Last week, I reviewed a compliance survey where 67% of fintech leaders admitted their 'temporary' KYC setup had been running for over two years. One respondent calculated it was costing them three full-time employees just to maintain, blocking 38% of legitimate customers, and their auditor had flagged it as a material weakness. The cost to replace it properly? Eight times their original investment.
That is not an outlier. That is the industry.
There is a phrase that haunts compliance teams, usually muttered during a quarterly review or a board presentation when someone asks about the state of the compliance stack: "That'll do."
It sounds pragmatic. It sounds lean. It sounds like good prioritisation under pressure. And it is, reliably, the most expensive sentence in financial services.
The false economy no one wants to audit
Deloitte's 2023 compliance survey found that organisations using makeshift compliance systems face 2.8x higher total cost of ownership once you factor in manual remediation, audit failures, and system replacements. Not 1.2x. Not 1.5x. Nearly three times the cost of doing it properly the first time.
McKinsey's financial services report put a finer point on it: each compliance workaround creates an average of £47,000 in annual maintenance costs across manual processes and system integration fixes. One workaround is manageable. Most teams I speak with are juggling a dozen. That is over half a million pounds a year in hidden operational debt, before you have even looked at the regulatory exposure.
The costs are distributed across enough budget lines, spread across enough quarters, that nobody sees the full picture until an auditor or a regulator forces them to.
PwC's 2023 compliance study found that 73% of regulatory findings stem from fragmented compliance systems creating blind spots that auditors consistently flag. Three quarters of all findings. Not from bad intent or incompetent people, but from systems that were never designed to work together.
The body count is public record
This is not a theoretical risk. The case studies are sitting in regulatory filings and front-page headlines.
| Organisation | Year | Root cause | Outcome |
|---|---|---|---|
| Wirecard | 2020 | Fragmented compliance systems across subsidiaries | £1.9 billion accounting scandal; inadequate compliance infrastructure cited |
| Metro Bank | 2019 | Makeshift risk-weighting system for commercial property loans | £900 million capital shortfall; emergency fundraising and regulatory intervention |
| Danske Bank | 2018 | Patchwork anti-money laundering systems across acquired operations | €200 billion in undetected suspicious transactions; criminal investigations and fines |
| TSB | 2018 | Parallel legacy compliance systems during migration | 1.9 million customers affected; £370 million remediation costs |
Four organisations. Four variations of the same story: temporary became permanent, patchwork became fragile, and fragile broke.
Every single one of them started with someone saying "that'll do for now."
The cost that does not show up in case studies
There is a compounding effect that never makes the headlines, because it shows up in resignation letters instead of regulatory filings.
The Compliance Institute's 2023 survey found compliance professionals managing patchwork systems report 42% higher stress levels and 35% higher turnover rates. That is not a staffing problem. That is an infrastructure problem wearing a staffing costume.
A Head of Compliance at a UK challenger bank put it to me this way: "We spent nine months defending a system we knew was broken, because replacing it meant admitting the original decision was wrong. By the time we switched, we had spent more on workarounds than the proper setup would have cost."
I hear versions of that conversation every week. Senior compliance professionals are not leaving the industry because the work is hard. They are leaving because the tooling makes the work unnecessarily brutal.
Meanwhile, Accenture's research shows organisations with integrated compliance platforms onboard customers 67% faster than those relying on manual processes. So the "that'll do" approach is not just burning out your team. It is handing your competitors a speed advantage while you pay more for the privilege of moving slower.
Why this keeps happening
Here is what I think is actually going on. Compliance teams are not choosing "that'll do" because they are lazy or naive. They are choosing it because they are under impossible pressure to ship something now, and nobody in the room is modelling the three-year cost.
The three-year cost is always worse. Every time.
The FCA issued 47 new regulatory updates in 2023 alone. The EU introduced 23 new compliance requirements in the same period. The CBUAE just launched a nationwide unified electronic KYC platform under its Financial Infrastructure Transformation programme, partnering with Norbloc AB to replace exactly the kind of fragmented manual processes we are talking about. Regulators globally are not slowing down. Patchwork systems cannot adapt to that pace. They were not designed to. They were designed to "do for now."
The industry is also shifting from one-off checks to perpetual KYB monitoring, with alerts for ownership changes and watchlist additions running continuously. If your compliance infrastructure is a collection of workarounds stitched together with manual handoffs, it is not just expensive today. It is structurally incapable of meeting where regulation is heading tomorrow.
The maths nobody does (but should)
If you are reading this and recognising your own organisation, here is the exercise I would suggest.
Count your workarounds. Not your systems. The workarounds. The spreadsheets, the manual handoffs, the "just check it in the other system" steps. Multiply each one by £47,000. That is your real cost of ownership.
Then look at your turnover data for compliance staff. If it is anywhere near that 35% figure, the infrastructure is the root cause, not the people.
Then stop evaluating compliance technology on implementation cost alone. Evaluate it on three-year total cost, including the workarounds you will not need, the audit findings you will not generate, and the analysts you will not lose.
This is exactly why we built Zenoo as an orchestration platform rather than another point provider. When compliance teams can coordinate multiple providers through a single interface, they avoid the integration debt that destroyed the organisations in those case studies. The compounding stops because there is nothing to compound.
"That'll do" is a loan, not a saving
Every temporary fix becomes permanent debt. And that debt compounds until it breaks something expensive.
The organisations that learned this the hard way are now case studies. The ones learning it the smart way are redesigning their infrastructure now, before the compounding catches up.
If your "temporary" compliance setup has been running for more than six months, it is not temporary. It is your infrastructure. And it is costing you more than you think.
Worth a conversation? Book a demo. 30 minutes. Your data. No slides.
Key takeaways
- Organisations using patchwork compliance systems face 2.8x higher total cost of ownership, with each workaround costing an average of £47,000 annually
- 73% of regulatory findings stem from fragmented compliance systems, as documented in PwC's 2023 compliance study
- Compliance staff managing makeshift infrastructure report 42% higher stress and 35% higher turnover rates, indicating a systemic problem, not a staffing one
- Companies with integrated compliance platforms onboard customers 67% faster than those relying on manual processes, creating a competitive disadvantage for fragmented systems
- Evaluate compliance technology on three-year total cost of ownership, not implementation cost alone, to capture the true financial impact of workarounds
