The question keeping compliance professionals awake at night is the wrong one. Whether artificial intelligence will make their expertise obsolete is a distraction, the more consequential question is which compliance professionals will develop genuine fluency with AI tools, and what that gap will mean for institutions that get it wrong.
According to Sherlocq, that gap is already opening. Not between humans and machines, but between practitioners who have built real command over AI tools designed for their domain, and those who have not.
To understand why, consider a financial crime analyst at a mid-sized bank. Under a traditional workflow, the majority of their day is consumed by processing system-generated alerts — the overwhelming bulk of which are false positives thrown up by blunt, rule-based screening logic. The cognitive load is punishing. The signal-to-noise ratio is poor. By the time genuinely suspicious cases surface, the analyst’s capacity for careful judgment has already been depleted by sheer volume.
Sherlocq recently jumped into the topic of AI for compliance professionals and the idea of the human judgment multiplier.
AI tools purpose-built for financial crime and regulatory intelligence change that calculus structurally. The analyst arrives to a prioritised case list, each item accompanied by contextual summaries, jurisdiction-mapped regulatory references, and a preliminary risk assessment that explains the basis for flagging. Their expertise is reserved for exactly what cannot be automated: assessing the scenario, weighing the evidence, making the escalation call, and producing documentation robust enough to survive regulatory scrutiny. The number of meaningful decisions made per day increases. Documentation quality improves. Exposure to a wider range of regulatory scenarios accelerates development across the whole team.
The same logic applies across every corner of a regulated institution. Corporate legal teams managing ESG disclosure obligations simultaneously across the EU, UK, and Singapore. AML functions tracking sanctions regime changes across more than 320 data sources — including OFAC, OFSI, EU, UN, and UAE designations — through a single query. Risk teams conducting gap assessments against updated prudential standards. In each case, the AI handles retrieval, cross-referencing, and preliminary structuring. The human handles the judgment. Platforms such as Sherlocq have positioned themselves as the first AI-native tool to deliver this depth and traceability across multiple sanctions regimes simultaneously — a meaningful claim in a field where source attribution is not optional.
The persistent confusion in public debate about AI and compliance stems from conflating two fundamentally different things: automating tasks and replacing judgment. AI is genuinely exceptional at the former — processing millions of data points, surfacing pattern anomalies, cross-referencing regulatory updates across dozens of jurisdictions, and retrieving jurisdiction-specific answers in seconds. These are real and material capabilities.
But compliance has never fundamentally been about those tasks. It has been about what comes after. The assessment. The escalation decision. The conversation with senior management. The call made in genuinely ambiguous territory where the regulatory framework provides structure but not a clear answer. Whether to file a suspicious activity report, at its edges, is a matter of professional judgment informed by experience. Determining whether a proposed product structure satisfies conduct-of-business rules across three jurisdictions requires a practitioner to hold the full context simultaneously and make a call. AI does not make those calls. It gives the professional making them a materially stronger foundation from which to work.
This reframing matters because it reshapes the question of AI adoption entirely. Institutions that deploy AI to remove compliance professionals from the decision-making chain have misread the technology. Those that deploy it to make their compliance professionals faster, better-informed, and more consistent have understood it correctly.
The uncomfortable implication is that not every compliance professional will adapt at the same speed, and the divergence between those who do and those who do not will widen faster than most currently expect. Fluency with AI in a compliance context is not simply a matter of knowing how to operate a product. It requires judgment about when to trust an output and when to interrogate it. It requires translating complex regulatory ambiguity into precise, well-framed questions that yield actionable results. It requires understanding an AI tool’s architecture well enough to know its limits — which jurisdictions it covers with depth, where it draws from primary sources, how it handles genuinely novel regulatory questions without established precedent.
These are learnable skills. But they take time and genuine engagement with tools built for the domain, rather than generic AI systems aimed loosely at legal or compliance data. Professionals building this fluency now will hold a structural advantage over peers within two to three years — fewer missed risks, faster regulatory responses, more defensible decision trails, and a demonstrably higher ceiling on the complexity of work they can handle.
Not all AI tools are appropriate for professional compliance work, and that distinction carries more weight than most technology procurement decisions. Generic large language models offer breadth but lack the jurisdictional depth, source attribution standards, and auditability that compliance workflows require. A tool that summarises regulatory content from the open web without identifying its sources creates more risk than it resolves. In a regulated environment, every AI-assisted conclusion must be traceable. The standard for a professional compliance tool means retrieving from primary regulatory sources, identifying the specific regulatory instrument or enforcement decision underpinning each output, maintaining curated and current data rather than scraped and static content, and meeting institutional security standards for data handling, privacy, and auditability.
The compliance officers using AI most effectively today are not treating it as a search engine or drafting assistant. They are using it as a thinking partner, interrogated with the rigour of a senior practitioner. They use it to stress-test reasoning before a position reaches the risk committee. To surface regulatory counterarguments not yet considered. To map what leading regulators in comparable jurisdictions have decided on analogous questions. To identify where genuine uncertainty remains versus where regulatory intent is settled. To conduct gap assessments against updated frameworks in a fraction of the time a manual review would require, then apply their judgment to the gaps the tool surfaces.
In each case, the AI is not making the compliance decision. The compliance professional is — equipped with a depth and breadth of regulatory context that would previously have required a team of analysts and several working days to assemble. The quality of the decision improves. The confidence with which it can be documented and defended improves. The speed of regulatory response improves.
The question is not whether this future is coming. It is already here. The question is who is building the capability to operate in it.
Read the full Sherlocq post here.
Copyright © 2026 RegTech Analyst
Copyright © 2018 RegTech Analyst
