Finance leaders are entering 2026 under a heightened level of scrutiny as regulatory expectations expand and operational risks grow more intricate. During the recent Controllers Council and Paystand panel, Regulatory and Risk Outlook 2026: Controllers Playbook, industry practitioners examined how Controllers and CFOs can strengthen compliance discipline while navigating a shifting risk environment.
The discussion, moderated by Controllers Council Executive Director Neil Brown, featured insights from Christine Gu, SVP Finance and Chief Accounting Officer at Clarify Health, and Genevieve Hancock, former CFO and Principal Consultant at G Hancock Advisory. Together, they offered a grounded perspective on how finance teams can move beyond reactive compliance and build durable systems that support both accuracy and scale.
Compliance Is Expanding in Scope and Complexity
Audience polling confirmed what many finance leaders are already experiencing. A majority indicated that regulatory and compliance requirements are increasing, reflecting a broader expansion of obligations across tax, accounting, and reporting frameworks.
Panelists emphasized that compliance is no longer confined to traditional financial reporting. Instead, it spans multiple domains including tax filings, internal controls, data governance, and industry-specific requirements. Genevieve noted that the first step in any organization is to clearly define the full scope of obligations: “The first thing that I do is kind of make a list of what are those key areas of regulatory compliance and accounting laws that you have to make sure that you’re hitting on time and meeting the deadlines.”
Christine reinforced that complexity continues to rise as business models evolve, particularly in areas such as revenue recognition, tax exposure, and AI-driven operations. She explained that finance teams must interpret standards in a way that remains consistent and defensible as products and pricing structures change.
Building Systems Instead of Checklists
A consistent theme throughout the discussion was the importance of embedding compliance into systems rather than treating it as a periodic exercise. Both panelists stressed that organizations that rely on manual processes or fragmented ownership are more likely to encounter gaps.
Christine described how her team approached this challenge by investing early in structured processes and controls: “Audit readiness is not just one time event. It’s a system you build and maintain continuously.”
This approach extends across the close process, revenue recognition policies, and system design. By aligning workflows, documentation, and controls, organizations can reduce the likelihood of last-minute corrections and audit disruptions.
Genevieve added that operational ownership plays a critical role in sustaining compliance. When responsibilities are unclear or transition between employees without proper handoff, even routine requirements can lapse.
Tax and Regulatory Oversight Require Greater Discipline
Tax compliance emerged as an area where many organizations remain exposed, particularly in sales tax and multi-state reporting. Christine noted that early-stage companies often underestimate their obligations, especially when operating across multiple jurisdictions.
She cautioned against delaying attention to these areas: “I would recommend treating sales tax compliance as a priority early on, not something to defer.”
The panel recommended maintaining centralized compliance calendars, performing regular reconciliations across tax categories, and ensuring consistency between financial data and filings. These practices help organizations identify discrepancies before they attract regulatory attention.
Risk Has Become More Interconnected
As the discussion shifted to risk, panelists outlined several areas that now require closer attention from finance teams. Cybersecurity and fraud remain prominent concerns, particularly as attackers use more sophisticated methods to exploit payment processes and internal systems.
Genevieve framed the broader issue in practical terms: “The risk here is not change, it’s completely unmanaged change.”
Other key risk categories included data integrity, liquidity pressure, and talent concentration. Each of these areas has become more significant as organizations adopt new technologies, face economic variability, and manage evolving workforce dynamics.
Christine highlighted the growing importance of data reliability, especially in AI-supported environments. As finance teams depend more heavily on automated outputs, ensuring traceability and accuracy becomes essential to maintaining trust in financial reporting.
AI Introduces Both Opportunity and Exposure
Artificial intelligence was a central topic throughout the session, with both speakers acknowledging its dual impact on finance operations. While AI can improve efficiency and enhance monitoring capabilities, it also introduces new forms of risk if not properly governed.
Genevieve cautioned that organizations must understand the systems they deploy: “If you’re going to start implementing AI, make sure you know what you’re doing and how the prompt engineering has worked.”
Christine offered a balanced perspective, noting that AI can strengthen controls when implemented with appropriate oversight: “The real question is, whether AI increase risk, is how you treat it. In my view, AI should be treated like any critical systems.”
Both panelists emphasized the importance of maintaining human review, establishing audit trails, and validating outputs against known benchmarks. Without these measures, errors can scale quickly and remain difficult to detect.
Moving from Reactive to Structured Risk Management
In closing, the panel returned to a central principle. Effective risk management begins with structure, not reaction. Organizations that define ownership, document processes, and integrate controls into daily operations are better positioned to adapt as requirements change.
Christine summarized this mindset succinctly: “Don’t treat compliance as a cost center. Treat it as infrastructure.”
Genevieve reinforced the same idea from an operational standpoint: “You have to build systems and not act reactively on a regular basis.”
Together, these perspectives underscore a broader shift in finance leadership. Compliance and risk management are no longer peripheral responsibilities. They are foundational capabilities that enable organizations to scale with confidence.
To learn more about regulatory and risk outlook for 2026, watch the full webinar here.
ABOUT OUR SPONSOR:
Paystand is revolutionizing B2B payments with a modern infrastructure built as a SaaS on the blockchain, enabling faster, cheaper, and more secure business transactions. Paystand’s mission is to reboot commercial finance by creating an open financial system. Learn more at www.paystand.com.
