Regulatory Expectations Around Data Richness and Explainability (ISO 20022 Context)
As payment systems move to ISO 20022, regulators are no longer focused solely on message compliance. Increasingly, supervisory attention is on how institutions use richer payment data to improve risk management, decision-making, and transparency—and whether those decisions can be clearly explained and evidenced.
ISO 20022 is therefore as much a regulatory and governance transformation as it is a technical one.
Why Data Richness Now Matters to Regulators
Historically, payment data suffered from:
- Unstructured free-text fields
- Inconsistent population of key attributes
- Limited traceability across systems
ISO 20022 changes this by introducing structured, standardised, and semantically rich data elements. Regulators expect institutions to:
- Capture this data accurately
- Preserve it end-to-end
- Use it meaningfully across fraud, AML, sanctions, and reporting
Data richness is now viewed as a control enabler, not just an information improvement.
Explainability: From “What Happened?” to “Why Was This Allowed?”
Supervisory expectations have evolved from:
- What transaction occurred?
to:
- Why was this transaction allowed, delayed, or blocked?
In ISO 20022 environments, regulators increasingly expect institutions to:
- Explain risk decisions using structured payment data
- Demonstrate consistency in decision logic
- Evidence how data influenced outcomes
Explainability is particularly critical for:
- Real-time and irreversible payments
- Fraud and scam prevention decisions
- AML and transaction monitoring alerts
How ISO 20022 Supports Regulatory Explainability
ISO 20022 enables explainability through:
Structured Party and Account Data
Clear identification of debtors, creditors, agents, and intermediaries supports:
- Sanctions and watchlist screening
- Counterparty risk assessment
- Clear audit trails
Purpose Codes and Remittance Information
Richer context allows institutions to:
- Assess transaction intent
- Differentiate normal from suspicious behaviour
- Explain why a transaction was flagged or allowed
Message Linkage and References
End-to-end identifiers improve:
- Traceability across systems
- Investigation efficiency
- Regulatory reporting accuracy
Regulatory Expectations in Practice
Across jurisdictions, supervisors increasingly expect institutions to demonstrate:
- Data quality controls
Validation, completeness checks, and enrichment of ISO 20022 fields
- Consistent data usage
Alignment across payments processing, fraud, AML, and reporting systems
- Transparent decision logic
Clear rules, models, and thresholds linked to ISO 20022 data elements
- Audit-ready evidence
Ability to reconstruct decisions long after execution
Failure to meet these expectations can lead to:
- Control findings
- Increased remediation costs
- Loss of regulatory confidence
Common Gaps Observed by Regulators
Institutions often fall short when they:
- Treat ISO 20022 as a transport-only change
- Flatten rich data back into legacy formats
- Apply legacy fraud and AML rules unchanged
- Cannot explain automated decisions to customers or supervisors
These gaps undermine the very benefits ISO 20022 is designed to deliver.
Designing for Explainability by Default
Leading institutions are taking a different approach:
- Treat ISO 20022 as a canonical data model
- Preserve structured data end-to-end
- Align fraud, AML, and reporting logic to ISO 20022 fields
- Document decision rationale and control design
- Test explainability as part of validation, not post-incident
Explainability becomes a design outcome, not a remediation exercise.
Key Takeaway
ISO 20022 raises the regulatory bar from “data present” to “decisions explainable.”
Institutions that invest in data richness, transparency, and explainable controls will:
- Improve regulatory outcomes
- Reduce remediation and audit friction
- Strengthen customer trust
- Unlock the full value of ISO 20022
Those that do not risk carrying legacy opacity into a standards-rich future.