
The AI shift in due diligence and compliance
Due diligence and compliance have long been slow, paper-heavy, and reactive, surfacing risks only after key business decisions. That paradigm is shifting. As well as automating tasks, AI is transforming how risk is assessed, decisions are made, and compliance teams operate.
AI is lowering due diligence thresholds, shifting risk assessments to the start of business processes, and helping companies answer a more fundamental question: not just ‘can we?’ but ‘should we?’ But this transformation is not universal. The right AI strategy determines whether compliance hinders growth or drives it.
Three forces reshaping risk management
From compliance to strategy
Risk management has moved from a regulatory requirement to a business priority. Companies operate in data-rich environments with increasingly complex frameworks like anti-money laundering (AML) and anti-bribery and corruption (ABC). AI-powered automation processes vast amounts of data with speed and accuracy, ensuring risks are identified early.
Regulatory complexity
Rules governing ABC, environmental, social and governance (ESG) standards, trade compliance, and AI ethics continue to evolve. Some shifts disrupt entire industries, while others introduce incremental but critical compliance requirements. AI helps firms track legal updates in real time, keeping policies aligned with emerging regulations.
Beyond financial crime
Companies are expanding their risk lens to include ethical, environmental, and social factors. Investors, regulators, and consumers are scrutinising corporate accountability more than ever. AI’s ability to analyse large datasets, including media reports and regulatory filings, enables firms to assess reputational risks with greater precision and agility.
Dynamic due diligence, not a one-time check
Traditional due diligence is static, offering a snapshot in time rather than an ongoing view of risk. Yet our clients report that the greatest risks, and regulatory fines, arise from ongoing relationships, not just onboarding. Risks evolve, and due diligence must be dynamic and interactive, not a one-off exercise.
This is why dynamic due diligence is becoming a key priority. It consists of two core elements:
Real-time, interactive insights
Standard due diligence relies on static databases that are manually updated and traditional reports that take days to produce, following a fixed template. In contrast, AI-powered solutions such as Xapien deliver live, real-time data. Reports are interactive, allowing users to ask follow-up questions and interrogate the findings. If an initial report highlights a potential issue, such as a questionable business relationship, it is possible to instantly dig deeper, rather than commissioning a new report.
Additionally, reports can be customised, with users able to build their own sections. For instance, if a report flags X’s connection to Y, this insight can be expanded into a dedicated section, refining the analysis in real time.
Ongoing monitoring and alerts
Due diligence needs to extend beyond the moment of onboarding. Xapien is currently testing a monitoring functionality, with a fully customisable system expected later this year. It will allow organisations to track risks dynamically, receiving alerts when new information emerges about a subject. Whether it’s a sanction update, regulatory action, or a reputational red flag, companies will no longer be caught off guard by developments that could impact their operations.
Lowering due diligence thresholds
Traditionally, due diligence focused on high-risk entities, often based on financial thresholds, scrutinising accounts over £250,000 while ignoring smaller transactions. AI makes it possible to lower thresholds to £25,000 or less, uncovering hidden risks and reducing exposure to financial, legal, and reputational harm.
More significantly, AI enables earlier risk detection. Due diligence often happens late, after deals are already in motion, creating unnecessary risk.
A fintech company we work with previously had one MLRO handling compliance. Due diligence reports took a full day, a delay that was unsustainable for a growing business. By integrating AI, the company moved due diligence to the start of the process. Instead of sales teams finding partners only for compliance to reject them later, compliance could now screen prospects upfront.
This shifted the dynamic. Rather than saying “no” at the end, compliance guided effort in the right direction from the start, allowing the company to scale significantly faster.
Beyond checklists, toward insight
Many financial institutions conduct KYC checks but gain little real insight into their clients. At the end of the process, they have fulfilled regulatory requirements yet remain uninformed about customer backgrounds, risks, and opportunities.
AI changes this by aggregating external data sources, providing deeper visibility into client profiles. In private banking, for example, AI-powered analysis helps banks assess risk more accurately while enabling relationship managers to better serve clients. This mitigates risk while strengthening customer relationships and creates new business opportunities.
From client onboarding to client selection
Compliance teams are increasingly assessing third parties not just for AML or ABC risks but also for reputational concerns. Law firms using AI for due diligence have shifted their focus from “client onboarding” to “client selection.”
The assumption is no longer that a firm will work with every potential client. Ethical considerations, reputational risks, and strategic alignment now shape decisions. No database can answer a “should we” question, but AI makes deep due diligence possible at scale, reducing analysis time from days to minutes.
AI’s limitations in back-office operations
Despite its promise, AI in compliance’s effectiveness depends on specificity and calibration. Generic models struggle with industry complexities for several reasons:
Entity resolution and misidentification
Searching for "Chris Green" could yield hundreds of unrelated results. AI must reconcile records across sanctions lists, corporate filings, media, and legal documents while handling transliterations and multilingual variations. Errors increase regulatory and operational risk.
Inconsistent AI responses
Large language models (LLMs) vary based on phrasing. “Has Roman Abramovich been sanctioned?” may return a yes or no answer, while “Tell me about sanctions targeting Roman Abramovich” could generate a more nuanced response. In regulatory contexts, this variability is a challenge.
AI fabrications and reliability risks
AI-generated “hallucinations,” where models present false information as fact, remain a serious concern. An AI model might infer that an oligarch “loves swimming” from a mention of a pool construction. Inaccuracies undermine trust, making validation and oversight essential.
The limits of automation
AI can process vast datasets but lacks human judgment. Risk assessment requires contextual interpretation, which AI alone cannot provide. The challenge is designing AI to enhance, not replace, human expertise, balancing automation with informed decision-making.
The future of AI in compliance
AI is changing how businesses assess risk. Traditional processes were slow and reactive, often missing critical risks. Now, AI enables earlier, deeper, and more strategic risk management.
However, AI must be specific and tailored to its use case. Generic models struggle with the nuances of compliance, risk, and regulatory oversight. The effectiveness of AI depends on how well it is calibrated to industry-specific challenges, regulatory environments, and the evolving nature of risk.
As businesses adapt to regulatory complexity and shifting risk landscapes, AI will be a competitive differentiator. The companies that use it well, deploying targeted, domain-specific AI solutions, will not just stay compliant, but will make better decisions and move faster than their competitors.
For more startup news, check out the other articles on the website, and subscribe to the magazine for free. Listen to The Cereal Entrepreneur podcast for more interviews with entrepreneurs and big-hitters in the startup ecosystem.