SMEs are disproportionately impacted by fragmented compliance systems

Robust regulation is essential, but inconsistent and duplicative verification processes risk holding back legitimate small businesses

Small and medium-sized enterprises are navigating an increasingly complex compliance environment, often with fewer resources and less institutional support than larger organisations. While robust verification and regulatory oversight are essential to protect markets and prevent economic crime, the way these requirements are implemented can have markedly different consequences for businesses depending on their size.

Large organisations are typically able to absorb the time, cost and operational complexity associated with onboarding, verification and ongoing compliance. SMEs, by contrast, are more exposed to delays that directly affect access to finance, professional services and international markets. These delays are not necessarily the result of higher inherent risk, but often stem from fragmented and repetitive processes that require businesses to submit the same information multiple times to different institutions.

Activities as fundamental as opening a bank account, onboarding an adviser or establishing a cross-border partnership can take weeks. This is not because SMEs are seeking to avoid scrutiny, but because verification processes remain largely manual, institution-specific and poorly interoperable. Umazi research shows that 44% of UK businesses still describe their verification and compliance processes as highly manual and inefficient, increasing the administrative burden without materially improving risk assessment.

Recent regulatory reforms, including enhanced identity verification requirements for company directors and beneficial owners at Companies House, are an important step toward improving transparency and tackling fraud. These objectives are widely supported across the business community. However, early indications suggest that implementation has introduced additional friction for legitimate businesses as they adapt to new requirements, particularly where verification is duplicated across multiple parties. Concerns around cost, operational complexity and inconsistent application are emerging alongside these reforms, highlighting the need to balance security with proportionality.

For SMEs, compliance obligations do not end at incorporation. Ongoing reporting, evolving disclosure requirements and repeated verification requests continue throughout the business lifecycle. While each requirement may be justified in isolation, their cumulative effect can divert time and resources away from productive activity, especially for small teams without dedicated compliance functions.

This friction is particularly visible when SMEs seek funding, with more than 40% of UK SMEs report being required to submit eight or more separate verification documents when applying for finance, often across multiple platforms and providers. Over one in five say they experience delays or repeated information requests linked to limited operating history rather than identified risk concerns. The result is slower access to capital and missed growth opportunities, without clear evidence that duplicated verification processes deliver proportionately stronger risk or fraud prevention outcomes.

Commenting on the findings, Cindy van Niekerk, CEO of Umazi, said:

“Strong regulation and effective fraud prevention are non-negotiable, but compliance must also be proportionate and consistent. Right now, many SMEs are being asked to prove the same information repeatedly to different institutions, not because of heightened risk, but because systems do not talk to each other. This creates unnecessary friction for legitimate businesses and slows access to finance and growth.”

Digital business identity offers a practical way to address these challenges while reinforcing regulatory objectives. By enabling businesses to maintain a secure, verified and reusable record of their corporate credentials, ownership and activity, digital identity allows the same trusted information to be shared across banks, advisers, regulators and counterparties. This reduces duplication, improves data consistency and allows compliance teams to focus on risk-based decision-making rather than document collection.

Van Niekerk added: “Digital business identity strengthens regulation rather than weakening it. When verified information can be reused securely across institutions, compliance teams can focus their attention where risk genuinely exists, while legitimate businesses benefit from faster, more consistent onboarding and access to finance.”

Van Niekerk concluded: “If the UK is serious about supporting entrepreneurship, productivity and economic growth, compliance frameworks must function effectively for businesses of all sizes. Modernising verification through digital business identity strengthens regulation by improving data quality, traceability and transparency. Creating a more coherent compliance infrastructure is essential if SMEs are to grow, innovate and contribute fully to the economy.”