From your perspective in Cyprus and the EU, what are the most pressing challenges in sourcing and retaining compliance professionals today, and how are these shortages affecting firms’ ability to meet supervisory expectations?

The biggest challenge is balance, keeping up with continuous regulatory change while maintaining operational resilience inside lean teams. Our latest salary and workforce data shows that 44% of compliance professionals changed jobs in the past 12 months, most often citing the move to higher salary, career growth, or better culture. 

So, while firms are investing heavily in governance frameworks, the people delivering them are moving faster than ever. Around 60% of respondents in our Compliance Professionals Survey also said they don’t have adequate resources – whether tools, headcount, or training. That naturally impacts supervisory readiness. When the same individual is both drafting policies and performing surveillance, gaps appear in testing, MI, and remediation tracking. It’s not a lack of skill; it’s a capacity problem.

Are firms struggling more with entry-level talent pipelines, mid-level retention, or senior leadership hires – and what does this reveal about the maturity of the compliance talent pool?

It’s definitely the mid-level segment that is feeling the strain. Entry-level pipelines exist. Cyprus graduates and relocators continue to enter financial services, but structured development is not always in place to keep them engaged. By the time they become mid-senior, many look elsewhere for advancement. That’s why we see a 44% mobility rate and so many citing career growth as the main driver for change.

At the senior end, it’s a depth issue. There are few experienced AMLCOs or Heads of Compliance available, and they’re usually well-settled. So, firms are fighting over a small pool while mid-levels rotate. It’s a sign of a market still maturing into a full EU-grade compliance ecosystem – strong talent but unevenly distributed across levels.

With MiCA, AMLD6, DORA and PSD3 reshaping regulatory landscapes, how are investment firms, EMIs, payment providers and iGaming operators adapting their hiring strategies? Are there unique dynamics in Cyprus compared to other EU hubs?

In Cyprus we are seeing a clear shift from ‘one-person compliance departments’ to structured, specialist functions. Investment firms are now hiring specifically for market abuse, outsourcing oversight, and DORA preparedness. Payment and EMI providers are strengthening PSD3/PSR frameworks, while iGaming operators focus more on AML, player protection, and responsible gaming.

Cyprus remains distinctive because of its mix, it blends financial services, FinTech and iGaming under one jurisdiction. The talent base here is concentrated in Limassol and Nicosia, with the majority working in financial services, FinTech, or iGaming. 

Compared with Luxembourg or Dublin, the Cyprus market is younger but more dynamic. Compensation may be lower, but with the scope of roles that are available, people too can influence frameworks, not just maintain them.

With the rise of AI, RegTech, ESG, and digital assets transforming financial services, which new compliance roles are becoming ‘must-haves’ globally, and which of these roles are proving most challenging to source talent for?

Across Europe, the new ‘must-haves’ are DORA/ICT Risk & Operational Resilience leads, Crypto & MiCA compliance specialists, AI Governance officers, and ESG/CSRD compliance leads.

These roles sit at the crossroads of regulation and technology and that’s exactly where the skills gap lies. In our Cyprus sample, ‘technology challenges’ were among the most cited issues by compliance professionals. It’s not resistance, but more about the lack of accessible training and integrated systems. 

The hardest hires right now? Definitely DORA/ICT compliance and crypto-regulatory roles. They require candidates who understand both legal interpretation and technical implementation.

What key factors do compliance professionals weigh when considering a new role? Conversely, what common mistakes do employers make that cause strong candidates to walk away, either during the recruitment process or once they have joined a company?

In terms of compliance professionals looking for a new role, three things stand out:

  1. Career growth and scope. Many leave simply because they’ve hit a ceiling.
  2. Culture and leadership. Teams stay longer when they feel heard and resourced.
  3. Fair, transparent compensation. Around 48% receive a bonus, and 62% have annual salary reviews, so candidates now expect that structure as standard.

Where employers go wrong is usually around clarity. They launch a search with a vague brief, or they advertise a Head of Compliance role that turns out to be a one-person department with no support.
Slow hiring processes also send the wrong message, compliance professionals want to see that the company itself runs to a professional standard.

What strategies are working best for firms to secure and retain compliance talent, beyond simply just raising salaries? How are elements like professional growth, flexibility, and internal culture playing into hiring outcomes?

The strongest retention strategies we see combine structure and flexibility. To retain compliance talent, I would urge firms to consider the following:

  • Define scope and authority early. Candidates stay when the mandate is real and measurable.
  • Show a career path. Link pay bands, promotion criteria, and certification support.
  • Offer flexibility. Even regulated firms can support hybrid or adjusted hours.
  • Invest in enablement. Sponsoring CySEC, ACAMS, or ICA certifications pays off – 30% of our survey of compliance professionals still hold no formal certification, showing a big training opportunity.
  • Upgrade tools. Better systems directly reduce compliance fatigue.

Culture plays a massive part too, teams who feel part of a shared mission, rather than being seen as internal auditors, tend to stay longer.

Looking beyond Cyprus, are you seeing convergence in how global and EU firms approach compliance hiring? For example, are multinational firms increasingly standardising their compliance talent models, or do you still see strong regional variations?

The biggest difference is still depth and pay – hubs like Dublin or Luxembourg have denser senior talent pools and higher cost of living benchmarks. Cyprus, meanwhile, is building its own strength: highly skilled professionals who combine multi-sector experience with flexibility and speed.

Firms here perhaps can move faster, experiment more, and offer broader exposure. That’s what continues to attract both candidates and new licence holders to Cyprus. The compliance profession is maturing rapidly. What we’re seeing now in Cyprus is a shift from compliance being a ‘regulatory obligation’ to being a genuine strategic differentiator.

Donna Stephenson is the Founder & CEO of Emerald Zebra, a specialist recruitment agency serving the FinTech, Technology, Financial Services, and iGaming sectors across Cyprus and EMEA. She leads the annual Cyprus Salary & Workforce Insights Report, providing data-driven intelligence on salaries, hiring trends, and workforce dynamics. Donna has spent more than 20 years connecting high-growth companies with leadership and technical talent and is a recognised voice in the region’s evolving FinTech and compliance ecosystem.