The amount of signals available to compliance teams at onboarding has grown significantly. Between registries, documents, sanctions data, behavioral inputs, and website content, most teams are not lacking for information. The harder problem is connecting those signals to decisions, faster, more consistently, and in a way that holds up over time.
For a long time, verification was a reasonable proxy for that. Clear the checks, close the case. But businesses change after onboarding, fraud has moved earlier in the funnel, and the gap between what a team can collect and what it can act on has become the more pressing operational problem.
This issue looks at how that gap is starting to close, and what it means for the way compliance workflows are built and run.
If you're only going to read one thing
AI Agents as Compliance Operators
Compliance teams have spent years getting better at collecting signals. Between registry data, document checks, sanctions screening, website content, and adverse media, the inputs into a KYB decision have expanded considerably. But the way those signals get turned into a decision has not changed at the same pace. In most teams, that final step still depends on an individual analyst working through a case manually, drawing their own conclusions, and documenting their reasoning after the fact.
That creates two problems that tend to go unnoticed until they become serious:
Inconsistency: Two analysts reviewing the same business can reach different decisions, not because one is wrong, but because the process itself does not enforce a common standard.
Auditability: When a decision is analyst-driven, the record of why it was made is only as complete as the analyst's documentation. Under pressure, this tends to be the first thing that gets compressed.
AI agents are starting to change this operational reality considerably, not by replacing analysts, but by handling the work that precedes their judgment. Here is how it works in practice:
An agent pulls data across registries, web resources, and review databases, flags anomalies, and surfaces a suggested decision with the reasoning already documented.
The analyst then reviews that output and acts on it, rather than building the case from scratch.
Across markets, a well-designed agent also needs to know where to look depending on the country. Yelp is the relevant database for US businesses, Trustpilot carries more weight across Europe, and Google Maps is a meaningful signal in LATAM and parts of Asia. Beyond data sourcing, it also needs to understand each market's UBO thresholds, shareholding rules, and documentation requirements, all of which vary enough to meaningfully affect how a case gets built and reviewed.
The result is a compliance workflow where the distance between collecting a signal and acting on it gets meaningfully shorter, and where the decisions that do reach a human reviewer are better prepared, more consistent, and easier to defend.
Regulators are paying attention to this shift too. FinCEN has signaled openness to the use of AI in KYC and KYB processes, recognizing that well-designed automation can strengthen controls rather than weaken them.
Read more about what FinCEN's proposed rule could mean for KYB, AML, and the future of compliance here.
We just launched Website Agent 2.0, a major upgrade to how compliance teams review business websites.
Anyone with a laptop can build a convincing business website in an afternoon. Professional design, polished copy, a full product catalog, terms and conditions. None of it requires meaningful skill or investment any more. The question for compliance teams is no longer whether a website looks credible, but whether the claims it makes hold up. A business can present itself as an established retailer while hiding inconsistent pricing, absent company details, or connections to other domains that tell a different story. None of that shows up in a standard extraction-based check.
Website Agent 2.0 takes that problem head-on. Rather than extracting and presenting, it evaluates what a business is claiming, checks whether those claims are consistent with what external sources say, and prompts reviewers to Approve, Review, or Reject each case.
Here’s how it works:
Related Entity Intelligence maps the infrastructure around a site, including shared hosting, copied templates, and domain patterns, connecting the business under review to others it may be linked to.
The Risk Intelligence Layer identifies fraud indicators including suspicious pricing, missing business information, and AI-generated content, then validates claims against external data.
The policy engine applies your own prohibited and high-risk category rules automatically, resolving clear-cut cases without analyst time and keeping reviewers focused on what genuinely needs judgment.
Want to learn more about Website Agent 2.0? Check out our dedicated blog post!
What is fundamentally breaking in current KYB workflows as companies scale across markets?
The data is mostly there. The context isn't.
When a compliance team operates in one market, they build intuition. They know what "director" means in the UK versus Mexico. They know which registry is authoritative versus which is a copy. They know when government data is enough and when to triangulate.
Now scale that across 30+ countries. Terminology shifts and registry coverage is uneven. Some sources return results in 5 seconds; others are closed on weekends. The data points required per country are different too.
You end up with 800+ signals per merchant, sitting across tabs and spreadsheets, with no one on the team holding the full picture.
What's breaking isn't data collection. It's interpretation. KYB at scale needs institutional memory: a knowledge base that holds each market's nuances so your analysts don't relearn them every case.
How do AI agents change the way a compliance team handles a case from intake to decision?
There are three places where we're seeing real impact at AiPrise:
Intake: guided onboarding forms with autofill. Merchants spend less time, fewer drop off, and the team gets cleaner data on day one.
Review: AML reviews, document reviews, and website reviews are largely automatable today when you hand the agent a clear SOP. We're consistently seeing 60% of manual review work disappear. Bridge, a Stripe company, told us their onboarding decisions are 80% faster after switching to AiPrise.
Decision: case review agents are earlier but the most exciting category. They clear out obvious approvals and escalate the edge cases that genuinely need human judgment.
Fraud detection is the quieter story. Pattern recognition across thousands of cases is something agents do better than any individual analyst can.
The point isn't that AI replaces compliance analysts. It's that analysts stop spending 60% of their time on work that never needed them.
What is the question compliance teams should actually be asking, and how does Website Agent 2.0 help them answer it?
The real question compliance teams ask is simpler than that: do I trust this merchant?
Not "what are the 47 signals from their website." Not "what does the domain age tell me." Just yes or no, with reasoning.
For years, the industry has answered that by adding more signals. More data fields. More dashboards. The result is analysts reading 800 data points per case and still not feeling confident.
Website Agent 2.0 inverts that. It reads the merchant's website the way a human reviewer would, applies risk indicators, and outputs a trust judgment with the reasoning behind it. The team moves from collating signals to acting on a decision.
The shift isn't faster reviews. It's a different question entirely.
Compliance Compass is published by AiPrise, an AI-powered global compliance platform. We write this newsletter because we needed an outlet for everything we're learning and thinking about.
If anything in this issue resonates, or if you'd push back on it, just reply. We read every email.