Compliance often feels like playing catch-up, with companies racing to meet rules after they’ve been set, racking up costs along the way. Now, AI steps in with tools that promise to change the game—spotting risks early and keeping up with regulations in real time. But can it really deliver a system that prevents problems before they start?
In the rapidly evolving digital world, financial crime is becoming more sophisticated. These are the words of chief product officer at SmartSearch, Fraser Mitchell who believes that this evolution means traditional ways of checking compliance aren’t enough.
He said, “Manual checks, often done at set times, leave windows open for fraudsters to exploit. At SmartSearch, we believe AI plays a role in changing how we approach compliance, moving from a reactive, periodic exercise to a real-time and preventive discipline.
“The difference between real-time monitoring and traditional compliance checks is core in the fight against financial crime. Old methods offer only a “snapshot” view of compliance, which happens at specific points like new client signs ups or in annual reviews. This means that any changes in an individual’s risk profile, or new fraud patterns that emerge between these checks, can easily go unnoticed, often until it’s too late,” he said,
Mitchell outlined that real-time monitoring – powered by advanced AI and ML – operates continuously. It constantly sifts through data, looking for anomalies and new patterns that might indicate suspicious activity. This continuous oversight drastically shrinks the window of opportunity for fraudsters, he believes.
SmartSearch’s SmartDoc solution – significantly enhanced by its partnership with Daon, claims Mitchell – doesn’t just verify an identity document when someone first signs up.
Mitchell said, “Combined with our broader SmartSearch triple-check service, we continuously monitor individuals against important watch lists for politically exposed persons (PEPs), sanctions, and adverse media – every single day. If a previously compliant individual is suddenly added to a sanctions list, we immediately alert our clients. This ongoing vigilance is a stark contrast to a system where a critical change might only be discovered during a scheduled review. It fundamentally shifts the focus from simply recording past compliance to actively preventing future illegal actions.”
The practical operation of SmartDoc provides concrete examples of AI’s success in stopping financial crime before it happens, said Mitchell. “AI has successfully and automatically identified legitimate customers and swiftly processing their verifications. At the same time, it flags suspicious instances that previously would have required manual intervention or, worse, allowed fraudulent activities to proceed unchallenged.”
AI is able to directly help prevent crime by blocking synthetic identities. “By combining electronic verification (using credit agency data) with SmartDoc’s document and facial verification, AI creates a robust defence against fake identities. This stops them from being used for widespread financial crime. This “extra layer of security” ensures fraudulent accounts can’t even be opened.”
AI’s beneficial ability to scan for tiny discrepancies in documents – often beyond what the human eye might easily spot – is able to act a as a direct prevention mechanism against forgery and manipulation.
Mitchell said, “Whether it’s an altered image, mismatched fonts, or inconsistencies in security features, the AI identifies these tell-tale signs of forgery in real-time. This prevents fraudulent documents from being used for illicit activities. Our system can even detect if a document is merely a photo, a printout, a scan, a laminate, or a counterfeit copy.”
The CPO outlined that SmartSearch’s passive liveness detection and advanced facial recognition stops attempts to use stolen credentials or sophisticated deepfake technology for account takeovers. By ensuring the personpresenting the identity is genuinely live and matches the document, AI prevents unauthorised access to accounts, a common route for financial crime.
He went on, “Our continuous watch list monitoring, powered by AI, ensures that if an individual becomes sanctioned or appears on an adverse media list after their initial onboarding, our clients are immediately alerted. This proactively prevents them from continuing relationships with high-risk individuals or entities. These tangible improvements and the robust, layered defence demonstrate that AI is a practical, effective tool preventing financial crime every single day.”
Despite this, with these huge benefits can significant technical and ethical challenges.
Mitchell remarked, “From a technical standpoint, the quality and diversity of training data are key; AI models are only as effective as the information they learn from. Poor or biased data can lead to skewed outcomes. The sheer volume of real-time data also demands robust infrastructure and incredibly fast processing capabilities. Another major hurdle is the “black box” nature of some complex AI models – regulators and compliance officers often need to understand why an AI made a particular decision, making model explainability crucial.
“Real-time processing also requires incredibly low latency, meaning systems must handle massive transaction volumes with virtually no delay to be truly preventive. And of course, fraudsters constantly adapt, so AI models must be continuously updated and retrained, demanding constant vigilance and agile development. We specifically chose Daon due to their proven track record of servicing larger clients, which helps us maintain high service levels as we scale.”
