RegASK’s 2026 State of Regulatory Affairs and Compliance Report reveals growing AI maturity, but cautions that leadership-operations misalignment could hinder progress.
NEW YORK & SINGAPORE – NOV 18, 2025 – Regulatory pressure is rising at a pace many companies can’t keep up with. According to RegASK’s newly released 2026 State of Regulatory Affairs and Compliance Report, 83% of regulatory professionals reported an increase in regulatory volume, a 34% surge from last year. This upswing is overwhelming legacy systems, with serious consequences. More than one-third (37%) of regulatory teams surveyed said their organization missed a regulatory requirement in the past year, and among those, 50% of senior leaders estimated the financial loss to be between US$500,000 and US$1 million, and 14% reported losses exceeding US$1 million. Based on insights from 162 regulatory professionals and senior leaders worldwide across the life sciences and consumer product industries, the report underscores a clear industry mandate: regulatory agility is no longer optional. It has become a key driver of business growth and resilience, and teams recognize that AI will play a defining role in achieving it. The report finds that while the usage and demand for AI has doubled in the past 12 months, the perception gap between leadership expectations and frontline realities remains a key barrier to operationalizing it effectively. Today, most senior leaders believe their teams can respond to new regulations within a week, but the reality on the ground is a demanding one- to four-week scramble that often relies on manual tracking, reactive fixes, and limited resources. When leadership underestimates the time and resources required for compliance, it can lead teams to focus on immediate fixes rather than long-term preparedness. This misalignment often limits the investment operational teams get for advanced tools, leading to missed deadlines, team burnout, and a perpetual cycle of catching up. It also explains why 56% of operational teams surveyed are turning to general-purpose LLMs to solve immediate compliance challenges, rather than waiting for enterprise rollouts. “AI has evolved from being an emerging opportunity to a strategic capability,” said Caroline Shleifer, Founder & CEO of RegASK. “But the real challenge isn't deciding to adopt AI. It's making sure leadership's envisioned plans and timeline matches the reality of what operational teams actually need. That alignment is what enables effective AI adoption and true regulatory agility.” When it comes to advanced applications like agentic AI, adoption remains nascent. Only 7% of senior leaders and 16% of operational teams say they are actively using it today, while 39% have never heard of the technology. This disparity shows that AI maturity is still evolving across regulatory teams, with early adopters shaping standards others will soon have to follow. Key Findings from the 2026 State of Regulatory Affairs and Compliance Report: Market Leaders Move Fast: Only 7% of organizations can identify a new regulation and execute a response plan within 48 hours, giving them first-mover advantage in compliance and market access. Most teams operate at a much slower rate, with 16% taking more than a month to respond.
Compliance Blind Spots Carry a High Price: The cost of missing a regulatory requirement extends beyond financial losses. Among the senior leaders who missed a regulatory requirement, 46% faced delayed or canceled product launches, 39% experienced clinical trial disruptions, 36% had product recalls, and 25% suffered brand reputation damage.
Most Regulatory Teams Remain Analog: Despite growing regulatory volume and enthusiasm for AI, most compliance teams still rely on manual workflows. 65% of respondents depend on newsletter alerts from regulators or aggregators, and 48% depend on a dedicated team to manually track updates and translate implications across functions. AI Adoption Builds Momentum: The shift from interest to implementation is improving. Today, 27% of organizations use vertical AI platforms to track regulatory changes - a 42% increase from last year’s 19%. This steady rise shows that teams are moving beyond pilots and beginning to integrate AI into daily compliance workflows. The report outlines a clear trajectory for the function’s evolution. Over the next three years, Regulatory Affairs will transition from a reactive cost center into a strategic command function, powered by AI-driven insights, cross-functional integration, and human oversight. As AI takes on more execution tasks, human expertise will move upstream to focus on judgment and strategy. Teams must develop new skills such as AI literacy, oversight and quality assurance of AI outputs, and ethical reasoning to stay relevant. “The data is clear. The focus has shifted from wanting AI to operationalizing it, and the future belongs to the augmented team where humans lead and AI enables,” said Amenallah Reghimi, RegASK’s Chief Product and Technology Officer. “The goal is not to replace experts, but to free them from low-value work so they can focus on what truly moves the business forward. This is Augmented Intelligence in action, and it's defining the new era of regulatory excellence.” Download the 2026 State of Regulatory Affairs and Compliance Report here. About RegASK
RegASK is an AI-driven platform enabling end-to-end regulatory intelligence and workflow orchestration. It automates regulatory intelligence with curated content, actionable insights, and workflow automation, while connecting a global community of over 1,700 subject matter experts for streamlined compliance execution. By combining Agentic AI efficiency with deep regulatory expertise, RegASK empowers organizations to proactively manage compliance and navigate complex regulatory landscapes with confidence. To learn more about RegASK visit regask.com.
