AI in Compliance: Tackling Regulatory Challenges
In the rapidly evolving financial services industry, compliance remains a hot topic for institutions worldwide. Recent studies conducted by LexisNexis in partnership with Forrester Consulting unveil a massive increase in financial crime compliance expenditures. Financial institutions in EMEA, the U.S. and Canada are incurring costs upwards of $85 bln and $61 bln, respectively. This substantial rise is attributed to the surging complexities in the sanctions environment and demands of screening operations, particularly notable in the realm of technology-related expenses. As financial crimes become more complex, the need for innovative solutions has never been more urgent.[1]
A KPMG 2023 CEO Outlook reveals robust momentum towards AI adoption, with over 70% of top executives planning to implement generative AI solutions by spring 2024. Additionally, more than 80% of the leaders anticipate a significant impact from this technology on their businesses by the end of 2024. [2]

However, the adoption of generative AI has some obstacles. Many organizations see their AI initiatives either stalling or progressing slowly, hindered by the need to navigate a complex array of risks such as security, privacy, reliability, ethical concerns, regulatory compliance, and intellectual property issues.
In this scenario, the role of risk management – encompassing risk, compliance, and legal teams – becomes paramount. These teams are positioned to spearhead the development and activation of processes aimed at swiftly evaluating and mitigating risks associated with generative AI models and datasets. By doing so, risk management can transition from being perceived as an obstacle to agility into a pivotal force that enables business growth and innovation.
Challenges of AI Adoption in Compliance [3]

The Transformative Potential of AI in Compliance:
A substantial 38% of leaders in financial services sector acknowledge that their executive teams have given the technology due importance. Additionally, 26% of the financial services executives report that their organizations have either already adopted an AI solution or plan to within the next half-year, in contrast to 21% of executives overall.
Executives from financial services also seem more confident than their counterparts from other sectors in having the right talent to integrate generative AI into their businesses.
68% of survey respondents said compliance and risk is the top priority area for generative AI in their companies. It can be used to automate labor-intensive compliance tasks, such as SEC filings. In risk management, generative AI could be used to analyze historical data to better simulate different risk scenarios and stress test investment strategies and portfolios.[4]
AI is positioned to improve compliance in the following areas:
1. Fraud Detection and Automated Monitoring: Fraud detection and prevention ranks as the top application of generative AI in financial services, with 76% of sector executives highlighting it as a key adoption area. They recognize generative AI’s capacity to sift through vast amounts of financial data to spot patterns and irregularities that could signify fraud. [4]
2. Risk Assessment and Scoring: Through AI algorithms, institutions can conduct comprehensive risk assessments, utilizing historical data and behavioral patterns to inform risk scores.
3. Transaction Monitoring and Analysis: AI improves the efficacy of transaction monitoring, allowing for the automation of anomaly detection.
4. AML and KYC Compliance: AI expedites AML and KYC processes, employing natural language processing to analyze unstructured data, thereby improving due diligence and identity verification processes.
5. Regulatory Reporting and Compliance Management: AI streamlines data collection and analysis for regulatory reporting, ensuring accuracy while reducing manual labor.
Notably, the Financial Action Task Force (FATF) recognizes AI’s role in enhancing AML capabilities and facilitating financial inclusion, indicating a growing acceptance of AI in regulatory frameworks.[5]
Navigating Regulatory Frameworks
The regulatory landscape for AI in compliance varies greatly across regions, with the European Union (EU) taking the lead by developing a comprehensive AI regulatory framework. This framework adopts a risk-based approach, focusing on the need to understand and manage the risks associated with different types of AI, as categorized in the AI Act. This method contrasts with the sector-specific regulatory strategies seen in other jurisdictions. The EU’s approach aims to embed principles of privacy, transparency, and fairness within all regulatory frameworks, evident in both the creation of the AI Act and the General Data Protection Regulation (GDPR).[6]
European AI Act
In April 2021, the European Commission proposed the first EU regulatory framework for AI. In December 2023, the European Parliament and the Council of the EU reached a political agreement on the AI Act. This legislation aims to regulate AI applications, ensuring transparency, accountability, and fairness. The European AI Office oversees its enforcement.
