The success of digital finance ultimately depends on execution. Institutions must adapt their operations, risk frameworks, and workforce capabilities, while regulators and market participants build the capacity to oversee increasingly complex systems.
Drawing on his extensive experience advising regulators and financial institutions and delivering capacity-building programmes across MENA and West Africa, digital finance strategist Elias Tayeh highlights the practical realities of implementation – from digital transformation and compliance redesign to training, ecosystem coordination, and supervisory innovation.
In this second and last part, Elias Tayeh focuses on implementation – how transformation reshapes compliance, how training strengthens regulatory readiness, and what practical lessons can be drawn from real-world initiatives.
When financial institutions undergo digital transformation, what operational and compliance routines are most fundamentally altered, and how should institutions recalibrate their risk management frameworks to keep pace?
Digital transformation doesn’t just modernise the front end – it rewrites the entire operational DNA of financial institutions. The most fundamental alterations occur across data governance, customer onboarding, operational risk, product delivery, and regulatory reporting.
Data governance shifts from siloed, department-specific databases to integrated data lakes or hybrid clouds. This changes how institutions collect, store, and process information, requiring new governance routines for data lineage, retention, quality assurance, and regulatory access. Compliance teams must move from periodic sampling to continuous data validation and automated reporting.
Customer onboarding and KYC/AML replace manual verification and paper trails with eKYC, biometric authentication, and digital platforms. Compliance now depends on real-time screening – PEP, sanctions, adverse media – and algorithmic decisioning that must be explainable, logged, and auditable.
The operational risk perimeter expands to include APIs, cloud vendors, fintech partners, and data processors. Institutions must shift from static control checklists to dynamic risk mapping, integrating cyber, vendor, and operational risk metrics into unified dashboards.
Product delivery moves from annual release cycles to continuous integration and deployment. This demands new compliance routines for model validation, version control, testing, and release approvals, including risk-based fast lanes for low-impact updates.
Regulatory reporting increasingly expects machine-readable reports and live dashboards. The transformation calls for RegTech integration – automated data extraction, tagging, and reporting workflows – requiring coordination between compliance, IT, and operations teams.
Recalibrating the risk management framework means moving from procedural to predictive risk management. Replace siloed risk units with cross-functional platforms using unified risk taxonomies and shared controls. Adopt continuous control testing and live key risk indicators linked to core and cloud systems. Implement onboarding, certification, and monitoring regimes for third parties and API providers. Maintain model inventories with version histories, bias and drift testing, and formal explainability reviews. Treat cybersecurity and operational resilience as core components of prudential risk with clear RTO/RPO metrics and incident escalation rules. Train staff to interpret digital risk metrics and embed digital risk champions within business lines.
The data migration bottleneck explains why roughly 94% of financial institutions fail to meet digital transformation timelines. Legacy systems, while functionally robust, are architecturally rigid. Many are built on monolithic codebases with hard-coded logic and decades of patchwork updates. Extracting, cleaning, and mapping data to modern environments is slow, expensive, and risky. Data models are inconsistent, leading to broken referential integrity. Migration testing must be repeated multiple times under live conditions. Downtime windows are limited, forcing incremental cutovers that multiply cost and risk. Budget overruns and timeline slippage are almost inevitable because legacy cores were never designed for modular upgrades or external connectivity.
Generation 4 core banking platforms – built on microservices, containerisation, and open APIs – are architected for change. They plug into fintech ecosystems seamlessly via RESTful APIs or ISO 20022 interfaces. They allow component-level updates instead of full-system overhauls. Data models are standardised and extensible, easing migration and reporting. Most importantly, they support upgrade-without-downtime cycles, enabling real transformation without paralysing daily operations. Institutions adopting Gen 4 cores experience significantly higher transformation success rates precisely because these systems were built to be updated, connected, and compliant by design – not bolted on after the fact.
The human resources dimension is the real foundation. Most digital transformations fail not only due to technical bottlenecks but because the people dimension is under-addressed. Transformation requires cross-disciplinary talent – data engineers who understand compliance, compliance officers who interpret analytics, risk managers who read API logs.
Legacy teams often lack exposure to agile development, CI/CD cycles, or cloud-based supervision tools. Moving from manual, control-heavy processes to data-driven, automated workflows challenges entrenched mindsets. Teams used to retrospective reviews must adapt to continuous monitoring and predictive risk alerts – a cultural shift requiring targeted training and sustained leadership engagement.
