Despite some regulatory easing in the United States and the goal of more standardization in Europe, the next chapter for banking and financial services is apt to be one fraught with new risks and challenges from cryptocurrency, artificial intelligence, and rising non-bank competition. Global fragmentation of banking regulation is another hurdle banks must overcome. Yet, just as risk is becoming more complex, compliance is being scaled back.
Bank chief compliance officers (CCOs) are facing rapidly shrinking budgets and headcounts as oversight, especially in the US, is pared back. But rather than a period of retrenchment, CCOs should look at the next few years as a window of opportunity in which they can redefine compliance’s mandate to better match the period of transformation facing financial services. No doubt, bank CCOs and the compliance function are at an inflection point.
CCOs should be viewed as more vital than ever. No longer monitors checking off compliance, next-generation CCOs now need to be entrepreneurial strategic leaders helping banks safely take advantage of the expansion of their new operating freedoms.
The challenge of AI and new competition from digital-first players and non-banks
One of the biggest challenges will be incorporating artificial intelligence into operations. Here, CCOs can play a significant role in assessing risk and regulation, as new AI-based tools are created for various parts of the enterprise, including compliance.
For most financial institutions, the adoption of AI began in targeted use cases where benefits were clear, improving accuracy and reducing noise in such areas as anti-money laundering alerts, sanctions screening, and transaction monitoring. But recent data reinforces a mixed but accelerating trajectory.
Roughly 85% of banks report some level of AI deployment, and approximately half of US risk and compliance leaders surveyed in 2025 indicated involvement in enterprise AI decision making. Yet, despite the proliferation, only about 15% of the executives said they considered themselves to be at the leading edge of AI use.
Another area of dramatic change for the financial services industry is heightened competition from digital-first players, including fintechs and Big Tech entrants, which are raising customer expectations for speed, accessibility, and personalization. Last year, in the US alone, there were more than 30 filings from fintechs and other nontraditional applicants for de novo charters, bank acquisitions, or conversions.
Why a new kind of CCO is key to the future of compliance
To take on these new challenges, the role of CCO must move from a posture of constraint to one of enablement — from risk averse to risk-tolerant. They must understand the new opportunities and help senior management build guardrails, so banks can control risk as they pursue new business areas.
That will require a new blueprint for how the CCO should function to become a true strategic partner for the C-suite. To support this expanded role, next-generation compliance may also demand a move away from departments populated by hordes of junior staffers to leaner operations with more senior managers.
We have identified five key strategies for next-generation CCOs. They are:
- The new CCO must move from being a rule-follower to becoming a regulatory navigator, guiding companies through an increasingly fragmented, unpredictable, and litigious regulatory landscape.
- CCOs and compliance need to be partners in developing banking’s growth agenda, moving beyond their former zero-tolerance posture to become enablers of innovation.
- Facing shrinking budgets and headcounts, CCOs must fundamentally rewire the compliance engine, making it more efficient, adaptable, and insight driven.
- CCOs must take a leading role in both AI adoption and governance, recognizing not only the scale of opportunity, but also the magnitude of the risks.
- With all the moving pieces in play, it will still be up to CCOs to reinforce compliance fundamentals and build cultures committed to compliance.
CCOs that hesitate to move toward a more strategic role now, during the current regulatory lull, may find the reinvention harder to accomplish in a more regulator-driven environment.
