance files management companies and TCSPs build at the originating institution. Published ahead of AMLA's public hearings on 27 May 2026.
DORA Compliance as Data Plumbing: Why Cloud Sovereignty Became Infrastructure
An analysis of DORA compliance as a data infrastructure problem rather than a policy one. Covers exit strategy obligations under Article 28(8), the convergence of EU and global data-portability and messaging standards (ISO 20022, FAPI), and the architectural patterns (Kubernetes, IaC, S3-compatible storage) that make six-month exits actually executable. Aimed at Luxembourg TCSPs, management companies, and fund administrators evaluating cloud strategy under DORA. This is an edited replacement for the earlier draft of the same title.
The MiCA Review Opens While Luxembourg's Licensing Model Is Under Threat: What Compliance Teams Should Actually Watch
Analysis of the European Commission's MiCA review consultation launched on 20 May 2026, set against the parallel proposal to centralise CASP supervision under ESMA. For Luxembourg management companies, fund administrators, and TCSPs touching tokenised assets, the convergence of MiCA, AMLR, and the Transfer of Funds Regulation is becoming a single compliance surface that depends entirely on the data layer underneath.
95% Adoption, 9% Readiness: The RegTech Industry's Data Infrastructure Gap
Analysis of the Global State of RegTech 2026 report alongside the Wolters Kluwer compliance survey, arguing that the RegTech industry's adoption metrics mask a structural data readiness problem. For management companies, TCSPs, and fund administrators, the bottleneck has shifted from tool acquisition to data architecture.
From Routine CDD Field to Police Referral: What the Nordea Case Says About 'Purpose and Intended Nature'
Analysis of the Danish FSA's May 2026 criminal referral of Nordea Finans Danmark, focused on the failure to substantively document the purpose and intended nature of customer relationships. Explains what the case signals for management companies, TCSPs, and fund administrators under EU and CSSF supervision.
$15 and Half an Hour: What the Deepfake Fraud Economy Means for Your Onboarding Stack
AI-generated identity documents now cost as little as US$15 to manufacture and take roughly half an hour to produce. Real-time deepfake KYC bypass tools are commercially available. The article argues that the cost economics have inverted: biometric-first onboarding stacks are now the soft layer, and document-first verification with multi-source corroboration is structurally more resilient under current AI economics.
Beneficial Ownership Got "Moderate": What FATF's Singapore Verdict Reveals About What Supervisors Are Actually Measuring
FATF's mutual evaluation of Singapore, published 6 May 2026, rated the country's beneficial ownership effectiveness only "moderate" despite Singapore achieving its best ever overall monitoring tier. The article reads what FATF specifically flagged about Singapore's BO regime and argues that the same fifth-round methodology will define how Mauritius, Luxembourg, and other jurisdictions are evaluated, and how AMLA will select firms for direct supervision in 2028.
AI Agents Are Coming to KYC. Here's What They Will Need from the Platforms They Run On.
Anthropic's 5 May 2026 announcement of ten agent templates for financial services, including a KYC screener and a partnership with FIS on AML investigation agents, marks the moment AI agents become a real part of the compliance stack. The article argues that the firms that benefit will not be the ones that deploy agents fastest, but the ones whose data infrastructure is ready to make agentic decisions defensible.
AMLA's New BWRA Guidelines: Why Your Self-Assessment Should Mirror the Supervisor's Scorecard
Analysis of AMLA's 16 April 2026 consultation on draft BWRA Guidelines under Article 10(4) AMLR, and how the cross-reference to the supervisor RTS under Article 40(2) AMLD reshapes how management companies, TCSPs, and fund administrators should structure their business-wide risk assessment.
What's Actually in AMLA's Article 28 CDD Standards: A Read of the Draft RTS Before the Window Closes
AMLA's draft RTS under Article 28(1) of the AMLR closes for consultation on 8 May 2026. Three provisions in the draft (on intermediary ownership layers, senior managing officials, and verification sources) reveal the structural shape of CDD under the new regime, and confirm that AMLR readiness is a data problem rather than a policy problem.
The 14-Month Window: Why Customer Due Diligence Is the AMLR Bottleneck Most Firms Are Underestimating
PwC's 2026 EMEA AML Survey reveals that two-thirds of EU institutions risk missing the July 2027 AMLR deadline. The headline misses the more useful finding underneath: customer due diligence is where the operational bottleneck actually sits, and the underlying problem is data infrastructure rather than regulation.
Synthetic Identity Fraud: Why Manual KYC Cannot Catch What It Was Not Designed to See
AI-generated synthetic identities are designed to defeat exactly the manual checks most firms still rely on. This article examines what the 2026 SmartSearch Compliance Report reveals about the gap between awareness and action, and what an effective response actually looks like.
Perpetual KYC: What It Means and Whether Your Firm Is Ready
Perpetual KYC promises to replace periodic reviews with continuous, event-driven monitoring. This article explains what pKYC actually involves, what infrastructure it requires, and whether the technology and regulatory environment are ready for it.
Document-Driven KYC: Why Documents Are the Foundation of Effective Compliance
Document-driven KYC puts verified documents at the centre of every compliance decision. This article explains why this approach produces stronger compliance outcomes than form-based or interview-driven alternatives.
UBO Identification: Why Compliance Teams Still Struggle with Layered Ownership Structures
Identifying the ultimate beneficial owner behind complex holding structures, trusts, and SPVs remains one of the most time-consuming tasks in KYC compliance. This article explores why layered ownership creates persistent challenges for compliance teams on both sides of the KYC relationship, what regulators actually expect including variable thresholds and the board fallback rule, and how automation can eliminate the spreadsheet-driven recalculations that slow firms down.
Smarter Compliance: Why Manual KYC Processes Are Holding Your Firm Back
Manual KYC processes built on spreadsheets and email chains create hidden costs slower onboarding, inconsistent decisions, and audit exposure. Here is what smarter compliance actually looks like.
KYC Software for Management Companies: What to Look for in 2026
Management companies face unique KYC challenges — complex entity structures, multi-jurisdictional requirements, and high document volumes. This guide explains what to look for when choosing KYC software purpose-built for the sector.
What Regulators Actually Look for During KYC Document Audits
Regulatory examinations focus on evidence, consistency, and risk-proportionate decision-making, not just process completion. This article explains what examiners actually scrutinise and how to prepare.
Why Your KYC Platform Needs a Policy Engine, Not Just a Risk Score
Risk scores tell you how risky a customer is. A policy engine tells the AI how to think about risk in the first place. This article explains why configurable compliance policies are the missing layer in most KYC platforms, and how they transform AI-driven risk assessments from generic outputs into institution-specific intelligence.