About a-team Marketing Services
The knowledge platform for the financial technology industry
The knowledge platform for the financial technology industry

A-Team Insight Blogs

GenAI in Compliance, Buy vs. Build: Interview with Saifr CEO Vall Herard

Subscribe to our newsletter

The Saifr sponsored whitepaper – From Caution to Action: How Advisory Firms are Integrating AI in Compliance – published in November, explored a number of key themes surrounding the adoption of generative AI (GenAI) enabled technologies for compliance by advisors and wealth management companies. One theme examined survey participants attitudes regarding vender supplied versus in-house built solutions. To explore this topic in more detail, RegTech Insight interviewed Saifr CEO and co-founder Vall Herard, where he shares his perspectives, guidance and hands-on experience in pioneering AI solutions in regulatory compliance.

RegTech Insight: Looking at the survey results, what stood out to you regarding firms’ attitudes toward the buy versus build decision for compliance solutions?

Vall Herard: The survey results align with what we see in the market. Many mid-sized enterprises recognize the cost implications of building internal solutions versus adopting vendor products. Even large organizations are adopting a mixed strategy, combining off-the-shelf solutions with custom integrations to help meet specific needs. A major driver of the build decision is the challenge of aligning generic solutions with a firm’s unique risk appetite. At Saifr, we address this by offering customizable, off-the-shelf solutions that clients can calibrate with minimal effort, and this has been well received.

RegTech Insight: Internal proof-of-concept (POC) projects often face challenges moving into production. What obstacles do firms encounter?

Vall Herard: Data is a major hurdle. While AI’s potential is evident at a high level, firms often lack the properly formatted data needed for validation. For instance, firms using SaifrScreensm for KYC and AML have seen improved risk identification, but this also requires additional human resources to handle investigations. Many firms fail to anticipate the downstream operational impacts of an AI implementation. Ensuring that downstream case resolution and reporting processes can support increased alert volume is critical for successful deployment.

RegTech Insight: With increased identification of true positives, how should firms approach triaging compliance risks?

Vall Herard: Triage is crucial. AI can surface more true positives, but firms need effective prioritization frameworks. Categorizing findings into high, medium, and low-risk levels helps compliance teams address urgent cases first. However, adapting existing case management systems to handle the increased volume of insights remains a challenge, especially where legacy systems have been in place for decades.

RegTech Insight: Explainability is often a major concern for GenAI adoption. How does Saifr address this challenge?

Vall Herard: The recent advances in generative AI have improved explainability. Our approach leverages our in-house compliance expertise to develop reasoning logic that clearly outlines why specific risks are flagged. For example, in marketing compliance, with SaifrReviewsm, we can deconstruct flagged content and provide specific regulatory references explaining non-compliance. This capability builds user trust by ensuring the flagged risks align with an organization’s policies and risk appetite.

RegTech Insight: Data security is another key concern. How does Saifr help ensure compliance with security standards?

Vall Herard: Misinformation about AI and data security persists, particularly around generative AI models. Saifr mitigates these concerns by deploying client-specific models within their private cloud environments, ensuring no data exposure to third parties. We do not send data to external LLM providers, eliminating the risk of unintended data sharing and in most cases, even Saifr doesn’t see the data.

RegTech Insight: Some firms believe developing in-house AI solutions offers a competitive advantage. What are your thoughts?

Vall Herard: Larger firms with sufficient resources may benefit from building custom AI solutions, but this approach requires significant investment and expertise. Saifr offers a middle ground by allowing firms to customize our models within their environments while benefiting from our pre-trained compliance-specific capabilities. Our partnership with Microsoft helps enable firms using Azure to deploy Saifr models within their private tenant, combining flexibility with security.

RegTech Insight: What advice would you give to firms still on the fence about adopting vendor-supplied AI solutions?

Vall Herard: Firms should identify use cases with clear business value and start small. Just as the early days of cloud computing faced skepticism, AI adoption requires a strategic approach. GenAI is here to stay, and firms that begin their journey now will be better positioned as the technology becomes more standardized and commoditized.

RegTech Insight: How do you respond to firms with a ‘not invented here’ mentality regarding AI adoption?

Vall Herard: This mindset is common, but the key is to focus on the firm’s core business objectives. Investment management firms should ask themselves whether they are in the business of building technology or managing investments. In most cases, cost-benefit analyses favor buying over building, and executive leadership often leans towards vendor solutions when presented with clear ROI insights.

RegTech Insight: Any final thoughts on the evolving AI landscape in compliance?

Vall Herard: Saifr positions itself as a safety-first company, ensuring compliance through AI-driven guardrails. Our mission is to make AI safe for regulated industries by aligning solutions with evolving regulatory standards. Ultimately, AI adoption in compliance will be driven by its ability to improve efficiency and accuracy while maintaining regulatory integrity.

Subscribe to our newsletter

Related content

WEBINAR

Upcoming Webinar: Managing Non-Financial Misconduct Under SMCR

9 October 2025 11:00am ET | 3:00pm London | 4:00pm CET Duration: 50 Minutes Non-financial misconduct—encompassing behaviours such as bullying, sexual harassment, and discrimination is a key focus of the Senior Managers and Certification Regime (SMCR). The Financial Conduct Authority (FCA) has underscored that such misconduct is not only unethical but also poses significant risks...

BLOG

Meeting the 72 Hour Trade-Reconstruction Rule – 10 Holistic Surveillance Leaders for 2025

When regulators rewrote the rulebook after the financial crisis, surveillance teams were handed an almost impossible brief: show us everything that led to a trade. In the United States, the CFTC’s Dodd-Frank swap-dealer rules (§1.35 and §23.202) imposed a 72-hour deadline to reconstruct a transaction, forcing banks to retrieve orders, voice calls, chat messages and...

EVENT

RegTech Summit London

Now in its 9th year, the RegTech Summit in London will bring together the RegTech ecosystem to explore how the European capital markets financial industry can leverage technology to drive innovation, cut costs and support regulatory change.

GUIDE

The DORA Implementation Playbook: A Practitioner’s Guide to Demonstrating Resilience Beyond the Deadline

The Digital Operational Resilience Act (DORA) has fundamentally reshaped the European Union’s financial regulatory landscape, with its full application beginning on January 17, 2025. This regulation goes beyond traditional risk management, explicitly acknowledging that digital incidents can threaten the stability of the entire financial system. As the deadline has passed, the focus is now shifting...