The AI Act introduces a framework that categorizes AI systems based on their risk to society, from minimal to unacceptable, and sets specific obligations for their providers and users.
· Unacceptable Risk: AI systems considered a threat to people’s safety or rights will be banned. This includes AI that manipulates behavior, uses social scoring, or involves biometric identification, like real-time facial recognition. Limited exceptions exist for law enforcement under strict conditions.
· High Risk: AI systems affecting safety or fundamental rights fall here. This category covers AI in critical products (e.g., medical devices, cars) and sectors (e.g., law enforcement, critical infrastructure). These systems must be rigorously assessed before and during their use, and subject to registration in an EU database.
· Transparency Requirements: AI systems not deemed high-risk, such as generative AI (like ChatGPT), must still follow transparency guidelines. This includes disclosing AI-generated content, preventing illegal content generation, and summarizing copyrighted material used in training. Advanced models, like GPT-4, face stricter evaluations and incident reporting requirements.[6]
UK Financial Conduct Authority (FCA)
The UK’s FCA motivates responsible adoption of AI, particularly for AML/CFT obligations, allowing for the piloting of novel solutions within its regulatory sandbox. While the UK’s framework is still budding in comparison to the EU, strides have been made, notably with its National AI Strategy. This strategic plan underscores the UK’s commitment to AI integration within various sectors, signalling AI as a linchpin for economic progression.
The release of the AIPPF 17 final report in 2022 has set a preliminary course for the governance of AI within the UK’s financial services sector. Although specific rules are still pending, the groundwork has been laid by the Financial Conduct Authority (FCA) and the Prudential Regulation Authority (PRA). Their joint efforts to assess the implications of AI in the financial realm have put a spotlight on its significant role in combating financial crimes like AML and fraud—areas where AI application has gained considerable traction.
The Forum’s analysis underscores AI’s capabilities in detecting and mitigating sophisticated criminal activities. One notable application is in identifying synthetic identity fraud, a method where criminals amalgamate various pieces of personal data to fabricate new identities. The proactive use of AI in these contexts has demonstrated not only efficacy but also a potential roadmap for future regulatory frameworks to encapsulate.[6]
Algorithmic Accountability Act (2022) in the USA
The USA introduced the AAA in February 2022, intending to foster transparency and oversight within automated decision-making systems. It mandates firms to carry out impact assessments on various fronts, with the Federal Trade Commission (FTC) vested with the authority to implement more stringent regulations in the future.[6]
Singapore’s FEAT Principles
The Monetary Authority of Singapore (MAS) promotes Fairness, Ethics, Accountability, and Transparency in AI and data analytics within the financial sector.
Singapore and Hong Kong are at the forefront of shaping the AI regulatory agenda within the Asia-Pacific region. In November 2019, the Singaporean government unveiled its National AI Strategy, marking a strategic commitment to position Singapore as a global leader in the development and deployment of scalable and impactful AI solutions. This move underscores Singapore’s aspiration to harness AI’s potential in catalysing its growth and technological advancement.
Diverging from the paths taken by the UK and the European Union, Singapore and Hong Kong have not indicated any intention to enact specific AI-centric regulations. Instead, they have adopted a less rigid approach, favouring the introduction of flexible guidelines and non-binding frameworks.
These are designed for adoption by businesses and AI practitioners in a manner that suits their specific operational contexts and needs. By choosing not to enforce stringent regulations, these jurisdictions provide a more adaptable environment that encourages innovation while still fostering responsible AI use.[5]
Australia’s Approach
Australian strategies encourage the integration of human-centric values across the AI system’s entire lifespan, underscoring the importance of accountability, transparency, and fairness. Unlike its counterparts in Asia, the Australian approach is even more flexible, relying on the prudence of banks and other financial institutions to adopt AI governance that fits their operational context. [6]
Top RegTech Providers Leveraging AI in Compliance:
1. NICE Actimize: A leader in financial crime prevention, offering AML, fraud detection, and trading surveillance solutions. The company has recently introduced IFM 11 (Integrated Fraud Management), the latest version of its leading AI-powered fraud management and detection platform. This new release utilizes the latest advancements in artificial intelligence and NICE Actimize’s distinct collective intelligence capabilities. It offers unmatched accuracy, agility, and efficiency in fraud detection, helping protect financial services firms and their customers from advanced, AI-driven fraud and scams.
