GS interviews Fenergo's Niall Twomey

As financial institutions grapple with increasing regulatory complexity and a shortage of compliance talent, the role of AI in transforming compliance operations has never been more critical. In this exclusive Q&A, The Green Sheet checks in with Niall Twomey, chief technology officer at Fenergo, about how AI and automation are reshaping compliance frameworks—from bridging the talent gap and accelerating onboarding to enabling proactive risk management and ensuring regulatory alignment.

1. Compliance teams are under increasing pressure due to evolving regulations and a shortage of skilled professionals. How can AI and automation help bridge this talent gap, and what immediate impact can financial institutions expect?

Financial institutions face growing pressures due to increasingly complex regulations and a significant shortage of compliance talent, impacting areas such as financial crime prevention and customer onboarding.

The use of AI and automation addresses these pressures by handling repetitive and manual-intensive tasks, such as document processing, data gathering and preliminary risk assessments. This approach empowers compliance professionals by freeing their capacity for higher-value tasks, including complex investigations and strategic risk management. Additionally, AI-driven solutions can swiftly adapt to evolving regulatory requirements, improving institutional responsiveness.

Immediate impacts include greater operational efficiency, reduced false positives in anti-money laundering (AML) processes, and an improved customer experience through faster onboarding cycles. However, institutions should understand that an effective AI implementation depends on strong data governance, modernized infrastructure and robust internal processes, underscoring that successful integration is a strategic, phased journey rather than a quick fix.

2. Agentic AI is emerging as a key player in compliance operations. Can you explain how this technology differs from traditional automation and what advantages it brings to KYC, AML, and CLM processes?

Traditional automation typically involves rigid workflows and predetermined rules, ideal for repetitive tasks but lacking adaptability when facing regulatory or operational shifts. In contrast, agentic AI represents a significant evolution. These intelligent agents can interpret new information, adjust actions accordingly, and perform complex, context-aware decision-making tasks to ultimately support compliance teams to do more with less

Agentic AI goes beyond simply automating workflows; it serves in an advisory capacity, enhancing human expertise rather than replacing it. Human oversight remains integral, ensuring the accuracy, transparency and accountability necessary in regulated financial environments.

In the context of know your customer (KYC), AML, and client lifecycle management (CLM), agentic AI offers advantages by proactively managing global regulatory changes, significantly enhancing real-time anomaly detection and reducing compliance-related risks. For example, agentic AI can swiftly detect suspicious transactional patterns, enabling financial institutions to address potential financial crimes proactively and avoid regulatory penalties. This reinforces institutional resilience.

3. Before financial institutions can successfully implement AI-driven compliance solutions, what foundational elements - such as data management and legacy system upgrades - must they address to maximize the benefits of these technologies?

Effective deployment of AI-driven compliance solutions depends on establishing robust foundational elements. There are a handful of considerations that financial institutions must prioritize, including:

• Data management: High-quality data fuels successful AI outcomes, as the phrase goes "garbage in, garbage out." Data must be accurate, comprehensive, organized, accessible, and properly integrated. Institutions need to break down the data silos that often impede efficiency. To ensure proper data management, financial institutions should rigorously cleanse, standardize, and continuously update their data. Not only does this support fueling AI with correct information for accurate results, but in organizing data and ensuring it is properly stored it helps in detecting any errors and addressing AI bias down the road.

• Legacy system modernization: Many institutions struggle with outdated systems incapable of integrating effectively with AI technologies. Modernization is essential to creating seamless interoperability. A strategic roadmap for legacy system enhancement or replacement is critical for operational agility and ongoing compliance effectiveness.

• AI governance and transparency: Transparency and explainability of AI models are non-negotiable in regulated environments. Institutions must move beyond opaque "black box" models, ensuring AI outputs remain auditable, explainable and transparent. A clearly defined governance framework is vital to demonstrate accountability and secure regulatory acceptance.

AI adoption should not be taken in haste, rather it should be implemented in a phased, transparent approach for a smooth integration and long-term compliance success. Once institutions align on the items above, it is recommended that they initially employ advisory co-pilot models as a means for institutions to dip their toes into AI and to familiarize team members with the collaborative aspects of this technology.

Additionally, institutions should take a proactive approach and actively collaborate with regulators to address potential risks and to align with regulatory expectations.

4. Global regulators are paying close attention to AI adoption in compliance. What key regulatory concerns should financial institutions be mindful of when integrating AI and automation into their compliance frameworks?

