The banking sector is facing growing challenges around managing overwhelming volumes of alerts in both security operations centres (SOCs) and financial crime compliance (FCC) departments.
According to Workfusion, these alerts, which flag potential cyber threats and signs of money laundering or sanctions breaches, share one thing in common: they are time-consuming and often inefficient to resolve. Increasingly, CIOs are turning to agentic AI to not only streamline these operations but to transform them into efficient, scalable processes.
For nearly 30 years, FCC teams have relied on transaction monitoring systems to detect suspicious activity, including potential laundering schemes, PEPs, and sanctions violations. However, with larger banks receiving thousands of alerts daily, these systems often produce more noise than actionable insight. Analysts at the first level of review, known as L1, can rarely keep up, allowing only a fraction of meaningful alerts to be thoroughly examined. Security teams report a parallel issue. CISOs overseeing SOCs see similar overload from SIEM tools, which generate alerts on potential cyber intrusions, policy violations, and anomalies.
Before the advent of AI Agents, banks attempted to solve the alert burden in different ways. FCC teams increased headcount or relied on outsourced support during high-risk periods, such as the post-2022 sanctions surge linked to the Ukraine conflict. In contrast, SOC teams invested in SOAR tools, designed to triage alerts automatically. Despite these efforts, neither solution delivered consistently reliable or scalable results. This led to persistent problems—alert fatigue, low morale, missed threats hidden in false positives, and ever-increasing costs to stay compliant and secure.
These costs are not trivial. In 2024, global banking expenditure on transaction monitoring alone was estimated at $18bn, with forecasts suggesting it could exceed $50bn by 2032. At the same time, the SIEM and SOAR market is on track to quadruple from $5.5bn to nearly $20bn by 2030. These figures underline a pressing need for technologies that deliver true return on investment.
The problem lies in the limited role of current AI implementations. While many existing systems offer large language model (LLM) or generative AI features to enhance screening or generate narrative reports, they stop short of making decisions. True AI Agents go further. They carry out the same end-to-end processes as skilled human analysts—reviewing, contextualising, decisioning, documenting, and escalating alerts where needed.
These AI Agents are already in action. For example, WorkFusion’s AI Agent “Evan” supports adverse media monitoring by working alongside existing systems to sort through articles and identify those indicating potential risk. Evan can investigate an individual or organisation with limited input, drawing on prior industry knowledge. He ranks sources for relevance and provides justifications for each decision, all in a format ready for audit or handover to human analysts when escalation is required.
Crucially, AI Agents do not replace existing FCC or SOC systems—they enhance them. By absorbing the bulk of low-value alerts and surfacing the few that matter, they unlock capacity and efficiency for banks navigating an increasingly complex threat landscape.
Keep up with all the latest RegTech news here
Copyright © 2025 RegTech Analyst
Copyright © 2018 RegTech Analyst