On the ethical side, a key concern is bias and fairness, says Mitchell. “If AI models aren’t carefully designed and monitored, they can inadvertently perpetuate or even amplify existing biases found in historical data. This could lead to unfair or discriminatory outcomes for certain groups, which is unacceptable. Ensuring ethical AI use is non-negotiable.”
The processing of sensitive personal information for IDV also demands the highest standards of data privacy and security, relying on robust encryption and strict adherence to regulations.
Mitchell stated, “At SmartSearch, no personally identifiable information (PII) is processed outside the actual search environment, always ensuring user data privacy and security. Transparency and accountability are equally vital; it’s crucial to establish clear lines of responsibility and ensure clarity about how AI is used in decision-making.”
The final point made by Mitchell is that AI cannot, and should not, work in isolation.
He explained, “Our SmartDoc solution embraces a hybrid approach, incorporating a manual review process for unique or complex cases that truly require human judgment and context. This “human element” is indispensable for addressing edge cases that AI might misinterpret. It ensures that trained professional’s step in when necessary, providing a final layer of validation and security, combining cutting-edge technology with human oversight for the highest level of fraud prevention and compliance.
“It’s also critical to clarify that SmartSearch uses AI in an ethical manner and explicitly does not utilise generative or large language model AI. Our focus remains firmly on combating, not creating or enabling, sophisticated threats like deepfakes.”
Mitchell stated succinctly that AI isn’t just making compliance better – it is fundamentally redefining it. “It’s moving us closer to a future where financial crime is prevented in real-time. While challenges certainly exist, strategic partnerships, an unwavering commitment to ethical AI practices, and a balanced approach combining cutting-edge technology with invaluable human expertise are paving the way for a more secure, efficient, and trustworthy compliance landscape for everyone,” said Mitchell.
He mentioned that real-time monitoring represents a major evolution from traditional compliance checks. Continuously conducting risk assessments across the entire customer lifecycle to ensure enhanced compliance and mitigate risk exposure.
“Traditional compliance checks are often a once-and-done solution conducted at onboarding stage. They are heavily manual and time-consuming, open to high levels of human error, based on outdated customer risk profiles, and often reactive rather than proactive,” said Mitchell.
Mitchell concluded with the point that real-time monitoring on the other hand replaces static checks with continuous, dynamic customer monitoring.
He said, “It incorporates PEPs and sanctions lists, adverse media screening, credit data, financial distress indicators, financial and firmographic changes, as well as behavioural changes over time. This helps reduce regulatory exposure, improve risk management, enhance customer lifecycle experience, and enable faster, safer growth, especially in heavily regulated sectors such as banking and financial service, insurance, and gambling.”
A growing role
A UK-based RegTech firm, FullCircl made the point to stress that machine learning is playing a widening role in helping firms detect emerging threats, from fraud and money laundering to financial vulnerability and corporate risk.
The company said, “Applying machine learning to massive volumes of real-time structured and unstructured data – such as CAIS and CATO, corporate registries, adverse media, credit reference agencies and so on can help firms spot anomalies in company behaviour (e.g., sudden changes in filings, directorships, or ownership structures), detect non-obvious relationships that may signal financial crime, spot hidden pockets of risk from behaviours such as multi-banking, spot financial distress signals, and importantly predict or flag customers likely to pose a risk in the future.”
What examples are there where AI has prevented successfully financial crime? FullCircl outlined that AI and ML have delivered a paradigm shift in financial crime detection by learning from data patterns, analysing anomalies, and adapting to new threats in real-time and at scale. HSBC, for example, recently reported that thanks to AI it is capable of checking about 900 million transactions for signs of financial crime each month, across 40 million customer accounts.
“One key area of development is identity fraud, which now accounts for 64% of all fraud losses in the UK as criminals sharpen their social engineering tactics, as well as increasing using deep fakes and data harvesting techniques. For firm this poses a real challenge – how to balance frictionless digital customer experiences with financial crime prevention and regulatory compliance?,” said FullCircl.
