Skip to main content

Governance, Risk & Compliance Technology | Oct 2025

In-Focus: Fraud, AML & Identity Management

This update takes an in-depth focus on the Fraud, AML and Identify Management sub-sector within GRC. We look at the key trends, the evolution of the service delivery value chain, prevailing valuation reference points and selected transaction activity across the sub-sector.

Key Takeaways | Governance, Risk and Compliance Technology

Regulatory tailwinds remain an ever present within the broad GRC sector, influencing product evolution, investment and M&A activity.

M&A Momentum Returns, while Valuations Hold Firm:

Transaction activity in GRC technology has rebounded, with deal flow and average transaction values trending upwards. Multiples remain steady at ~4.3x EV/Revenue, underpinned by resilient fundamentals and growing investor appetite for scalable, AI-enabled compliance platform.

Regulatory Tailwinds Bolster Fraud, AML and ID Infrastructure:

Global compliance tightening and the EU’s 2030 Digital Identity Framework (eIDAS 2.0) are reinforcing demand for RegTech and identity orchestration solutions. The projected €84B digital identity market highlights a decade-long structural tailwind for digital trust providers.

Capital Deployment Remains Active

Investor momentum persists with ~€1B raised over the last twelve months across the digital identity segment. PE and growth investors are focusing on automation-first platforms capable of delivering cost efficiency, regulatory resilience, and cross-market scalability.

 

Our GRC practice extends across the core industry verticals

There are a range of business models for tech companies serving the GRC space, some tech-enabled and others software first. Many providers focus on specific use cases, service delivery types and tailored end-market solutions.

RegTech, Risk & Compliance: Tech-driven services and solutions that help businesses manage regulatory requirements, mitigate risks, and ensure compliance with industry standards and obligations

ESG & CSR: Services that provide departmental and senior management with an overview and insight into performance across key ESG & CSR metrics. Solutions can also incorporate best practice management, predictive insights and remediation workflow management tools

Diversified GRC: Integrated approach to managing GRC across multiple dimensions of an organisation. This includes a broad spectrum of processes and tools to align corporate governance, effectively manage risks, and ensure compliance with internal policies and external regulations, across regions and industries

Fraud, AML & Identity Management: Focus on safeguarding financial and other transactions, protection against fraudulent activities, illicit activity, and identity-related threats.to businesses and individuals

Enterprise & Operational Risk: Monitoring, identification and resolution management of key business risks that could impact operations, best practice supply-chain integrity management in the context of consistent service quality delivery

 

Multiple Trends Are Converging To Shape The Future Of GRC Technology

GRC solutions continue to evolve as a focal point of performance monitoring and benchmarking, supporting management decision making while also enabling continuous alignment with changing compliance requirements and delivering consistent high-standards across the supply-chain

In focus: Fraud, AML, and Identity Management

What has been getting our attention in Fraud, AML, and Identity Management

There are a number of recurring themes in the sector, with regulatory compliant AI led solutions and cross-border scope high on the agenda

AI is reshaping ID management & AML service delivery

  • Generative AI and machine learning are moving beyond anomaly detection into decision automation and proactive prevention. Taking the lead from human input and validation, with market leading models delivering high accuracy at volume and speed
  • AI models can now detect synthetic identities, deepfake-enabled fraud, and complex layering schemes in real time
  • Investors are watching how vendors balance innovation with explainability, regulatory compliance, and risk of model drift, all factors that directly influence valuations and adoption

ID management is becoming the cornerstone of GRC

  • As fraud shifts toward identity-centric attacks, identity verification, authentication, and orchestration are no longer just front-door controls but foundational to the enterprise risk stack. Keeping bad actors from entry remains the first line of defence
  • This is driving convergence between identity, fraud prevention, and AML platforms, and is spurring investment activity as operators seek end-to-end suites, with PE leaning into “platform + tuck-in” plays, consolidating niche KYC/IDV capabilities into broader compliance suites

Regulatory scrutiny and enforcement is on the rise

  • A consistent prevailing tailwind in the GRC sector, from AMLD6 in Europe to evolving FinCEN guidance in the U.S., regulatory bodies are tightening requirements around beneficial ownership transparency, transaction monitoring and screening
  • Operators face growing compliance costs, while investors are attentive to solutions that can scale compliance without escalating headcount
  • Vendors that demonstrate adaptability and automation-first compliance are delivering higher margins and commanding premium multiples

Real-time, cross-border compliance becoming the norm

  • Globalisation of financial services, faster payments, and embedded finance are reshaping compliance demands. This drives ID management tools to deliver real-time monitoring and cross-border interoperability
  • Standalone point solutions in fraud detection or AML monitoring are under pressure as clients seek integrated solutions that unify case management, reporting, and analytics
  • Consolidation is accelerating, through strategic acquirers and PE roll-ups, driven by the need for lower cost to serve and standardised reporting

Download the full report

The full report, including M&A deal activity, key trends and public market valuation metrics for the broader GRC space, can be downloaded at the top of the page.

Contact us

If you have any questions about the report, don’t hesitate to get in touch with one of our team.

Previous Reports

Governance, Risk & Compliance Technology | Q4 2024

Get in touch

Brian Keane
Associate Director
Erik Pettersson
Partner
Ivo Polten
Partner
Weitere News