2. Kroll (formerly Ethoca): Provides AI-driven fraud detection across industries. Kroll’s Risk Analytics Monitor leverages AI and sophisticated data analytics to pinpoint high-risk transactions and streamline operations. It integrates various compliance and due diligence tools seamlessly, enhancing efficiency.
3. Compliance.ai: Offers regulatory compliance management solutions. Compliance.ai was aquired in February 2024 by Archer, an enterprise leader in providing a fully integrated risk management solution, to offer the clients the advantages of real-time updates, predictive analysis, and increased accuracy for regulatory compliance and risk management. Leveraging the power of AI technology advances Archer’s strategy to empower organizations to more effectively manage their entire risk landscape and allows us to propel Archer solutions into a new era of efficiency and foresight.
4. Quantexa: Specializes in AML, fraud, and customer due diligence. Quantexa’s Decision Intelligence platform utilizes the latest in big data and AI to expose hidden risks and discover new opportunities, providing a comprehensive view of data in one place. It tackles critical challenges in data management, KYC, and financial crime throughout the customer lifecycle. The platform significantly enhances operational efficiency with over 90% greater accuracy and speeds up model resolution 60 times faster than traditional methods.
5. Adenza (formerly known as AxiomSL): Provides regulatory reporting and risk management solutions.
6. Behavox: Monitors employee communications for compliance. Behavox leverages large language models and generative AI to transform how compliance and security teams manage risks and safeguard organizational integrity. Through innovative products such as Behavox Voice and Behavox Insider Threat, Behavox continues to shape the future of compliance and security risk management.
7. ComplyAdvantage: AML and sanctions screening solutions. ComplyAdvantage leverages AI and machine learning to analyze a constantly updated database of entities, offering clients a precise 360-degree perspective on financial crime risk. The system improves over time through a feedback loop that enriches the insights as clients interact with alerts. Additionally, Golden’s data extraction and disambiguation capabilities, powered by advanced natural language processing, will integrate more diverse data sources into ComplyAdvantage’s data ingestion framework, further enhancing the real-time financial crime risk insights provided to clients.
8. Fenergo: Client lifecycle management, including KYC. Fenergo’s SaaS transaction monitoring solution combines KYC processes with AI-driven transaction monitoring, are uniquely equipped to offer real-time, continuous risk monitoring, benefiting financial institutions and fintechs alike
9. Onfido: Identity verification for financial institutions. Onfido to be aquired by Entrust, known for its robust service offerings and strong presence in sensitive sectors like government and financial services, to enhances its capabilities with this AI acquisition to address today’s complex security challenges and future needs.
10. ClauseMatch (aquired by Corlytics): Contract management and compliance. Clausematch has been able to create an AI algorithm that looks at policy content and matches it to regulatory obligations that have been ingested. As well, the solution can bring in controls from other GRC systems and the algorithm will find dependencies and related content.
11. Neotas: Due diligence and background screening. Neotas offers Enhanced Due Diligence Platform that leverages AI to join the dots between Corporate Records, Adverse Media and Open Source Intelligence (OSINT).
In summary, AI empowers financial institutions to navigate complex regulations, enhance risk management, and foster trust. As the compliance landscape evolves, embracing AI-driven solutions becomes essential for staying ahead in a dynamic industry.
[1] https://risk.lexisnexis.com/global/en/about-us/press-room/press-release/20240221-true-cost-of-compliance-us-ca#:~:text=The%20commissioned%20study%2C%20conducted%20by,has%20reached%20U.S.%2461%20billion
[2] https://kpmg.com/xx/en/home/insights/2023/09/kpmg-global-ceo-outlook-survey.html#disruptivetechnology
[3] https://www.mega.com/blog/how-artificial-intelligence-can-be-used-compliance
[4] https://kpmg.com/kpmg-us/content/dam/kpmg/pdf/2023/the-gen-ai-advantages-in-financial-services.pdf
[5] https://www.fatf-gafi.org/content/dam/fatf-gafi/guidance/Opportunities-Challenges-of-New-Technologies-for-AML-CFT.pdf.coredownload.inline.pdf