The company added, “Manual approaches to identity verification are no longer fit for purpose; instead, AI-powered identity verification (IDV) solutions are becoming increasingly vital in the delivery of frictionless and secure services. Smarter recognition of fraud signals and faster processing of genuine customers equals superior onboarding decisioning and more accurate KYC compliance. The result is improved customer experiences and financial crime prevention in perfect alignment.”
There remain technical and ethical challenges in deploying real-time AI. From the technical point of view, FullCircl stressed that data complexity and management, infrastructure scalability and skill gaps are all key hurdles. Ethically, concerns persist around bias and fairness, transparency and accountability, privacy and security, and of course the potential for misuse.
This leaves the question – how are such challenges overcome? FullCircl here believes that as the landscape becomes increasingly complex and the risks more costly, firms deploying a plethora of disparate tools, from a range of software vendors, are finding tackling the technical and ethical challenges increasingly burdensome and costly.
The firm said, “A more sophisticated approach is required. Single platform solutions have emerged as a front-runner, not just in terms of overcoming deployment challenges but also in terms of boosting regulatory compliance and enhancing customer lifecycle experiences. The trick is finding the right vendor. One that meets all relevant regulatory and certification standards, can integrate seamlessly, provide AI powered advantage at every stage of the customer lifecycle, and of course best-in-class support.”
Compliance holy grail
ACA Group managing director and head of surveillance, Peter Kenny believes that in contrast with periodic surveillance reports, real-time monitoring provides the opportunity to constantly scrutinise transactions on a more automated basis.
Kenny said, “Real-time compliance speaks to the continuous monitoring of a firm’s activities, employing technology to surface risks as they occur such that immediate corrective actions might be taken. Long a compliance holy grail, many aspects of real-time monitoring have become technically feasible and, increasingly, commercially viable with advances in Artificial Intelligence (AI).
Kenny remarked that ML feasts on data, and through statistical and computational processes, ML algorithms detect patterns across data which can be used to make predictions about the future. While task automation can reduce manual efforts and decrease the likelihood of human error, compliance must guard against the introduction of biases which discriminate or favour any group or individual into those algorithms; these include, data bias, algorithmic bias and human decision bias.
“More recent advances with GenAI introduce both new opportunities for compliance automation, along with novel risks, like hallucinations – risks which are compounded by the air of authority with which GenAI responds,” said Kenny. “Though significant strides have been made, hallucination rates remain as high as 5 per cent. Still, GenAI is being successfully deployed to reduce the rate of false positives in older algorithms.”
Thus, for Kenny, a combination of AI tools and techniques can be effective in combatting financial crime.
He finished, “Regardless of which algorithm is being employed, it is crucial compliance officers maintain their understanding of AI’s underlying decision-making process, as regulators do not look kindly upon “black box” logic. In an ever-evolving regulatory environment, algo development needs to focus on explainability, or AI which can readily explain to humans its actions, decisions, or recommendations (XAI).”
Why real-time is vital
South African RegTech firm RelyComply believes that real-time reactions are the only way to keep up when crime happens so fast – which is way proactive AML is now an integral compliance requirement, not an underlying chore-implementing round-the-clock surveillance to find criminal behaviour, protect internal data and avoid FATF fines or ongoing reputational damage.
The firm said, “Given the growing importance of data as a commodity, advanced data processing has had to take priority over traditional manual tasks that cannot account for millions or billions of daily transactions. Leveraging machine learning for risk management is becoming a cornerstone for real-time monitoring: detecting emerging threats with accuracy and according to user-set thresholds, able to categorise alerts according to risk factors and allowing due diligence to weed out authentic entities for criminals. HSBC, for instance, has noted AI’s ability to identify 2 to 4 times more financial crime, reducing data processing from multiple weeks to a few days.”
With AI’s ability to scan and contextualise large amounts of historical data at any time, its operational efficiency enhancement is a clear positive and is lowering time spent investigating legitimate cases.
“Whether it is truly preventative for crime entirely depends on the AI fluency of an institution,” said RelyComply. “Whether through partnering with AML platforms or acquiring data scientists in their compliance units, AI has to be well-integrated and maintained. Surfaced alerts only lead to further investigation and prosecution if they’re investigated and submitted promptly to appropriate financial intelligence agencies or government-affiliated regulators, in the ‘final check’ stage by human compliance experts.”
RelyComply added that the good news is driven by the fact that AI capabilities are far more easily adoptable through managed integrations and ongoing training.