Regulators globally are increasingly vigilant about AI usage in financial services, closely monitoring how financial institutions integrate these technologies into compliance frameworks. However, the regulatory environment can be tricky as regulatory requirements differ significantly across jurisdictions. For instance, the EU's AI Act provides structured guidance emphasizing transparency, explainability and ethical considerations. In contrast, formal U.S. federal AI legislation remains anticipated but not yet defined.

Recognizing the rapid evolution of AI, several U.S. states, including California, Utah and others, have proactively enacted their own legislation focused on transparency, data privacy and algorithmic accountability. With this in mind, institutions should constantly be monitoring and considering the regulatory landscape and adhering to the rule(s) currently set in place. This helps future-proof operations and simplifies cross-border compliance.

Additionally, managing risks related to bias, fairness and cybersecurity is paramount. Institutions must adopt continuous monitoring, robust validation procedures and regular security enhancements to identify and mitigate unintended biases and safeguard sensitive client information from cyber threats.

Equally important is addressing data privacy concerns, as regulators are particularly attentive to how institutions handle personal and sensitive data within AI systems. This is why data governance frameworks that clearly define data handling protocols and ensure compliance with privacy regulations such as GDPR and CCPA are paramount for implementing rigorous data protection practices.

Comprehensive reporting remains essential to meeting regulatory expectations. Institutions should establish transparent reporting processes that clearly communicate AI system performance, data governance practices, risk management strategies and compliance outcomes. Such reporting not only aids regulatory compliance, but also fosters trust with regulators, customers and stakeholders by demonstrating a commitment to ethical AI use and accountability.

5. Beyond short-term efficiency gains, how can AI-driven solutions help financial institutions build a more resilient and proactive compliance strategy in the long run?

AI-driven compliance solutions fundamentally enable financial institutions to shift from reactive to proactive compliance operations, supporting long-term resilience.

AI technology provides agility and scalability to efficiently handle quickly evolving and complex regulatory landscapes, enabling compliance teams to adapt as regulatory volumes grow. AI-driven predictive analytics also proactively helps identify emerging compliance risks and anomalies in real-time, significantly strengthening AML, fraud detection and financial crime prevention capabilities.

Lastly, AI solutions are meant to empower compliance professionals with actionable insights, helping institutions strategically prioritize resources and expertise toward higher-risk areas, thereby optimizing compliance effectiveness.

Most critically, AI should empower - not replace - compliance teams. This approach equips professionals with powerful insights, supports strategic decision-making, and enhances overall institutional risk resilience, fostering proactive compliance strategies that anticipate rather than react.

6. While AI can enhance compliance, it also introduces new risks. How should financial institutions approach risk management when deploying AI-powered compliance solutions to ensure both effectiveness and regulatory alignment?

No technology is without risks, and AI-powered compliance solutions are no exception. Financial institutions must adopt robust risk management practices to address risks around mitigating biases, managing data privacy, ensuring cybersecurity, and staying responsive to evolving AI regulations. Institutions should prioritize transparency, explainability, and auditability in AI-generated decisions.

Clear documentation practices are crucial to meet regulatory scrutiny, facilitate internal understanding and ensure accountability. Additionally, financial institutions must proactively monitor and manage potential biases in AI systems to prevent discriminatory outcomes. Adopting responsible AI practices, such as regular bias assessments, third-party validation and comprehensive internal oversight, helps preserve fairness and equity in decision-making processes.

To address data privacy and cybersecurity concerns, as part of data governance plans, firms should look to have data classification and security controls in place, as well as encryption. Furthermore, organizations will need regular security audits to detect any weak points as well as a response plan in place in the event of any emergencies.

To ensure these protocols are in place, it is important to realize that leveraging AI-driven solutions for compliance is a strategic journey – balancing innovation with rigorous risk management, transparent governance and phased integration. By proactively addressing risks and embracing international standards, financial institutions can position themselves not merely for compliance but for sustainable competitive leadership in an increasingly AI-driven industry.

Whether you want to upgrade your POS offerings, find a payment gateway partner, bone up on fintech regs or PCI requirements, find an upcoming trade show, read about faster payments, or discover the latest innovations in merchant acquiring, The Green Sheet is the resource for you. Since 1983, we've helped empower and connect payments professionals, starting with the merchant level salespeople who bring tailored payment acceptance and digital commerce tools, along with a host of other business services to merchants across the globe. The Green Sheet Inc. is also a proud affiliate of Bankcard Life, a premier community that provides industry-leading training and resources for payment professionals.

Notice to readers: These are archived articles. Contact information, links and other details may be out of date. We regret any inconvenience.