As regulatory expectations continue to evolve, regulated firms face increasing pressure to demonstrate that their frameworks are effective, scalable, and proportionate to their business models. To better support our clients, we’ve expanded our offering to include regulatory compliance services—delivered with the same practical, outcome-focused approach that defines our financial crime consultancy.

We sat down with Colin Darby, who is leading this new service line at FINTRAIL, to discuss what firms should be thinking about now, how our approach stands out, and why this expansion builds on rather than shifts away from our core strengths.

1. Meet Colin Darby: Leading the New Services Line

2. Market View: Challenges and Opportunities

3. FINTRAIL’s Approach to Regulatory Compliance

4. Values, Culture and Collaboration

5. Final Thoughts

What makes now the right time for FINTRAIL to expand into regulatory compliance?

We’re seeing increasing demand from our clients—particularly fintechs and other high-growth regulated firms—for practical support that goes beyond financial crime. This reflects that financial crime risk management is far from the only regulatory priority; matters such as resilience, customer treatment and innovation are high on regulatory agendas too. Expanding our services is a natural step, and one that allows us to help clients develop, operate and refine cohesive, proportionate, well-integrated and effective  non-financial risk frameworks.

Our approach remains rooted in deep subject matter expertise, pragmatism, and proportionate advice—just extended to cover a wider range of regulatory and risk topics. We’re not changing direction; we’re building on our existing model to offer clients more value across the board.

Meet Colin Darby: Leading the New Service Line

Tell us about your background and what brought you to FINTRAIL

Over the past 20 years, I’ve worked in financial services risk and compliance across the regulatory, government, consultancy, and industry roles—most recently, leading the risk and compliance function at a pan-European fintech. FINTRAIL’s reputation for specialism and high-quality advisory work really appealed to me, along with its mission to support financial innovators and the chance to join a team of industry experts.

How has your cross-sector experience shaped your view of compliance?

It’s shown me how important it is for firms to find the right solution for their business. There’s rarely one single way to meet a regulatory requirement, so it’s about tailoring risk management and compliance frameworks that fit the organisation and can scale with it. Compliance is not a one-time task — it needs to evolve as both the business and regulatory landscape change. Compliance is not for the sake of it; compliance frameworks and functions provide the parameters within which firms can develop new products, enter new markets and grow their customer bases. In addition, no financial services firm wants its business to be disrupted by regulatory intervention – compliance frameworks and functions equip firms to demonstrate to regulators that they are effectively managing their inherent risks and appropriately mitigating potential harm to customers and markets.

Market View: Challenges and Opportunities

What does the current regulatory environment look like for fintechs and other regulated firms?

We’re seeing positive developments—regulators like the FCA are offering more support to new entrants and there’s more clarity emerging around regulation of digital assets and consumer credit. There’s a shift toward smarter, less bureaucratic regulation. But that doesn’t mean expectations are easing. Firms still need to show they have robust, effective controls that deliver the right outcomes.

What are the biggest compliance challenges firms are facing today?

A few things stand out:

• Relying on tick-box approaches that don’t fit the business model

• Struggling to keep up with regulatory change at the pace it’s coming

• Difficulties in evidencing that systems and controls are operating as designed

• Internal perceptions of compliance requirements as a ‘blocker’ rather than seeing the compliance function as a  strategic partner

What should firms be preparing for?

Among other things:

• More data-led supervision from regulators

• Greater intelligence-gathering powers and more focused reviews

• An increasing emphasis on firms being able to explain and evidence their conduct and decision-making

FINTRAIL’s Approach to Regulatory Compliance

How does FINTRAIL’s compliance support differ from traditional consultancies?

It’s grounded in the same principles that have made our financial crime advisory services so effective. We deploy experienced professionals—people who’ve worked in-house, in consulting, and with regulators—to help clients design, implement and strengthen frameworks that are pragmatic, scalable, and regulator-ready.

We focus on proportionality, real-world application, and helping clients define and achieve meaningful outcomes, rather than just ticking the boxes.

What types of regulatory compliance projects can you support with?

Our core service areas include:

• Regulatory engagement and applications for approval

• Advice on interpreting existing and forthcoming regulatory requirements

• Design and deployment of non-financial risk and compliance frameworks

• Operational support, for example, interim resource, outsourced compliance monitoring, and training delivery

• Independent reviews and assurance engagements

How does this complement your anti-financial crime services?

It’s an expansion, not a shift. Many of our clients are trying to bring different elements of risk management together under a cohesive enterprise risk and governance framework. By offering support across financial crime and regulatory compliance, we can help them bridge silos and build stronger, more resilient frameworks.

It also recognises that, for some of our smaller clients, the same personnel and management members have broad responsibilities, not limited to a single risk domain and part of the compliance picture.

Can you share an example of how this joined-up approach creates value?

By working with clients on multiple topics, we can provide delivery efficiency due to familiarity with the business models, the key stakeholders and the client’s internal governance structures.

We also help firms tackle issues that cut across several areas of the regulatory framework. For example:

• Firms may look to preserve operational capital and strengthen financial stability by reducing headcount in financial crime operations teams—potentially risking backlogs and reduced control effectiveness as a result.

• It is commonplace for firms offering payment accounts to use account suspension as a risk mitigation measure, but this also impacts on the customer experience and outcomes delivered.

• Firms have to simultaneously recognise indicators of potential customer vulnerability and guard against their products and services being mis-used. Vulnerability and mis-use are not mutually exclusive as people with vulnerability indicators can also be at increased risk of being recruited (wittingly or unwittingly) as a money mule.

• New products should not be launched without a comprehensive product risk assessment being completed - new products can present financial crime risks but also bring new possibilities for customer harm.

• Keeping customer information up-to-date is important to understanding a customer’s risk profile, but can also be beneficial from a data protection perspective.

• Marketing is a key way for financial innovators to achieve their customer acquisition targets, but marketing material is also likely to constitute a financial promotion or a customer communication.

By recognising the bigger picture and focussing on outcomes, we can help clients devise and operate solutions which satisfy multiple requirements.

Values, Culture and Collaboration

How do FINTRAIL’s values apply to regulatory compliance?

Our values—customer centricity, excellence, accountability, ethical conduct—are as relevant here as they are to anti-financial crime. We hold ourselves to the same high standards we help our clients uphold. That’s the foundation for building trust, both with our clients and between our clients and their regulators.

How do you ensure compliance isn’t just a tick-box exercise?

By focusing on outcomes first. What is the framework meant to achieve? What good looks like will differ between firms—but we help define that, and then design solutions that are achievable and sustainable.

Final Thoughts

What’s one piece of advice you’d give to compliance leaders today?

Make sure you really know your compliance programme—where it’s strong, where it needs work, and be able to evidence all of it. That confidence is key to navigating regulatory change and scrutiny.

Where can people learn more?

Visit our Regulatory Compliance services page to find out how we can support you, sign up for our insights, or get in touch with us directly to start a conversation.