Vixio X Sidley Austin LLP: Balancing compliance and risk in the UK

Kat Pilkington


January 22, 2024

As part of our annual Payments Compliance Outlook report this year, which reveals the need for firms to find a balance between growth and compliance, we interviewed a selection of professionals in the industry for the inside scoop. 

Here, we speak with Max Savoie, partner at Sidley Austin LLP, to understand more about the ways of achieving a balance between compliance and risk in the pursuit of growth.    

Our research has shown that the Consumer Duty is a fairly low priority for UK compliance teams over the next 12 months. What has been your experience with payments firms seeking to comply with the Consumer Duty? Do you think that firms put enough resources in?  

It is really interesting to hear that. The Consumer Duty is a priority for the FCA and firms that are not taking it seriously do so at their own risk. Some of the larger players in the market have invested significant time and resources into compliance, but even those larger players have found implementation challenging. This is due to the breadth of the regime, and lack of detailed practical guidance on specific payment services.  

However, it is challenging for the FCA to provide tailored guidance as there are so many different business models in the payments sector that are in scope. I think that many smaller providers are likely struggling with additional compliance burdens, particularly where they are required to make changes made to customer terms or agreements with commercial partners. My sense is that there are mixed levels of awareness of these requirements.  

Do you think the recent EU payments proposals will make life easier for PSPs? Or are there going to be more compliance worries? 

I'm going to give a bit of a lawyer's answer here, and say that is a mixed picture. Some of the PSD3 proposals would permit PSPs to collect and share a broader range of data and delay settlement of a payment transaction in certain circumstances, which could be helpful for some firms. However, even in those areas where PSD3 might be helpful, it will still involve an extensive review and possibly substantive changes.  

Other changes like those proposed for safeguarding could mean non-bank PSPs have more to do, particularly if they have to diversify the methods through which they safeguard customer funds. 

I expect that EU/UK divergence will be challenging here as well, as firms currently have broadly similar policies, but this could change as both jurisdictions press ahead with reforms to payments regulation.  

Our research has shown compliance teams' top priority is growth with regulatory issues such as AML being a lower priority for the next 12 months. Yet, respondents tell us they expect the compliance burden to increase. Given we're seeing these regulatory proposals come up, how should firms plan?  

This approach is out of step with the FCA’s stated priorities for PSPs. Priorities here include AML, the Consumer Duty and safeguarding. As the Consumer Duty is a new regime and a flagship policy, I'd expect PSPs to start to receive more probing questions from the regulator about how they meet the requirements.  

With growth, one thing the FCA has consistently made clear is that customer acquisition and the aim of achieving frictionless customer onboarding processes should not come at the expense of robust customer due diligence and compliance with money laundering and sanctions rules.  

"It does not surprise me that firms want to grow, and this is generally a good thing, but I think that there is a disconnect between some firms and the FCA in terms of balancing opportunities and risks." 
Complying with what regulation should be the priority for PSPs in the next year? 

It really does depend on the firm, but broadly speaking for the UK, firms would do well to look at the stated priorities of the FCA for the payments sector, especially the Consumer Duty, financial crime, safeguarding and other prudential requirements for non-bank PSPs. 

Crypto is another area, especially for PSPs providing crypto-asset services or supporting firms that do, which are more likely to face scrutiny from regulators and banks. We have two quite significant sets of rules that have come into effect this year, the first applies to marketing and promotion of crypto-assets services and the second applies to the information that must accompany certain transfers of crypto-assets. Any firm involved in providing, supporting or distributing crypto-asset services should be looking carefully at these rules.  

This is very much the start, and we are going to see a lot more reform coming. We have MiCA in the EU and analogous but not necessarily equivalent reforms being developed in the UK.  

Our survey found crypto has a high appeal for enabling growth. Given the crypto sector is increasingly being regulated, do you expect regulators to be more comfortable with a growing crypto sector than in the past few years? 

It is possible. Certainly the way regulators interact with a regulated firm will be different from the way they interact with an unregulated firm, or a firm that is applying for authorisation or registration. 

As the regulation of crypto-asset services continues to expand, firms operating in the sector, including PSPs, will likely face more scrutiny on issues such as compliance with new rules and conditions of authorisation or registration regimes.  

It is notable that there is still a relatively low percentage of firms obtaining FCA approval to provide regulated crypto-asset services.  

Overall, it is still a relatively difficult regulatory gateway to pass through.

Which element of the payments industry do you think is being hit the most by future regulatory burdens?  

More broadly, a theme I'm seeing in the UK and EU is increased attention on tech and fintech firms that are involved in the payments sector, particularly around their use of data and involvement with more traditional providers. In relation to these services, we are likely to see an expansion of regulation to cover a broader range of technical and data-related activities supporting payments in the UK and EU. 

Max Savoie, partner at Sidley Austin LLP

Want to know more? Join the webinar!

Continue the conversation live with Max Savoie on Tuesday 30th January, at 2pm GMT, in our webinar, The Compliance Dilemma: Growth at What Cost? He’ll join our Senior Journalist, Jimmie Franklin, and other experts to dive deep into the future of risk and compliance, and more.

Register to save your seat. 

In the meantime, get your copy of the Payments Compliance Outlook 2024.

Download Report

What our clients say

"Vixio Regulatory Compliance offers excellent legal and regulatory analysis and provides us with a trustworthy, organised and credible single source solution, which keeps us ahead of the game."


"Vixio GamblingCompliance is an invaluable source of regulatory information, making it an excellent tool for the gambling industry. The quality of analysis is unmatched and the ease of use searching for topics, regions and themes makes it very simple to identify relevant stories."

Morgan Stanley

Senior Researcher

"Vixio GamblingCompliance is crucial to keeping a finger on the pulse of gambling regulation. Accessing a single, credible source of information and news helps us efficiently evolve our systems to align with regulatory developments."

PayPal UK

Head of Risk Management

"Hands down one of the most unique full suite sources of this subject matter anywhere."

UnionPay International

Managing Counsel

"The ever-increasing change coming from various regulators in different territories makes Vixio Regulatory Intelligence a must for a compliance team at a business like ours."


Head of Legal & Compliance

"Using Vixio PaymentsCompliance gives us a comprehensive view of the critical changes in regulation in our key markets, and reduces our business resource requirement which saves us on average £100k per annum, we wouldn't be without it!"

Well known e-money company

Regulatory Compliance Team Lead

Download Brochure

Insights and intelligence for some of the world’s biggest brands

Still can’t find what you’re looking for? Get in touch to speak to a member of our team, and we’ll do our best to answer.