Regulatory change hits firms like a constant storm, demanding swift adaptation to a maze of evolving rules. Generative AI offers a lifeline, automating tracking and interpretation to keep pace with shifting regulations. Yet, its potential to simplify compliance comes with risks—bias and privacy concerns—that could complicate the journey. Can GenAI truly transform how firms navigate this turbulent landscape? In Part 1, we delve into this topic with key industry leaders.
Jon Elvin, strategic risk advisor at Saifr, believes from the get-go, it’s important to note that tech innovation – including AI – is here to stay and is becoming an expected and in-demand strategy.
He said, “It is the conversation in executive boardrooms and throughout the ecosystem of business. AI solutions are charging forward on this journey with achievement goals for better outcomes, more complete insights, efficiency gains and an overall “force multiplier” impact targeting greater effectiveness.
Alongside FinTech and the overall financial industry including insurance firms, investment companies and traditional banks, Elvin remarked that he is seeing regulatory compliance and financial crimes tasks being solved with business process automation and leaning in with more advanced AI including large language and transformer models, natural language techniques, context analytics with magnetic draw to agentic AI.
He said, “While I have traditionally prioritized the financial services industry, these same regulatory, know your customer and AML-solution techniques converging with gigantic data lakes have distinct value and are rapidly advancing to other channels protecting the safety and trust space, vendor management, HR and overall reputation management. This trend will continue.”
Elvin also believes that AI has ‘tremendous’ practical applications. He said it can be used to monitor for new and changing laws, industry guidance and regulations.
He explained, “AI is particularly useful in culling out gaps, omissions/inconsistent policies, procedures and controls. It helps simplify the writing and understanding of complex requirements and is particularly useful for the maintenance and automation of completing risk assessments, maintaining inventory control and policy libraries and connecting that aspect of AI with real-time master data management insights. This is a historic challenge that AI is solving as the mountains of data keeps growing that absent AI, humans cannot efficiently evaluate and turn into action. “
Another area that AI is creating extremely powerful results relates to efficiency, speed and accuracy in creating legal disclosures, product offering clarity and adherence to laws and permissible language.
Elvin detailed, “Too often, very basic mistakes or regulatory omissions can be prevented prior to consumer harm, misrepresentation or litigation if one chooses advancing AI capabilities. Impressive to see AI in action identifying content in written, visual and digital media that is incongruent with a company’s brand, policy or in conflict with laws and regulations. With so many content creators writing from scratch with slow approval frameworks, AI can solve, recommend and correct in real time at scale with accuracy.
How reliable is GenAI in interpreting complex legal language? Elvin responded succinctly to this; GenAI is good until it’s not.
He explained, “That is the risk/reward and confidence paradigm. What I suggest our profession focus on though, is clarity and fit for purpose use. This includes responsible innovation and application. Explicitly defining the problem sets ensuring transparency and monitoring outputs and impact is a strong safety control. Ensure metrics are in place with regular” human-in-the-loop” subject matter specialist overseers to gain early warning of any degrading or disparate impact. Training data used to refine the model, if deficient or wrong will only return wrong fast and consistently. Safeguards and oversight of training data is needed.”
Are regulators supportive of AI-based compliance tools? In Elvin’s view, regulators have openly supported AI and innovation and will accept it with responsible innovation and solutions. In fact, he states, some regulatory bodies actively seek input, are listening to ideas, and improving their knowledge by seeing examples of “AI in Action”.
He said, “Agencies are encouraging the thoughtful exchange of information and are promoting office hours and innovation venues for both regulated companies they oversee and technology pioneers from industry. Firms that offer detailed views and descriptions on AI use cases, demonstrate active monitoring and contingency to undue or self-correct as a safety guard rail will gain confidence and more freedom to operate. Mistakes or big omissions that harm customers will certainly have narrower guardrails.”
Whilst AI has promising applications to speed up regulatory insights, intepretations and suggestions for policy and procedural development, Elvin claims that we have seen examples where AI has inappropriately cited case law that was completely made up, was just wrong, and/or the inference and applicability were misaligned. This should prompt flipping the adage of “trust but verify” and turn to a “verify and then trust” posture.
