Thomas Hudson
Ciaran McMullan
Plenitude Insights
Fraud
RegSightThe financial crime landscape entering 2026 is undergoing profound structural change. Regulatory approaches across the UK, EU, France, and the U.S. are converging around a common theme: accountability over policy intent, demonstrated by practical compliance. Supervisors are moving beyond policy review toward deeper testing of how controls operate in practice, demanding evidence, data integrity, and demonstrable outcomes. At the same time, criminals are exploiting advances in technology, cross-border networks, and digital financial channels to evolve at speed. The result is a global environment where regulation is pragmatic and dynamic, reflecting ever-changing and emerging financial crime risk. This paper focuses on developments across the jurisdictions covered by Plenitude’s RegSight tools regulatory registers: UK, EU (including France), US, Singapore and Global.
Several strategic shifts define this new era. Sanctions regimes, particularly in relation to Russia, are widening in scope and intensifying in enforcement, with a growing focus on circumvention, trade flows, and the involvement of new technologies. Corporate transparency obligations are expanding, reshaping how firms verify identity, beneficial ownership (BO), and corporate structures. Fraud, Anti-Money Laundering (AML), sanctions evasion, cybercrime, and crypto risks are rapidly converging, erasing boundaries that once allowed firms to manage them separately.
Technology is both an enabler and a pressure point. Supervisors are adopting Artificial Intelligence (AI), analytics, and SupTech capabilities that raise expectations for firms’ own technological maturity. Digital assets and stablecoins are moving into mainstream regulatory frameworks, with stricter demands for governance, substance, and monitoring. AI introduces new risks, synthetic identities, deepfakes, generative fraud, as well as the need for explainability, model oversight, and accountable human control.
In this context, organisations must rethink how their financial crime frameworks operate. The RegIntel Recap and Outlook Paper for 2025/26 distils the year’s developments into a set of forward-looking insights and translates them into an integrated operational roadmap for 2026. The roadmap outlines ten core capabilities that firms will need to build or enhance, ranging from unified risk architecture and effectiveness-by-design controls to explainable AI governance, real-time detection, sanctions intelligence, data modernisation, and continuous adaptation mechanisms. These capabilities reflect a shift toward financial crime management that is intelligence-led, data-driven, interoperable, and resilient.
Amidst regulatory change, the firms best positioned for the years ahead will be those that modernise their operating models, strengthen governance, and build systems capable of responding as quickly as risks emerge. Rather than treating regulatory developments as isolated changes, the paper provides a coherent view of how the landscape is evolving and what it will take to operate effectively within it. Its purpose is to support leaders in shaping financial crime strategies that keep pace with accelerating regulatory expectations, technological disruption, and increasingly sophisticated criminal activity.
Conclusion
As 2026 begins, the international regulatory landscape is undergoing one of its most significant periods of change in over a decade. Global pressures, including the rapid adoption of AI in both criminal activity and supervisory practices, escalating fraud schemes such as the 4,465 fake FCA scam reports filed in early 2025, and large-scale enforcement actions like MAS’s issuance of S$27.45 million in penalties across nine FIs, have pushed financial crime risk management to a critical inflection point. Geopolitical volatility, from instability in Ukraine and the Middle East to increasingly complex sanctions frameworks, has further broadened the threat landscape. Europol’s 2025 SOCTA underscored how organised crime networks are exploiting these dynamics, blending traditional techniques with digital-first methodologies to evade detection across borders.
Global regulatory frameworks are highlighting the central role of outcome-based, evidence-led supervision, where firms must demonstrate not only that controls exist but that they operate effectively, consistently, and at pace. In many jurisdictions, transparency is a central theme, with identity verification, beneficial ownership reforms, sanctions reporting expansion, and tax-related obligations embedding traceability into the core of the financial system. Sanctions regimes have become more assertive, more complex, and more geopolitical, with circumvention now a supervisory priority in its own right. Fraud, ML cyber-enabled crime, and sanctions evasion are increasingly interconnected, requiring integrated risk frameworks rather than siloed responses.
Technology sits at the centre of this evolution. The mainstreaming of AI, the acceleration of instant payments, and the mainstream regulation of digital assets are reshaping both the risk landscape and the expectations placed on firms. As a result, firms are expected to transform their own data, governance, and model-risk capabilities to keep pace. Outsourcing and reliance on sector-critical vendors now carry heightened scrutiny, reinforcing that accountability remains with firms regardless of external partnerships.
These shifts demand a fundamental recalibration of operating models. Compliance functions must evolve from static, policy-driven frameworks to dynamic, data-driven, operationally resilient systems capable of detecting sophisticated threats in real time. Firms that continue to treat regulatory reform as a series of incremental adjustments will find themselves increasingly exposed to supervisory challenge, operational strain, and enforcement risk. These developments offer opportunities for a more coherent, harmonised, and intelligence-led approach to financial crime prevention at firm-level.
The organisations best prepared for 2026 and beyond will be those that build and maintain financial crime frameworks that are demonstrably robust, technologically adaptive, and strategically aligned to a regulatory environment defined by complexity, convergence, and speed.
