Compliance in wealth management: Stuck in manual, ready for Agentic AI
Author
Smriti Sharma
Principal Consultant - Financial Services
Asset and wealth managers don’t just sell performance; they sell trust. And compliance is the scaffolding that holds that trust up.
It safeguards investors. It keeps marketing fair and clear. It ensures advice aligns with client interests. And it provides the proof regulators and auditors demand.
When compliance falters, the fallout is immediate:
Fines that hit the bottom line
Remediation costs that drain resources
Reputational scars that show up in every due diligence questionnaire and client conversation
In short, compliance isn’t paperwork; it’s the foundation of credibility.
In asset management,
DWS, Deutsche Bank’s subsidiary, paid $25M in 2023 over ESG misstatements and mutual-fund AML program failures - classic “process vs. practice” gaps that go straight to disclosure credibility1.
In the UK, GAM was fined £9.1m for conflicts management failings tied to Greensill-linked transactions - an asset-manager-specific governance issue with obvious investor-fairness implications2.
For wealth,
SEC’s “off-channel communications” sweep in 2024 hit 26 firms for $392.75M over recordkeeping lapses on apps like WhatsApp3.
In January 2025, the SEC penalized Merrill Lynch ($25M) and two Wells Fargo advisory firms ($35M) over cash-sweep programs that weren’t managed with sufficient best-interest controls - textbook retail-advice conflicts4.
Additionally, we have seen data-handling lapses like Morgan Stanley Wealth Management’s $35M penalty for improper disposal of devices with client PII5.
Such instances highlight the severe vulnerability that this industry faces viz. data, privacy and reputation.
Why is compliance management largely manual in AWM firms?
The examples above partly clarify why compliance management is still mostly manual in Financial Services organizations.
To add to this,
Rules are not templated but are principle-based with messy facts included.
Standards like “fair, clear, and not misleading,” “best interest,” and “adequate conflicts management” always depend on context and domain specifics, such as audience, prominence, comparability, the client’s situation, or a product’s unique edge cases.
Exceptions (bespoke mandates, legacy share classes, cross-border nuances) are common enough to be normal.
The evidence lives everywhere:
PDFs
Emails
Decks
Archived chats
OMS fields
CRM note
And the rules keep moving:
Marketing guidance clarified,
ESG disclosure expectations tightened
Sanctions lists updated daily
Communications retention widened
So, policy owners must constantly translate “what changed” into control tests and proof, and this translation step has been historically human-led.
But, given all the advancements in AI, with Gen AI and now Agentic AI, the principal question that comes up is, why hasn’t it “solved” compliance management in AWM?
There are four main reasons:
First, explainability: Regulators and organizations own the second line of defense to understand the “why” behind a decision, not just the score. Now, custom evaluators can incorporate policy interpretations and exceptions tailored to the specific domain and terminology of the use case.
Second, data reality: Critical records reside in on-premises archives, restricted VPCs, and legacy systems with uneven entitlements; moving data to the cloud in Financial Services organizations has been slow, to say the least. However, the key is to note that data isn’t all in the cloud, and hence an AI solution can be brought to where the data resides!
Third, workflow gravity: Surveillance, supervision, and approvals run through existing case tools and four-eyes checks. AI plays a peripheral support role in these in the current framework, and simple automation is believed to be incapable of plugging into these rhythms. However, it is now possible to build a complex reasoning and interpretation layer to enable automation.
Fourth, the accountability dilemma: Firms are wary that if an AI-assisted workflow approves a factsheet or clears an alert that later proves deficient, who is accountable - the model, the vendor, or the supervisor who clicked “approve”? Under current systems, if there is a breach, responsibility and accountability can be placed on a human(s) who “reviewed” the process. In the case of an entirely AI-based setup, there is uncertainty about how accountability will be distributed.
Agentic AI can bring that much-needed paradigm shift
AWM processes differ depending on product, channel, jurisdiction, and client segment. Static workflows struggle with this variability. Agentic AI systems can resolve the compliance challenges, advancing progress without pretending humans are unnecessary. Agentic AI is a goal-oriented system that plans steps, utilizes tools, performs self-checks, and seeks assistance, meaning it manages complex realities better than simple models.
An agent should be viewed as a diligent analyst, not a decision-maker. A separation of powers structure will keep all agents in check and ensure they work together to complete the workflow.
For e.g.,
For an asset manager's factsheet review, the agent can:
Pull the latest policy;
Retrieve the prior approved version;
Verify performance against official composites;
Cross-check benchmark labels and ESG statements;
Highlight risky phrasing;
Draft a rationale with citations; and
Assemble an evidence pack.
While with a wealth best-interest review (e.g., a cash sweep or share-class recommendation), the agent can:
Gather the client profile;
Enumerate alternatives;
Compare costs/benefits;
Surface conflicts mitigation; and
Produce a supervisor-ready dossier.
In both cases, a named approver still signs, preserving accountability, while turnaround times and inconsistencies drop.
Tactical in-trench path
A practical blueprint: one can set up an agent network where duties are separated amongst agents:
a Policy Agent (rules/tests and change-log),
a Data Agent (entitlements-aware retrieval where the data already lives),
a Review/Surveillance Agent (analysis),
a Controls Agent (thresholds, routing, SLAs), and
an Evidence Agent (immutable audit log).
Models can be kept close to the data (on-prem/VPC), RAG agents can be set up so claims are source-linked, and deterministic checks can be run before any model judgment. This will need fewer manual keystrokes and have stronger, more repeatable rationales.
The Human signature
Two cautions to keep trust intact.
First, emphasize Human in the loop: consider AI as a drafting tool where human decisions remain central, ensuring a clear record of the agent's actions, evidence reviewed, and any overrides by humans. This clarity simplifies post-mortems and discussions with regulators.
Second, address model risk and change management: keep detailed version documentation, conduct regular testing against policy-specific scenarios, observe model drift, and control releases similar to how you manage a pricing model. The aim isn’t to replace humans but to enable them to focus on judgment, exceptions, and organizational culture, helping to prevent becoming the next scandal.
Conclusion
Ultimately, compliance in AWM functions more as a trust-building mechanism than a mere back-office expense. Recent fines related to ESG claims, conflicts of interest, recordkeeping, cash sweeps, and data management highlight the tangible risks involved, affecting both institutional and retail clients. The process remains manual because it relies on judgment, involves inconsistent procedures, scattered and often on-premises data, and faces constantly changing rules. That’s why AI hasn’t fully solved these issues. However, agentic AI can enhance safety and speed: integrating models with data locations, encoding policies as small evaluators, creating evidence-rich dossiers, and leaving the final decision to a designated human. Starting with a narrow scope, enforcing strict governance, monitoring impact, and scaling allows faster progress without abandoning accountability.
References:
1 https://www.sec.gov/newsroom/press-releases/2023-194
3 https://www.sec.gov/newsroom/press-releases/2024-98
Recognition and achievements