Media Contact
Corporate Ink for RegASK
RegASK@corporateink.com
Company unveils refreshed brand following customer research across Australia, New Zealand, and UK
Sydney, Australia, 2 Dec 2025 – Financial crime prevention technology provider ThirdEye has announced a rebrand, simplifying its name from Jade ThirdEye and updating its visual identity to better reflect its positioning as a partner to compliance and financial crime professionals.
The rebrand follows extensive customer research across ThirdEye's three key markets, Australia, New Zealand, and the UK, which revealed alignment between what compliance professionals need from technology partners and what ThirdEye has built its business around: genuine partnership, local expertise, and flexible solutions.
"Financial crime prevention is meaningful, complex work that often lands on small teams carrying significant responsibility," said Piet van den Boer, Head of Marketing at ThirdEye. "What became clear through our research is that compliance professionals need partners who understand that reality, not vendors selling rigid products. That's what we've always believed, and this rebrand clarifies our commitment to it."
The company provides transaction monitoring, customer screening, case management, and regulatory reporting solutions to mid-sized financial institutions. ThirdEye's approach emphasises customisation to each client's specific risk landscape, local support teams, and ongoing partnership throughout the customer lifecycle.
The rebrand includes a new visual identity, updated messaging framework, and simplified naming across all markets. The changes are designed to strengthen ThirdEye's market presence while maintaining continuity for existing customers and partners.
ThirdEye serves financial institutions across Australia, New Zealand and the United Kingdome and operates as part of Jade Software, a Certified B Corporation.
For more information about the rebrand and what's driving the change, visit: https://jadethirdeye.com/blog/your-partner-in-fighting-financial-crime/
About ThirdEye
ThirdEye provides financial crime prevention technology to mid-sized financial institutions across Australia, New Zealand, and the UK. The company's solutions include transaction monitoring, customer screening, case management, and regulatory reporting tools designed to help compliance teams detect real threats, reduce manual work, and meet regulatory requirements with confidence. ThirdEye is part of Jade Software, a Certified B Corporation. Learn more at https://jadethirdeye.com.
Media Contact: Piet van den Boer, Head of Marketing, ThirdEye, pvandenboer@jadethirdeye.com, +61 408 686 550
Australia’s AML/CTF landscape is shifting fast — and the expansion of Tranche Two will bring more than 90,000 additional businesses into scope. But behind the regulatory change is a deeper purpose: disrupting the criminal networks that cause real harm to people, communities, and national security.
As organised crime adapts, so must our risk and compliance frameworks.
Personr explores the human impact behind AUSTRAC’s reforms and why a risk-based, intelligence-led approach is now essential.
Read the full analysis: https://www.personr.co/industry-insights/humanising-aml-and-compliance
The Financial Action Task Force (FATF) has announced the outcomes of its October 2025 plenary — shaping the next phase of the global fight against money laundering, terrorism financing, and illicit flows.
Four countries have been removed from the “grey list”, while the FATF is increasing its focus on generative AI and deepfakes as emerging tools for criminal activity.
