The compliance function in European banks faces a quieter but more far-reaching transformation than anything digitalisation and regtech have promised so far. In February 2026 Oliver Wyman published a report titled "Reimagining Compliance With Agentic AI", making a provocative claim: up to 70 percent of manual compliance work can be automated by agentic AI systems, while detection accuracy can rise by up to four times. What sounds like typical consultant prose is corroborated by a concrete case – Raymond James, a listed US financial services firm, has reached precisely this 70-percent threshold in practice.
The real paradigm shift, however, is not the efficiency gain. It lies in the architecture: agentic AI – that is, AI systems that do not merely generate answers but autonomously plan, execute and coordinate multi-step work processes – move compliance monitoring away from periodic sampling towards continuous, event-driven oversight of all transactions and customer relationships in real time. Perpetual Know Your Customer (pKYC) instead of annual review, continuous monitoring instead of sample testing. For German institutions this means: the compliance function shifts from a lagging control organ to a forward-looking risk manager – or it gets overtaken by more agile competitors and more attentive supervisors.
What: Agentic AI as a new architectural layer in bank compliance functions
Evidence: Oliver Wyman (Feb 2026) – up to 70 percent automation, up to four-fold detection accuracy
Reference case: Raymond James with WorkFusion's agent "Evelyn" – 52 percent of sanctions and PEP alerts require no manual review, 70 percent overall reduction in manual effort
Regulatory framework: EU AI Act (high-risk, applicable from 2 August 2026), DORA, 9th MaRisk amendment (new module AT 4.3.4 "AI and Models")
Time horizon: 2026–2028 – window of opportunity for early movers before supervisors set benchmarks
The dimensions are substantial: the WorkFusion platform alone now processes more than one million sanctions and adverse-media alerts per day for financial institutions. Raymond James cut manual effort on name-screening alerts by 70 percent without adding a single Full Time Equivalent (FTE). At the same time, supervisors are tightening the scaffolding around implementation through three regulatory guardrails – the EU Artificial Intelligence Act (AI Act), the Digital Operational Resilience Act (DORA) and the ninth amendment to the Minimum Requirements for Risk Management (MaRisk). Anyone who wants to seize the opportunity has to master both at once: the agent architecture and the governance framework.
What agentic AI in compliance really means
The distinction from generative AI
The difference from classical generative AI is fundamental and often underestimated. A Large Language Model (LLM) such as Claude or GPT summarises text, answers questions and drafts memos. An agent, by contrast, is a semi-autonomous orchestrator which – in Oliver Wyman's words – takes on "planning, acting, and coordinating complex compliance workflows". It calls systems, consults data sources, makes decisions within defined policies and only escalates when its confidence or authorisation is exceeded.
For compliance that means: an agent can process a sanctions alert end-to-end. It reads the alert, pulls historical address data from third-party sources, checks geolocation data, compares name, date and location variants against pre-trained matching models, documents the decision in an audit-ready manner and closes unambiguous false positives on its own. The compliance officer only sees those alerts where doubt actually remains. The same principle applies to KYC refreshes, adverse-media scans, transaction monitoring and the review of Suspicious Activity Reports (SARs).
The three layers of agentic compliance
Three layers are emerging in practice where agentic AI restructures compliance processes. At the execution layer, agents take over repetitive, clearly rule-based case handling – name screening, straightforward adverse-media reviews, document checks during onboarding. At the analytical layer, they combine information from different systems into a consolidated risk picture, identify patterns and prioritise cases by risk score. At the monitoring layer, finally, they continuously observe customer portfolios, transaction flows and external data sources and raise an alarm as soon as defined risk thresholds are breached. It is this third layer that moves the paradigm – away from periodic sampling towards permanent oversight.
The Raymond James case: 52 percent no-touch
Raymond James Financial is a broadly diversified financial services firm headquartered in St Petersburg, Florida. Its compliance department faced a classic dilemma: rising alert volumes driven by tightening regulation, growing cost pressure, a constrained labour market for qualified financial-crime officers. The traditional answer would have been to add capacity through external providers or staff augmentation. Raymond James chose a different path.
The firm deployed "Evelyn", WorkFusion's agentic AI worker for name screening. The agent takes over the data-point-by-data-point analysis – names, dates, locations, historical addresses, geolocation. The results are publicly documented and illustrate the Oliver Wyman thesis vividly: 52 percent of alerts no longer require manual review. For the remaining 48 percent, manual effort is reduced by 50 to 60 percent. In aggregate this produces an overall reduction in manual effort of around 70 percent – precisely the order of magnitude Oliver Wyman reports as an industry benchmark.
What is remarkable about this quote from Brock Miller is not the efficiency statement but the second clause: "better identify true positives". Historically, automation was expected to reduce false positives. The real gain sits deeper – the quality of true-positive detection rises because the agent applies consistent review logic, integrates third-party data systematically and eliminates human fatigue and inconsistency effects. This is exactly what Oliver Wyman means by four-fold detection accuracy.
