Compliance Chiefs Eye AI Agents for AML Work as Regulatory Signals Remain Mixed

Financial institutions are beginning to deploy autonomous AI agents for anti-money laundering and know-your-customer compliance work, but executives face uncertainty about how regulators will evaluate these systems when examiners arrive.

Peter Piatetsky, cofounder and CEO of Castellum.AI, discussed the practical realities of implementing agent-based compliance solutions in a January 21 interview on the Fintech Business Podcast, addressing what he described as "one of the hottest topics in fintech, banking and compliance." The conversation centered on how compliance leaders should evaluate these tools while building examiner-ready controls in an environment where regulatory guidance remains incomplete.

The discussion comes as compliance departments—long criticized as cost centers—face pressure to demonstrate efficiency gains without compromising effectiveness. Agentic AI, which refers to autonomous software that can execute multi-step tasks without constant human oversight, promises to automate portions of the labor-intensive work of screening transactions and verifying customer identities. But the technology also introduces new model governance challenges that don't fit neatly into existing regulatory frameworks.

Piatetsky outlined how Castellum.AI's agents are currently powering AML and KYC workflows, though the interview format—a 52-minute podcast published by Fintech Business Weekly—did not include specific performance metrics or client names. The conversation instead focused on the governance and documentation challenges that financial institutions must address before deploying such systems.

A central theme was interpreting what regulators are signaling about AI adoption. Compliance leaders find themselves in a familiar bind: examiners expect institutions to use modern tools to manage risk effectively, yet those same examiners will scrutinize any system that lacks transparent decision-making processes. Piatetsky discussed how firms should translate regulatory signals into concrete governance frameworks and documentation that will satisfy examiners who may not understand the underlying technology.

The model governance question looms particularly large. Traditional model risk management frameworks were designed for statistical models with fixed parameters—think credit scoring algorithms that can be validated against historical data. Agentic AI systems, by contrast, may adjust their behavior based on new information, making them harder to validate using conventional methods. Piatetsky addressed how firms should think about these governance challenges as they relate to agents, though the podcast did not detail specific frameworks.

For CFOs evaluating compliance technology investments, the conversation highlighted a tension that will likely define the next several years: the potential efficiency gains from AI agents must be weighed against the regulatory risk of deploying systems that examiners don't yet know how to evaluate. The question isn't whether agents will reshape compliance programs—Piatetsky discussed that transformation as inevitable—but rather how quickly institutions can build the governance infrastructure to deploy them safely.

The interview suggests that early adopters are moving forward despite regulatory ambiguity, betting that demonstrable risk reduction will ultimately satisfy examiners even if the technology doesn't fit existing regulatory templates. Whether that bet pays off may depend less on the agents' performance than on how well compliance teams can document their decision-making processes in terms regulators understand.