Institutions must embed structured learning pathways covering RegTech, SupTech, digital risk governance, model validation, cybersecurity, and operational resilience. Tailored professional training bridges compliance, technology, and business lines. Continuous learning ensures transformation is institutionalised, not person dependent.
Digital transformation redefines traditional roles: compliance becomes tech-enabled, operations become data-led, audit becomes real-time. Updating job descriptions, KPIs, and internal reporting structures ensures staff understand their new accountability. Executive leadership must treat training not as cost but as risk mitigation investment. Establishing a digital transformation office or centre of excellence coordinates technical migration with human-capital alignment, ensuring people evolve with systems – not after them.
Technology drives change, but trained, adaptive professionals sustain it. Gen 4 core banking platforms make digital transformation structurally easier; human capability development makes it operationally possible. Both must evolve together – because transformation that outpaces people inevitably fails to deliver its promise.
You’ve worked extensively on training and knowledge-sharing initiatives in MENA and West Africa. What lessons emerged through these initiatives on how capacity-building efforts can strengthen compliance culture and regulatory readiness in digital finance ecosystems?
Professional training and structured knowledge-sharing shift the mindset of regulators and financial institutions from passive compliance to proactive digital governance. Digital transformation is fundamentally about people interpreting technology within a regulatory lens. Well-designed training interventions bridge the awareness gap between innovation and regulation, fostering curiosity, accountability, and informed policymaking.
When I delivered a course on “Legal, Economic, and Business Aspects of Payments Digitalisation” to senior central bank directors, the experience highlighted how impactful targeted learning can be. These officials were genuinely surprised by dashboards and data interpretations drawn from their own country’s payments ecosystem.
The visualisation helped them see interconnections between policy decisions, market behaviours, and emerging technologies they hadn’t recognised before. When we addressed complex subjects like CBDCs, cryptocurrencies, and open banking indirectly and constructively – without challenging institutional positions – we created a safe intellectual space for critical thinking.
By the end, several participants acknowledged they lacked specialised human capital to design frameworks for digital assets and crypto regulation, but the session reshaped their internal dialogue. They began viewing these areas not as threats but as policy challenges requiring systematic study. This shift, from avoidance to strategic curiosity, is one of the clearest indicators that professional training enhances regulatory readiness.
In another engagement, I delivered Digital Finance Strategy training for senior executives of financial institutions from a North African country. Initially, participants were competitors – banks and microfinance providers accustomed to guarding their data. As training progressed, content around data sharing, interoperability, and ecosystem collaboration sparked a breakthrough.
When they realised the lack of a common digital finance framework was collectively stalling their market’s evolution, they began cooperating. During the final group exercise, these institutions jointly drafted an advisory note proposing a national open-banking framework for their regulator – a symbolic yet powerful outcome. Training catalysed a shared compliance culture, turning competition into coordinated progress.
So, to go back to answering the question, what we can take from these experiences and lessons drawn from them is that learning environments build trust in ways formal meetings cannot. Well-facilitated professional training creates safe spaces where regulators and market players exchange views candidly, building mutual trust that becomes the foundation of regulatory coherence.
Visualisation and contextualisation make regulatory discussions tangible – using country-specific data dashboards and real market examples lets participants see themselves in the data, making learning relevant, localised, and actionable. Indirect engagement on sensitive topics works because approaching areas like crypto, CBDCs, or data governance through discussion rather than advocacy reduces defensiveness and encourages reflection, transforming resistance into strategic foresight.
Training catalyses policy collaboration – collective exercises like simulating open-banking frameworks help participants practice consensus-building, the same skill needed for cross-sector policymaking. Professional learning closes the human-capital gap faster than traditional recruitment or academic study, providing both knowledge and confidence to act.
Most importantly, training builds compliance culture through empowerment, not enforcement. When professionals understand why regulations exist and how digital transformation interacts with them, compliance becomes an informed choice, not a procedural burden.
Capacity-building and professional training are not peripheral to digital finance—they are the mechanism through which compliance culture and regulatory maturity are achieved.
By translating complex topics into practical, contextual understanding, such programs build trust, inspire collaboration, and enable readiness. Regulators start envisioning frameworks; institutions start aligning behaviour voluntarily. The balance between innovation and regulation depends less on technology and more on how people are trained to understand and govern it.
Drawing from your experience in MENA and West Africa, what practical lessons from donor-funded technical assistance (TA) projects and supervisory innovation can be applied globally to help regulators and financial institutions manage the risks and opportunities of digital finance?
Donor-funded technical assistance has become the laboratory where innovation meets regulation. These projects succeed not by importing global models, but by adapting global principles to local market realities through inclusive design, iterative pilots, and embedded capacity building.