He remarked, “I encourage responsible innovation as the potential to achieve extraordinary results (effectiveness, efficiency, and employee experience) while preserving privacy is possible and worth the pursuit. Regardless of your in-line role, realize that you don’t have to be an expert in AI to begin the journey. Augment your team creating direct and indirect cross-functional experience and expertise in AI and think about unleashing creativity.
“Take comfort that not every experiment will work exactly right the first time, but the journey will lead to incremental improvements and new creative discovery. Results may surprise you.”
A step ahead
In the view of Areg Nzsdejan, CEO and founder of Cardamon, regulated firms can find it challenging to manage regulatory change. A lot of them, he claims, rely on manually tracking regulator websites, newsletters and even social media like LinkedIn for changes. Alternatively, there are RegTech solutions out there but typically the feedback Cardamon is getting is it’s not tailored and it’s more of a feed that they still have to sift through.
“It’s reactive. It’s manual. And worst of all, it’s slow,” claims Nzsdejan. However, he firmly believes that GenAI is changing that fast.
He explained, “I think the highest leverage of AI is customisation. We can now tailor the relevant news feeds to the relevant company – so that only what is relevant is actually shown. Beyond this you can then use it to interpret the changes and tell you what is relevant to you. This is what we do at Cardamon. We unlock a whole new level of automation.”
The most forward-thinking firms are already using GenAI, he claims. What is more is that companies can now take a step further, not only tracking the changes at a high level but interpreting new regulations across jurisdictions in minutes not months, extract obligations automatically from laws, consultations and guidance, map changes to impacted controls, policies and business units and suggest remediation actions tailored to the firm’s product and entity footprint.
Nzsdejan added, “At Cardamon, we’ve seen clients reduce the time to assess a major regulatory change from months to days. That’s not just efficiency. It’s a competitive advantage that our clients are getting.”
Is AI really able to understand legal language? For Nzsdejan, this is a fair question, as regulations aren’t written for machines.
“But here is the thing, GenAI has come a long way and one of the things it is extremely good at is parsing and interpreting text – the reason being is because it has an awful lot of it to learn from,” he claimed. “With the right infrastructure, domain fine-tuning, legal ontologies, and prompt engineering, today’s models can reliably interpret nuance, cross-references, carve-outs, and multi-layered regulatory logic. They don’t just keyword-match. They reason.
“We’ve built Cardamon’s AI agents to operate across any regulation, any language, anywhere in the world. But we also layer in human validation where it counts. In this game, accuracy isn’t optional.”
A key question remains whether regulators are on board. Often, regulators differ from country to country and have different appetites.
Nzsdejan said, “Overwhelmingly, we are seeing them embrace it and even want to use it themselves. I think the key nuance is that they are less concerned about how you get to the answer as long as you do get to the answer. If using GenAI gets you there quickly and reliably, then I don’t see any issues. Essentially, while no one expects regulators to rubber-stamp black-box AI, we’re seeing growing support for explainable, transparent compliance tooling that enhances governance, not bypasses it.”
The message for Nzsdejan is clear: regulators want to see firms harness tech to do compliance better, not just faster.
Despite this, relying on AI for regulatory interpretation carries risk when used carelessly. “This is why just asking ChatGPT or Gemini to parse through a 300 page regulation and interpret it correctly isn’t always a good idea. As explained before, there is an awful lot of architecture, fine-tuning and technical expertise needed to minimise chances of hallucination and optimise performance,” claims Nzsdejan.
That’s why for Cardamon, the company’s founder outlined that it designs its tools to be AI-first but compliance-led.
Nzsdejan concluded, “Bottom line? GenAI won’t replace your compliance team. But it will massively upgrade what they can achieve. Firms that embrace it early will move faster, spend smarter, and stay ahead of the curve – especially as global regulatory velocity continues to accelerate. The future of compliance isn’t just digital. It’s autonomous. And it’s already here.”
