Turning compliance into a catalyst for growth with unified AML technology

The landscape of financial crime is shifting at an unprecedented rate. AI-enabled financial crime has seen a huge increase, estimated at 900% in some quarters. As criminals leverage automation and sophisticated social engineering to bypass traditional defenses, compliance functions can no longer afford to be cost centers buried under manual paperwork. Instead, financial institutions must transform compliance into a tool for business growth – something that requires moving beyond legacy systems and embracing a sophisticated model of human-AI collaboration.

During a recent panel discussion as part of our CATALYST event series, compliance experts Albert Newell (Director and Senior Council, Compliance at GoDaddy), Nick Passarelli (Chief Compliance Officer at Melio), and Mike Bowman (Managing Director, Financial Crime Advisory at Kroll) discussed how this transformation can look for firms. 

By automating routine tasks, focusing on data quality, and maintaining rigorous governance programs, compliance leaders can protect their organizations from ever-diversifying financial crime typologies while clearing the path for business expansion. 

From manual workflows to strategic oversight

In wider conversations around the rise of AI in the financial and professional services sectors, a persistent thread has been the idea of the replacement of human roles by AI. However, in compliance, existing roles can be enhanced, not threatened, by the integration of AI capabilities. 

Many current compliance roles are defined by repetitive, low-value tasks, such as clearing name-matching alerts where the vast majority are false positives, or manual data entry for suspicious transaction reports (STRs). These roles do not necessarily require (or allow) analysts to develop subject matter expertise and apply sophisticated judgment to cases. 

By automating foundational but repetitive tasks like these, organizations can see three clear benefits:

• Quality over quantity: Moving from rigid, scenario-based rules to AI-driven behavioral detection allows for more effective risk detection. Instead of thousands of low-quality alerts, analysts could receive fewer, but much higher-priority alerts that require genuine investigation, alerts that would otherwise risk being buried in queues.
• Talent retention: Compliance professionals can transition from simple data entry to more complex investigative roles that offer better career development and give them opportunities to use their expertise and judgment. 
• Operational efficiency: AI can correlate data across millions of accounts in seconds, providing analysts with a decision-ready package of information, rather than a pile of raw data to sort through manually. 

Watch all Catalyst sessions on-demand

Access every talk from our flagship global event series from the comfort of your desk. Get expert insights on building your compliance strategy now.

Watch on-demand

Building an effective AI governance strategy

Despite AI’s vast potential in a compliance context, surface-level innovation or AI adoption for its own sake should be cautioned against. The goal for compliance leaders should be to build a system that is agile, ethically guided, and, most importantly, defensible to regulators. 

Governance is the bedrock of these features. Compliance teams must ensure that sophisticated technical features, such as the implementation of AI agents, are balanced with comprehensive documentation, model risk management policies, and clearly defined use cases. Regulators are often less concerned with a specific AI program used than they are with your oversight of that technology.

Key guardrails for AI implementation include: 

• Human-in-the-loop systems: One clear regulatory (and ethical) red line for firms is that AI should never be the final decision-maker on whether to file a report with a regulator. Human expertise and discretion remain crucial in making final decisions on high-stakes and complicated cases.
• Audit readiness: Organizations must be able to show a clear paper trail demonstrating how all decisions were arrived at, including where automation was used. If you cannot explain the logic behind decisions to regulators or auditors, the efficiency gains of AI are cancelled out by the risk of enforcement action.
• Agile calibration: Compliance isn’t a “set it and forget it” function, but an ongoing process of optimization and development. As business profiles change – for example through expansion into new markets or with the emergence of new risks – AI systems must be recalibrated to reflect your latest risk frameworks.

“If we are going to implement AI and agentic solutions, we must establish the necessary documentation and governance on the back end. You must be really prescriptive in terms of what the desired outcomes are and how we QA it; because if you go into any regulatory exam or inquiry without that paper trail, you leave your organization completely exposed to the highest level of scrutiny. You need to make sure you dot your I’s and cross your T’s and document everything.”

Nick Passarelli, Chief Compliance Officer, Melio

The importance of data and expertise in securing regulatory buy-in

Despite the clear benefits of AI-first compliance systems, many organizations remain stuck in an execution gap: recognizing the need for AI but without having yet secured effective implementation. One version of this comes in the form of having automated a limited set of simple processes, but not yet having built sophisticated AI capabilities, like agentic or predictive AI, into your compliance tech stack. 