For Australian institutions, these developments are a timely reminder to reassess risk ratings and prepare for Tranche 2 AML/CTF reforms.
Read the full analysis via Personr: https://www.personr.co/industry-insights/fatf-announces-outcomes-of-october-2025-plenary---what-went-down-and-why-it-matters
Yellow Canary and The Access Group have formed a strategic partnership to transform how SMEs approach payroll compliance.
By combining Access Group’s trusted payroll software with Yellow Canary’s automated compliance audit platform, SMEs can now access the same assurance long relied upon by some of Australia’s largest employers.
Payroll is one of the largest costs for Australian businesses, yet it remains notoriously difficult to manage because modern awards and enterprise agreements are complex, constantly evolving, and easy to misapply. On top of this, recent court decisions and legislative changes have made it clear that regular payroll reconciliation is no longer optional.
Until now, many organisations have traditionally relied on manual data exports or costly outsourced reviews to assess payments to employees. These approaches are often narrow in scope and performed infrequently, which means errors that occur early in the year can go unnoticed until they are too entrenched to fix systemically.
Left unaddressed, these errors can quickly escalate, exposing organisations to financial, legal, and reputational consequences, while also eroding employee trust.
Marcus Zeltzer, co-founder and Managing Director at Yellow Canary, explains what the partnership means for SMEs:
With Yellow Canary’s automated payroll compliance audit layer embedded into Access Group’s payroll ecosystem, SMEs can now access a new service offering, Pay Assurance. This solution provides a seamless, cost-effective way to gain clear visibility into how employees are paid under modern awards and enterprise agreements.
By integrating payroll data directly, SMEs can identify and quantify payroll errors, trace their root causes, and act before issues escalate, all without the burden of complex implementation.
The partnership will launch with Yellow Canary’s Pay Compliance solution, covering wages and salaries under modern awards and enterprise agreements. Over time, it will expand to address other payroll complexities across superannuation, leave, and benefits.
Download the Annual Salary Arrangement Compliance Guide 2025, jointly compiled by Yellow Canary and The Access Group, to unlock expert insights on payroll compliance and Annualised Salary Arrangements.
Boston, MA and Sydney, Australia – Oct. 8, 2025 – SpinOne, a leading provider of SaaS security solutions, and BCyber, Australia’s premier cybersecurity risk management group, today announced a strategic partnership that integrates SpinOne’s advanced SaaS Security Posture Management (SSPM) capabilities with BCyber’s industry-leading GRACE platform. This groundbreaking collaboration transforms how organizations approach cybersecurity governance by replacing manual, spreadsheet-based processes with automated, real-time security controls and comprehensive cyber resilience.
The partnership addresses a critical gap in the cybersecurity market where organizations struggle to maintain effective governance over their expanding SaaS ecosystems while ensuring rapid response to emerging threats. “The integration with SpinOne transforms our GRACE platform into a comprehensive cybersecurity command center,” says Graham Chee, BCyber’s Managing Director and Co-Founder. “Organizations no longer need to choose between robust security controls and efficient governance – they can have both through our combined offering.”
By combining SpinOne’s cutting-edge ransomware detection and data protection technologies with BCyber’s proven Governance, Resilience, Assurance, Compliance and Education (GRACE) framework, organizations can now achieve comprehensive cyber resilience without sacrificing operational efficiency.
The SpinOne-GRACE integration delivers four key capabilities that redefine enterprise cybersecurity management:
Unified Governance with Real-Time SaaS Security Controls – Organizations can transform from reactive spreadsheet management to proactive, automated governance. SpinOne’s comprehensive SSPM capabilities feed directly into BCyber’s GRACE platform, providing continuous monitoring and automated compliance reporting across Microsoft 365 environments. This eliminates manual tracking inefficiencies while ensuring real-time visibility into security controls aligned with organizational risk appetite.
