Opeyemi Kayode is a fintech and risk compliance expert with a background in corporate finance, technology, and innovation management. He most recently served as an assistant manager at KPMG UK, where he led projects spanning internal audit, financial governance, and enterprise risk across sectors including banking, healthcare, and consumer markets. He helps organisations navigate complex regulatory landscapes, delivering solutions that drive resilience, operational efficiency, and sustainable growth. He is especially passionate about helping fintechs scale responsibly by embedding strong compliance frameworks from day one. In this interview with Folake Balogun, he discusses how African startups are increasingly adopting tools to support risk management, compliance, and operational integrity. Excerpts:
There is growing consensus that the next generation of successful fintechs in Africa may be those that prioritise regulatory compliance over rapid growth. How do you see this tension playing out in Africa’s startup ecosystem, and what might drive a shift in mindset?
The tension between rapid growth and regulatory compliance in Africa’s fintech space is becoming increasingly evident as investor and stakeholder expectations evolve and regulators tighten oversight. Historically, many early-stage fintechs prioritised scale and expansion and deferred compliance until later stages. However, recent actions of enforcement by the CBN, licence suspensions, and fines have shown that regulatory breaches can threaten growing concern and negate growth gains. That said, the goal is not to have a situation of tension when growing the company. Founders should not see compliance as a brake or a hindrance to innovation and growth but as an enabler of sustainable growth, and this shift is already being seen.
This shift is driven by three main factors, which are increased scrutiny from regulators like CBN and NFIU, increased consumer awareness of financial security and data privacy, and investor and stakeholder demands for robust governance and compliance structures.
It is becoming more evident that over time, competitive edge in the fintech industry will be driven by incorporating compliance into product architecture from inception, which helps reduce long-term operational and reputational risks.
Are African startups making use of relevant tools to enable adoption and mitigate risk?
African startups are increasingly adopting tools to support risk management, compliance, and operational integrity, and it is great to see. Not only because of its benefits, but also because it indicates the growth and maturity of the sector.
Solutions like iiDENTIFii, Smile ID, and Identify Africa provide tailored authentication, identity verification, and KYC processes for the African market through integration of local databases like Nigeria’s NIN and BVN, Kenya’s Huduma Namba, and Ghana’s SSNIT, among others. Some fintechs are also utilising payment monitoring APIs, real-time sanctions screening services, and transaction analytics platforms like Flagright and ComplyAdvantage to drive early detection of suspicious transactions and activities.
AI has been viewed as a game-changer for automating STRs, KYC, and regulatory reporting. What does this look like in practice?
Compliance officers used to rely on intuition and manual reviews of more easily identifiable red flags for STRs, regulatory reporting, and KYC. But now, AI enables more accurate, faster, and even holistic reviews of transactions, which increases efficiency while reducing the workload for compliance teams.
For Suspicious Transactions Reporting (STRs), AI enables the processing of a large amount of transactions in real time, identifying anomalies and patterns that might signal money laundering, fraud, or terrorism financing. It could also detect instances where transactions are playing below reporting limits to circumvent attention but aggregate to something larger.
For KYC processes, AI helps to integrate and reconcile siloed identity systems across multiple databases, identifying inconsistencies, validating identities, and supporting documentation. There are also use cases in regulatory reporting where AI helps to pull relevant data and information from company systems and identifies inconsistencies, missing data, and standardises it into regulator formats.
However, it is important to note that strong data governance and human oversight are required to validate results and ensure the defensibility of results and actions. As shown by Kuda Bank’s AI-assisted risk scoring project, AI in compliance works best not as a fully autonomous system but as a compliance co-pilot.
With multiple layers of oversight, from CBN to NFIU and SEC, some founders speak of ‘compliance fatigue’. How can RegTech tools help streamline regulatory burdens while ensuring startups stay on the right side of the law?
RegTech is helping tremendously. For startups operating under the oversight of multiple regulators like CBN, SEC, and NFIU, compliance fatigue often comes as a result of duplicate reporting requirements, a high volume of manual checks, and different reporting formats. Adoption of RegTech tools helps startups automate recurring processes like transaction monitoring and report generation, which not only reduces operational load but also ensures consistency and accuracy. Development of tools that help to consolidate reporting, automate reconciliations, and map controls to regulatory frameworks is gaining traction and enabling more holistic oversight across entire transaction flows.
RegTech tools that offer modular reporting are gaining increasing adoption because they enable and support multiple compliance by helping to produce reports tailored to specific regulator requirements without duplicating efforts.
There’s a growing view that robust compliance has gone beyond being a risk mitigator to a value driver. How does a strong RegTech posture influence investor confidence, especially for fintechs courting foreign capital?
For foreign investors and capital providers, compliance is not just about avoiding fines. It is now seen as a proxy for long-term stability, sustainability, and good governance. A robust RegTech posture sends a strong message to investors that a company is agile, resilient, operationally mature, and capable of scaling sustainably.
A well-implemented RegTech system provides investors and providers of capital with confidence and assurance that the startup can scale responsibly, manage regulatory risks across the jurisdiction of its operations, protect customer data, and respond promptly to compliance breaches.
This is extremely important in cross-border investments where due diligence is significant and the robustness of the startup’s compliance processes can impact investors’ ultimate decisions. A fintech that can demonstrate a robust and comprehensive compliance process is more likely to secure better valuation multiples, pass investor audits, and accelerate deal timelines because of increased investor confidence in its operations.
Where do you see the most critical compliance failures happening due to human error? And how much legal or reputational risk do these lapses expose startups to in today’s regulatory climate?
