top of page

Payments compliance faces runaway costs

Updated: Dec 5, 2023

If you think compliance is expensive, try non-compliance.


Payment compliance and risk management is expensive and time-consuming due to its multifaceted and idiosyncratic nature. There is no one-size-fits-all solution. The state of risk and compliance is ever-changing, and firms continue to adapt to new threats. As history has shown, if you think compliance is expensive, try non-compliance.

Risk Profile: No ‘One Size Fits All’

The cost of compliance is largely determined by a company’s risk profile. Businesses operating in high-risk sectors such as gambling, crypto currencies or money transfer services will find their risk profile significantly higher. Likewise, those operating in or serving clients in high-risk countries have an elevated risk profile. Such organisations require a robust compliance and risk management function to assess their supply chains and customers for money laundering, corruption and sanctions, but what are the costs?

Economic Costs

The pure financial cost to remain onside is increasing with more investment required just to keep up. Firms are spending heavily on new processes and technology. According to a recent publication from Deloitte, 2023 will see corporate legal functions and their legal service providers adopt technology to streamline their process, improve legal risk management and enable technology-based self-service, allowing lawyers to focus on bespoke complex legal issues. Forbes reports that in large firms the average cost to maintain compliance can total up to $10,000 per employee, an increase of 60% from pre-financial crisis levels. Layer on top of that, government programmes such as the Economic Crime Levy where up to £250,000 will be collected by HM Revenue & Customs on all anti-money laundering regulated businesses beginning in 2023.

A closer look at the costs reveal that customer due diligence (CDD) processes remain by far the largest single operational cost. Two-thirds (67%) of total financial crime compliance costs in 2022 were attributed to CDD, an increase from 53% in 2020, as reported by LexisNexis - and these numbers are going up. The largest share of the CDD cost is represented by Know Your Customer (KYC) onboarding checks, accounting for a third of overall CDD costs. Anti-fraud checks at onboarding – necessary for the increased fraud risk posed by remote identity management and document verification – contributed to a further 9% of CDD costs as firms move to strengthen their defenses.

Percentage Share of Compliance Costs

Breakdown of compliance costs
Source: Lexis Nexis

Opportunity Costs

Are compliance costs worth it? Depending on factors such as the size and frequency of payments, the financial loss due to fraud or financial crime can be significant. Unfortunately, it doesn’t stop there. According to a study by McKinsey, the amount lost due to financial crime is merely the tip of the iceberg and even when combined with the costs of compliance technology, represents less than one-third of the total cost faced by an organisation hit by financial crime. The client impact, company reputation and loss of revenue begin to stack up. Layer on top the remediation costs and fines from the regulator and the true size of the iceberg comes into view.

As mentioned earlier, while the cost of compliance is high, the cost of non-compliance is even higher. In January 2022, London-based law firm Mishcon De Reya was ordered by the SRA to pay £232,500 for failing to perform adequate due diligence to comply with anti-money laundering regulations. Later that same year, Santander (UK) Plc was fined over £107m for failing to have an effective risk-based anti-money laundering (“AML”) control framework and became the latest high-profile company to be fined for insufficient AML and compliance controls.


While regulators are taking an increasingly tougher stance on non-compliance, what options are there? Given the scale of the problem, there is no perfect solution that automates everything yet a manual approach to compliance is no longer viable. To help keep up, firms are opting for cloud-hosted digital solutions to leverage wider AML data sets and get better contextual analysis to provide insights on the macro and micro at the same time. Higher quality data leads to better informed decisions.

How much do these systems cost? Digital platforms like Lucra can accommodate the varying risk profiles of firms as some will need a little and others, a lot. Through subscriptions and tiered pricing models, firms can have access to the latest tools and only pay for what they use.

The Bottom Line

Payment compliance and risk management is expensive, but the cost of non-compliance can be much worse. No one-size-fits-all compliance solution exists to meet the varying risk profiles of all firms but progressive organisations can access cloud computing solutions to improve their compliance and risk controls and adapt to the ever-changing AML landscape.

Lucra enables firms to manage their compliance with precision. For more information, contact Lucra.


Trent Larson is Head of Operations at Lucra. Previously he was led digital innovation efforts with IBM and KPMG.


bottom of page