Sherlocq, an AI-native regulatory intelligence platform built for the global financial services industry, has officially launched to the public, marking what it describes as the emergence of a new enterprise AI category.
The platform is designed to serve compliance officers, lawyers, risk professionals, and regulators, offering regulatory intelligence that is sourced, traceable, and built for institutional scale. At launch, Sherlocq covers regulatory output from governments, supervisory authorities, and enforcement bodies across more than 30 jurisdictions, including the US, UK, UAE, Singapore, and Hong Kong.
The platform launches with three core capabilities. The first is regulatory research and analysis, covering multi-jurisdiction research, cross-border comparison, compliance framework analysis, and obligation mapping across major regulated financial centres.
The second is document intelligence, offering structured review, gap assessment, benchmarking, and policy analysis against applicable regulatory standards. The third is sanctions intelligence, providing real-time, multi-regime research across OFAC, OFSI, the EU, the UAE, and more than 320 data sources in a single query, with full source traceability.
Financial institutions, law firms, regulators, and consultants collectively spend more than $300bn annually on regulatory compliance, with over ten million professionals managing that complexity on a daily basis. Sherlocq positions itself as a solution to tools that, until now, have provided monitoring without interpretation, alerts without answers, and search without synthesis.
Sherlocq is available on web, iOS, and Android for both individual professionals and enterprise organisations. AI connectors are live for Claude and ChatGPT, with Microsoft Copilot and Google Gemini integrations to follow.
The company was built to meet the security, privacy, and domain standards required by regulated institutions — standards it says no general-purpose AI platform has been designed to deliver. It differentiates itself from generic AI assistants, conventional RegTech monitoring tools, and document management platforms.
In the view of Bhavin Shah, founder and CEO of Sherlocq, Sherlocq was built from a single, non-negotiable starting point: compliance professionals cannot rely on outputs they cannot verify, and every design decision follows from that principle.
Shah remarked, “The platform is built on retrieval-augmented generation, a technical architecture that grounds every response in primary regulatory sources before a single word is generated. That means laws, guidance notes, enforcement actions, supervisory letters, and consultation papers from official sources across 30+ jurisdictions. No unattributed AI output. Every answer carries full citations so the professional can interrogate the source directly.”
The second principle as Shah stated was domain specificity. He stated that generic AI tools were not designed for the compliance domain, where hallucinated regulatory interpretation is not an inconvenience but a liability risk. “Sherlocq’s retrieval layer, knowledge graph, and prompt architecture are built exclusively for financial regulation. That specificity is what separates intelligence from search,” he said.
The third and final principle was institutional readiness from the start. “ISO 27001 and ISO 27701 certification, configurable data residency, privacy-aware architecture, and audit-trail outputs are not post-launch additions. They were prerequisites,” Shah remarked succinctly. If a platform cannot pass a regulated institution’s security and privacy review, the Sherlocq founder commented, it will never be deployed at the scale where it can actually change how compliance teams work.
For Shah, the distinction between “intelligence and search results” sits at the heart of what Sherlocq is designed to solve. Rather than functioning as a conventional search engine, the platform continuously ingests regulatory content from official sources across every covered jurisdiction, enriching each document with metadata tied to jurisdiction, publication date, document type, and regulatory theme.
Underpinning the system is what Shah describes as “a proprietary knowledge graph” layered above the platform’s vector search capabilities, enabling Sherlocq to map relationships between regulatory obligations, enforcement actions, and legal provisions across jurisdictions. The result is a platform capable of handling “complex, multi-step, cross-border queries rather than returning a list of links.”
When a query is submitted, Sherlocq combines dense vector search, keyword matching, and metadata filtering before re-ranking results for relevance and diversity. The model is then instructed to cite sources, avoid speculation, and identify areas where guidance may remain open to interpretation.
“The result is a jurisdictionally precise, source-attributed answer that a compliance professional can place in front of a board or regulator with confidence,” Shah said.