From sample audits to continuous monitoring
The periodic paradigm has failed
The classical compliance architecture of German banks follows a sampling model: customer profiles are fully reviewed periodically – every one to five years depending on risk class. Transaction monitoring runs in batch processes, sanctions screening happens in defined cycles. Between reviews the perspective remains static. A customer who enters a higher risk band after the last review remains formally unchanged – until the next cycle picks them up. This model was necessary as long as compliance work was manual and expensive. It is no longer fit for purpose once the marginal cost of continuous oversight approaches zero.
Continuous monitoring – increasingly called Perpetual KYC (pKYC) in the industry – inverts the logic. Instead of reviewing fully on a periodic basis, agents permanently watch defined risk markers: changes in beneficial ownership, sudden transaction patterns, new adverse-media entries, cross-border transactions involving high-risk jurisdictions. An anomaly triggers an event-driven, deep review – and only that. This saves resources and dramatically increases the density of risk detection at the same time.
Periodic model: Reviews every 1 to 5 years, batch monitoring, sample testing, blind spots in between
Continuous-monitoring model: Permanent oversight of all risk markers in real time, event-driven deep reviews
Resourcing: Sampling is labour-intensive with low detection density; continuous monitoring is scalable with high detection density
Regulatory thrust: Supervisors are moving towards a "risk-based approach in real time"; the sampling model increasingly needs justification
Why this is becoming supervisory-relevant now
The European Anti-Money Laundering Authority (AMLA) took up its operational work in Frankfurt in 2026 and is gradually publishing Regulatory Technical Standards (RTS) ahead of direct supervision of selected institutions. The tone of AMLA's publications so far is clear: Europe is moving towards a more technology-driven, more tightly supervised anti-money-laundering regime. Banks that continue to work in annual cycles while competitors implement real-time detection will have a hard time in supervisory reviews – not because they fall short formally, but because the state of the art is shifting beneath them.
The regulatory guardrails in 2026
EU AI Act: compliance AI is high-risk
The EU Artificial Intelligence Act classifies AI systems by risk category. Applications in credit decisions, fraud detection, anti-money laundering and transaction monitoring fall into the high-risk category (Annex III). The core obligations for high-risk systems become directly applicable on 2 August 2026. This affects German banks twice over: the agents they deploy must meet the technical and organisational requirements – risk management system, data governance, transparency, human oversight, robustness, cybersecurity. And the institutions remain fully accountable as deployers, even when the technology is supplied by a third party.
The sanctions are sharp: up to 35 million euros or 7 percent of worldwide annual turnover for prohibited practices, up to 15 million euros or 3 percent for other infringements. Critical for day-to-day operations is the explainability requirement: every automated decision – an alert closure, an onboarding clearance, a SAR-filing recommendation – must come with a reason code, an audit trail and a human-readable rationale. Agents that do not natively provide this traceability cannot be deployed.
DORA: the third-party trap
The Digital Operational Resilience Act (DORA) has been directly applicable since January 2025. For agentic compliance, the requirements on ICT Third-Party Risk Management are particularly relevant. Anyone who deploys an external agent provider such as WorkFusion, Quantexa or Fenergo must record them in the Register of Information (ROI), assess their criticality, define exit strategies and disclose sub-contractor chains. The January 2026 Memorandum of Understanding between UK and EU supervisors on joint oversight of critical third parties sharpens the focus further. The interplay of AI Act and DORA is not an addition – it is a multiplication.
MaRisk: the ninth amendment codifies AI model risk
The Federal Financial Supervisory Authority (BaFin) published the consultation version of the ninth MaRisk amendment on 1 April 2026. The new module AT 4.3.4 addresses, for the first time explicitly, requirements for models and artificial intelligence. Two aspects are particularly relevant for agentic compliance. First: institutions must maintain a model inventory in which both internally developed and externally sourced models are recorded on equal footing. Second: models must be validated before deployment and reviewed at least every three years; for external models an institution-specific suitability assessment is additionally mandatory.
The intensity of validation depends on the criticality of the model. The more strongly a model drives risk decisions, the tighter monitoring, drift detection, change management and data-quality controls must be. For a name-screening agent that closes alerts autonomously this means a substantially higher validation effort than for a dashboard model with a human final decision. Institutions deploying agentic AI in compliance processes must build this governance layer in from the start – it is not an add-on.