Working for three years with financial institutions, microfinance institutions, and non-bank financial institutions in Jordan under a TA project supporting MSME and women-led business access to finance, several clear patterns emerged that have global applicability.
Co-design with the whole ecosystem works. In Jordan, we worked hand-in-hand with a diverse ecosystem – FIs, MFIs, leasing companies, and other market actors – to co-create solutions instead of imposing templates. The collaborative structure of workshops, focus groups, and joint market research allowed each participant to see the bigger picture and align on shared objectives. The results were clear: institutions began introducing new financial and digital finance products aligned with MSME and women-led business segments. Others launched agri-lease products and bundled services because they had access to market data and customer insights generated through joint TA exercises. By contrast, insurance companies – which insisted on operating in a “one-man-show” style – fell short and eventually withdrew. Their isolation highlighted a simple truth: coordination multiplies impact, while isolation limits it.
Standards and frameworks should be set early, not after the fact. Common definitions and risk assessment standards must be agreed at the beginning – not after pilot results appear. Early standardisation across credit scoring, product design, and consumer protection saved time and created comparability between partners. When institutions later explored digital lending or mobile-based onboarding, this early alignment allowed seamless transition into standardised risk reporting and data aggregation – something many TA projects globally struggle to achieve when frameworks come too late.
Identity, data, and human capital foundations are everything. Even advanced digital tools mean little without verified identity systems, reliable data, and trained staff. In Jordan, onboarding small enterprises – especially informal or women-led ones – was challenging because of fragmented registries and non-digitised records. We coupled technical interventions with capacity building: training FI teams on assessing informal business profiles using proxy indicators, coaching them to combine market insight with compliance logic rather than relying purely on traditional collateral. This adaptive approach created a more inclusive credit culture.
Build consent and data governance from the start. Even without formal open-banking rules, establishing transparent consent protocols and data-use disclosures was essential. Customers – especially women entrepreneurs – showed higher trust in institutions that could clearly explain how their information would be used. Data governance is not just a compliance checkbox; it’s a business enabler that builds customer confidence and unlocks uptake.
Start narrow, ship value, then scale. The Jordan project began with focused pilots – supporting one MFI in digital lending process re-engineering before scaling to others. This “start small, prove value” approach ensured lessons were internalised before wider rollout, allowing regulators and donors to demonstrate early wins, de-risk investment, and build stakeholder confidence.
Capacity first, capacity last. No amount of technology can substitute for human readiness. Every successful deliverable – from new product launches to credit-scoring prototypes – was accompanied by training, coaching, and peer exchange. The difference between FIs that progressed and those that stagnated lay in how seriously they invested in their teams’ understanding of digital finance and risk management.
For me and our PFSPs, the Jordan TA project’s success was not about technology alone – it was about shared learning, coordinated execution, and human development. While insurers withdrew due to isolation, those who collaborated produced measurable outcomes: new MSME products, agri-leasing models, and digital finance offerings.
This experience proves that sustainable digital transformation happens where collaboration, standardisation, and capacity intersect. The most enduring infrastructure in digital finance isn’t the platform or the API; it’s the ecosystem of people and institutions who build and trust it together.
Elias M. Tayeh is a digital finance strategist with over 20 years of international experience leading fintech, regulatory, and digital transformation initiatives across the MENA region, West Africa, and beyond. He is the Founder and General Manager of Cedratech Consulting Services Ltd., a consultancy specialising in digital finance solutions, systems modernisation, and systems integration. He also serves as Managing Director of Epic Payment Technologies Ltd., a licensed Payment Services Provider under the Central Bank of Nigeria. Elias has advised semi-governmental authorities, regulatory authorities and financial institutions on open banking, Digital Finance, RegTech, SupTech, and national payment platforms. His work emphasises and embeds financial inclusion, consumer protection, SME finance, and women-led business empowerment. He has delivered training programmes at the IBS Fintech Academy Jordan, CBF Tunisia, and Alex Bank Egypt, and has collaborated on large-scale projects with GOPA AFC, GFA Group, and the Frankfurt School of Finance & Management. He also recently participated as a session chair and session moderator at the Amman Forum 2025 – “Harnessing Artificial Intelligence in Combating Money Laundering and Terrorism Financing: Opportunities, Risks, and the Way Forward”, held in September 2025 in Amman, Jordan. The forum addressed topics such as artificial intelligence in AML/CFT, supervisory innovation, and the role of RegTech and SupTech in compliance.
