Financial firms are facing a dual challenge as digital acceleration generates unprecedented volumes of data that compliance teams must manage alongside evolving regulatory demands.
The traditional view of compliance as a back-office, box-checking function is giving way to a more strategic role, positioning risk teams as partners that help firms innovate safely.
Industry leaders and data privacy experts gathered at the recent Smarsh Connect event in London to map out this transformation across the financial sector.
The overriding consensus from the summit was the need to move forward confidently while mastering a complex web of digital communications and maintaining corporate trust.
Modern employees now interact across dozens of platforms, from instant messaging apps to collaborative tools, generating vast quantities of unstructured data that traditional databases struggle to capture.
Smarsh chief executive Kim Crawford Goodman addressed the challenge directly, saying: “The truth has got more rules these days. And therefore the ability to actually see it, analyse it, know it, rely on the actual truth from real data is something that we very proudly do.”
Rather than treating stored communications purely as a regulatory burden, forward-thinking institutions are beginning to extract deeper meaning from their archives to gain valuable business context.
Goodman explained that international firms are actively seeking intelligence from their data stores: “What I need from you is for you to pull intelligence and insight that will put context around all of that structured data. And in fact, what we’re seeing is… it’s the context that adds the intelligence.”
Sonia Cheng, a Senior Managing Director at FTI Consulting, argued that blanket bans on specific applications and overly rigid corporate policies have proven ineffective at managing risk beyond corporate firewalls.
“Companies can no longer rely on prohibition policy as a means of safeguarding against activities and messaging taking place outside of corporate firewalls,” Cheng said, calling instead for a more targeted and pragmatic assessment of where material risks actually lie.
Cheng warned that legacy vulnerabilities are becoming increasingly dangerous as computing power grows: “It’s less about mythos and more about the fact that it’s a moving target. As computing power increases, you have new tech that is better able to target vulnerabilities in your code and your data.”
Risk leaders are also pushing hard to prevent governance gaps from opening around generative AI, drawing on hard lessons learned from the earlier off-channel communications crisis that blindsided the sector.
Goodman was emphatic that the industry must not repeat past mistakes: “We do not want this industry, for AI, to become the next off-channel communications where people are using it, using it, using it; value, value, value; customers are impacted, and you’re behind the eight ball.”
Tackling modern data challenges requires upgrading from legacy systems that merely recorded events to intelligent platforms that filter and assess data at the very point of ingestion.
Cheng emphasised that cultural mindset is just as important as technology investment: “It’s the mindset discussed at the conference that I think is so important: that growth mindset… being willing to embrace failure, fail fast, trying those things, but trying safely.”
Processing costs for AI tools have dropped significantly, making advanced compliance technology accessible to financial institutions of all sizes and removing the financial barrier to adoption.
Goodman reflected on how quickly the industry baseline has shifted, contrasting her message from just twelve months ago with what she now tells clients and partners across the Smarsh community.
“A year ago… what I was saying is, as the leader in compliance communications, we will be there for you whatever you need… If you want to just get by your next exam and have maximum amount of explainability, and you’re not really on the AI train, we’re here for you as well,” she said.
That passive stance is now entirely obsolete, and Goodman made clear that meaningful engagement with AI is no longer optional for anyone in the compliance space.
“I’m saying something completely different this year,” Goodman added. “I’m saying that everybody in this room, everybody in our Smarsh community, needs to be meaningfully on this train… Nobody here is going to be driving the horse and buggy while the rest of the world is off driving Ferraris and F-16s. It is now time to pick up and go.”

