The AI conversation in finance has a direction problem.

LLMs for alpha generation. Transformer architectures for return prediction. Multi-agent trading systems racing to shave microseconds off execution. The research is exciting, the benchmarks are impressive, and almost none of it is running in production at scale.

Meanwhile, every major financial institution is drowning in compliance overhead — and the AI community is largely looking the other way. That gap is what this site is about.

// The numbers first

Before we get to architecture, the scale of this problem deserves a moment.

$10.4B Global AML fines in 2024 — a record high (Norton Rose Fulbright)
$15B+ Projected AML enforcement total in 2026
16% Banks with operational AI deployments in compliance (Hawk/Chartis 2025)

TD Bank's $3 billion fine marked the largest AML penalty in US history. Financial institutions face nearly $5 billion in AML fines annually, and illicit transactions in cryptocurrency alone exceeded $20 billion in 2022. And yet only 16% of banks have moved past pilots into operational AI deployment for financial crime.

McKinsey estimates AI could add $200–$340 billion in annual value to the global banking sector. The majority of that opportunity sits not in trading, but in operations, risk, and compliance.

// The asymmetry nobody talks about

Alpha-generating AI faces a brutal deployment environment. Signal decay. Execution costs. Regulatory scrutiny on automated trading. Adverse selection. Even the best academic results rarely survive contact with a live order book.

Compliance AI faces almost the opposite conditions. The "signal" is regulatory text, transaction records, communications data, and audit trails — all structured, persistent, and not adversarially decaying. You're not racing other models for edge. You're replacing human analysts doing ctrl+F on PDFs from 2003.

AI-powered solutions can reduce false positives in AML monitoring by 90–95%. BCG research notes that institutions adopting AI with specialist teams see up to 60% efficiency gains and 40% cost reductions in onboarding, compliance, and settlement — numbers you simply don't see on the trading side.

The risk-adjusted opportunity is real. The attention isn't there yet.

Fig 0 — Global AML Enforcement Fines 2018–2026 (USD billions)
$20B $15B $10B $5B $0 $2B 2018 $3.6B 2019 $2.8B 2020 $4.2B 2021 $5.1B 2022 $6.8B 2023 $10.4B 2024 $15B+ 2026 RECORD PROJECTED Sources: Norton Rose Fulbright 2025 · Sanction Scanner 2025–2026 · Author estimates

// Where AI actually sits in the compliance stack today

Here's an honest map of the current state — not what institutions claim in investor decks, but what deployment data and published research actually shows.

Fig 1 — AI Maturity by Compliance Layer (2026)
25% 50% 75% 100% AI Maturity → AML Transaction Monitoring 70% — Rules + basic ML KYC / Onboarding 40% — OCR + classify Regulatory Reporting 20% — Mostly manual / RPA Comms & Trade Surveillance 25% — Keyword rules, NLP Risk Explainability 10% — XAI bolted post-hoc ← biggest gap

A US-based bank's legacy compliance system met just 75% of regulatory requirements before adopting an automated RegTech solution — which raised compliance above 95%. That 20-point gap represents billions in avoided fines and years of regulatory scrutiny. It's not an engineering footnote. It's the entire business case.

The leaders are visible. HSBC partnered with Quantexa to build a graph intelligence platform across its global transaction monitoring stack — treating it as core infrastructure, not a pilot. JPMorgan has over 300 ML models in production across risk and compliance functions. These are institutions that treat compliance infrastructure as strategic, not overhead.

Barclays, HSBC, and Lloyds have partnered with big tech and telecoms firms to exchange live fraud data including suspicious URLs and abnormal payment flows, demonstrating earlier interception of mule accounts than any bank could achieve in isolation. That's the frontier: shared intelligence networks built on modern ML, not siloed rule engines written in the 2000s.

