Top AML challenges for cross-border payments firms in 2026

For any financial institution (FI) in the cross-border payments sector, compliance has always been a significant operational hurdle due to the constant friction of navigating different regional rules and reporting standards. 

However, as global payment rails accelerate, the manual approach to managing these diverse requirements is reaching its limit. With the global transition to ISO 20022 and the launch of the Bank of England’s renewed real-time gross settlement (RTGS) service, regulators now expect a level of speed and data accuracy that legacy systems simply cannot provide.

In other words, to stay competitive and compliant, firms are having to move beyond manual reviews and adopt automated systems. Below, we explore three common AML challenges for cross-border payments in 2026 and how high-quality data and explainable AI help compliance teams bridge the gap: 

1. Managing high-velocity, data-rich transactions.
2. Proving to regulators exactly how your AI makes its decisions.
3. Mitigating financial risk in complex partner chains.

1. Managing high-velocity, data-rich transactions

In 2026, the transition to the ISO 20022 messaging standard is entering its defining phase, requiring the formal removal of unstructured postal addresses from payment messages. 

While ISO 20022 provides much richer data, such as structured names and specific fields for town and country, it also generates a large volume of information that traditional systems simply cannot process in real time.

In short, after November 14, 2026, any payment instructions on the SWIFT network (CBPR+) containing unstructured addresses will be rejected at the network level. Firms can no longer rely on “free-text” fields for debtor or creditor information, and with the Bank of England’s renewed RTGS service (RT2) now live and systems like FedNow and SEPA Instant expanding, traditional batch screening is no longer an option either. 

To comply, firms must implement automated screening that can process structured XML data in-flight. High-quality transaction monitoring now uses machine learning to screen these rich datasets instantly, allowing firms to stop high-risk transfers without delaying legitimate customer payments.

2. Proving to regulators exactly how your AI makes its decisions

In 2026, it is no longer enough for firms to say they use AI to combat financial crime; they must be able to prove exactly how they use it. The Bank of England now requires the use of purpose codes and legal entity identifiers (LEIs) for specific CHAPS payments. This structured data makes it easier for regulators to spot anomalies, but it also means firms must justify why they triggered a flag based on these specific data points.

The EU AI Act and FATF guidance classify AML tools as high-risk, meaning black box systems are no longer compliant. During a regulatory audit, compliance officers have to demonstrate the rationale for flagging or clearing a specific transaction, a regulatory pressure prominent in the current market landscape. 

Our 2026 survey of 600 senior compliance professionals revealed that, despite 59% currently having a fully established AI assurance program, over 40% of firms are potentially exposed to regulatory scrutiny. The good news is that modern regulatory platforms now provide helpful automated decision logging. By moving to glass box, explainable AI, firms can not only drastically reduce false positives but also ensure every decision is transparent, justifiable, and audit-ready.

3. Mitigating financial risk in complex partner chains

Cross-border payments involve multiple stakeholders, from originating payment service providers (PSPs) to local digital wallets. By the end of 2026, a single weak link in this chain won’t just be a compliance risk; it will represent a direct financial liability.

One major shift is the move toward mandatory reimbursement for fraud. In the UK, liability for authorized push payment (APP) fraud is split between sending and receiving institutions. If a payments firm has weak screening processes or fails to use the new mandatory ISO 20022 data fields, such as Purpose Codes, it may be financially responsible for the losses.

In its ISO 20022 publication, SWIFT has warned that because 40% of cross-border transactions have at least one domestic “leg”, any inconsistency in data standards between partners can lead to rejections – or “NAK” (negative acknowledgment) messages – at the network level.

“40% of cross-border transactions have at least one ISO 20022 domestic leg, typically at the beginning and/or at the end, and 10-50% of RTGS payments have at least one ISO 20022 cross-border leg… Payments containing unstructured addresses will be NAK’ed at the network level under CBPR+ from 14 November 2026 onwards.”

Next steps

The crossroads for cross-border payment firms are clear that clinging to manual processes is no longer a viable strategy. The demands of ISO 20022, real-time settlement, and strict algorithmic transparency require a purpose-built, integrated solution. At ComplyAdvantage, our platform was designed for this new era of finance, transforming compliance from a bottleneck into a business accelerator.

With ComplyAdvantage Mesh, firms can seamlessly process high-velocity, data-rich transactions, significantly reducing rejection risks associated with stale data through sub-minute sanctions ingestion. Our industry-leading explainable AI provides the transparency regulators demand, with immutable audit logs ensuring every decision – human or agent – is justifiable and audit-ready. By unifying Customer Screening, Ongoing Monitoring, and Transaction Monitoring on a single platform, we empower firms to mitigate financial risk across their entire payment chain and turn regulatory challenges into a competitive edge.