89% of UK banks claim to meet financial crime compliance standards despite more than half lacking real-time risk detection
UK banks are facing a growing disconnect between confidence in their compliance capabilities and the systems needed to meet emerging real-time regulatory expectations, according to new research from TransactionLink.
The report, The End of Periodic Due Diligence: How UK Banks are Navigating the Shift to Event-Driven Compliance, surveyed 250 senior compliance decision-makers across Tier 1 and Tier 2 banks and building societies, and highlights significant gaps in readiness for continuous, event-driven due diligence.
While 89% of UK banks say they are confident in their ongoing due diligence obligations, less than half (43%) have a formal, documented framework in place to identify “trigger events” such as changes in customer behaviour, ownership or activity that should prompt immediate reassessment of risk.
These trigger events are becoming central to regulatory expectations as financial crime compliance shifts away from scheduled reviews and towards continuous monitoring, where firms are expected to detect and respond to meaningful changes in customer risk in real time rather than at fixed intervals.
Despite this shift, nearly all banks surveyed (97%) believe they are aligned with expectations set by the Financial Conduct Authority, while again less than half (45%) say they have a clear understanding of what continuous, event-driven due diligence actually requires in practice.
“Many banks believe they are more prepared for this shift than they actually are,” said Mateusz Pniewski, founder and CEO of TransactionLink. “What has traditionally been a periodic, rules-based compliance process is now moving towards real-time monitoring of customer risk. That requires firms to identify meaningful changes as they happen and respond immediately – and that is a fundamentally different operational challenge.”
Operational readiness remains limited across the banking sector. Only 39% of banks describe their monitoring as truly continuous, with half (50%) still operating on frequent periodic review cycles and 10% relying on annual or biennial reviews. Just over a third (36%) are running fully automated ongoing due diligence workflows, while just over half (54%) remain dependent on hybrid manual processes.
Planning and governance gaps are also significant. Fewer than half of banks (46%) have a fully funded transition plan in place for continuous monitoring, and only 38% have modelled the resourcing impact. Less than half (43%) report board or executive-level sponsorship for the transition, suggesting limited budgetary and strategic alignment at senior level.
The research also highlights a growing gap between awareness of required change and the ability to quantify it. While 54% of banks acknowledge that continuous due diligence will require significantly more resource, most have not yet fully modelled what that means in practice.
“The issue is not just recognition of the shift, but execution,” added Pniewski. “Many financial institutions know that continuous monitoring will require more resources, more automation and better data, but they have not yet translated that into a funded, operational plan.”
TransactionLink’s new report concludes that while most UK banks express confidence in their compliance obligations, a significant proportion still lack the operational frameworks required to deliver continuous, event-driven due diligence at scale.