Reasons for this gap can include: 

• A focus on foundational stability: Some organizations can become so focused on fortifying programs to address failings from past regulatory findings that they lack the bandwidth for further innovation. Entire budgets can be spent on retroactively fixing basics (such as by improving investigation quality and basic documentation) instead of investing in the technology that would have prevented these regulatory findings in the first place.
• Poor data quality: Any AI system is only as good as the data feeding it. If your organization hasn’t fixed its underlying data architecture to ensure that information across the customer lifecycle is accurate, up-to-date, and fully integrated with all relevant systems, then any efficiency gains from AI will simply come in the form of faster mistakes.
• Second-guessing regulatory attitudes: While being able to demonstrate explainability and model risk management in the event of regulatory reviews is crucial, waiting for specific regulatory approval before levelling-up compliance systems with AI is a mistake. Instead, compliance leaders must drive change by demonstrating to regulators through data reporting that AI-driven detection is significantly more effective at preventing financial crime than traditional manual processes.

“Concerns that a regulator may not buy into an automated process are something that’s always on my mind. That’s something that I have to take to my management and remind them that this is why I need my own staff, I can’t automate everything. I can’t be the final arbiter on literally every single thing. I need humans to do that.”

Albert Newell, Director and Senior Council, Compliance, GoDaddy 

Key pillars for AI modernization

A critical challenge for growth-oriented companies is balancing security with customer friction. With industry surveys showing that up to 67% of potential customers abandon an onboarding process if the friction is too high, there is significant pressure on compliance functions not to impede commercial growth. 

Instead of adding more steps on the customer side (such as extra forms or manual document uploads), firms can use AI to perform essential customer checks that do not add friction for the user. This allows the business to onboard customers faster without incurring extra risk. 

When building a roadmap for implementing AI within their function, compliance leaders should focus on agility over perfection, resisting the impulse to try and build a complete system on day one. Instead, compliance officers should focus on:

1. Incremental gains: Solve one specific pain point, like reducing false positives in name matching, before trying to overhaul entire AML tech stacks, aiming for progressive improvement and renovation rather than “big bang” overhauls. 
2. Unified intelligence: Break down the silos between different systems (and between fraud and AML teams where applicable). Unifying data and systems lays the groundwork for automation to drive efficiency throughout the customer journey.
3. Human-AI collaboration: Position AI as an addition to, not a replacement for, human expertise. AI solutions can enhance data collection and curation, anomaly detection, and remediate low-risk alerts with agentic capabilities, but human compliance teams must always provide oversight and more complex decision-making. 

“Historically, the AML and fraud risk management functions in many financial institutions did not share the same reporting line, resulting in the pursuit of different strategies and tools. But today we more often see those functions coming together to align on their data and tech opportunities and solutions.”
Mike Bowman, Managing Director, Financial Crime Advisory, Kroll

Transforming AI capabilities with ComplyAdvantage Mesh 

Turning compliance into a growth engine requires a shift in perspective. An effective AML tech stack is not a static product to be bought once and left alone, but a system that can pivot as quickly as the regulatory environment and the criminal typologies it detects.

ComplyAdvantage Mesh is a unified, SaaS-based financial crime compliance platform designed with this flexibility in mind. With AI at the core throughout the risk detection lifecycle, Mesh applications include:

• Customer screening: Manage your sanctions, watchlists, politically exposed person (PEP), and adverse media risks with real-time data enhanced by our team’s deep financial crime expertise. Customer Screening on Mesh allows you to customize onboarding processes to match your risk policies, gives you full control over your data, and frees up your team’s time with agentic auto-remediation. 
• Ongoing monitoring: Continuously manage risk across the entire customer lifecycle with automated ongoing customer monitoring. Our platform monitors over 500 million entities every year, surfacing new data and risk updates in near-real time. 
• Transaction monitoring: Stay ahead of the ever-changing financial crime landscape by automatically analyzing transactions for indicators of suspicious activity. It helps financial institutions worldwide manage their risks with unmatched adaptability, streamlined workflows, and scalability to billions of transactions.