Accelerating regulations
For Chaitanya Sarda, CEO of AIPrise, regulations aren’t just growing – they’re accelerating – especially in fast-moving sectors such as cross-border payments and FinTech.
He said, “New AML directives, evolving KYC/KYB requirements, data localization laws, it’s a full-time job just to keep up. Most teams still rely on a patchwork of legal newsletters, spreadsheets, and manual processes to stay updated. But the real challenge comes after the update, understanding what changed, how it applies to your business, and what actions need to be taken. It’s reactive, slow, and often overwhelming.”
For Sarda, GenAI is starting to shift this dynamic. “One of the clearest benefits is in regulatory monitoring. Instead of manually scanning through dense documents or monitoring dozens of regulator sites, compliance teams are now using GenAI to track updates in real time and generate simplified summaries. What changed, who it impacts, and what needs to be done, delivered in minutes, not days. “
Sarda claims this is valuable for lean teams managing obligations across multiple jurisdictions where the margin for error is small and the stakes are high.
“But the power of GenAI goes beyond monitoring. Once a change is detected, AI tools can help analyse how it affects internal policies, documentation, and workflows. For example, if there’s a new threshold for beneficial ownership or a revision in data retention rules, GenAI can scan existing compliance content and highlight areas that may be outdated. It can even suggest updated language or a first draft of new policy wording. What would typically require multiple rounds between legal and compliance can now begin almost instantly, giving teams more time to validate and execute instead of starting from scratch,” said Sarda.
Another area being transformed is internal communication. Sarda stated that anyone who has worked in compliance knows the pain of explaining the same regulatory update to five different teams.
He explained, “GenAI can help translate complex legalese into easy-to-digest summaries tailored for specific roles, whether it’s sales, engineering, or product. These summaries can be localized, role-specific, and delivered in the format each team prefers like checklists, email snippets, or even quick learning modules. It’s not just about speed, but about ensuring regulatory changes are actually understood and implemented, not just acknowledged in a Slack message.”
The AIPrise CEO highlighted that one of the most promising developments in this space is the rise of AI-powered law bots, trained specifically on legal and compliance text.
“These bots act as internal assistants, helping teams answer complex regulatory questions, compare international rule sets, or quickly draft compliance language. They’re already being used by companies to accelerate legal research, flag potential gaps in controls, or validate if a new requirement applies to a particular customer flow,” said Sarda.
While these bots don’t replace legal counsel, stressed Sarda, they dramatically cut the time spent on first-pass analysis, enabling faster decisions and freeing up in-house legal teams to focus on higher-risk and high-impact scenarios.
Sarda added, “Of course, no AI is perfect. GenAI can misinterpret nuance, overgeneralize, or produce overly confident summaries. That’s why it’s important to keep human review in the loop. AI should be seen as a co-pilot, a tool to help compliance teams work faster and smarter, not a substitute for legal judgment. Traceability, oversight, and clear audit trails are still essential, especially when you’re making decisions that could affect risk posture or regulatory standing.
The role of compliance is changing, and it is no longer just about checking boxes for businesses. It’s also about enabling smart, safe growth.
For Sarda, GenAI is helping teams shift from reactive firefighting to proactive planning.
He stated, “Instead of getting buried in documentation, compliance professionals can now spend more time advising the business, shaping strategy, and ensuring readiness for what’s ahead. When used responsibly, this technology doesn’t just help companies stay compliant, it helps them lead with confidence.”
Reshaping the game
Jay Petraitis, managing director on ACA Group’s product development team, believes that GenAI is reshaping how financial firms manage regulatory change by automating complex tasks, enhancing the interpretation of legal language, and streamlining compliance workflows.
“At ACA, we are actively integrating GenAI into our RegTech platform, ComplianceAlpha, to help compliance teams respond to alerts in real time with greater speed and precision. This briefing outlines key developments, benefits, and risks associated with GenAI in the regulatory environment—particularly for clients and regulators seeking to understand its practical applications and governance implications,” said Petraitis.
