No items found.
If you work in a bank, you've probably sat through at least one presentation about AI that made bold promises about "transforming compliance."
The problem? Most of those presentations skip over the most important question:
What specific problems are you trying to solve?
We speak to a lot of banks, and more and more we are hearing that they have been given the task of "implementing agentic solutions". A lot of banks have read the headlines, they've heard the hype, and they're terrified of being left behind. So they're looking for places to deploy AI the same way you'd look for places to hang artwork - just find a blank wall and stick something up.
That's backwards, and it's expensive.
Major banks have spent hundreds of millions on AI initiatives that delivered minimal value because they started with the technology instead of the problem. MIT has reported that 95% of generative AI pilots are failing, and Deloitte found that the ROI for agentic solutions is taking 2-4 times longer to achieve than normal technology investments. We can debate these numbers, sure, but the overall sentiment is that a huge amount of money is being speculatively spent, in the hopes of enormous AI-driven returns.
At Cable, we think that the right approach to implementing AI in compliance is straightforward:
This seems obvious, but somehow the industry has convinced itself that the process should go: buy the AI, then figure out what to do with it. That's a recipe for spending a lot of money on solutions looking for problems.
So let's talk about actual problems AI can solve in banking compliance, organized by where you sit in your organization's defense structure. Because what works for your first line (the folks doing the day-to-day work) looks completely different from what your second line (the ones overseeing and testing) actually needs.
It’s no wonder that everyone says that first line compliance teams are constantly fighting fires. With the never ending transaction monitoring alerts, customer due diligence reviews and sanctions screening hits, most of which are false positives, your people are on a hamster wheel that they cannot get off.
AI can help.
AI for AML alert dispositioning is the obvious starting point. Your AML analysts are spending hours reviewing alerts that are mostly false positives. Someone wired $9,500 to their contractor? Someone made daily ATM withdrawals while on vacation? AI can learn what your procedures say you need to do to clear alerts, and learn from your historical disposition patterns, and either auto-clear the obvious non-issues or at least rank them so your team focuses on what actually matters.
AI for reducing compliance operational overhead is the less glamorous but equally important application. Think about your Reg E dispute process: someone calls about an unauthorized transaction, your team pulls statements, fills out case management fields, generates provisional credit letters, and documents the investigation. AI can handle the form-filling, letter generation, and data entry while your investigators focus on actually determining whether the claim is legitimate.
The key here is that first line AI isn't about replacing expertise. It's about giving your experts more time to actually use their expertise.
Now let's talk about the second line, because this is where things get interesting.
Your compliance oversight teams have a different problem. They're not drowning in transactional volume - they're drowning in documentation. Policies, procedures, regulatory guidance, exam feedback, control testing results. And their job is to answer three deceptively simple questions:
Traditionally, this means a lot of very smart people reading a lot of very dense documents and then sampling <5% of work completed to determine if it was done correctly. But here's where AI can fundamentally change the equation:
AI for automated regulatory mapping becomes a game-changer. Instead of having someone manually compare your SAR filing procedures against FinCEN's guidance, FFIEC exam procedures, and state requirements, AI can identify gaps. Does your BSA procedure say you'll file SARs within 30 days, but the regulation requires it within 30 days of initial detection or discovery through monitoring, whichever is earlier? AI catches that nuance. Does your Reg E error resolution procedure say you'll investigate within 10 business days, but forget to mention the 45-day extension for new accounts or POS transactions? AI flags the gap.
AI for automated compliance control and effectiveness testing gets a serious upgrade. Right now, your second line samples 25 TILA-RESPA Integrated Disclosures per quarter and manually checks whether your loan officers followed the procedures. Did they deliver the loan estimate within three business days of application? Did they document the reason for any revised loan estimate? Did they provide the closing disclosure at least three business days before consummation?
The real power here is consistency. AI doesn't get tired on the 247th Reg E case review. It applies the same standards every single time.
Automating compliance with AI isn’t a one-solution fix. It's a collection of very different tools that solve very different problems depending on where you sit. Deciding to use AI might be the right thing for your bank, but the best way to automate compliance with AI is to deeply understand the problems you’re trying to solve, before you start looking for technology.
