The operational impact of new regulations.
The regulatory framework applied to asset management has never been so dense. Not only in Europe (particularly Luxembourg), but also in Switzerland and Monaco. The texts differ from one authority to another, but the findings are the same: compliance obligations are increasing, the pressure is falling on teams and the question is the same everywhere: how can processes and software/PMS be adapted to this new reality?
OBA, LAB, AMLA, DORA, MiFID II... and many more besides. Behind the acronyms lies real operational pressure on Private Banks, Family Offices and Asset Managers.
We take a closer look at the concrete impacts and the responses expected by the market.
A global regulatory movement.
- The EU is legislating extensively, and its recent texts are setting the pace on key issues such as anti-money laundering, digital resilience and investor protection. But it would be simplistic to confine the movement to Europe.
- Switzerland, with its long history of wealth management, has its own demanding framework underpinned by FINMA and the MLA, with due diligence obligations that are on a par with European standards.
- Luxembourg, via the CSSF, applies specific rules to the asset management industry.
- Monaco, under the authority of the AMSF, has strengthened its compliance mechanisms.
Each jurisdiction has its own regulators, but the operational challenges are similar: strengthening KYC, increased supervision of flows, auditability of processes. European institutions operating in Switzerland or Monaco frequently apply their parent company's standards, creating an additional alignment effect. Whatever the legal framework, the need to reshape governance processes is shared.
Three recent European texts illustrate this dynamic.
The AML / AMLA package: centralised supervision
The anti-money laundering package adopted in May 2024 creates the AMLA, a European authority based in Frankfurt that has been operational since July 2025. By 2028, it will exercise direct supervision over some forty high-risk institutions. Customer due diligence obligations will be harmonised, sanctions will be strengthened and the quality of risk data will become a central audit criterion.
DORA: digital resilience as an obligation
Applicable since January 2025, DORA imposes a strict ICT risk management framework on all financial entities and their technology providers. Mapping of suppliers, resilience tests, incident reporting: for wealth management players, structured in light models, this is a major governance project.
MiFID II / MiFIR Review: greater transparency
The MiFID II/MiFIR Review, transposed in September 2025, strengthens investor protection. ESMA has updated its guidelines on suitability, incorporating sustainability factors. For asset managers: more granular reporting, greater traceability of advisory decisions, enhanced documentation of client profiles.
Three observations from the field
Onboarding: a sprawling process
Establishing a relationship with an HNWI client has become a tedious and costly process lasting several months, requiring the compilation of dozens of documents. The same information is requested several times, by different teams, on unconnected systems. According to Fenergo (2025), 70% of financial institutions have lost customers due to ineffective onboarding.
The annual cost of maintaining a customer relationship in private banking can be well in excess of ten thousand euros. The administrative workload is increasing, and Front Office teams find themselves transformed into Middle Office teams by the need to input and index documents, and to draw up increasingly detailed KYC reports, sometimes going as far as setting account operating parameters such as pricing, or setting up powers of attorney, all of which distracts the banking teams from their primary mission and their customers.
KYC, KYT, screening: data management under pressure
KYC and KYT obligations require continuous monitoring of changes in the customer's global environment, exposure to business risks, country risk levels (which need to be reassessed interactively), transactional flows, etc. Automated alert systems, where they exist, can sometimes be poorly calibrated, generating false positive hits, leaving Compliance monitoring teams with lists that become unmanageable and Front Office teams with hits to justify, even though they are irrelevant.
The granularity of hits is a permanent dilemma: too broad and the screening drowns the teams; too restrictive and risks are missed.
The multiplicity of external sources multiplies integration points and inconsistencies.
Periodic review: a permanent compliance burden
Each risk profile triggers a mandatory review cycle. The best systems provide several months' notice of deadlines. In reality, the consolidation process is rarely smooth: data is scattered, updates are made manually, there is no way to manage changes in risk levels, and there is no cross-functionality between systems. A disproportionate human burden for an activity that should be optimally automated.
What the Wealth Management market expects from a Compliance management module or a PMS
Converging needs, but a still fragmented offering
Faced with this densification of regulations, expectations are clear: centralisation of client data, automation of compliance workflows, traceability of sources, native audit trail and interconnection with the regulatory ecosystem, efficiency of algorithms, integration of AI to automate repetitive tasks.
But the reality is quite different.
Many institutions operate with a stack of non-integrated tools: a CRM on one side, a screening tool on the other, a document database on a third. These solutions communicate very little and exclude cross-functional information. Others still use Excell files.
The alternative? To integrate everything into a monolithic core system, which runs up against the realities of the need for adaptation, development, cost and time.
The market has shown that major transformation programmes absorb considerable budgets over several years, with no guarantee of real operational efficiency, and often run counter to the regulatory changes that need to be integrated.
Towards an agile, independent and interconnected Compliance management module
What teams in the field expect is a reliable data base from year zero, key indicators for decision support and an open architecture that interconnects via APIs with specialist tools.
It is also clear that the digitalisation of Compliance processes relating to risk management is proceeding at a much slower pace than regulatory publications, forcing financial institutions and asset managers to find operational solutions that are often manual.
This is the dynamic that KeeSystem has chosen to embrace.
Fuelled by feedback from our customers, private banks, independent asset managers and family offices, we have begun to overhaul our compliance modules, in particular the KYC form.
These interviews, conducted over several weeks by the product teams, have enabled us to map out, use case by use case, the real frictions: where teams are wasting time, where data is getting lost between systems, where checks are being duplicated unnecessarily.
This fieldwork confirmed some persistent pain points: the lack of consolidation of supporting documents into a single base, the difficulty of producing reliable indicators to aid decision-making, and the lack of fluidity between the front office and compliance.
The ambition is to orchestrate specialised tools by creating an agile front-end capable of structuring and streamlining compliance processes based on the existing ecosystem.
Our conviction? The most successful institutions are those that have succeeded in automating these regulatory processes, which have a costly impact on organisations. Not by piling up solutions, but by building an operational foundation that frees up time where there is greater added value and that has a positive impact on customer relationship management while supervising risks.