Not all agents are built equal: Adopting agentic AI in financial crime compliance

Compliance has moved through three phases. Work was once done almost entirely by people, then supported by rules-based automation, and is now beginning to run alongside agentic AI: software that can plan, retrieve information, and act across a sequence of decisions rather than follow fixed if-then logic. The open question is whether that shift is real or oversold, and where it genuinely changes the work of an anti-money laundering (AML) investigator.

In the third session of The Future of Compliance Europe, our CEO, Vatsa Narasimha, was joined by Andrew Davies, Global Head of Financial Crime Compliance Strategy at ComplyAdvantage, and Neil Katkov, Director at Celent. Drawing on that discussion, this article examines why agentic adoption is accelerating now, where it first earns its place, and what separates a capable deployment from a defensible one.

Why now: The forces behind agentic adoption

Three forces are converging at once, and it’s the convergence that makes this moment different from earlier technology cycles. The first is the industrialization of financial crime, as criminals use AI to evade legacy detection, a trend our research links to a 900% rise in AI-enabled financial crime in recent years. The second is the velocity of financial services: with real-time payments, embedded finance, and instant onboarding, the window a compliance team has to investigate an alert has collapsed from days to seconds. The third is the maturation of the underlying technology, which is now fit for purpose in a way it was not a few years ago.

“The level of interest banks have in agentic AI, and in moving as quickly as they can to put it into production, is really remarkable. It’s unprecedented, probably, in technology since ATMs went in.”

Neil Katkov, Director at Celent 

That momentum stands out precisely because the industry has been cautious with AI before. Banks moved slowly on machine learning and remain wary of large language models because of concerns about hallucination and accuracy. Agentic systems, which can use other agents to check their own results, are clearing that bar far faster.

Where agentic AI earns its place first

The clearest early value is in alert triage and case investigation. Most teams still spend the bulk of their effort clearing false positives, with more than 70% of firms reporting false-positive rates above 30%, and screening alerts above 90% are not unusual. That is where agentic AI can have an immediate effect, filtering out the noise so analysts focus on the cases that warrant judgment.

“It’s hard to fight financial crime if your analysts, with all their expertise, are inundated with false positives. Agentic AI can filter out the noise so they spend their time on the investigations that are worthy of it.”

Andrew Davies, Global Head of Financial Crime Compliance Strategy at ComplyAdvantage 

Adoption is already broad. In our State of Financial Crime survey, 99% said they are using or considering AI for customer screening and transaction monitoring. Returns, though, have lagged early expectations. In a Bain & Company survey of 951 companies, 37% targeted cost reductions of 11 to 20% from AI, but nearly 40% of those that measured the outcome landed in the 0 to 10% range instead. The gap is usually one of focus. The value is clearest when agentic AI is pointed at the high-volume, low-value work at the first line, rather than spread thinly across everything at once.

From experimentation to governed deployment

As agentic AI moves into production, the bar set by supervisors is rising. With AMLA operational since 2025, the Single Rulebook applying from 2027, and direct supervision of the highest-risk entities from 2028, firms increasingly have to prove demonstrable effectiveness rather than document good intent. The gap between what a governance document says and what a system actually does in production is where firms get into trouble.

“The defining question in the agentic paradigm is not whether AI can assist through answers, but what the AI can safely decide, and what you are going to let it work on.”

Neil Katkov, Director at Celent 

Closing that gap rests on a few things. The first is decision-level traceability, from data ingestion through to any decision or report, with every step logged. The second is calibrated human checkpoints, described by one practitioner as keeping a human not just in the loop but in control. The third is ongoing validation of how models perform over time. Firms are moving in this direction: 98% say they have an AI assurance program in place or in progress, covering effectiveness, auditability, and model risk governance. Good data sits underneath all of it, which is why data management has become the top preparatory priority for making the technology work.

From competence to excellence

Before excellence comes competence. Celent frames a capable agent as one that can execute multi-step processes, work proactively toward an objective rather than only respond to prompts, adapt its approach in real time as conditions change, and act autonomously, with decisions that humans can check afterward. Reaching that consistently is what separates a demonstration from a dependable control.

“Success with agentic AI in compliance isn’t just about getting it live. It’s whether you can govern it, stand behind its decisions, and trust it in production.”

Vatsa Narasimha, CEO of ComplyAdvantage

Getting there is as much organizational as technical. The people who build and test AI and the compliance officers who answer for its decisions have often worked apart. What brings them together is a shared sense of purpose, set by tone from the top, alongside a clear view of the cost and the business case for getting it right. For most firms, the practical route is not to build everything from scratch but to choose a partner carefully: native AI built on solid data foundations, governance controls that are documented and demonstrable, evidence that the capability is genuinely in production, and enough flexibility to fit a risk-based approach.