AI Virtual Assistants That Assist with Compliance

Over the past 2.5 years of building Zocks, I’ve talked to many Chief Compliance Officers at large financial firms about how to ensure compliance when using AI. Here are 4 areas I always recommend they cover: 1) Consent Since AI analyzes a lot of data and conversations, I tell them to make sure FAs get consent from their clients. They can get consent in multiple ways: - Pre-meeting email -Have the advisor specifically ask during the meeting (Zocks detects and reports on this automatically) - Include it in the paperwork The key is notifying and getting clear consent that the firm will use AI systems. 2) Output review by FAs AI systems in financial planning are designed to aid advisors – not automate everything. FAs are still responsible for reviewing AI outputs, ensuring that the system only captures necessary data, and checking it before entering it into books and records. That’s why I always emphasize the workflow we developed for Zocks: it ensures advisors review outputs before they’re finalized. 3) Supervising & archiving policy Frankly, FINRA and SEC regulations around AI are a bit vague and open to interpretation. We expect many changes ahead, especially around supervision, archiving, and privacy. What do you consider books and records and is that clear? Firms need a clear, documented policy on supervising and archiving. Their AI system must be flexible enough to adapt as the policy changes, or they’ll need to overhaul it. Spot checks or supervision through the system itself should be part of this policy to ensure compliance. 4) Recommendations Some AI systems offer recommendations. Zocks doesn’t. In fact, I tell Chief Compliance Officers to be cautious around recommendations. Why? They need to understand the data points driving the recommendation, ensure FAs agree with it, and not assume it's always correct. Zocks factually reports instead of recommending, which I think is safer from a compliance perspective. Final thoughts: If you: - Get consent - Ensure FAs review outputs - Establish a supervising and archiving, or books and records  policy - Watch out for recommendations It will help you a lot with compliance. And when disputes arise, you’ll have the data to defend yourself, your firm, and your advisors. Any thoughts?

Today we’re presenting the findings from our clients using AI agents, in production for 3 months. We can cut customer wait times stuck in a KYC/sanctions queue from 20 days to 2 minutes. This is a huge unlock for anyone onboarding customers. “Compliance Officer” is the 5th fastest growing occupation in the United States! Major banks average 307 employees just for KYC alone, yet can't hire more compliance officers fast enough. More than headcount, this costs customers and revenue. We deployed AI agents in production environments at multiple financial institutions for 3+ months and show AI Agents can meaningfully improve KPIs: - For one FI, the daily backlog was 14 hours and they couldn't keep up with it.  - So the backlog kept growing  - As did the average customer wait time stuck in a queue, to 20 days. Using Agentic AI, we were able to  - Automate majority (95%) of the cases and  - bring down daily backlog to 41 minutes (from 14 hours).  - Most importantly, avg customer wait time went down drastically to 2 minutes. Perhaps the most counterintuitive finding. Agentic AI when trained and deployed according to our framework, can be more accurate than humans. We found AI agents follow operating procedures in 100% of cases vs <95% for humans. Humans never follow SOP to the minute details and with rote work, they are more error prone. FI's rightly worry, what about hallucination? What about data privacy? Will the regulator allow it These live, production data points are all within existing regulatory frameworks (SR 11-7 compliant). Our Agentic Oversight Framework maintains complete human accountability while delivering: - Alignment to Standard Operating Procedures (SoPs) - A full audit trail of every data element accessed - A full, explained decision rationale, reviewed before every case is progressed - Continuous learning from expert reviewers - Automated drift detection and safeguards The white paper is a playbook for how financial institutions can safely implement agentic AI while fully complying with regulatory requirements. Real results. Real institutions. Real transformation. You might ask: what is AI about all of this and how's it different from ML and rules based systems. In short, rules systems are rigid but Agentic AI can adapt. All those details in the white paper:

