Share
In this Article
Share
In our recent post, Inside OnePay’s AI Journey, we talked about how we’re putting AI to work across OnePay. The goals were straightforward: move faster, run leaner, and build better experiences for our customers.
One area that kept coming up was financial crime compliance. AML investigations are some of the most labor-intensive work at any financial institution. An investigator has to pull records from dozens of sources, cross-reference transaction patterns against regulatory and institutional typologies, run open-source intelligence checks, and write up a detailed narrative – all under tight time pressure, and with zero room for error.
We asked ourselves: What if we built an AI Agent that could do the most laborious part: the investigation, and let our analysts focus their judgment on review?
Investigations Are Knowledge Work at Scale
The hard part of an AML investigation isn’t any single step – it’s how many steps there are. A typical case means pulling a customer’s profile, reviewing their full transaction history, screening various databases, analyzing counterparty relationships, searching for adverse media, applying dozens of risk policies, and packaging it all into a structured report with a disposition recommendation.
Each step means a different system, a different query, and a lot of institutional knowledge that lives in policy documents, past cases, and the heads of senior analysts. One investigation can eat up hours or days. Multiply that across a robust volume of alerts, and your team is spending most of their time gathering data and formatting reports distracting from the most important part, applying human judgment and expertise.
We wanted something that could:
Gather data at scale – pull from each relevant source in parallel without an analyst tabbing between systems.
Apply institutional knowledge – bake our compliance policies, risk thresholds, and investigation references directly into the reasoning.
Tap into the open web – run OSINT(Open Source Intelligence) research the way a human analyst would.
Produce high-quality output – generate structured, consistent reports that meet our compliance standards, with evidence citations and disposition recommendations.
We didn’t want a summarization tool. We wanted an agent that could help run a full investigation end to end. That’s what we built.
Architecture Overview
The AML Investigation Agent is comprised of four components:
Investigation Platform: The service layer that handles the lifecycle of an investigation – intake, queuing, execution, timeouts, retries, and delivery. When a transaction alert fires, the platform automatically kicks off an investigation – no human intervention needed to trigger an investigation.
Agent: The LLM-powered loop that performs structured research tasks. It picks up a case, figures out its approach, calls tools to pull and analyze data, and keeps going until it has enough to author a report.
Compliance Policies: A library of investigation procedures, risk thresholds, behavioral typologies, disposition guidelines, and narrative standards – all sourced from our compliance policies and procedures. When a policy or procedure changes, those updates flow into the agent’s reasoning without anyone changing application code. The agent doesn’t figure out compliance on its own; it follows the playbook our expert Financial Crimes Compliance team owns.
Audit Log: Every investigation produces a detailed process log alongside the report – what data was pulled, what analysis was run, what reasoning led where. This matters significantly. In a regulated environment, showing how you reached a conclusion is just as important as the conclusion itself. The audit log also gives us a benchmark to measure against as we refine the process.
Running the Investigation
The agent works through four phases, designed to match how analysts tackle a case typically.
First, it loads the compliance procedures and starts gathering data of the customer profile, risk scores and full transaction ledger, etc. All this data is retrieved in parallel where possible.
Second, it starts to work on the information it retrieved. It cross-references findings, maps behaviors to typologies, checks against risk threshold policies, and connects dots across the evidence. No new data calls – just analysis.
Third, it goes out to the open web for additional sources to support its analytics.
Finally, it pulls everything together into a structured, consistent report – executive summary, transaction analysis, risk assessment, red flags, OSINT findings, and a disposition recommendation – formatted the way our compliance team expects it.
One thing worth calling out: the agent never makes the final call. Every report goes to a human analyst for the final judgement call. The agent does the legwork, collects and analyzes the data, leverages its reasoning and presents a recommendation, but the final decision is always made by an expert.
Takeaways
A few things we’ve learned building and running this Agent:
Structure beats open-endedness. Early on, we gave the agent loose instructions and it would skip data sources or jump to conclusions. Locking in a strict phase sequence – gather everything, analyze, search the web, then synthesize – made a night-and-day difference in investigation quality.
Policy as prompt is a forcing function. Feeding our compliance procedures directly into the agent’s instructions surfaced gaps we didn’t know we had. When the agent misapplied a policy, it was almost always because the policy was ambiguous. Fixing those ambiguities made the docs better for human analysts too – an unexpected win.
Earn trust by keeping humans in the loop. We’re in the early stages of applying AI to a heavily regulated domain, and we’re rolling it out accordingly. The agent surfaces evidence, flags uncertainty, and presents a recommendation – but a human analyst always makes the final disposition call. In compliance, the right default is caution, and starting from that posture builds trust with the team.
The patterns we landed on – phased investigation, domain-specific tools, policy-driven reasoning, human-in-the-loop decisions – aren’t specific to AML. Across financial services, we see the same shape of the problem: skilled teams spending most of their time collecting and organizing information, taking time away from the ability to make the best judgment calls that truly matter. At OnePay, we’re changing that and we’ll have even more to share soon.