To illustrate the point, he described a scenario in which a compliance officer at an international wealth manager asks Sherlocq to compare retail investor suitability and disclosure obligations across the US, UK, and Singapore.
The platform simultaneously retrieves and synthesises requirements from SEC Regulation Best Interest, the FCA’s Consumer Duty, and MAS Notice FAA-N16, presenting the obligations side-by-side with full source attribution. According to Shah, work that would traditionally require “days of manual research across three regulatory websites” can instead be delivered “in minutes” through a structured, actionable output.
Shah and the Sherlocq story
Shah said, “I have spent my career sitting across the table from regulators, leading investigations at the highest levels, and advising institutions in the most consequential moments of their existence. In every one of those engagements, the same problem recurred: brilliant professionals, at world-class institutions, spending most of their time on research and cross-referencing that should have been automated years ago.
“Not because the technology did not exist. Because no one had built it with the rigour, the domain depth, and the institutional trust that this work demands. That is what we built. Sherlocq is not a general AI tool adapted for compliance. It is the intelligence infrastructure that this industry has always needed and never had.”
Shah spent more than 25 years advising banks, regulators, governments, and law firms on some of the world’s most complex financial crime and regulatory challenges. Having held senior roles at Deloitte, PwC, EY, and Roland Berger, he worked on major AML reforms, regulatory investigations, governance crises, and high-stakes compliance matters across multiple jurisdictions.
That experience became the foundation of Sherlocq, which was built to solve a long-standing industry problem: the lack of a reliable platform capable of bringing together complex global regulatory obligations quickly, accurately, and in a form trusted by boards, courts, and regulators.
Precision, traceability, auditability
Three of the central themes in the launch are precision, traceability and auditability. Shah was quizzed on how those capabilities embedded into the platform from the beginning.
“They were not retrofitted. The architecture was designed around them,” Shah started. “Precision is delivered through jurisdiction-specific tagging throughout the knowledge base. A question about SEC disclosure obligations returns SEC disclosure obligations. A question about FCA Consumer Duty requirements returns FCA Consumer Duty requirements, not a blended answer drawn across regimes.”
Traceability is enforced through citation at source level. Every response identifies the primary regulatory document from which each conclusion is drawn. As the Sherlocq CEO explained, the professional sees not just the answer but the authority behind it.
In addition, auditability is built into the platform’s data handling and output structure and outputs are structured to support governance workflows and can be retained by the institution within its own environment.
“The platform’s configurable data residency and privacy-aware architecture are designed to meet the sovereignty and confidentiality requirements of regulated institutions, not merely their preferences,” said Shah. The knowledge graph architecture, which maps relationships between regulatory provisions, is designed to be defensible under audit.
Shah said, “Sherlocq is not asking institutions to trust AI blindly. It is designed so that human professionals can verify every output and exercise their own judgement. The AI handles research volume; the human remains accountable for the advice.”
The evolution of Sherlocq
Looking ahead, Shah believes three capabilities will define Sherlocq’s long-term impact on compliance and legal teams.
The first is workflow embedding, where the platform evolves from a research tool into a system for continuous regulatory intelligence. “A compliance officer should know, in real time, when a rule material to their institution has changed, before a client, a regulator, or an enforcement action tells them,” Shah said, describing a future in which monitoring global regulatory change becomes automated rather than reactive.
The second is large-scale gap assessment. Through Sherlocq’s Analyse module, institutions can benchmark internal policies and control frameworks against regulatory standards across multiple jurisdictions, dramatically reducing the time traditionally required for cross-border compliance reviews. Shah pointed to expansion programmes that would previously have demanded “weeks of senior advisory time” being “structured and evidenced within hours.”
The third is on-premises deployment, targeted for Q4 2026, which Shah sees as critical for regulators, central banks, and Tier-1 financial institutions operating under strict data residency requirements. “The intelligence that currently serves individual compliance professionals can serve supervisory and institutional functions at the highest level,” he concluded.
By Daniel Willis, Editor of RegTech Analyst
Copyright © 2026 RegTech Analyst
Copyright © 2018 RegTech Analyst
