Speed, scale, and security aren’t mutually exclusive if your compliance engine is built to evolve.
The RegTech paradox
Coming from a legal advisory background, I quickly learned that the real bottleneck in compliance wasn’t regulation itself, but how it was embedded into the product.
That shift happened when I moved from legal counsel to Head of AML. We were trying to build flashy tech, but at the same time, it had to comply with a huge scope of regulatory requirements. In-app, real-time compliance that could evaluate risk, verify documents, and meet regulatory expectations without a human stepping in. We wrote logic-based scripts, plugged in API-first sanction tools, and created automated decision trees. Users never saw what was under the hood. That was the point.
Since then, I’ve worked across some of the fastest-scaling fintech platforms in Europe, from instant lending apps to cross-border payments, and I’ve seen one pattern repeat: the industry still assumes that speed comes at the cost of safety. That faster always means riskier.
But what if that assumption is wrong?
I’ve spent the past five years building compliance infrastructures inside some of the fastest-growing digital finance companies in Europe. From online lending platforms with five-minute credit decisions to cross-border payment apps serving thousands of customers in real time, I’ve had a front-row seat to what happens when speed meets regulation and what happens when you engineer both from day one.
Since early 2024, the focus has been on serving a targeted group of merchants and account holders who generate consistent transaction volume, rather than pursuing growth at any cost. Daily transactions now involve several thousand users, primarily through established partnerships with selected acquiring merchants.
Not by slowing things down, but by designing compliance to move with the product, not against it.
Why speed and security feel like enemies
For years, regulatory risk has been treated as something to be contained, not integrated. Compliance teams were trained to hit the brakes, while product teams sprinted forward. This divide is costly.
This divide isn’t without cost. According to research by Signicat, nearly 68 percent of users abandon fintech onboarding due to excessive friction. That’s not just a UX issue, it’s a revenue leak. And more often than not, the culprit is a compliance process that hasn’t evolved with the product it’s supposed to protect.
During one project in 2022, the company had all the ingredients of a high-growth fintech, except a functional compliance engine. Every application could get frozen in a manual review loop, sometimes indefinitely. The team had developers, ambition, even ready-to-go tech, but no strategy.
So I rebuilt it from the inside. We automated core parts of the AML process, created smart workflows based on risk scoring, and cut time-to-decision dramatically. By the time I left, the company had a working online lending product that could process approvals within minutes, not days.
The breakthrough wasn’t about cutting corners. It was about rethinking the entire flow.
I’d learned that lesson earlier, real-time compliance journey that met regulatory expectations without human bottlenecks. We built logic-based scripts, sourced API-based sanctions checks, and designed risk scenarios that could be auto-evaluated without pausing the user journey. Users never saw the complexity under the hood, and that’s the point.
Building for scale without compromise
The challenge for every fintech scaling quickly is simple: how do you move fast without compromising compliance?
The answer, I’ve found, is to treat compliance like a product.
That means embedding regulatory logic into the user journey from the first click. Not bolting it on afterward. It means designing back-end infrastructure that can handle real-time decisions, escalate risk intelligently, and evolve with both user behavior and legal requirements.
One of the first moves I make is simplification. Most compliance failures aren’t about bad intentions; they’re about broken flows. Fragmented onboarding, static KYC forms, slow vendor tools. When I redesigned due diligence systems across platforms, the goal was always the same: move the right decisions closer to the moment of action.
That meant replacing manual, outdated checks to API checks for document recognition, AML screenings, and transaction monitoring. It meant building tiered onboarding logic that adapts based on client risk level. A freelancer based in Berlin doesn’t need the same scrutiny as a high-risk corporate client from a restricted jurisdiction, and a smart system should know the difference.
In my current role as Director and MLRO, this approach resulted in a complete rebuild of the compliance architecture. The team redesigned user flows for both individual and business clients, integrated AI-driven fraud detection, and implemented embedded compliance across a newly launched international payments platform and acquiring solution.
The result: decisions that once took hours now happen in minutes, without sacrificing auditability or control. Regulation and velocity don’t have to be adversaries.
What fast compliance actually looks like in practice
Most people assume that “automated compliance” is just a buzzword until they see it work.