Proactive Risk Assessment with Real-Time Threat Detection – The combined platform prevents risky applications and stealthy ransomware attacks from compromising data security postures. BCyber’s enterprise risk intelligence methodology integrates with SpinOne’s advanced app detection to create comprehensive risk assessment frameworks, complete with streamlined visibility, shadow IT discovery, and approval processes. The platform’s 24/7 ransomware monitoring feeds critical risk indicators directly into GRACE’s risk assessment workflows, enabling organizations to quantify SaaS-related risks with precise data while automatically taking protective action.
Advanced Data Protection with Compliance Orchestration – SpinOne’s comprehensive DLP capabilities work alongside BCyber’s compliance management expertise to create end-to-end data protection strategies. The platform automatically classifies and protects sensitive data across SaaS applications while ensuring adherence to regulatory requirements through GRACE’s compliance tracking and reporting mechanisms, providing both technical data protection and regulatory assurance in a unified approach.
Resilient Business Continuity with Rapid Recovery – The integration transforms business continuity planning through SpinOne’s patented ransomware detection and recovery technology within BCyber’s resilience framework. Organizations can achieve sub-2-hour ransomware recovery capabilities with 99% recovery accuracy and 90% cost reduction, while maintaining automated backup management aligned with business continuity objectives and comprehensive resilience reporting for stakeholder assurance.
“This partnership represents a fundamental shift in how organizations can approach cybersecurity governance,” notes SpinOne CEO Dmitry Dontov. “By integrating our advanced SaaS security capabilities with BCyber’s proven governance framework, we’re enabling organizations to move beyond reactive security management to proactive, automated cyber resilience.”
The SpinOne-GRACE integration addresses the growing challenge faced by organizations managing increasingly complex SaaS environments while maintaining regulatory compliance and operational efficiency. Traditional approaches relying on manual processes and spreadsheet tracking are proving inadequate against sophisticated threats and regulatory requirements.
The combined platform is immediately available to existing SpinOne and BCyber clients, with new implementations supported through both companies’ partner networks. Organizations interested in the integrated solution can contact either SpinOne or BCyber directly to schedule demonstrations and implementation consultations.
BCyber is Australia’s premier cybersecurity risk management group, elevating cyber risk management into a strategic advantage. Our cutting-edge Governance, Resilience, Assurance, Compliance and Education (GRACE) solutions modernize outdated practices, creating smart, automated frameworks that align with your business vision – move from manual spreadsheet-based processes to automated, intelligent governance frameworks that align security controls with business objectives Equipping organizations with customized strategies and expert insights to navigate the complex cyber landscape confidently.
SpinOne is a leading provider of SaaS security solutions, protecting organizations’ critical data across cloud applications with comprehensive Security Posture Management, Data Loss Prevention, and advanced ransomware detection and recovery capabilities. The company’s patented technologies enable rapid threat response and business continuity for organizations worldwide.
BCyber: Karen Stephens, Co-Founder & CEO karen@bcyber.au
SpinOne: Lindsey Watts, VP of Marketing marketing@spin.ai
Fresh FundWA investment signals strong conviction in Personr’s mission as Tranche 2 reforms approach.
FundWA has doubled down on Perth-based AML compliance startup Personr, providing follow-on capital just months after backing its seed raise.
The investment cements Western Australia’s role as a driver of national financial technology innovation ahead of the Government’s Tranche 2 AML reforms.
Founded by Charlie Westerman and Nick Ahrens, Personr was born from Westerman’s personal experience with identity theft in 2019.
That setback has since evolved into one of Australia’s most comprehensive AML compliance platforms, already used by nearly 100 businesses across the country.
“Securing two raises in such a short timeframe demonstrates strong conviction in both our mission and execution,” said Co-Founder Nick Ahrens. “It reflects the urgency of the compliance challenges we’re solving and the clear momentum Personr has built.”
Leading a New Era of Compliance
Personr enables businesses to:
In 2025, it was recognised by Aventine Labs as the most comprehensive and innovative AML platform.
With Tranche 2 reforms set to bring 100,000 Australian businesses — including real estate agencies, law firms, and accountants — under AUSTRAC regulation by 2026, Personr is already helping companies prepare.
