In an age where AI is becoming no longer a good-to-have but a necessity for financial and compliance teams, being able to properly gage changing trends as well as the impact AI will have on the industry is critical. We recently spoke to Nir Carciente, Global Head of RegTech at ACA Group, to dive deeper into the topic and more.
For Carciente, the biggest challenge facing compliance teams in 2026 will not simply be keeping pace with regulation, but managing an increasingly complex compliance ecosystem.
“Compliance teams must now oversee more communications channels, data sources, AI use cases, and cross-border requirements, often without additional resources,” he says. At the same time, regulators expect firms to provide evidence that their controls are not only documented but also operating effectively in practice.
One of the biggest contributors to that complexity, Carciente argues, is the accumulation of point solutions over many years. Firms have invested in separate technologies for surveillance, communications monitoring, employee compliance, trade monitoring, risk assessments, data management and case management, yet those systems often fail to work together.
“The result is a fragmented view of compliance risk,” he says. “Critical context remains siloed across systems, making it difficult to connect activity, identify emerging risks, and demonstrate effective oversight.”
As a result, he believes the industry’s challenge has shifted. “In many firms, the challenge is no longer collecting data. Rather, it’s creating a unified view of that data across compliance functions and transforming it into actionable intelligence.”
That issue becomes even more pressing as AI becomes embedded across compliance operations. “AI is only as effective as the quality and accessibility of the underlying data,” Carciente says. “Without a consistent data model and connected workflows, firms risk creating more complexity rather than better oversight.”
He also expects regulatory expectations to continue rising as supervisors increasingly adopt AI and advanced analytics themselves. Those technologies are enabling regulators to identify patterns, anomalies and potential misconduct at greater speed and scale, raising the bar for firms’ own surveillance and oversight capabilities.
“That makes it even more important for firms to connect the dots across their own compliance ecosystem and maintain a holistic view of risk before regulators do.”
Carciente believes the firms that succeed will be those that move beyond disconnected compliance processes and build integrated, data-driven operating models capable of delivering consistent oversight in an increasingly AI-enabled regulatory environment.
Where AI delivers compliance value
Where is AI delivering the greatest value in compliance today, and where is the hype outpacing reality?
Carciente believes AI is already generating measurable value across compliance, particularly by accelerating labour-intensive workflows rather than replacing compliance professionals.
“The greatest value today is in targeted workflow acceleration,” he says. AI is proving especially effective where teams need to review, triage, summarise, prioritise or extract meaningful insights from large volumes of information.
The results, he adds, are increasingly tangible. Firms are reducing manual review effort, improving the consistency of investigations, shortening review cycles and allowing compliance teams to focus on higher-risk activities. He points to communications surveillance, marketing review, data extraction and normalisation, and transcript analysis as areas where AI is already delivering significant operational benefits.
However, Carciente argues that the industry’s expectations have, in some cases, moved ahead of reality. The biggest misconception, he says, is that AI can replace accountable compliance decision-making in highly regulated environments.
“The challenge is not generating an answer, it’s making a defensible decision with context, governance, and accountability.” Even if an AI model overlooks misconduct or produces an inaccurate recommendation, regulators will continue to hold the firm – not the technology – responsible for the outcome.
That is why human oversight remains indispensable. Rather than autonomous compliance functions, Carciente sees the strongest implementations as “AI-enabled compliance programs where technology augments human expertise within a governed and auditable framework.”
He notes that interest is now expanding beyond generative AI into agentic AI, particularly among larger hedge funds and sophisticated alternative investment firms experimenting with internally developed tools to automate research, monitoring and operational workflows.
Yet the biggest obstacles rarely lie with the models themselves. Instead, firms often underestimate the importance of data quality, accessibility and governance, alongside the engineering required to integrate AI into regulated operating environments.
“Building an effective compliance platform is not just about deploying a model,” Carciente says. “It requires integrated data, workflow orchestration, auditability, governance, and years of refinement based on real-world regulatory requirements.” That, he argues, is what separates an impressive proof of concept from a production-grade platform that organisations can confidently rely on, and defend to regulators.
For Carciente, the long-term direction of travel is crystal clear, in that the future of compliance is not autonomous AI replacing human judgement, but governed AI operating within a framework of human accountability, robust oversight, high-quality data and defensible decision-making.