Speed didn’t come from doing less. It came from knowing what to do and when. That starts with designing systems that can assess context, not just check boxes.
Take our approach to onboarding. Instead of funneling every user through the same high-friction process, we implemented tiered due diligence. A small freelancer based in Berlin sending €300 a month through SEPA doesn’t require the same scrutiny as a high-volume corporate client transferring money to a high-risk jurisdiction. Our systems can differentiate in real time and escalate when needed.
That’s the key to making speed work in regulated environments: dynamic decision-making.
You don’t eliminate friction. You allocate it.
We embedded:
- AI-driven pattern recognition to flag inconsistencies and emerging risk signals before they triggered compliance issues.
- Real-time AML screening, including sanctions screening, adverse media, and PEP screening, runs silently in the background at key user flow checkpoints.
- Smart vendor orchestration, so the system could switch between providers when performance dipped or data conflicts emerged.
- Audit logs and replayable decisions, built directly into the dashboard, making regulatory reporting a byproduct, not a separate task.
It’s not theoretical. This approach allowed us to reduce onboarding refusals by more than 50% while actually improving our suspicious activity detection rate. It also meant fewer compliance staff had to spend time on rote checks, freeing them up to work on complex investigations and emerging risks.
I’ve seen the opposite too: onboarding delays of 48+ hours, false positives clogging queues, and risk teams burning out. Not because of bad people, but because of broken processes.
Reframing compliance: From department to product feature
To fix compliance, we have to stop thinking of it as a department and start thinking of it as infrastructure.
That means designing compliance into the product the same way you’d design uptime, security, or user onboarding. Not as a box to tick post-launch, but as a core part of the user journey. And certainly not something siloed in a legal corner, brought in only when the regulator calls.
When we planned our internet acquiring service, we didn’t start with engineering or marketing. We started by mapping the regulatory exposure: Who’s the end user? What are the risks? Where are the legal choke points? Then we worked backwards, turning obligations into flows.
Instead of hiding behind hardcoded rejection screens, we gave users micro-explainers in real time:
“Here’s why we need this document. Here’s what we’re checking. Here’s what happens next.” Friction turned into transparency.
This wasn’t about over-educating users. It was about respecting them.
And when compliance is part of the UX, something powerful happens: it becomes a value proposition.
For example, when we launched our AI-powered fraud detection and sanctions screening stack, we didn’t frame it as a regulatory necessity; we framed it as a customer benefit. “We protect your business before fraud finds it.” That message hit differently with merchants.
Too many fintechs still treat compliance as a back-office necessity, disconnected from product thinking. The irony is, it’s the one area where getting it right can unlock both growth and trust.
What the future of RegTech should look like
We’re entering a new era of digital finance: borderless, fast-moving, AI-powered. But if our compliance systems still move like it’s 2013, we’re dragging yesterday’s infrastructure into tomorrow’s markets.
The good news? Change is already happening.
In the UK, the FCA’s push for innovation sandboxes has opened doors for compliance-first experimentation. Regulated firms can now pilot new tools and onboarding models with supervisory support, not punishment. Across Europe, FSMA 2023 and incoming crypto frameworks are forcing fintechs to rethink how risk and agility co-exist.
But regulation alone won’t modernise compliance. Culture will.
It takes leadership teams that see compliance as a product lever, not a bottleneck. It takes technologists who understand regulation, not as a burden, but as a design constraint. And it takes compliance professionals who can speak in product sprints, not policy memos.
Anastasiia Pervushyna is the Director and Money Laundering Reporting Officer at SENDS, a UK-based fintech company offering international payments and merchant acquiring services. A certified member of the Association of Governance, Risk & Compliance (AGRC) and the Project Management Institute (PMI), Anastasiia has led multiple compliance transformations across European fintech firms. She is a published expert in Fintech Circle, Markets Herald, and The Payments Association, where she writes on RegTech, AI in AML, and the future of financial infrastructure.
TNGlobal INSIDER publishes contributions relevant to entrepreneurship and innovation. You may submit your own original or published contributions subject to editorial discretion.
Featured image: Pexels
Startup governance isn’t just about rules, it’s about people, processes and technology