Vixio, a regulatory intelligence company, has found that most payment organisations experience their compliance teams feeling overwhelmed every month.
A study by Vixio, titled 2025 Payments Compliance Outlook, revealed the mounting pressure financial institutions face due to the surge in regulatory updates. In the first nine months of 2024 alone, regulators issued 523,347 updates, including 1,434 specific to the payments industry. Of these, 375 required action, according to Vixio’s Horizon Scanning tool.
Compliance remains a critical factor for payment organisations, both for entering new markets and avoiding fines in the ones they are active in. Vixio reported that euro-area banks faced over €38m in penalties in the first half of 2024 due to compliance shortcomings.
The report shows that 59% of the 127 payment organisations surveyed expect compliance challenges to intensify in 2025. This is largely attributed to emerging technologies, such as AI, which most payments firms already use but remain underdeveloped in regulatory oversight – a situation expected to change soon.
Regions like the EU and China have already implemented clear regulations for AI, while countries such as the US and the UK appear to be adopting a more cautious approach. These nations are not only taking time to understand the technology but are also aiming to attract investment before introducing formal regulations.
In the UK, Prime Minister Keir Starmer has shown a notably lenient stance on regulation, emphasising economic growth.
In December, he urged over 10 regulators to eliminate barriers hindering growth. This position was reaffirmed in a recent announcement, where the PM prioritised fostering growth and delayed implementing strict regulations.
This approach could benefit UK-based companies, as Vixio’s report highlights new technology as the leading growth driver, identified by 65.4% of surveyed firms. Other opportunities include expanding within current markets (54.3%), adapting to regulatory changes (44.1%), and entering new regions (40.2%).
Fraud was a significant challenge in the UK last year, with new fraud reimbursement rules introduced towards the end of the year.
Additionally, cybersecurity concerns remain prominent after a major cyberattack disrupted Microsoft’s cloud services, affecting millions, following service interruptions at Crowdstrike. These incidents have placed ICT and cybersecurity, data protection, and fraud among the top priorities for payment firms in 2025.
To address the growing burden on compliance teams, most organisations plan to expand their compliance staff, with 65.4% aiming to increase their teams in the coming year.
Outsourcing is also a common strategy among these firms. A significant number rely on external support, with nearly one in five (19.7%) extensively outsourcing compliance tasks and more than half (56.7%) outsourcing at least some of their compliance functions.