What will be the next-gen of RegTech?
Looking ahead, what does Carciente think will define the next generation of RegTech platforms?
Carciente believes the next generation of RegTech platforms will be defined not by individual features, but by their ability to bring together fragmented compliance functions into a single operating model.
For years, he argues, firms have assembled collections of point solutions to tackle specific challenges, from communications surveillance and trade monitoring to employee compliance, data management and case management. While effective in isolation, those systems often create disconnected workflows, duplicate data and an incomplete view of compliance risk.
“What we’re increasingly hearing from clients is that they don’t need another dashboard or another AI feature,” Carciente says. “They need technology that helps them connect data, streamline workflows, and demonstrate effective oversight across the entire compliance lifecycle.”
In his view, three capabilities will distinguish the next wave of RegTech platforms. The first is a unified data foundation that connects people, communications, transactions, investigations, policies and controls into a single view of risk. The second is AI that is explainable, auditable and embedded within governed workflows rather than operating as a standalone capability. The third is interoperability across compliance functions, enabling firms to shift from reactive monitoring towards more proactive, intelligence-driven risk management.
Carciente also believes the market itself is becoming more discerning. While recent years have seen an influx of innovative RegTech providers introducing AI-powered capabilities and specialised tools, buyers are placing less emphasis on feature lists and more on measurable business outcomes.
“The question is shifting from ‘What can technology do?’ to ‘Can it improve oversight, reduce risk, and stand up to regulatory scrutiny?'” he says.
That evolution, he argues, is likely to accelerate consolidation across the RegTech market as firms seek integrated platforms and trusted long-term partners rather than managing an expanding collection of niche solutions. Increasingly, the challenge is not a lack of innovation, but the operational complexity created by disconnected technologies.
Against that backdrop, Carciente believes ACA’s combination of regulatory expertise, workflow technology, surveillance capabilities and managed services positions it well to support firms seeking a more connected approach to compliance.
Ultimately, he argues, the most successful RegTech platforms will not be those offering the longest list of features, but those that enable firms to manage risk more effectively, make better-informed decisions and demonstrate compliance through operating models that are efficient, scalable and defensible.
How ACA stays ahead
Carciente says ACA Group’s ability to stay ahead of an increasingly fast-moving regulatory environment stems from the combination of regulatory expertise, managed services and technology innovation.
“We stay ahead by operating at the intersection of regulatory expertise, managed services, and technology innovation,” he says. “One of ACA’s greatest strengths is that we are not solely a software provider.”
That broader operating model, he argues, gives the firm a distinct perspective on how regulation is evolving. “We have one of the industry’s most recognized regulatory advisory businesses and a large managed services practice that works directly with firms on the day-to-day execution of compliance programs. That gives us unique visibility into emerging regulatory expectations, operational challenges, and the practical realities firms face when implementing compliance controls.”
Because ACA works so closely with clients’ compliance teams, Carciente says the firm is often able to identify emerging trends before they become widespread across the market.
“We are deeply embedded in our clients’ compliance operations, so we often see regulatory and market trends emerge before they become broader industry concerns. Those insights directly inform how we evolve our technology, workflows, and service offerings.”
Client collaboration is another key part of that process. “The best compliance solutions are built alongside the firms that use them every day,” he says, pointing to ACA’s customer advisory boards and user groups as important channels for gathering feedback on product priorities, emerging use cases and evolving regulatory challenges.
Alongside that engagement, ACA continues to invest heavily in research and development. Carciente highlights the company’s new innovation centre in Durham, North Carolina, which has been established to accelerate the development of AI-driven compliance solutions.
“Our focus is not simply adding features,” he says. “It is building integrated solutions that help firms manage risk, streamline oversight, and demonstrate compliance more effectively.”
Looking ahead, Carciente believes success will depend on more than simply tracking regulatory developments. “The regulatory landscape is evolving faster than ever,” he says. “Staying ahead requires more than monitoring change. It requires the ability to translate change into practical controls, scalable workflows, and technology solutions that deliver measurable outcomes.”
“That combination of expertise, execution, customer partnership, and innovation is where ACA is uniquely positioned.”
Trends that are being underestimated
What emerging market conduct regulatory trend does Carciente think firms are still underestimating?
