Compliance In the Age of AI
Peter Kinahan, of Intuition, warns of the importance of strengthening compliance with the implementation of Ai in your business.
OPINION PIECE
Peter Kinahan, Senior Adviser to Intuition , World Leading Strategic Learning Partner,
7/13/20263 min read


AI has by now demonstrated its ability to generate major efficiencies across many functions. It might therefore be thought that this would apply equally to the compliance department: that AI’s capabilities might erase existing compliance shortcomings. The reality is more complex.
Because generative AI systems can rapidly answer questions, summarise documents and generate content, it is a short step to believing that the technology itself reduces the need for carefully maintained compliance knowledge and documentation.
In practice, the reverse is true. AI systems are highly dependent on the quality, governance and reliability of the information they consume. Weak compliance content does not disappear in an AI-enabled environment. Instead, it becomes amplified at scale.
AI compounds poor compliance content
Compliance functions no longer operate in isolated human-controlled environments. In banking and financial services generally, AI systems are participating in activities such as transaction monitoring, customer communication support, policy interpretation, fraud detection, surveillance and workflow management (the same principles apply across other verticals.). As AI becomes embedded within control environments, the reliability of the underlying compliance information becomes critical, both for commercial and regulatory reasons.
An AI model trained on incomplete, outdated or contradictory compliance content will more than likely generate inaccurate guidance, flawed customer communications or unreliable risk assessments. To compound that, these problems may not always be immediately apparent to users. AI systems can generate outputs that appear authoritative even when the underlying source material is weak.
Personal accountability in AI-powered compliance
One of the clear trends in compliance is personal accountability of management. Regulators are clear that the increased role of AI in compliance in no way exonerates management from their responsibility for outcomes, even when AI-based tools are involved in decision-making or operational processes.
Regulated firms must maintain robust governance over AI systems, including testing, monitoring, documentation, bias assessment and data quality controls. Supervisors also distinguish ex-ante and ex-post controls. Ex-ante controls involve ensuring that information supplied to AI systems is accurate, current and appropriate before the system uses it. Ex-post controls involve monitoring outputs after deployment to identify errors, inconsistencies or unintended consequences.
The implications are clear: a bank cannot realistically govern AI safely if its underlying compliance documentation is fragmented, inconsistently versioned or poorly maintained. If policies conflict with each other, contain outdated regulatory interpretations or lack clear ownership, AI systems may reproduce those weaknesses across the organisation.
Conversely, if the bank has a trusted content layer with clear ownership, effective-date discipline, source traceability, control linkage, audience tagging and retirement of superseded material, AI can become a safe multiplier of good compliance practice.
AI and compliance content-governance
Regulatory consensus has arrived at certain minimum content-governance standards for AI-enabled compliance and these should exhibit the following properties:
Authoritative source control: every policy, standard, procedure, quick guide and training object has a named owner, approval status, effective date, review date and jurisdiction or business applicability.
Structured metadata: content is tagged to obligations, risks, controls, target audiences, products, legal entities, countries, and source regulations so it can be searched, filtered and retired cleanly.
Source traceability and provenance: each AI-usable content object can be traced back to its regulatory or policy source, with superseded versions preserved but withdrawn from active retrieval.
Controlled retrieval: high-risk AI use cases should be retrieval-based from approved corpora, not free-form model memory, with answer citations, confidence thresholds and escalation rules.
Pre- and post-deployment assurance: before release, test accuracy, bias, failure modes and data quality; after release, monitor error rates, overrides, complaints, usage patterns and silent failure.
Human accountability: management retains responsibility, named functions own outputs, and sensitive decisions or customer-facing advice receive human review or approval where risk warrants it.
Content provenance is key in AI compliance
Content provenance is therefore integral AI governance. In practical banking terms, this means firms increasingly need to know precisely which policies, procedures or regulatory interpretations an AI system is using when generating outputs.
Where AI systems are used to answer compliance questions, support frontline employees or draft customer communications, the underlying content must be trusted, otherwise the AI system itself cannot be trusted. The technology does not eliminate the need for disciplined compliance knowledge management. Instead, it makes that discipline far more important.
In the past, policies and procedures were often treated as documents stored for regulatory purposes. In an AI-enabled environment, they increasingly become machine-consumable knowledge assets directly influencing operational decisions, customer interactions and risk management processes.
Ultimately, AI changes the role of compliance content from static reference material into operational infrastructure.
Peter’s profile
linkedin.com/in/peter-kinahan-04a8b06
ME HR & Learning is THE leading online news and information platform for HR and L&D professionals in the Middle East.


© Copyright 2026 ME HR & Learning
The Platform
Learning & Resources
Professional Network
Location
Sharjah Media City, SHAMS, UAE