// What the stack should look like

Fig 2 — Target AI Compliance Architecture
LAYER 4 Explainability & Human Review Audit trails · Regulatory mapping · Human-readable rationale · Model governance CRITICAL LAYER 3 Agentic Reasoning & Triage Regulatory context retrieval · Materiality assessment · Structured alert generation FRONTIER LAYER 2 Pattern Detection GNNs for AML network anomalies · Fine-tuned LLMs for comms surveillance · Semantic NLP ACTIVE R&D LAYER 1 Signal Ingestion Transactions · Comms (voice/chat/email) · Market data · Regulatory feeds → Temporal graph MATURE Author synthesis · Sources: Capco 2026, McKinsey 2026, GNN literature

Layer 1 — Signal Ingestion. Real-time transaction streams, communications (voice, chat, email), market data, and regulatory feeds unified into a temporal graph. Not a data warehouse — a live, evolving graph. Unsupervised anomaly detection spots behavioral deviations while supervised models classify customer and transaction risk using historical outcomes.

Layer 2 — Pattern Detection. Graph neural networks for network-level anomalies. Fine-tuned LLMs for communications surveillance — genuine semantic understanding of intent across long context windows, not keyword matching. The research here is moving fast; LAS-GNN and similar architectures are now detecting money laundering motifs at near-perfect accuracy on synthetic networks.

Layer 3 — Reasoning & Triage. An agentic layer that doesn't just flag — it reasons. Given a suspicious pattern, it pulls regulatory context, checks historical precedent, assesses materiality, and produces a structured alert with an audit trail. For AI agents to operate in production in regulated domains like AML, every decision requires a clear, human-readable rationale that maps to a specific rule.

Layer 4 — Explainability & Human Review. The regulator doesn't care about your F1 score. Regulators are already demanding explainable AI in AML systems — and that demand is law under the EU AI Act. This is the hardest engineering problem in the stack. Not the detection. The explanation.

// The open research problems

Most published work focuses on detection accuracy. That's necessary but not sufficient. The frontier problems that the research community is barely touching:

Concept drift in regulatory environments. Regulations change — your model needs to adapt without full retraining. McKinsey's 2026 AI Trust Maturity Survey found that only one-third of organizations report governance maturity of three or higher. The oversight structures aren't keeping pace with the models themselves.

Cross-jurisdictional generalization. A model trained on US AML patterns may fail entirely on APAC transaction structures. The regulatory fragmentation between FATF guidance, EU AML directives, and national regimes creates genuine detection blind spots that almost no published benchmark addresses.

Adversarial robustness. Financial criminals actively adapt to detection systems. This is an arms race, not a static benchmark. Deloitte projects genAI-enabled fraud losses could hit $40 billion by 2027 in the US alone — meaning the adversarial side is weaponising the same models we're deploying for defence.

Calibrated uncertainty. A compliance system that is 95% confident but wrong is more dangerous than one that escalates to a human. This problem is almost completely unaddressed in the literature and is arguably the most critical for real-world deployment. When a false negative means a missed SAR filing and a nine-figure fine, you need to know what the model doesn't know.

Fig 3 — Research Attention vs Deployment Criticality
RESEARCH ATTENTION → DEPLOYMENT CRITICALITY → LOW HIGH LOW HIGH ← THE GAP Calibrated Uncertainty Model knows what it doesn't know Adversarial Robustness Criminals adapt; models must too Cross-jurisdictional Generalisation WELL SERVED Detection Accuracy Majority of published AML papers Transaction Monitoring (ML) GNNs, supervised classifiers LOWER PRIORITY Model Compression Synthetic Data Generation OVER-INDEXED Benchmark Performance F1 / AUC on synthetic datasets Speed / Latency Optimisation Author analysis · Based on review of published AML/compliance AI literature 2022–2026

// Why now

AI use in compliance in the US has hit the 10% adoption threshold — which historically marks the beginning of mass-market acceleration in enterprise software. The architecture decisions being made right now will define the compliance stack for the next decade.

The quant community hasn't noticed. The compliance community lacks the technical depth to fully articulate what they need. That gap is productive..

That's the starting point.

// References

Research notes. All sources cited and publicly available.