The last time financial regulators across multiple continents moved this quickly was 2008, when the collapse of Lehman Brothers forced emergency legislation in weeks rather than years. In 2025 and early 2026, regulators in the EU, United States, United Kingdom, India, and Brazil have issued or finalized more than 30 major rules targeting fintech companies, digital assets, AI in finance, and payment systems, according to a tracker maintained by the Financial Stability Board. The pace is not accidental. Fintech is now large enough to pose systemic questions.
The Scale That Triggered Action
In 2018, fintech companies processed less than 5% of global payment volume. By 2025, that share exceeded 22%, according to Bank for International Settlements data. Nubank has more customers than any bank in Latin America. M-Pesa processes more transactions than Kenya’s entire banking system. Stripe handles more payment volume than most national payment networks.
When companies reach that scale, regulators face a choice: apply existing rules designed for traditional banks, or write new rules designed for the business models that fintechs actually operate. Most have chosen the latter, but at a speed that has caught many fintech companies off guard.
Fintech is reshaping the $300 trillion global financial services industry, and the regulatory response is accelerating to match.
What the Major Jurisdictions Are Doing
The European Union finalized PSD3, the AI Act’s financial services provisions, the Markets in Crypto-Assets Regulation (MiCA), and updates to the Consumer Credit Directive, all between mid-2024 and early 2026. MiCA alone required crypto exchanges and stablecoin issuers to obtain licenses, maintain reserves, and file regular reports with national authorities. By January 2026, over 400 crypto firms had applied for MiCA licenses, per the European Securities and Markets Authority.
The United States has taken a fragmented but active approach. The CFPB classified BNPL providers as card issuers, proposed rules for AI-based lending decisions, and issued an open banking rule under Section 1033 of Dodd-Frank that requires banks to share customer data with authorized third parties. The OCC updated its fintech charter framework. The SEC intensified enforcement against crypto platforms, filing 46 enforcement actions related to digital assets in 2025.
The United Kingdom’s Financial Conduct Authority finalized BNPL regulation, published its digital assets framework, and updated its open finance roadmap. India’s Reserve Bank introduced a digital lending regulatory framework, tightened rules for non-bank payment aggregators, and published AI governance principles for financial services. Brazil’s central bank launched its own CBDC pilot (Drex) and updated Pix regulation for the fourth time since the system’s 2020 launch.
The global fintech market is expected to reach $556 billion by 2030, and the regulatory frameworks being built now will determine how that market develops.
The Compliance Cost for Fintechs
Regulatory compliance is expensive for companies that were built for speed, not for documentation. A Deloitte survey of 200 fintech companies published in February 2026 found that compliance costs rose an average of 34% between 2024 and 2025. For fintechs operating in more than five jurisdictions, the increase was 52%.
The most expensive areas are anti-money laundering compliance ($8.2 billion spent by fintechs globally in 2025), data protection and privacy ($3.1 billion), and licensing and registration ($2.4 billion). Many fintechs that operated in regulatory gray zones are now forced to choose: invest in compliance infrastructure or exit markets where the rules have tightened.
Over 30,000 fintech companies operate worldwide, but not all of them will survive the regulatory tightening. The companies with the resources to comply will gain a competitive advantage. Those without will face enforcement action, exit, or acquisition.
Crypto Regulation Leads the Wave
Digital asset regulation accounts for more than half of the new rules issued globally in 2025. The collapse of FTX in November 2022 accelerated legislative timelines by years. In the EU, MiCA was already in progress but was fast-tracked. In the United States, the SEC shifted from a guidance-based approach to enforcement. Japan, South Korea, and Australia all passed comprehensive crypto licensing frameworks in 2024 and 2025.
Stablecoin regulation is particularly active. The EU requires stablecoin issuers to maintain 1:1 reserves in European bank accounts. The U.S. proposed the Clarity for Payment Stablecoins Act, which would require federal or state licensing for all stablecoin issuers. Circle, the issuer of USDC, applied for a banking charter in 2025. Tether relocated its legal entity structure to comply with multiple jurisdictions, according to the Financial Times.
Fintech investment surpassed $210 billion in recent years, and a growing portion of that capital is now going to regtech companies that help fintechs comply with the new rules.
The Strategic Implications
For fintech founders, the message is clear: regulatory strategy is now as important as product strategy. Companies that delay compliance work until regulators force it will pay more, both in direct costs and in lost market access. Companies that build compliance into their products from the start, such as Stripe’s automated tax and reporting tools, turn compliance into a competitive feature.
For investors, regulatory clarity is a positive signal. Markets with clear rules attract more capital than markets with regulatory uncertainty. Global fintech revenue is expected to triple within the next decade, and the regulatory frameworks being established now provide the certainty that institutional investors need.
75% of banks now collaborate with fintech startups, and regulatory alignment makes those partnerships easier. A bank can integrate a fintech product into its operations more confidently when the fintech is licensed, audited, and subject to the same regulatory expectations.
The 2008 regulatory wave reshaped banking for 15 years. The current wave is doing the same for fintech. The rules are being written now. By the time they are fully in force, the companies that prepared will be the ones still operating.
