Actico_Element_16-9_Verauf eb-mb-rb_300

01.07.2026|

How Compliance Views AI Agents, LLMs, and Data Sovereignty

  • Compliance
  • Blog

AI agents, large language models and cloud services are the future of compliance in the financial services and insurance industry. But they also raise questions around cost, transparency and data sovereignty. The industry worldwide has experienced how technology providers can limit global access to their most advanced AI models at short notice or restrict specific model capabilities. At the same time, they define the pricing models. This has intensified concerns around dependency, cost control and operational resilience across the sector. So what are the three biggest challenges, and what could the answer look like?

AI in Compliance: The Push to Innovate Meets Regulatory Reality

Banks and insurers are building out their AI infrastructure. But some questions remain open:

1. AI Compliance

What is permitted? How do financial institutions close the gap between their appetite for more AI and the regulatory demand for transparency and traceability? Which large language models offer the best value for money?

2. Data Sovereignty

Where is the data processed? On-premises or in the cloud? And if in the cloud, with which provider and on which pricing model? Which cloud model is the better fit: a global hyperscaler or a sovereign cloud environment?

3. Speed

How can compliance stay ahead of criminals? How can banks and insurers respond to new financial crime patterns? And how can they meet the requirements of AMLA and the EU AML package by mid-2027?

What exactly are AI agents in Financial and Insurance Compliance?

To strike the right balance between their ambitions and what regulators require when it comes to AI, banks and insurers are looking for the right AI setup, for example one built around AI agents. So what exactly are AI agents in a compliance context? They are autonomous or semi-autonomous software systems that process information, plan and carry out tasks on their own. Typical use cases include case management, sanctions, PEP and adverse media screening, AML transaction monitoring, FIU reporting and payment screening. AI agents and large language models (LLMs) are closely linked. An LLM understands text, answers questions and analyses context. An AI agent draws on these capabilities to prepare tasks independently.

The future belongs to AI agents. Even so, it is essential to keep people in the decision-making process and to leave the final decision to human experts. The human-in-the-loop principle is an absolute must-have in the financial services and insurance sector.

Large Language Models in Compliance: Costs Under Scrutiny

The LLMs from global hyperscalers keep getting better and bigger. The computing power they need keeps climbing, and the costs along with it. More and more model providers are switching their AI models to usage-based billing. That sends costs through the roof.

So why should a financial institution pay for an LLM that offers more than compliance actually needs? For specialised tasks like those in compliance, smaller models can do the job. To keep costs under control, a growing number of companies are warming to local large language models. These run within the company’s own IT environment and are tailored to compliance tasks. Small, specialised LLMs help compliance teams handle everyday tasks such as analysing suspicious cases, prioritising alerts and summarising case reviews.

How Important is Data Sovereignty in Financial Crime Compliance?

Where is sensitive customer data processed? Who has access to it? Which legal framework governs the technologies in use? And what does hosting cost?

Relying on global cloud providers and AI models carries risks for banks and insurers operating under European law. These range from the CLOUD Act, which could give US authorities access to data hosted in America, through to AI models whose training data and inference sit outside Europe. Many banks and insurers are questioning the long-term costs and risks of the big hyperscalers. Alongside the usual infrastructure costs, dependency on a single cloud provider (vendor lock-in) is coming under closer scrutiny. In other words, applications, data and AI services become tightly bound to one provider, and switching later on is expensive and technically difficult.

In response, more cloud providers are offering sovereign cloud environments where data is hosted and processed in clearly defined locations, such as Europe or country-specific data centers.

Why does Speed Matter So Much in Financial Services Compliance?

Compliance needs to be able to react fast. For all sorts of reasons. Criminals are using AI technologies that banks and insurers have to stay one step ahead of. At the same time, regulatory requirements keep rising.

So the financial sector needs software systems that let it respond to new threats and regulatory requirements in minutes rather than months. With ACTICO Compliance Solutions, AML officers can draw on AI support to spot new suspicious patterns and roll out new scenarios with no IT effort or lengthy development cycles, so they can prevent fraud.

Conclusion 

Compliance in the financial services and insurance sector is heading towards a future built on AI infrastructure. Decision-makers have to decide how to deploy AI agents and LLMs and how to run their day-to-day operations.

  • Do they go with the hyperscalers’ offerings, or with smaller LLMs specialised in compliance tasks?
  • How do they answer the data sovereignty question?
  • Will they operate compliance applications on-premises, with global cloud providers, or in locally operated sovereign cloud environments?
  • What costs and dependencies should they expect?

There is no question that large language models and AI agents bring real benefits for compliance teams. They help process and generate text, handle regulatory reporting such as FIU reporting and independently analyse suspected money laundering cases, for example in customer screening. What remains essential is that the human-in-the-loop principle stays firmly in place. AI-generated results may only be signed off under human oversight.

If you want to be fast, you have to be flexible. Software solutions like ACTICO Compliance Solutions provide a stable core for everyday compliance applications: AML transaction monitoring, sanctions, PEP and adverse media screening, and payment screening. Thanks to their open, API-first interfaces, they let financial institutions and insurers plug in the right AI agents for use cases such as adverse media screening, using local rather than global LLMs. ACTICO Solutions can be operated in different cloud environments, allowing financial institutions to align deployment with their governance and data control requirements.