UK fintech GoCardless — which makes its money by facilitating direct bank payments for businesses in exchange for a fee — has been focusing on profitability in 2025. The company's latest financial results show revenue growth of 38%, as it processed transactions worth almost £40bn for more than 94,000 organisations.
But it’s a scale that can make transaction monitoring — the process of tracking, reviewing and analysing financial transactions, such as payments, transfers or deposits, to detect unusual, suspicious or fraudulent activity — a real challenge, Dan Jahner, director of product management at GoCardless, says.
“We struggled to quickly learn and improve our detection systems. Our systems needed to be able to support our analysts by collecting all of the relevant decision data and insights, so that we can focus on efficiency, quality decision making,” he says. “Strong financial crime controls are non-negotiable for a business like ours.”
Every day, trillions of euros move through global financial systems, with illicit funds making up an estimated 2-5% of global GDP. It’s a threat that financial institutions are legally compelled via anti-money laundering (AML) legislation to monitor and prevent, with strict penalties for those that fail to do so.
In 2024, Metro Bank, for example, was fined £16m by the Financial Conduct Authority (FCA) in the UK after it failed to properly monitor 60m transactions, worth more than £51bn. It had taken the bank four years to notice and fix an error in its AML controls.
Compliance tools haven’t kept pace
Part of the problem is traditional compliance tools don’t have capacity to deal with the realities of modern transaction monitoring, Baran Ozkan, cofounder and CEO of AML compliance and risk management platform Flagright, says.
Fintechs generate so much data and they can drive so much value in terms of efficacy and efficiency. But they need better tools to do that.
They may return a high number of false positives — legitimate transactions incorrectly flagged as suspicious – which overwhelm analysts and make it more difficult to spot genuine threats. There’s often a high degree of manual work and a lack of consistency, with processes that are not tuned to the company’s risk. Plus few have the agility to keep up with AML requirements for each jurisdiction — critical as regulators continue to raise the bar on governance and accountability.
While fintech innovation has surged, compliance tools just haven’t kept pace, Ozkan adds.
“Traditional transaction monitoring systems are usually siloed and don’t speak to the other 10 AML compliance or financial crime systems that handle sanctions, ID verification, governance, quality assurance, fraud case management etc. Fintechs generate so much data and they can drive so much value in terms of efficacy and efficiency. But they need better tools to do that,” he says.
Enhanced tools, powered by AI
It’s a problem Ozkan experienced first hand in a previous role, as the director of product at TransferGo, a cross-border payments company. As he searched for a modern AML solution, he was frustrated by an industry dominated by clunky systems, unreliable APIs and optimistic vendors that couldn’t deliver on what they promised. Plus the platforms that were available were expensive and built for massive banking institutions rather than fintechs.
This led him to create Flagright in 2021, a real-time AI-native transaction monitoring platform designed to help fintechs get ahead of financial crime. Just four years after launch, it’s now serving customers in 30 countries and can support any type of payment method. Some customers have seen false positive rates reduce by 98%.
Modern tools and systems developed by experienced field experts ensure companies stay agile.
At B4B Payments, which provides embedded payment solutions for B2B businesses, fraud and financial crime manager, Angela Cavendish, says it felt like they were always just behind financial crime and struggling to keep up.
“Today's challenges not only arise from increased regulatory pressure but also from the introduction of new and more sophisticated criminal activity,” she says. “In the past transaction monitoring was considerably more reactive than proactive, resulting in action after critical events had already taken place, and relying on previous data and generic patterns and rules.”
What’s made the difference, is the introduction of more enhanced tools powered by machine learning and AI, she adds.
Working with Flagright, it’s now possible for the fintech’s transaction monitoring to run in real-time, detecting suspicious activity as it occurs. The team can quickly configure AML and fraud rules, analyse large amounts of complex data and deliver more accurate reporting to identify new trends and potential gaps in their approach.
“Modern tools and systems developed by experienced field experts ensure companies stay agile,” says Cavendish. “They lay a foundation for ongoing innovation – with LLMs, natural-language interfaces, API-first architectures, modular AI agents, centralised case management, flexible rule engines and more — all enabling agility, regulatory readiness and resilience as threats evolve.”
How to modernise your startup
Founders looking to modernise their own approach should involve their team and make time for training, says Cavendish.
“Utilise resources and expertise from all key areas of your business. And prioritise what you need to achieve versus the 'nice to have'. Start slow and steady and build momentum once the most important elements have been properly embedded,” she says.
A big pitfall to watch out for when modernising a system is the tendency to anchor to how things have been done in the past.
Jahner from GoCardless agrees, adding that startups shouldn’t be limited by processes or workflows they’ve used previously.
“A big pitfall to watch out for when modernising a system is the tendency to anchor to how things have been done in the past. We already had a functional solution for this area, so there were times when it seemed attractive to copy or continue some of our past approaches,” she says. “We found that we were able to really reap the biggest benefits when we tried to think about how it should be done, rather than just trying to make the existing process a bit better.”
In today’s digital-first world, the threat landscape is more complex than ever. But startups that get this right will have a real business advantage with clients, investors, regulators and even employees, Ozkan says.
“Rather than seeing this as a cost base, it’s about creating the right foundations for growth,” he says. “With a super-efficient AML programme, fintechs can grow very fast, confident that they have everything they need to be fully compliant.”
