Regulatory Waves: How Payment technology can help navigate through uncertainties using AI

Swimming in open waters can be daunting for even the most seasoned swimmer. This requires a focussed approach that starts with building the mindset, understanding the individual’s strengths and weakness, deep understanding of the vagaries of nature and its impact, visibility in the open sea to act on next course and a support team to guide and support. The regulatory environment within the payments landscape is dynamic and constantly evolving, to stay tuned to the technological advancements, security vulnerabilities and customer and data protection requirements. 

Complying with Regulatory requirements should be considered as a hygiene factor for all financial institutions. The repercussions of noncompliance can be detrimental leading to the following and there are real world examples under each of these.

• Hefty financial penalties
• Legal implications
• Reputational damage
• Disruption in day-to-day operations
• Enhanced scrutiny leading to administrative overheads

Beyond the Challenges:

Akin to challenges that are encountered whilst swimming in the open sea, Banks and Fintechs should devise a proactive framework to handle the challenges that comes their way through the Regulatory wave. 

Constantly evolving regulations: This can be as unpredictable as the and currents and tides that urge you towards course correction, the factors that drive these changes could be technology advancement, possible threats and vulnerabilities. For instance, PSD2 regulations in Europe required Banks and Fintechs to enable open banking via a robust API framework, which in turn would have a direct impact on the technology strategy and adoption of the Bank.

Global Perspective: Whilst the overall approach to swimming in open waters can be standardised each sea comes with its own unique risks and approaches. The regulations in payments industry spans across geographies. They can be unique to a region or country or applicable across the world.  For example, AML/KYC norms are common across geos however PSD2 in Europe or NPCI directive compliance in India is region specific

Sanctity of Data and its security: In open water swimming, clear visibility is crucial to avoid hazards like rocks or marine life. Similarly, financial institutions need robust data protection measures and constant monitoring to ensure data privacy and security. Just as a swimmer must be aware of their surroundings, institutions must be vigilant about potential data breaches and cyber threats to avoid fines and reputational damage. Vast amount of customer sensitive data is managed and maintained during payment operations hence the data privacy and security is of paramount importance. Regulations that govern this such as GDPR need to be understood and complied with, any Breach in this area is detrimental to the business and reputation and attracts hefty fines.

Scope for ambiguity: Currents in open water can change unexpectedly, requiring swimmers to adjust their course. Legal texts can be ambiguous and open to interpretation, necessitating institutions to have strategies to address and clarify these ambiguities. Just as swimmers must be flexible and prepared to navigate changing currents, institutions must be agile in interpreting and complying with regulations and rely on legal experts, compliance tools, and frameworks to interpret and comply with regulations accurately.

Regulations in the spotlight:

1. ISO 20022 compliance: Globally all Banks have been riding multiple waves in the journey to SWIFT message standardization through ISO 20022 compliance and 2025 marks the last wave with implementation of MX messages for cross border payments due by Nov 2025.
2. PSD2 (Payment Services Directive 2) – European Union: Already in effect, with ongoing updates.PSD2 aims to enhance competition, innovation, and security in the European payments market. Key provisions include Strong Customer Authentication (SCA) for electronic payments and open banking requirements, which mandate banks to open their payment services and customer data to third-party providers with customer consent.
3. PSD3 (Payment Services Directive 3) – European Union: As a continuation of PSD2, PSD3 is expected to be implemented by 2025 where it aims to further enhance payment security and consumer rights, addressing technological advancements to protect Europe’s payment system
4. AMLD6 (6th Anti-Money Laundering Directive) – European Union: AMLD6 harmonizes the definition of money laundering across the EU and extends criminal liability. It introduces tougher penalties and holds companies criminally liable for money laundering due to be implemented by 2025
5. FinCEN Regulations – United States: The Financial Crimes Enforcement Network (FinCEN) has been pushing for stronger AML/CFT (Counter-Terrorism Financing) programs. These regulations require risk-based, tailored AML programs subject to periodic review. This is a critical Regulation where there have been on going updates
6. Dodd-Frank Act – United States: This act aims to promote financial stability by improving accountability and transparency in the financial system. It includes provisions for consumer protection, trading restrictions, and enhanced oversight of financial institutions.
7. Singapore Payment Services Act: This act provides a comprehensive regulatory framework for payment systems and payment service providers in Singapore. It includes licensing requirements and compliance with AML/CFT standards. This regulation is in effect and with on going updates.
8. Australia’s AML/CTF Act: This act requires financial institutions to implement robust AML/CTF programs, including customer due diligence, transaction monitoring, and reporting suspicious activities and requires on going compliance
9. Open Banking Regulations – Various Regions: Open banking regulations require banks to share customer data with third-party providers, with customer consent, to foster competition and innovation in the financial services sector. The timeline for compliance varies by region and undergoes constant developments

Payment technologies reshaping the financial landscape:

Banks can leverage their payment technologies to ensure compliance, security and operational efficiency are enhanced, so that they can direct their efforts and budgets to innovation and growth charter. AI infused payment technology will help Banks reimagine payment journeys across the board and enhance effectiveness. Listed below are some of the use cases and the benefits that can be derived.

What lies ahead:  

Till a few years ago we were referring to AI technology and its extensions, Generative AI and Agentic AI as the art of possible and as on today many banks have already weaved in AI in their transformation strategy. Much like open water swimming, where athletes must navigate unpredictable currents and changing conditions, banks equipped with AI-powered payment technologies can adeptly manoeuvre through the complexities of regulatory environments. Just as swimmers rely on their training, instincts, and advanced gear to stay on course and reach their goals, financial institutions can leverage AI to maintain compliance, enhance security, and optimize operations. Looking forward, the synergy between AI and payment technologies promises a future where regulatory adherence is not only more efficient but also more proactive, enabling banks to foster trust and stability in the global financial ecosystem.