The Benefits of an Automated Risk Assessment
Conversations with Compliance Champions: Insights from Hummingbird's CEO, Joe RobinsonIf you work in a bank, you've probably sat through at least one presentation about AI that made bold promises about "transforming compliance."
The problem? Most of those presentations skip over the most important question:
What specific problems are you trying to solve?
We speak to a lot of banks, and more and more we are hearing that they have been given the task of "implementing agentic solutions". A lot of banks have read the headlines, they've heard the hype, and they're terrified of being left behind. So they're looking for places to deploy AI the same way you'd look for places to hang artwork - just find a blank wall and stick something up.
That's backwards, and it's expensive.
Major banks have spent hundreds of millions on AI initiatives that delivered minimal value because they started with the technology instead of the problem. MIT has reported that 95% of generative AI pilots are failing, and Deloitte found that the ROI for agentic solutions is taking 2-4 times longer to achieve than normal technology investments. We can debate these numbers, sure, but the overall sentiment is that a huge amount of money is being speculatively spent, in the hopes of enormous AI-driven returns.
At Cable, we think that the right approach to implementing AI in compliance is straightforward:
This seems obvious, but somehow the industry has convinced itself that the process should go: buy the AI, then figure out what to do with it. That's a recipe for spending a lot of money on solutions looking for problems.
So let's talk about actual problems AI can solve in banking compliance, organized by where you sit in your organization's defense structure. Because what works for your first line (the folks doing the day-to-day work) looks completely different from what your second line (the ones overseeing and testing) actually needs.
It’s no wonder that everyone says that first line compliance teams are constantly fighting fires. With the never ending transaction monitoring alerts, customer due diligence reviews and sanctions screening hits, most of which are false positives, your people are on a hamster wheel that they cannot get off.
AI can help.
AI for AML alert dispositioning is the obvious starting point. Your AML analysts are spending hours reviewing alerts that are mostly false positives. Someone wired $9,500 to their contractor? Someone made daily ATM withdrawals while on vacation? AI can learn what your procedures say you need to do to clear alerts, and learn from your historical disposition patterns, and either auto-clear the obvious non-issues or at least rank them so your team focuses on what actually matters.
AI for reducing compliance operational overhead is the less glamorous but equally important application. Think about your Reg E dispute process: someone calls about an unauthorized transaction, your team pulls statements, fills out case management fields, generates provisional credit letters, and documents the investigation. AI can handle the form-filling, letter generation, and data entry while your investigators focus on actually determining whether the claim is legitimate.
The key here is that first line AI isn't about replacing expertise. It's about giving your experts more time to actually use their expertise.
Now let's talk about the second line, because this is where things get interesting.
Your compliance oversight teams have a different problem. They're not drowning in transactional volume - they're drowning in documentation. Policies, procedures, regulatory guidance, exam feedback, control testing results. And their job is to answer three deceptively simple questions:
Traditionally, this means a lot of very smart people reading a lot of very dense documents and then sampling <5% of work completed to determine if it was done correctly. But here's where AI can fundamentally change the equation:
AI for automated regulatory mapping becomes a game-changer. Instead of having someone manually compare your SAR filing procedures against FinCEN's guidance, FFIEC exam procedures, and state requirements, AI can identify gaps. Does your BSA procedure say you'll file SARs within 30 days, but the regulation requires it within 30 days of initial detection or discovery through monitoring, whichever is earlier? AI catches that nuance. Does your Reg E error resolution procedure say you'll investigate within 10 business days, but forget to mention the 45-day extension for new accounts or POS transactions? AI flags the gap.
AI for automated compliance control and effectiveness testing gets a serious upgrade. Right now, your second line samples 25 TILA-RESPA Integrated Disclosures per quarter and manually checks whether your loan officers followed the procedures. Did they deliver the loan estimate within three business days of application? Did they document the reason for any revised loan estimate? Did they provide the closing disclosure at least three business days before consummation?
The real power here is consistency. AI doesn't get tired on the 247th Reg E case review. It applies the same standards every single time.
Automating compliance with AI isn’t a one-solution fix. It's a collection of very different tools that solve very different problems depending on where you sit. Deciding to use AI might be the right thing for your bank, but the best way to automate compliance with AI is to deeply understand the problems you’re trying to solve, before you start looking for technology.
