Visa announced in April 2026 that it had built six AI tools to handle the 106 million payment disputes it processed globally in 2025. The story is being sold to the industry as a cost-saving measure — automation of manual chargeback triage, generative AI responses to merchant challenges, early-stage dispute detection. For UK payment processors, card issuers, and their counterparties in insurance and financial services, the immediate appeal is obvious: less human labour, faster resolution, lower opex. But this framing misses the actual regulatory requirement. Under FCA Consumer Duty PS22/9, financial firms must demonstrate that they have identified customer harm and acted on it. An AI system that processes disputes faster is not the same as a system that protects the customer. If Visa's tools reduce friction without improving transparency or fairness to cardholders, they solve a merchant problem at a consumer cost.

This story is part of a wider pattern we are seeing across financial services: vendors are launching AI tools that optimise for speed and volume, not for regulatory coherence. Similar pressures are visible in insurance claims automation, where generative AI is being used to draft denial letters faster, and in accountancy, where document processing tools prioritise throughput over explainability. The underlying assumption is that AI reduces human bias by removing humans. In practice, it often amplifies it — embedding vendor assumptions into production systems that run at scale. Payment disputes are a perfect case study. A chargeback is not just a transaction. It is a signal that a customer believes they have been wronged. An AI system that categorises that signal and auto-responds without human review may violate the spirit, if not yet the letter, of the ICO UK GDPR and the emerging requirements of the EU AI Act. It also creates liability for the firms that deploy it.

Trovix's view is direct: dispute management AI only works when it is built with regulatory intent first and efficiency second. That means three things must happen in parallel. First, the AI must be capable of explaining its reasoning in plain language — not because customers always demand it, but because your compliance function must be able to audit it. Second, you need continuous human oversight, not periodic review. Third, your AI governance layer must be separate from your operational layer. Visa's tools may be sophisticated, but they live inside Visa's system and serve Visa's interests. Mid-market UK firms that deploy them without a governance framework are outsourcing their decision-making to a vendor system. That is fine for plumbing. It is dangerous for decisions that affect customer harm. Compare this to how firms use Trovix Audit to maintain control of their AI systems: the tool does not decide; it surfaces what was decided and why, leaving the regulated firm in charge. That distinction matters under the PRA SS1/23 and the FRC ISA UK framework, both of which require explicit human accountability for automated decisions.

What should a mid-market law firm, insurer, or payment processor actually do right now? First, do not assume that Visa's tools are fit for your firm's regulatory context. Visa is a US company serving a global market; you are a UK-regulated entity serving UK customers. Second, if you are considering dispute or claims automation, insist on a system that gives you visibility and control, not one that trades cost savings for opacity. Third, audit your current manual processes to understand where human judgment actually matters. Not all disputes are the same; some require empathy and context that no AI yet provides reliably. Finally, invest in AI governance before you scale. The firms that will thrive in a regulated AI world are not the ones that buy the latest tool fastest — they are the ones that can prove to their regulator that they bought it responsibly.

Source: CNBC