In April this year, Visa announced six new AI tools to automate charge dispute handling across merchants, issuers and acquirers — a response to 106 million disputes processed globally in 2025, a 35% spike since 2019. For UK financial services firms, insurers and legal practices handling payment disputes, billing queries and claims processing, this is directly relevant. It shows that dispute resolution — historically manual, fragmented and complaint-heavy — is being industrialised at scale using machine learning. The problem is not the AI itself. The problem is that most UK regulated firms are watching Visa deploy this at speed without asking: what governance did Visa put in place before launch? Did they audit for bias? Did they build explainability? Did they map the AI Act requirements? The FCA's Consumer Duty (PS22/9) requires firms to act in the consumer's best interest, which includes how you deploy decision-making tools. Most firms are not yet ready.

This is part of a wider pattern we are seeing: large payment networks, platforms and software vendors are moving fast with AI tooling, but UK mid-market firms — law firms, insurers, accountancy practices, financial services providers — are caught between regulatory pressure and competitive anxiety. They see Visa, Stripe, or cloud providers deploying AI agents and feel obligated to follow. But there is a critical difference. When Visa launches a tool, they own the entire ecosystem and bear the regulatory cost. When a UK legal firm or insurance broker adopts AI without proper governance, the regulatory risk lands on them. The SRA Code of Conduct for solicitors, the FCA's algorithmic transparency expectations (emerging through Lloyd's Blueprint Two and now embedded in AI Act consultation responses), and the PRA's focus on AI risk (SS1/23) all create a compliance debt that grows with each unaudited AI system you add.

Here is Trovix's honest view: dispute automation AI is not the problem. The problem is implementing it without knowing what it is doing. Visa's tools, like Harvey for legal work or Luminance for document review, are built on large language models that can hallucinate, perpetuate training data bias, and make confident-sounding errors that regulators will scrutinise if a customer complains. What these vendors do not always do is give you the audit trail, the bias testing, or the governance dashboard you need to prove to the FCA or SRA that you deployed this responsibly. That is where most UK firms fail. They buy the tool and assume compliance follows. It does not. You need documented risk assessment, model performance monitoring, bias detection, output validation, and a clear escalation path when the AI is uncertain. If Visa's tools reduce dispute resolution time by 40% but your firm cannot explain to a regulator why a consumer's legitimate dispute was rejected by the algorithm, you have a Consumer Duty breach and a complaint waiting to happen. Trovix Audit exists specifically because firms need to know whether their AI is working as intended and can prove it to regulators.

What should a mid-market financial services firm, law firm or insurance practice do right now? First, audit what AI you already have running — chatbots, document intelligence, case prediction tools. Second, map each one against FCA Consumer Duty requirements and SRA/PRA/FRC expectations for algorithmic transparency. Third, do not adopt Visa's new tools or any similar AI automation unless you have a governance process in place first. That process should include: documented model bias testing, real-time performance monitoring, explainability for high-stakes decisions, and a clear policy for human override when confidence is low. Fourth, if your current AI governance is thin, now is the time to build it. Regulators will intensify scrutiny as AI adoption widens, and firms that can demonstrate they knew what their AI was doing will avoid enforcement action. Firms that cannot will not.

Source: CNBC