What XLoD London Made Clear: Regulatory Certainty Depends on Connected Surveillance and Trusted Data

Financial Markets Compliance

July 13th, 2026

0726_XLoD-Made-Clear-Regulatory-Certainty-Depends-on-Trusted-Data_628x325

Part one of our XLoD London reflections focused on AI: where it can create value, why explainability matters and why “because the AI said so” is not a compliance strategy.


But AI was only one part of the conversation in London. Across sessions and discussions with risk, compliance, technology and regulatory leaders, another message came through clearly: regulatory certainty depends on much more than smarter models. It depends on whether firms can see risk across channels, trust the data beneath their controls and prove that their compliance programs work in practice.


That is where the next phase of compliance is taking shape.

Surveillance Silos Are Starting to Collapse

Another clear takeaway from XLoD London was that the traditional boundaries between surveillance domains are becoming harder to defend.


Voice surveillance, e-comms surveillance, trade surveillance, conduct risk, culture and employee behavior are no longer separate conversations. Increasingly, they are different views of the same risk landscape.


Matt Caine, Vice President, Sales – Global Compliance, NICE Actimize, put it plainly: “The lines between voice, e-comms and conduct surveillance are disappearing.”

That observation reflects a major shift in how firms are thinking about compliance architecture. For years, many surveillance programs were built around individual channels or regulatory obligations. Voice sat in one system. Email and chat sat in another. Trade surveillance operated separately. Conduct risk and culture were often managed through yet another framework.


But misconduct does not respect those boundaries.


Risk can emerge in a voice call, continue in a chat, appear in trading behavior and show up later as a conduct issue. When those signals are monitored separately, firms may miss the broader story. When they are connected, compliance teams can begin to see behavior in context.


That is why the institutions getting ahead are building toward a more unified view across channels, communications, behaviors and controls. They are not simply trying to monitor more data. They are trying to understand how risk actually forms.
That is the difference between surveillance as a set of disconnected obligations and surveillance as an intelligence-led compliance capability.

Culture and Conduct Are No Longer “Soft” Risk

Another notable shift at XLoD was the amount of attention given to culture and conduct.


These topics were not treated as side discussions or secondary concerns. They appeared alongside conversations about controls testing, surveillance, automation, AI and regulatory expectations. That is significant.


For compliance leaders, the message is clear: culture and conduct are now central to how firms demonstrate the strength of their control environment. Regulators are not only interested in whether firms have policies, procedures and monitoring systems in place. They want to understand whether firms can identify the behaviors, incentives and warning signs that may lead to misconduct.


This raises the bar for compliance programs. It is not enough to detect events after they happen. Firms need to identify patterns earlier, understand behavioral context and connect conduct signals across systems and channels.


That requires more than a dashboard. It requires a compliance operating model that can bring together surveillance, communications, data, case management, analytics and human expertise.


The firms that get this right will be better positioned to move from reactive compliance to proactive risk management.

Data Trust Is Becoming a Regulatory Issue

Beneath nearly every conversation about AI, surveillance and conduct sat a more foundational concern: data.


Data completeness and data lineage remain persistent challenges across the industry. But the conversation at XLoD suggested that firms are beginning to frame the issue differently. The question is no longer just, “Do we have the data?” It is, “Do we trust the data?”


That is a much harder question.


A firm may have enormous volumes of communications, trading records, alerts, cases and control data. But if feeds are missing, capture gaps go unnoticed, systems drift out of sync or lineage is unclear, the entire compliance program becomes harder to defend. AI models, surveillance rules and analytics are only as reliable as the data beneath them.


That concern becomes even more complex in global surveillance environments, where firms are not only trying to capture the right data, but also make it usable across languages and communication types. Reliable transcription across multiple languages is becoming an increasingly important part of that equation. If firms cannot trust the transcript, they cannot fully trust the review, the alert or the evidence trail that may later be required.


This makes data trust more than a question of ingestion or storage. It is about whether every layer of the compliance process — capture, transcription, translation, surveillance, investigation and escalation — can support a defensible outcome.


As Matt Caine, Vice President, Sales – Global Compliance, NICE Actimize, observed, “The conversation is shifting from ‘do we have the data’ to ‘do we actually trust it.’”
That shift is pushing data observability out of the engineering back office and into the compliance conversation. Risk and compliance teams need visibility into the health, completeness, timeliness and integrity of the data they rely on. Without that visibility, firms may struggle to prove that surveillance is comprehensive, alerts are reliable and controls are operating as intended.


This is where regulatory certainty begins. Not at the point of review, but at the foundation of the data estate.

Regulators Are Asking the Questions That Matter

Some of the most valuable conversations at XLoD did not happen on stage. They happened in the spaces between sessions, where regulators, practitioners and technology leaders compared notes on what “good” actually looks like.


That phrase came up again and again because it captures the challenge firms are facing. Guidance can set expectations, but firms still need to operationalize them. They need to translate regulatory principles into workflows, controls, evidence, governance and technology decisions.


What does good AI governance look like in production? What level of explainability is enough? How should firms demonstrate that surveillance coverage is complete? How do they prove their data is reliable? How do they show that culture and conduct risks are being identified before they become regulatory issues?


These are not theoretical questions. They are the questions shaping the next generation of compliance programs.


They are also the questions that separate firms that are simply adopting new technology from firms that are building genuine compliance resilience.

The Next Phase of Compliance Will Be Built on Confidence

XLoD London reinforced a clear market reality: compliance leaders are under pressure to modernize, but they cannot afford to trade control for speed or explainability for efficiency.


The next phase of compliance will not be defined by AI alone. It will be defined by how well firms combine AI, data integrity, unified surveillance, governance, multilingual transcription and human expertise into a model that is transparent, defensible, and trusted.


That is what regulatory certainty requires.


It requires AI that can be explained. Data that can be trusted. Surveillance that can see across channels. Transcription that supports review across languages. Controls that can be evidenced. Workflows that reduce noise and support better decisions. And compliance teams that can move quickly without losing accountability.


The organizations that lead in this next phase will not be the ones that simply automate the most. They will be the ones that understand risk in context, act with confidence, and show their work when regulators ask the hardest questions.


That was the clearest takeaway from XLoD London: the future of compliance is not just faster. It is more connected, more intelligent and more defensible.


Missed us at XLoD London? Learn how NICE Actimize helps firms strengthen compliance oversight, unify surveillance, improve operational visibility and move toward greater regulatory certainty.

Explore our solutions here.

    Speak to an Expert