Compliance Complexity in 2025: Buyside Firms Are Rewiring The Regulatory Playbook

Once treated as a cost centre, compliance has become a structural pressure point, especially for buy-side firms lumbered with overlapping reporting regimes, data lineage challenges and increasingly prescriptive regulatory expectations.

According to PwC’s 2025 Global Compliance Survey, 77% of firms say regulatory complexity is constraining growth, with transaction reporting emerging as a key vulnerability. Amid evolving frameworks such as Mifid II, EMIR, CFTC Part 45, and the expanding scope of SMCR, firms are no longer scaling compliance solely through headcount. The introduction of SMCR added an element of personal liability to the equation, leaving many senior leaders more than a little nervous about the quality of their compliance.

Transaction reporting (TR) is a prevailing pain point for financial firms trading over-the-counter derivatives and is especially burdensome for firms operating across multiple jurisdictions. Each regime applies its own logic to dozens of reportable fields, 65 under Mifid II, and more than 200 under EMIR, with significant variation depending on the nature of the instrument. Whilst there has been an effort to harmonise some reporting regimes globally, there are still field-level and reporting-level nuances that require firms to invest significant time and effort to interpret and manage.

“The complexity comes from the fragmentation,” said Sophia Fulugunya, director of Transaction Reporting at Qomply and a former FCA regulator. “Mifid II alone has over 30,000 pages of regulation, guidelines, Q&A, and third-level material. Divergence between the EU and UK requires continual horizon scanning. Most firms don’t have the resources to manage internally, especially when their compliance teams are also responsible for other regulatory areas outside of transaction reporting. Transaction reporting is highly technical and requires a combination of instrument, product, trading and regulatory knowledge. All this requires an operational budget that leaves firms stretched or with severely weakened compliance strategies.”

Errors are costly and they expose firms to regulatory scrutiny as they represent the weakest point of entry for a regulatory investigation.

For many firms, the strain of compliance is operational as well as regulatory. High turnover within compliance teams, especially those team members with in-depth technical knowledge of regulations, means knowledge is often lost, leaving firms vulnerable to repeating the same errors. Few firms maintain structured knowledge systems that track historical failings or remediation actions.

“When a staff member exits, their specific-firm knowledge walks out the door with them,” said Fulugunya. “Without a system for retaining that information, teams often find themselves repeating the same issues and having to start over just to understand what went wrong. Regulators want to see firms having solid Systems and Controls framework – and record-keeping sits at the heart of this.”

The challenge is compounded by the scope of coverage expected from internal teams. It’s not uncommon for a single compliance group to manage regulatory regimes across multiple geographies and asset classes. Even well-staffed teams struggle to develop the deep, regime-specific expertise required for high accuracy reporting, especially when faced with shifting rules and diverging regulatory interpretations.

Maintaining in-house expertise is no longer sustainable. Mifid’s transaction reporting requirements, alone, can demand up to 1.5 full-time employees. This represents a significant operational burden, especially for firms with leaner overall headcount and cross-functional roles. As regulatory complexity increases, outsourcing is about cost-cutting and control through technology.

According to PwC’s 2025 Global Compliance Survey, firms that embed technology into their compliance functions report stronger visibility into risks and faster, more proactive responses to emerging issues. The Survey stresses that 43% of firms reported increased productivity and cost savings after adopting compliance technology. Managed services extend that benefit further by combining expert oversight with automation and process consistency.

Many firms ease internal pressure by engaging with external partners that specialise in transaction reporting, particularly those offering managed services – or, more colloquially referred to as, outsourced regulatory operations. These models allow firms to offload operations reporting tasks, such as reconciliations, validation, and regulatory submission, while retaining oversight and accountability. For many firms, this provides a practical path to maintaining accuracy and auditability without over-extending internal teams.

“Outsourcing means firms gain from a partner who is using proven best-in-class technology and best-practices – they have an expert team who have seen it all, know it all, and can do it all” said Fulugunya. “This way, firms don’t have to take on the cost or risk of maintaining a team internally. When changes are introduced to regimes, the external partner is tasked with modifying its technology and managing the switchover. This relieves firms from the overhead of change management – a strong argument for less agile firms to outsource.”

PwC’s Survey further points out that nearly half of firms currently use technology to support 11 or more compliance functions, from monitoring to risk assessment to training. Transaction reporting sits at the core of services lending itself nicely to be delegated to high quality service providers.

Fulugunya added: “Each firm has different nuances, different trading models, different sizes. You can’t give clients a report that tells them how many errors they have. You need to provide a tailored service built for their specific scenarios.”

This includes tools for benchmarking against overall industry performance and feedback engines that return context-aware validations. As regimes continue to evolve, firms seeking resilience will need automation and regulatory intelligence calibrated to operational realities.

While automation is gaining traction across compliance workflows, the application of artificial intelligence in transaction reporting remains in its early stages. Fulugunya stresses that although Artificial Intelligence is no doubt promising, some models are trained by misinformation and produce unreliable results. This is supported by the International Compliance Association which recently noted that AI tools show promise in automating routine tasks, but their effectiveness in regulatory reporting is limited. Similarly, FINRA cautioned that AI adoption in securities compliance introduces challenges around model governance, data quality, and supervisory control.

Success hinges on firms that can enable scalable infrastructure, intelligent tooling, and governance that doesn’t buckle under regulatory pressure. Whether a team does this internally, or relies on partners for solutions, firms must embrace technology if they want to transform this cost center into a forward-thinking part of the operation.

To find out more about Qomply, click here.