FundWA CEO Glenn Butcher said the mission aligns with a global shift toward automated compliance.
“In a world where regulations are getting tougher and the cost of human error is soaring, companies need smarter, faster ways to handle things like identity checks and fraud prevention,” he said.
“We see Personr as building essential digital infrastructure, helping businesses thrive in a complex world by turning a compliance headache into a competitive edge. It’s a powerful idea, and we’re excited to back it.”
Nick Ahrens said the Tranche 2 reforms also represent a major shift for Australian compliance, throwing thousands of businesses under AUSTRAC regulation.
“Personr is helping those businesses get ahead by simplifying compliance, making it faster, more cost-effective, and scalable,” he said.
A West Australian Success Story
Personr surged last year, growing its customer base fivefold and revenue twelvefold — proof of urgent demand for smarter compliance and the strength of WA innovation.
FundWA general partner Pia Turcinov said WA has long led in high-stakes industries like mining and defence, where risk and security are critical. Personr brings that same disciplined, security-first approach to the digital world.
“By building a world-class RegTech business out of Western Australia, Personr is showing that WA's unique expertise in critical infrastructure can be translated into cutting-edge software for a global market. It's proof that our local talent can solve global problems, solidifying WA's reputation as a hub for leading innovation and integrity,” Ms Turcinov said.
Personr Co-Founder Charlie Westerman said the quick follow-on support proves the team is delivering results and winning belief in its mission.
“We’re entering a period of hypergrowth, driven by urgent regulatory changes and a clear need for smarter compliance infrastructure,” Mr Westerman said.
“Personr is not just keeping pace with regulation, we’re an example of how a WA-based scaleup is redefining compliance nationally.”
Why Personr’s story matters
Media EnquiriesArtemisia Blythe Communications & Content Lead arte@personr.co https://www.personr.co/
BNP Paribas will deploy Corporate Digital Identity to accelerate data-driven transformation
London, UK – 30th September, 2025 — Encompass Corporation, the global leader in Corporate Digital Identity (CDI) solutions, today announced details of a financing round led by BNP Paribas, one of Europe’s leaders in banking and financial services. This investment will accelerate Encompass’ ability to further develop their CDI platform, EC360, enabling the delivery of scalable, secure and future-ready solutions that meet the needs of client-centric banks.
“The investment from BNP Paribas is a powerful endorsement of the transformational impact of our Corporate Digital Identity technology,” said Wayne Johnson, CEO and Co-Founder of Encompass Corporation. “This strategic commitment from one of Europe’s most respected financial institutions will help shape the future of client onboarding and digital transformation.”
EC360 removes manual research with 100% automation of the KYC search procedure. Using bespoke automation rules to build complete CDI profiles in real-time, EC360 provides the foundation for BNP Paribas’ client-focused KYC at onboarding and throughout the client lifecycle.
“This investment reflects our commitment to supporting our clients right from the very first interaction with BNP Paribas, leveraging technology to constantly enhance their experience” said Boris Leblanc, Chief Operating Officer, Corporate and Institutional Banking, BNP Paribas. “By partnering with Encompass, we will use the power of intelligent automation to further streamline onboarding, reduce friction, and deliver a faster, more seamless, and secure client experience across our integrated banking model.”
Encompass’ platform complements this approach by delivering structured, high-quality data that supports AI-driven decision-making, automation, and client engagement. Existing customers of Encompass’ CDI platform benefit from streamlined onboarding, reduced manual processes, and improved transparency across jurisdictions.
This funding round positions Encompass as a trusted partner for financial institutions seeking to modernize their operations and embrace the future of digital identity and AI-powered transformation.
About Encompass Corporation
Encompass enables fast, accurate identity validation and verification of corporate clients, and a gold standard approach to KYC. Our award-winning EC360 Corporate Digital Identity (CDI) platform and innovative EC solutions incorporate real-time data and documents from authoritative global public data sources and private client information, to create and maintain digital risk profiles. With Encompass, the world’s leading banks improve client experience and increase business opportunities through consistent regulatory compliance and risk mitigation.
