Data-driven compliance: Three metrics your firm needs to be tracking
Published
In our recent webinar, ‘SOS! All the AML updates you need to know in 2026’, we cut through the noise around the Financial Conduct Authority (FCA) becoming the Single Professional Services Supervisor. While this change is a major structural shift, the most important takeaway for law firms is the move towards a more data-driven approach to supervision.
The FCA is known for using data to spot outliers and emerging risks remotely. For legal professionals, this means the regulator will eventually care less about a single manual file and more about the "story" your firm’s data tells.
To stay ahead, here are three metrics your firm should start tracking today to ensure you’re ready for the 2026 standards.
1. Risk distribution across your client base
The FCA wants to see that you understand where your risks lie. You should be able to instantly report on the percentage of your clients that are high risk versus those that are medium or low risk. If a firm has a high volume of high-risk work but very few enhanced due diligence records, it’s an immediate red flag for a regulator.
2. Geographic risk trends
Are you seeing a sudden spike in clients from specific high-risk jurisdictions? Monitoring geographic trends allows you to update your firm-wide risk assessment in real time rather than waiting for an annual review. Being proactive shows the regulator that your compliance is a living process, not a "set and forget" exercise.
3. Verification adoption and rejection rates
Data-driven supervision also looks at your "gatekeeping" effectiveness. Track how many clients you turned away because they failed AML or Source of funds verification. High rejection rates can actually be a positive metric, as they prove your firm's risk appetite is being strictly managed and that your staff are empowered to say "no".
Conclusion
The shift toward data-driven supervision is not about adding more work to your team’s plate; it is about ensuring the work they already do is visible and defensible. By tracking these metrics, you move away from reacting to annual audits and toward a model of continuous, proactive compliance.
Ultimately, shifting to these metrics is about ensuring the work your team already does is visible and defensible. Staying proactive is the best way forward to ensure your firm moves away from "check-box" compliance and toward a model of continuous oversight that meets the 2026 standards head-on.
Ultimately, shifting to these metrics is about ensuring the work your team already does is visible and defensible. By digitising your onboarding and tracking these key indicators, you move away from "check-box" compliance and toward a model of continuous, proactive oversight that meets the 2026 standards head-on.
Subscribe to our newsletter
Subscribe to our monthly newsletter for recaps and recordings of our webinars, invitations for upcoming events and curated industry news. We’ll also send our guide to Digital ID Verification as a welcome gift.
Our Privacy Policy sets out how the personal data collected from you will be processed by us.
