Rocio Suarez of LexisNexis Risk Solutions explains why the speed of instant payments requires a fundamental shift from siloed processes to integrated, continuous compliance models to effectively manage financial crime.
As instant payments become standard across Europe, financial institutions are being asked to process transactions faster than ever — often in under ten seconds. That speed presents a clear challenge: how can compliance functions keep up?
Speaking with Bobsguide at Money20/20 Europe, Rocio Suarez, Director of Financial Crime Compliance at LexisNexis Risk Solutions, outlined the growing tension between innovation and regulation. With new EU rules requiring near-instant settlement of credit transfers, many institutions are under pressure to modernize their compliance infrastructure.
“Institutions are still figuring out what this regulation means for compliance,” Suarez said. “Processing a transaction in seconds doesn’t leave much room for traditional review processes.”
Perpetual KYC and the Shift to Continuous Risk Monitoring
For Suarez, the move toward instant payments underlines a deeper issue. Financial crime controls still rely heavily on static processes, fragmented systems, and infrequent checks. In an always-on digital economy, that model is no longer sustainable.
One solution is perpetual KYC — a model that enables institutions to continuously assess customer risk over time, rather than relying on onboarding checks or scheduled reviews.
“I believe in the value of perpetual KYC,” Suarez told Bobsguide. “It gives institutions a more accurate, ongoing picture of who they’re doing business with. The more integrated the risk view is, the better the decisions become.”
Implementing this approach, however, requires more than policy change. It depends on a technology stack that can aggregate data from multiple sources, analyze it in real time, and escalate concerns without delay. Suarez said that many institutions are still adapting their systems to accommodate that level of complexity.
The Case for Integrated Compliance Infrastructure
A recurring theme in Suarez’s remarks was the need to break down internal silos. In many financial organizations, the functions responsible for fraud, AML, customer onboarding, and transaction monitoring operate on separate platforms, often with limited data sharing.
“Institutions are looking for ways to connect these processes,” she said. “The traditional silos between fraud and compliance are becoming barriers to effective risk management.”
The implications are significant. As digital transactions become more frequent and more complex, the risk of financial crime increases. Without a unified view of customer behavior, institutions struggle to detect suspicious patterns across systems.
According to Suarez, institutions that invest in shared infrastructure will be better equipped to respond to both regulatory and operational challenges. This includes secure data-sharing frameworks, cross-functional alert systems, and centralized customer risk profiles.
Enforcement Is Rising. Readiness Must Match.
While institutions work to modernize their infrastructure, regulators are moving quickly. Suarez pointed to a notable increase in enforcement actions globally. Regulatory bodies are tightening their expectations and applying pressure across the board — particularly in areas like sanctions compliance and transaction monitoring.
“Compliance is not a static function,” Suarez said. “Risks evolve, and regulators expect institutions to adapt accordingly. That means having real-time access to high-quality data and the ability to act on it without delay.”
In practice, this means compliance systems must be able to process large volumes of data, identify anomalies, and apply decision logic that reflects current risk models. Suarez noted that too many institutions still rely on slow review cycles and legacy rulesets, both of which can fall short when dealing with fast-moving threats.
AI and Automation: Useful Tools, Not Total Solutions
The conversation around compliance inevitably leads to questions about artificial intelligence. While AI holds promise in areas like anomaly detection and case prioritization, Suarez cautioned against overreliance.
“AI can support compliance, but it can’t replace human judgment,” she said. “You still need experienced people who understand risk, who can interpret what the systems are telling them, and who can respond appropriately.”
Instead of treating AI as a silver bullet, Suarez recommended treating it as part of a broader architecture — one that includes strong data governance, well-defined escalation procedures, and close alignment between product, compliance, and technology teams.
Looking Ahead: Designing for Flexibility and Scale
Suarez emphasized that compliance is not just a legal requirement. It is an infrastructure decision. For fintechs and incumbent institutions alike, the ability to scale products, enter new markets, and meet customer expectations is increasingly shaped by the quality and flexibility of their compliance stack.
“We’re seeing more collaboration between departments,” she said. “That’s essential. Whether it’s through shared platforms, real-time alerts, or integrated risk models, institutions need to make sure their systems can adapt to new threats and new regulations as they emerge.”
As instant payments become embedded in the financial system, Suarez believes that regulatory alignment will become a defining feature of long-term success. Compliance cannot remain an afterthought. It must be part of product design, operational strategy, and infrastructure planning from day one.
“Fighting fraud in isolation is no longer an option,” she said. “The institutions that thrive will be the ones that build compliance into the way they operate — not just to meet today’s requirements, but to be ready for what comes next.”