After a year building AI for video editors, Chris and I realized we were solving the wrong problem. Three months in pivot hell led us to a $30B inefficiency hiding in plain sight: compliance analysts can't keep up with modern financial crime. Chris, as the first employee & Head of Engineering at RelyComply, saw it firsthand: Doesn’t matter how good the software is – humans are still the bottleneck. Analysts drowning in alerts, manually reviewing cases, stuck in workflows that don’t scale. And truth is 3 years ago, this problem was unsolvable. Today, it's not. That's why we built Sphinx - AI agents that work just like compliance analysts, automating the manual tasks that slow everything down. Here’s what that changes: 1/ Compliance costs drop – significantly. 2/ Decisions happen in minutes, not days. 3/ Analysts focus on high-risk cases instead of sifting through noise. 4/ Back-office workflows run without human bottlenecks. Most people see compliance as dead weight, but it’s critical – stopping money laundering, fraud, and financial crime. Today, the rise of AI-driven fraud is exponentially increasing compliance needs. Throwing more bodies at the problem isn't viable anymore - the scale, speed, and complexity of modern financial crime demand an AI-first approach. We’re not building another compliance tool. We’re solving the inefficiency that’s been holding back innovation in financial services. If you want to see our agents in action, I’m one DM away. -- fun fact: Chris and I met at a BBQ in Cape Town (well, a 𝒃𝒓𝒂𝒂𝒊 – because if I don’t call it that, I’ll never hear the end of it ¯\(ツ)/¯).

Agentic AI can save companies 1000+ hours preparing for and maintaining compliance programs across frameworks like SOC 2, ISO 27001, PCI, etc. Here’s a behind-the-scenes look at how we’re building in public. 𝗣𝗿𝗼𝗯𝗹𝗲𝗺: 𝗔𝘂𝗱𝗶𝘁 𝗣𝗿𝗲𝗽 GRC teams spend hundreds (sometimes thousands) of hours chasing evidence, validating controls, managing findings, and reporting status. It’s a fragmented process: → Evidence owners don’t know what to upload → Analysts manually review every file → Findings get buried in spreadsheets → Executives ask for status updates that take days to compile The process is inefficient and it’s risky. Gaps get missed. Deadlines slip. Teams burn out. 𝗦𝗼𝗹𝘂𝘁𝗶𝗼𝗻: 𝗔𝗴𝗲𝗻𝘁𝗶𝗰 𝗔𝗜 We’re building a suite of agents that work together to automate the most painful parts of compliance: → 𝗘𝘃𝗶𝗱𝗲𝗻𝗰𝗲 𝗚𝗮𝘁𝗵𝗲𝗿𝗶𝗻𝗴 𝗔𝗴𝗲𝗻𝘁 Slack-integrated assistant that answers “what do I need to upload?” and references prior submissions and validates evidence before analyst review. → 𝗖𝗼𝗻𝘁𝗿𝗼𝗹 𝗧𝗲𝘀𝘁𝗶𝗻𝗴 𝗔𝗴𝗲𝗻𝘁 Reviews evidence against control requirements and flags gaps and auto-identifies findings. → 𝗙𝗶𝗻𝗱𝗶𝗻𝗴𝘀 𝗠𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁 𝗔𝗴𝗲𝗻𝘁 Turns findings into risks and remediation tasks and links everything back to controls for traceability. → 𝗣𝗿𝗼𝗴𝗿𝗮𝗺 𝗦𝘁𝗮𝘁𝘂𝘀 𝗥𝗲𝗽𝗼𝗿𝘁𝗶𝗻𝗴 𝗔𝗴𝗲𝗻𝘁 Aggregates data across controls, risks, and tasks and generates executive-ready summaries with narrative and metrics. 𝗢𝘂𝘁𝗰𝗼𝗺𝗲: 𝟭𝟬𝟬𝟬+ 𝗵𝗼𝘂𝗿𝘀 𝘀𝗮𝘃𝗲𝗱 We estimate these agents will save GRC teams over 1000 hours annually. That’s time they can spend on strategy, not spreadsheets. It also means faster audits, fewer gaps, and better visibility for leadership. 𝗪𝗔𝗡𝗧 𝗧𝗢 𝗦𝗘𝗘 𝗧𝗛𝗜𝗦 𝗜𝗡 𝗔𝗖𝗧𝗜𝗢𝗡? If you want to see some of this in action, we will be previewing part of the solution next Thursday 9/4. Link in the comments. 👇