The company said, “With this, advanced methods for anti-fincrime investigations for institutions of different makeups and systems can be refined and solidified in time (even according to new criminal typologies), with professionals bolstered by accurate risk detection from the onboarding stage onwards. The future to prevent crime involves a learning process between people and platforms, and widespread collaborations that create a global standard (and unified front) in the face of a fast-paced regulatory landscape where lax, cumbersome AML will not make the grade.”
Solve the basics
For co-founder and CEO of Salv, Taavi Tamkivi AI only becomes useful once institutions are solving the basics – getting access to their data processing it in real-time and applying decisions – and this is where most are still struggling,
On the debate between AI hype and real-world readiness, Tamkivi detailed, “We’re not anti-AI — we just know that in financial crime, the bigger problem isn’t a lack of AI. It’s a lack of good data. Without access to real-time, structured, shared data, even the best algorithms won’t deliver.”
The hidden risk of AI in regulated sectors is also a key issue, and for Tamkivi, he outlined that auditors expect explainability. “If your model makes a perfect decision but can’t explain it in human terms, you’ll fail the audit. Sometimes, smarter tech isn’t what regulators want — they want transparency.”
AI is already helpful today, with many companies using the technology to transform their operations and automate burdensome practices. In Salv’s sanctions screening product, it has added a small AI agent to support analysts, not replace them. Despite this, doubts around how ethical AI is, and its human consequences, still abound.
Tamkivi remarked, “When algorithms start making offboarding decisions — closing someone’s account, denying access to services — the stakes are too high to leave unchecked. That’s why any AI we deploy comes with layers of human oversight.
“At conferences and closed-door dinners, the message is clear: people are tired of the AI buzz. What they really want is intelligence sharing and better data — because that’s what makes all the other tools work,” he said.
Meeting the moment
For Harsh Pandya, head of product at Saifr, the growing power and evolution of AI means that it has the power now to make compliance truly real-time and preventative.
He explained, “The way we govern it today prevents that potential from being realized. Most compliance processes are still locked into static models, gated change management, and manual oversight. Even in transaction monitoring, we rarely allow models to adapt autonomously.”
Meanwhile, Pandya remarked, the technology is already there. “Cybersecurity has already embraced real-time learning and rapid response. Federated learning and real-time model training and updates can radically shift both risk posture and revenue potential. What’s missing is institutional will: regulators and risk leaders need to rethink how we balance control with adaptability,” he said.
Pandya stressed to think of it like a modern factory line, in that today, we halt the entire system just to inspect and tweak a single component, For him, the better approach is to let the line run, allowing the machines to correct themselves within defined parameters, while humans oversee quality at a higher level and improve the system over time.
He finished, “Compliance needs the same mindset shift. Until that changes, we’ll keep calling things “AI-powered” while still staying static and reactive.”
The power of AI
John Kearney of MyComplianceOffice previously outlined that big banks and asset managers are already using AI to slash false positives in transaction monitoring, while AI-driven chatbots are helping employees navigate company policies faster than you can say ‘read the manual.’
Kearney also outlined that whilst AI is fast, but it’s not infallible. It will make mistakes. It will flag nonsense. It will miss things that an experienced compliance officer would catch in five seconds. He also mentioned, “AI is a tool, not a replacement. The real winners will be those who learn to use AI strategically, stay ahead of regulations, and ensure their AI tools are actually working as intended.
Fresh data
Traditional copmpliance checks happen post-transaction; real-time engines evaluate risk while the event is unfolding, explained Baran Ozkan, CEO of Flagright.
“This requires streaming data pipelines and low-latency scoring so, for example, an unusual payment can be paused for enhanced verification rather than investigated after funds move. Machine-learning models add value by recognising subtle behavioural shifts, such as new login geographies or anomalies in payment routing, that static rule sets miss.”
In Flagright’s experience, Ozkan stressed, the biggest lift is architectural – you need consistenly fresh data, drift monitoring to ensure model relevance, and an escalation path that lets analysts quickly release legitimate transactions.
He concluded, “We design the workflow so every automated block generates an immediate explanation that a human reviewer can act on, preserving customer experience and giving regulators a clear audit trail. The ethical guardrail is human appealability: automated actions must be reversible within minutes and their rationale transparent.”