Exposure at a glance
| Compliance function | Change driven by agentic AI |
|---|---|
| Name screening (sanctions, PEP) | Around 50 percent of alerts processed no-touch; third-party data and geolocation analysis integrated |
| KYC / onboarding | Document checks, entity matching and risk classification autonomous; shift to perpetual KYC |
| Transaction monitoring | From batch runs to real-time scoring; pattern-based anomaly detection beyond static rules |
| Adverse media monitoring | Continuous scanning of multilingual sources; automated relevance and reputation scoring |
| SAR filing preparation | Data aggregation and initial drafting by agent; human approval remains mandatory |
| Regulatory reporting | Data extraction and consistency checks agent-driven; end-of-period submissions faster and lower-error |
| Model governance | New validation, explainability and drift-monitoring duties (MaRisk AT 4.3.4, AI Act) |
| Compliance workforce | Shift from case handling to agent configuration, exception management and strategic oversight |
Recommendations: a five-point plan for compliance leaders
The question is not whether agentic compliance will arrive – it is who shapes it in a controlled way and who gets overrun by it. The time horizon is tighter than it first appears: the AI Act becomes applicable for high-risk systems on 2 August 2026, the ninth MaRisk amendment is expected to come with transition periods of 12 to 24 months, and competitors are starting their agent programmes now. The following five steps structure the path from first use case to a productive agentic compliance architecture.
Q2 2026: Entry-level candidates are processes with high volume, clear rule logic and a high false-positive share – name screening, adverse media, document checks during onboarding. Every institution should establish a quantitative baseline on its top five volume processes (FTE deployment, case numbers, throughput times, false-positive rate) and launch an initial agentic AI use case on the process with the highest quick-win potential.
Q2–Q3 2026: Agents must be equipped from day one with policy objects that structurally reflect Know Your Customer (KYC), Anti Money Laundering (AML), Office of Foreign Assets Control (OFAC) and General Data Protection Regulation (GDPR). Every agentic step must be documented with reason code, audit trail and human-readable rationale. Retrofitting governance is more expensive, both from a regulatory and operational perspective, than building it in natively.
Q3 2026: The ninth MaRisk amendment requires a complete model inventory covering third-party models as well as documented validation before deployment and at least every three years thereafter. Institutions should treat this requirement not as a compliance chore but as a strategic asset: a clean model inventory lets agents go live faster because the governance path is defined.
Q3–Q4 2026: External agent providers must be captured in the Register of Information (ROI), their criticality assessed, exit scenarios defined. Contracts with agent providers must contain DORA-compliant clauses on audit rights, sub-contractor transparency and incident reporting. Without this integration, agents may be operationally usable but regulatorily exposed.
Continuously from 2026: Oliver Wyman puts it well: compliance professionals move from "drowning in manual reviews" to configurators, exception managers and strategic advisers. Institutions that treat agentic AI merely as an FTE-savings programme will lose workforce expertise and the ability to steer agents meaningfully. Training in prompt engineering, agent configuration and model monitoring is not optional – it is a prerequisite.
Risks and open questions
For all the enthusiasm, a sober assessment is in order. First: the 70-percent automation figure refers to clearly rule-based processes – not to the entire compliance mandate. Decisions with a high judgement component, such as evaluating complex structures in private banking or navigating geopolitical sanctions nuances, remain a human domain. Anyone misreading the 70 percent as an overall headcount reduction will be heading straight into a supervisory wake-up call.
Second: an agent is only as good as its training data and its policy scaffolds. Raymond James chose WorkFusion, a provider that has specialised in financial-crime compliance for years. A generic LLM without compliance fine-tuning will systematically fail on regulatory nuances – for example in distinguishing the OFAC SDN list, the Non-SDN list and the EU consolidated list. Provider selection is the single most important decision in the entire programme.
Third: the explainability requirement of the AI Act partially collides with the black-box nature of large language models. Institutions need architectures that trace agent decisions back to deterministic policy rules instead of relying on probabilistic LLM output. Hybrid architectures – deterministic rule engine plus LLM-supported contextualisation – are the pragmatic way out, but more complex to build than vendor marketing slides suggest.
Fourth: the future of compliance jobs is often sugar-coated. If an agent closes 52 percent of alerts no-touch, the corresponding operational capacity falls away. The assumption that all freed-up staff will automatically become agent configurators or strategic advisers is a hope, not a certainty. Institutions that communicate the transformation honestly and invest consistently in reskilling will retain talent. Institutions that treat efficiency as an end in itself will lose credibility and expertise.
Agentic compliance is not a marketing trend but a structural shift. Oliver Wyman's 70-percent thesis is not a promise but a benchmark that Raymond James has achieved in a clearly scoped sub-process. The regulatory architecture of AI Act, DORA and MaRisk is strict, but it is workable – and it is predictable. Whoever starts now with a clear use case, builds an honest governance framework and brings the workforce along gains time, learning effects and negotiating leverage with supervisors, providers and competitors. Whoever waits until the benchmarks are set will be measured against them.
Christian Schablitzki
Strategy & Management Consultant · Agentic-AI expert for financial institutions
More than 20 years in investment banking and derivatives trading, followed by more than 10 years as a consultant to financial institutions. Currently Partner at Infosys Consulting in Germany. Certified in Google AI, Generative AI Leader (Google Cloud) and IBM RAG and Agentic AI.
LinkedIn profile →Keep reading – delivered to your inbox every two weeks.
Capital markets insights, regulatory updates and AI trends. Concise, thoroughly researched, free of charge.
GDPR-compliant. Unsubscribe at any time.