Encompass Corporation media contact:Magalie Pimentel, VP Marketing magaliepimentel@encompasscorporation.com+44 (0)7584 430847
The scope of Australia’s Tranche 2 AML/CTF reforms is widening, and this time, lawyers are in focus.
From 1 July 2026, law firms providing designated services will be required to comply with AUSTRAC’s Anti-Money Laundering and Counter-Terrorism Financing regime. That means new obligations in customer due diligence, monitoring, reporting and record keeping.
While the changes raise compliance challenges, they also present an opportunity: strengthening practice standards, improving client trust, and building resilience against financial crime.
Read more from Personr about what’s coming, lessons from overseas, and the role technology will play: https://www.personr.co/industry-insights/lawyers-to-shoulder-new-compliance-burden-in-2026
Melbourne, 29 September 2025 – FrankieOne today announced a strategic partnership with Daon. These leaders in global identity fraud prevention are bringing a new identity orchestration platform to the market to combat the growing threat of AI-driven fraud and deliver more secure, seamless, and scalable identity verifi cation worldwide.
The rise of deepfakes, synthetic identities and AI-powered spoofi ng attacks has accelerated globally, putting fi nancial institutions, fi ntechs, and regulators on high alert. At the same time, customer expectations for fast, frictionless onboarding continue to grow. This tension is pushing organisations to adopt more advanced biometric and identity verifi cation technologies.
By integrating Daon’s AI-driven biometric and document verifi cation capabilities into FrankieOne’s single API and orchestration layer, customers gain access to world-class identity verifi cation, multi-modal liveness detection, and advanced anti-spoofi ng measures. The partnership enables businesses to fi ght evolving fraud threats while maintaining compliance with complex regulatory requirements such as APRA and AUSTRAC in Australia, and their equivalents worldwide.
“We chose Daon because they bring true depth in biometrics to global markets - from regulatory-grade data sovereignty and faster processing times to libraries trained on diverse identity documents worldwide. Their multi-modal biometrics, NIST-tested accuracy, and advanced liveness detection give our customers access to best-in-class identity verifi cation. By combining Daon’s strengths with FrankieOne’s orchestration layer, we’re enabling regulated institutions to seamlessly escalate to stronger checks, expand confi dently into new markets, and deliver a secure yet frictionless customer experience.” Kim Wrobel - [Head of Partnerships, FrankieOne]
The partnership also highlights Daon’s commitment to bringing its trusted identity fraud prevention capabilities to new markets and industries through strategic collaborations.
“Partnering with FrankieOne allows us to bring our AI-driven biometric and identity verifi cation technologies to even more customers in a way that’s fl exible, scalable, and globally compliant. The combined platform makes it simple for organisations to deploy the right verifi cation tools for their risk profi le and jurisdiction. Together, we’re giving businesses the confi dence to fi ght fraud and meet complex regulatory demands without compromising user experience.” John Duggan — [Executive Vice President - APAC, Daon]
FrankieOne’s platform connects to more than 350 global data sources and verifi cation vendors, giving clients the ability to choose the right tools for their specifi c risk profi le, jurisdiction and customer base. By adding Daon’s proven identity technology expertise to its ecosystem, FrankieOne strengthens its position as the most fl exible and future-ready identity platform for regulated industries.
About FrankieOne FrankieOne provides a comprehensive identity and fraud prevention solution covering the full lifecycle of customer and business onboarding, KYC, KYB, and ongoing monitoring. Through a single integration, FrankieOne connects to over 350+ global data sources and verifi cation vendors.
About Daon Daon is a global leader in biometric identity assurance, with more than two billion identities verifi ed across 230+ countries and territories. Its multi-modal biometric solutions provide organizations with advanced fraud protection, regulatory compliance, and seamless user experiences.
© 2023 The RegTech Association