Over the last several months, he claims the company has observed GenAI being deployed across a range of compliance use cases. For example, in surveillance enhancement.
Petraitis explained, “AI is now used to ingest and transcribe video content (e.g., from YouTube), enabling those transcripts to be analysed by surveillance systems for potential compliance breaches.”
Another area is in alert reduction, with GenAI cutting the volume of false positives in surveillance alerts, saving compliance officers hours of manual review. In document analysis, AI scans brokerage statements to support companies in meeting both Code of Conduct and Code of Ethics obligations.
ACA has also recently launched AI Insights, a GenAI-powered feature within its eComms Archive + Surveillance module. This tool reviews alerts faster than a Level 1 compliance officer, enabling firms to triage and respond to potential issues more efficiently.
“One of GenAI’s most promising capabilities is its ability to interpret complex legal and regulatory language. ACA’s Marketing Review tool uses natural language processing (NLP) to perform rule validations and file searches. We’ve also developed Large Language Models (LLMs) to analyze thousands of contractual documents across years of firm activity,” said Petraitis.
Unlike public AI tools, Petraitis noted that LLMs are trained on domain-specific corporate and learn patterns in grammar, reasoning, and logic. For example, a firm needing to ensure its contracts comply with new data privacy regulations can use an LLM to scan documents for non-compliant clauses, suggest compliant alternatives and generate summaries for legal review. “This transforms a months-long manual process into a task that can be completed in hours,” he said.
In addition to this, regulators are increasingly supportive of AI tools that boost transparency, efficiency and accountability, with key frameworks including the EU AI Act, and the NIST AI Risk Management Framework
“These frameworks are shaping how firms deploy AI responsibly, and ACA is aligning its tools with these evolving standards,” said Petraitis.
While GenAI offers significant benefits for Petraitis, he believes that firms must remain vigilant about potential risks such as over-reliance, skill gaps and misinterpretation.
He concluded, “At ACA, we emphasize a human-in-the-loop approach, ensuring that AI augments—not replaces—expert judgment.”
Balancing act
Given the popularity of GenAI through ChatGPT’s widespread personal and business use, the financial industry’s tentative attitude towards it is warranted, claims South African RegTech RelyComply.
“But then again, a slow-but-steady approach to including the technology for internal operational tasks and iterating its most pertinent use cases is an advised (and potentially necessary) future for risk management,” the firm added.
GenAI can be applied to risk analysis outside of its developer-led niche in ways that strip compliance teams of wasted time and effort. It works on queries to scan and produce outcomes.
RelyComply gave the example of how complex regulatory texts set by local or global watchdogs can be assessed and interpreted, and their most applicable action items can be raised for an analyst’s attention. It can compare policies to existing regulations, apply version control, and even generate step-by-step guides in line with the vast amounts of data fed with real-time automation.
The company said, “Productivity may be a great starting point to utilising GenAI to adopt AML standards, yet it can further identify risk alerts. By creating ersatz transactional datasets that simulate some suspicious patterns, machine learning systems can be trained to spot these anomalies, which, improved over time, can be tested against accurate historical payments. Again, in real-time, this is revolutionary in flagging high-risk behaviours in a fraction of the time compliance teams are used to, lowering false positive rates and streamlining the process of filing suspicious activity reports (SARs), which is becoming a key priority in compliance protocols. “
For RelyComply, this highlights that GenAI take-up must align with growing data science and model training expertise. In-house AI professional hiring is one such way, as is partnering with AI-driven RegTech solutions that can integrate AI capabilities in line with ethical guidelines and attuned to region-specific compliance nuances. Sandboxes can especially ‘road test’ GenAI for AML capabilities between technology providers, financial businesses, and regulators.
RelyComply concluded, “First, utilising GenAI for efficiency gains, the whole financial ecosystem’s greater AI adoption can assist in sharing best practices. Extending this to actionable AML can be an agile, future-proofed way to adhere to regulatory change and stop even emerging threats from still evolving underground.”
Copyright © 2025 FinTech Global