Carciente believes many firms are underestimating a fundamental shift in market conduct compliance: oversight is becoming less about deploying individual surveillance tools and more about connecting data across the organisation.
“Many firms are still underestimating how quickly market conduct oversight is becoming a connected-data problem rather than a surveillance-tool problem,” he says.
According to Carciente, conduct risk now spans a far broader range of channels than traditional monitoring programmes were designed to address. “Today, conduct risk extends across communications, trading activity, voice recordings, collaboration tools, mobile messaging, and increasingly AI-assisted workflows. Regulators are no longer looking at these areas in isolation. They expect firms to connect the dots and demonstrate that risks are being identified, investigated, and escalated consistently.”
Artificial intelligence is adding another layer of complexity. As employees increasingly use AI to generate content, conduct research and support decision-making, Carciente says firms will need to rethink how they approach supervision, accountability, recordkeeping and evidencing the rationale behind decisions.
For many organisations, however, the biggest challenge lies beneath the surface.
“The real issue is not just tooling, it is connectivity,” he says. “Where firms operate across fragmented systems and datasets, they expose a fundamental control gap, losing the ability to link activity, context, investigations, and outcomes, and making effective oversight difficult to evidence.”
That shift, Carciente argues, will shape the next phase of regulatory scrutiny. Rather than focusing primarily on whether firms have appropriate policies in place, regulators will increasingly expect organisations to demonstrate that those controls are working in practice.
“I believe the next wave of regulatory scrutiny will focus less on whether firms have policies and more on whether they can provide evidence that their controls are working in practice,” he says. “Firms that can connect data, workflows, and decision-making into a defensible audit trail will be significantly better positioned than those relying on disconnected systems and manual processes.”
ACA’s biggest opportunity
For Carciente, the next phase of growth is being shaped by the convergence of compliance, risk and technology as artificial intelligence becomes embedded across the compliance lifecycle.
He argues that firms are moving beyond point solutions in favour of integrated approaches that combine technology with specialist expertise and operational execution. “Organizations are looking for more than individual tools,” he says. “They want integrated solutions that combine technology, expertise, and execution to create scalable and defensible compliance programs.”
Carciente believes ACA is well positioned to meet that demand because of the breadth of its engagement with clients. Through its advisory, managed services and technology businesses, the firm has what he describes as “a front-row seat” to changing regulatory expectations, operational pressures and emerging technologies. That visibility provides a deeper understanding of where compliance functions are heading and the practical challenges firms need to solve.
Artificial intelligence is central to that strategy, but Carciente stresses that the focus is firmly on delivering measurable business outcomes rather than deploying technology for its own sake. “Our goal is not to add technology for technology’s sake,” he explains. “It is to help clients improve oversight, streamline workflows, and make better-informed compliance decisions.”
Looking ahead, he sees one of the industry’s greatest opportunities in helping firms adopt AI responsibly. As deployment accelerates, organizations will need support not only in implementing AI-powered capabilities, but also in governing their use through appropriate controls and protecting them against emerging risks. ACA’s ability to bring together implementation, governance and security is, he argues, a key differentiator.
He said, “Ultimately, the opportunity for ACA is to help firms move from fragmented compliance programs to connected, intelligence-driven operating models that are more efficient, scalable, and defensible.”
Advice for compliance leaders
What advice would Carciente give to compliance leaders for the future? Here, the ACA global RegTech head thinks its key not to treat compliance strategy and technology strategy as separate conversations.
He explained, “The pace of regulatory change, the growth of data, and the adoption of AI are fundamentally changing how compliance operates. The firms that will be most successful are the ones that embed governance, risk management, and compliance considerations into technology decisions from the outset, rather than trying to retrofit controls later.”
Equally important for Carciente is the importance of building strong foundations. AI, automation and advanced analytics are able to deliver tremendous value, but only in his view when they are supported by data accountability, quality data and well-defined processes.
He concluded, “Ultimately, compliance leaders have an opportunity to move beyond being viewed solely as risk mitigators. The most effective leaders will be those who help their organizations innovate responsibly, scale confidently, and demonstrate trust in an increasingly complex regulatory environment.”
Copyright © 2026 RegTech Analyst
Copyright © 2018 RegTech Analyst