The most critical compliance failures due to human error often occur in three areas: inaccurate or incomplete KYC/onboarding, manual transaction review and reporting, and delayed escalation of flagged or suspicious activities. Human agents may input incorrect details during customer account setup or match different customer information, thereby undermining KYC integrity. Compliance officers may also overlook transactions playing just beneath the threshold that, when aggregated, exceed reporting thresholds and may also be overwhelmed, leading to delays in reviewing, escalating, and reporting suspicious activities.
These lapses expose defaulting companies to legal and reputational risks, especially because they can lead to customer losses that trigger legal actions. They can also lead to reputational damage that erodes customer trust and triggers regulatory penalties. With CBN being open with sanctions, being a defaulter can have far-reaching consequences. Beyond the financial loss, such failures can lead to licence suspension, operational restrictions, and even increased scrutiny, which can be detrimental to the fintech’s growth and continuous survival.
Many African startups rely on imported RegTech tools. Given the complexity of African regulations, is there a risk of poor fit or misalignment, or is there a rise in homegrown innovation to address this?
Yes, there is a significant risk that imported RegTech tools, though sophisticated, may not fully align with African regulatory frameworks, leading to critical misalignments. These often manifest in areas like integration with national identity systems, local language requirements, infrastructural differences, and compliance with data sovereignty rules. Data hosting and storage could also pose challenges under data protection laws like Nigeria’s NDPR.
There is also a growing wave of homegrown innovation designed to address these challenges. Platforms and tools like SmileID, Voyance’s Sigma, and RegTech365, among others, are building solutions tailored to the African markets and their nuances.
For early-stage founders, compliance can seem like a luxury. How can startups build a strong compliance foundation from the start without significantly eroding runway or growth focus?
Just like scaling and growth, compliance can be phased to be commensurate with operations and size. Early-stage startups can implement strong compliance foundations by adopting a phased, risk-based approach rather than attempting to implement a fully mature compliance framework from day one. This could start with mapping key regulatory requirements based on market and product offering and categorising them based on risk ratings to define the method of approach. Founders can utilise low-cost or open-source compliance tools to automate basic processes and focus on major ones, thereby reducing the need for large compliance teams in the early stages.
I always like to use the car brake analogy when discussing this topic. Because risk management and compliance, just like car brakes, are not there to hinder us; they are there to assure us that we can go as fast as we safely can. As such, compliance should not be seen as a luxury or a nice-to-have but as a necessity for sustained growth and a competitive edge.
As African fintechs scale into other African markets, the fragmented regulatory landscape becomes a challenge. Can RegTech offer scalable solutions for cross-border compliance?
RegTech can offer significant value in addressing cross-border compliance challenges by helping to implement compliance frameworks that adapt to multiple fragmented regulatory regimes. Modular reporting tools can be configured to meet submission timelines and specific requirements of various regulators, which reduces duplication of efforts and increases the adequacy of compliance.
Also, API-driven platforms have the capacity to integrate with national identity systems in various countries to enable consistency and compliance with KYC requirements in different jurisdictions.
However, while technology provides scale, human oversight, local expertise, and strong governance are needed in conjunction with technology to ensure effectiveness and adequacy.
With automation transforming compliance processes, what’s the future role of compliance officers? Will we see a rise in RegOps or tech-enabled risk professionals across the continent?
Compliance officers are already seeing changes in their job descriptions. As adoption of automation in compliance grows, compliance officers’ focus will shift from manual processing to technology governance and strategic oversight.
As activities like transaction monitoring and report generation become automated, compliance officers will be expected to manage these platforms, validate AI outputs, maintain relationships with regulators, and ensure regulatory alignment across multiple markets.
We should see a rise in compliance roles that blend compliance expertise with technical and operational skills in Africa. Future compliance officers will be required to ensure data integrity, optimise compliance workflows, and bridge the gap between technical execution and regulatory requirements.
As startups adopt AI-powered compliance tools, how should they navigate concerns around data privacy and consumer trust, particularly in markets with limited digital rights frameworks?
As consumers become more aware, data privacy becomes increasingly significant. As startups adopt AI-powered compliance tools, there is a need for a combination of operational transparency, legal adherence, and consumer engagement.
Startups must ensure that their tools comply with applicable laws. Beyond that, startups should implement clear consent procedures, allow for opt-out where possible, and provide visibility to customers on how their data is used.
In markets with limited data rights frameworks, voluntary compliance indicates high ethical standards, which could serve as a differentiator for startups and provide them with a competitive advantage, especially as it boosts consumer trust and also investor confidence. It helps the startup build long-term trust, resilience, and agility against regulatory shocks.
There’s increasing pressure on fintechs to align not just with financial regulations but with broader ESG standards. Do you see RegTech playing a role in this shift toward ethical and sustainable compliance?
The increasing pressure is a result of increasing stakeholder awareness and changing stakeholder expectations. And yes, RegTech can play a significant role in integrating ESG standards and considerations into financial regulation frameworks.
RegTech platforms can provide infrastructure to measure, track, and report non-financial performance indicators. Provided adequate data is available, RegTech tools can be adapted to monitor and assess environmental impact from operational data, monitor DEI metrics, and identify supply chain risks linked to human rights violations, among others.
In Africa, we have seen a rise in the consideration of ESG compliance when accessing international capital. Startups’ ability to demonstrate measurable and verifiable impact can be a competitive edge. RegTechs that can integrate ESG considerations with traditional compliance reduce complexity and also position fintechs as responsible and future-forward players in the global market.
