Forex Payment Compliance in 2026: What B2B Operators Must Get Right

The Compliance Landscape for Forex Payments in 2026

The regulatory environment for forex and cross-border payment operations has become materially more demanding over the past three years, and 2026 brings further tightening across multiple dimensions. AML requirements are becoming more prescriptive, with transaction monitoring thresholds and suspicious activity reporting timelines tightening in the EU, UK, and US. Licensing requirements are being extended to more categories of cross-border payment activity, closing loopholes that smaller operators previously relied upon. And enforcement is intensifying: regulatory fines for payment compliance failures have increased both in frequency and in average size, with several high-profile enforcement actions in 2024 and 2025 making clear that regulators are serious about the operational quality of compliance programmes, not just their formal existence.

For B2B forex and remittance operators, the practical question is not whether compliance is required — it clearly is — but how to build compliance programmes that are both effective and operationally efficient at scale.

AML and Transaction Monitoring Requirements

Anti-money laundering requirements for forex payment operators in 2026 centre on three core obligations: customer due diligence (CDD) at onboarding and throughout the client relationship; real-time transaction monitoring to detect unusual or potentially suspicious activity; and timely suspicious activity reporting to the relevant financial intelligence unit (FinCEN in the US, the NCA in the UK, or the relevant national FIU in EU member states).

The operational challenge is that transaction monitoring at scale — where a remittance operator may process tens of thousands of transactions daily — requires automated screening systems rather than manual review. Building effective rule sets and machine learning models that generate a manageable number of alerts without missing genuinely suspicious activity is a specialist capability. Operators who rely on generic off-the-shelf transaction monitoring tools without tuning them to their specific client population and transaction patterns consistently find that they are either generating too many false positives (creating operational burden) or missing real suspicious activity (creating regulatory risk).

Licensing Obligations by Jurisdiction

European Union

Under the EU's Payment Services Directive 2 (PSD2) and the forthcoming PSD3, operating as a payment institution or electronic money institution requires authorisation from the relevant national competent authority. Passporting rights allow EU-authorised firms to operate across member states, but the authorisation process requires demonstrating adequate capital, governance, and compliance infrastructure. The EU's AML directives — currently transitioning to a direct-application AML Regulation — impose harmonised CDD, monitoring, and reporting standards across all payment service providers.

United Kingdom

Post-Brexit, UK payment firms require FCA authorisation as a Payment Institution or Electronic Money Institution, with no automatic passporting from EU licences. The FCA's approach to payment firm supervision has become substantially more demanding since 2021, with increased scrutiny of safeguarding arrangements, wind-down planning, and operational resilience. The FCA's Consumer Duty obligations, while primarily targeted at retail client-facing businesses, also affect the B2B layer for firms whose clients serve retail customers.

United States

Cross-border payment operations in or through the United States require compliance with FinCEN's Money Services Business registration requirements, state-level money transmitter licensing (which varies significantly by state), and the Bank Secrecy Act obligations that flow from these licences. The patchwork of state-level licensing requirements remains one of the most complex regulatory environments for cross-border payment operators globally.

Building a Compliance Programme That Scales

The most effective compliance programmes for forex payment operators combine automated transaction monitoring with clear human review escalation procedures, a documented risk appetite framework that calibrates CDD intensity to client risk levels, and regular programme reviews that incorporate regulatory guidance updates and enforcement trends. Compliance should not be treated as a static programme — the regulatory environment is evolving continuously, and programmes that were adequate two years ago may be deficient today. Contact our team to discuss how NuovoConnect's payment platform supports compliant cross-border payment operations across key regulatory jurisdictions.