The Cost of Inadequate Compliance
FX & Float Memo #7
People look for the cost of inadequate compliance in various reports of the compliance team’s various reports. But this shows only half the picture. The full cost is spread across customer churn data, onboarding drop-off rates, support ticket volumes, and banking partner notices. Usually, when someone connects these dots back to the inadequate compliance infrastructure that caused them, the damage is already done.
This is the second of two Memos on compliance in payments. Memo #6 covered how the compliance stack is built in fintechs, outlining the five layers from KYC through regulatory reporting, and why fintechs often underinvest in each of them. This Memo covers where to look for the cost of inadequate compliance, why it is easy to misattribute, and what it would take to measure it honestly.
What most people believe
Most fintechs measure their compliance function’s performance by regulatory outcomes. If there are no fines and no regulatory notices, compliance is working well.
This is a dangerously incomplete picture. Regulatory outcomes measure one dimension of compliance: whether the company meets its minimum legal obligations. They say nothing about whether the compliance function is supporting or undermining the business. It’s possible that even a fully compliant company can churn customers, lose banking partners, and shrink its revenue growth because its compliance function is underperforming.
The real cost of inadequate compliance goes well beyond the fines and notices received. The real cost is a slowdown in business growth because compliance is too slow, too manual, or too opaque to support it.
Where the costs surface
The customer experience cost
The most direct cost of inadequate compliance is damage to the customer experience at the two most critical moments: onboarding and transaction processing.
For onboarding, the typical failure occurs when the KYB process is not designed from the customer’s perspective. A badly designed process looks like this: the application flow requests documents the customer was not told to prepare, the compliance team requests additional documents, and the customer resubmits. The compliance team again requests clarifications that weren’t clear in the ask. Each round takes two to three business days because the review queue is manually managed. After a few rounds, the customer has lost all inclination to work with the fintech.
This gets recorded as an incomplete application. But it is actually a customer lost due to a poorly designed onboarding flow, one built around the compliance team’s process rather than the customer’s journey.
In transaction processing, the typical failure occurs when a transaction goes into a compliance hold. A payment is flagged by the transaction monitoring system and placed on review. The customer receives a templated notification that their transaction is under review and that they will be contacted if further information is needed: no timeline, no explanation and no personalisation. The manual review takes three to five days to clear. The customer calls customer support, who cannot access the case details because the compliance and support systems are not integrated. The customer escalates. But by the time the hold is released, the lack of funds has resulted in a missed financial commitment. The relationship is now damaged.
The banking partner cost
Banking partners, by design, have an interest in the quality of the fintech’s compliance programme. They usually conduct periodic reviews to assess it and ensure there are no breaches.
If a banking partner observes gaps in compliance processes, like high false-positive rates, SAR filing backlogs, or gaps in regulatory reporting, these will come up during their review. The partner’s response options range from requiring a remediation plan to adding restrictions on corridors or customer types to terminating the relationship. The last option, though rare, can be existential for the fintech.
The more common outcome is that the banking partner imposes certain requirements on the fintech. These can be in the form of restrictions on specific customer categories, caps on transaction volumes in certain corridors, or more frequent reporting obligations. These requirements can directly constrain the business by limiting the corridors, customers, and transaction types the fintech can serve. The revenue loss because of these restrictions is rarely attributed to inadequate compliance. It is generally shown as a commercial headwind with no root cause or solution.
The revenue cost
Another cost of inadequate compliance is that it shrinks revenue in ways that are genuinely hard to measure. The difficulty of measurement means that this aspect of the cost is consistently overlooked.
The most significant revenue shrinkage is due to lower onboarding conversion. A business customer who abandons the KYB process midway is not a lost compliance case; they are a lost revenue opportunity. If the average revenue per business customer is $3,000 annually and the fintech’s onboarding completion rate is 50% against a competitive rate of 70%, the gap represents foregone revenue due to a poor onboarding experience.
The second shrinkage occurs in the volume from existing customers. A business that has experienced a compliance hold often reduces its transaction volume as a precautionary measure. Unexpected delays in the movement of funds are costly for any business managing cash flow. Rather than routing all of its cross-border payments through the fintech and risking cash-flow disruption, it splits volume across two providers. The customer’s share of wallet drops, but this drop is rarely connected back to the compliance experience that caused it.
The third suppression is in customer referrals. B2B payments are a relationship-driven market. Businesses recommend providers to their networks when they are satisfied with them. A business that had a poor compliance experience does not.
The regulatory cost
The regulatory cost is the one that gets measured, and often the only one, because it is impossible to ignore. A regulatory action, a fine, or a licence restriction has a number that is straightforward to calculate.
But even here, most companies underestimate the full cost. The direct penalty is the most visible figure, but it represents only part of the total. The remediation programme required after any regulatory action typically costs significantly more: external auditors, compliance consultants, technology upgrades, and additional headcount, all under stretched timelines that drive costs higher. These are rarely attributed to inadequate compliance and are treated as one-time project costs.
The reputational cost is harder to measure but equally important. A regulatory action is public. All future conversations with banking partners, investors, and enterprise customers will involve managing the fallout.
Why the cost gets misattributed
The primary reason the cost of inadequate compliance is consistently underestimated is that it is distributed across the organisation rather than aggregated in one place.
Churn from compliance friction shows up in the customer success team’s retention reports and is misattributed to product dissatisfaction or competitive pricing. Onboarding drop-off shows up in the acquisition team’s funnel analysis, attributed to friction in the application flow. Banking partner restrictions appear in the operations team’s corridor reports and are attributed to banking relationship issues. The compliance team, whose metrics focus solely on regulatory outcomes, has no visibility into the business impact of its decisions.
This is why compliance should be treated as a core operational function. Inadequate compliance affects GTM, operations, and product - all at the same time, without any single team seeing the full picture.
What honest measurement looks like
To measure the impact of inadequate compliance honestly, companies need to track compliance as a business function, not just a legal one.
They should track onboarding completion rates by customer type and by compliance decision point to see exactly where in the KYB process customers are abandoning.
They should track compliance hold rates, hold duration, and post-hold churn to see the direct relationship between holds and customer churn.
They should track false-positive rates in transaction monitoring and the cost of manual review to quantify the benefit of investing in better rule calibration.
They should track changes in customer volume in the 90 days following a compliance interaction to see the indirect revenue impact.
These are business metrics that directly measure the output of the compliance function. Tracking them requires the compliance, product, and commercial teams to share data and accountability in ways that most fintechs are not yet structured to support.
What this means
Inadequate compliance has three costs that compound over time and reinforce each other.
The customer experience cost is immediate. Customers who experience poor compliance interactions churn, refer less, and reduce volume. This cost is recoverable if the underlying infrastructure is improved. But delays lead to this cost compounding heavily.
The banking partner cost is slower to materialise but much harder to reverse. A banking relationship flagged for compliance concerns takes years to recover fully. A banking relationship that ends cannot always be replaced in the same corridors at the same cost.
The regulatory cost is the most visible. The remediation and opportunity costs that follow a regulatory action typically dwarf the penalty itself.
All three costs have one common characteristic: they are preventable. They can be prevented by investing in the right compliance infrastructure, as covered in Memo #6. Companies that build the compliance stack properly avoid regulatory problems while building a compliance function that actively supports growth rather than constraining it.
The result of poorly done compliance shows up everywhere: in customer churn data, in long support queues, in tough conversations with banking partners, and in slowing revenue numbers. You simply have to know where to look.

