A deep dive on Generative AI (GenAI) in compliance was the focus of the first panel session at the recent A-Team Group RegTech Summit in New York. The panel comprised Erin Preston, Chief Compliance Officer, Wedbush Securities; Harsh Pandya, Vice President, Product Management, Saifr; Brandon Carl, EVP, Product Strategy, Smarsh; and Rachna Srivastava, Head of Product, AI, Data & Platform, Symphony.
GenAI and large language models (LLMs) are already helping compliance teams identify and address emerging risks. By moving beyond static keyword searches, these tools can interpret context, nuance, and intent in real time. One panelist noted, “Our Gen AI and LLM advances, and our products that are based on monitoring these conversations, have become extremely useful.”
This signals a departure from relying solely on lexicon-based surveillance, previously a labour-intensive method requiring frequent manual updates with high false positive rates. Instead, GenAI models dynamically learn from live data, adapting to shifting communication styles and market conditions.
In e-communications surveillance, LLMs can parse emails, chat messages, and voice transcripts, identifying subtle indicators of misconduct or policy breaches. Rather than waiting for violations to surface after the fact, firms can now intervene before harmful content is disseminated. For example, certain models can flag suspicious language patterns in trading conversations (live voice) or detect confidentiality breaches on unapproved messaging platforms, providing compliance officers with the insight they need to halt problematic behaviour pre-emptively.
Earlier in the session, an audience poll was taken asking: “Where does your firm see the biggest risks around adopting GenAI and LLMs for compliance?”
Data quality topped the list of perceived risks (80%), with lack of explainability (46%), potential misuse (43%), data privacy (40%), ethical violations and bias (29%), and hallucinations (26%) following behind.
Reflecting on these results, one panelist remarked that they were not surprised by data quality concerns, pointing out that subject matter expertise in understanding data sources is indispensable. “No one understands the data-generating process as well as they do,” this panelist said, indicating that compliance professionals must be central figures in shaping effective data-driven solutions.
In contrast, another panelist expressed surprise, suggesting that generative AI often requires less data and is more resilient to noise than many might assume. They questioned why hallucinations, and nondeterminism did not rank higher, emphasizing that these intrinsic behaviours of LLMs pose significant challenges. “If you ask a math problem 10 times, it might give you the right answer seven times and the wrong answer three times, always confident,” this panelist noted. Such unpredictability is problematic in compliance contexts, where even a single false negative can carry dire consequences.
As the discussion continued, one panelist acknowledged that some issues stem from general-purpose LLMs trained on broad data without strict parameters. Another countered that recent research suggests hallucinations are a fundamental artifact of LLMs, not merely a data quality issue. According to this perspective, improvements in data governance alone cannot eliminate these flaws, and protective layers of non-generative, rules-based systems will be essential in mitigating risk. “You’re going to need a surrounding set of systems that are non-generative to provide safeguards,” this panelist stated, reinforcing the notion that LLMs must operate within a robust compliance ecosystem rather than as standalone solutions.
Ultimately, the power of these models lies in their adaptability. As communication mediums proliferate—ranging from encrypted messaging apps to voice-enabled collaboration tools—GenAI-driven approaches can scale their analytical capabilities. Over the long run, such technologies promise a more resilient and agile compliance framework, allowing organizations to stay ahead of an evolving and increasingly complex regulatory ecosystem.
Keeping LLMs Honest
To maintain trust and effectiveness, continuous monitoring must become a deeply embedded element of daily compliance operations. This goes beyond simply reviewing alerts; it involves setting quantifiable performance metrics that can evolve as markets, communication channels, and regulations shift.
One panelist advised, “You need to take something that’s very complex and simplify it to something that you can track,” highlighting the importance of actionable benchmarks. By pairing statistics like false-positive reduction rates with meaningful escalation trends, teams can identify when models drift off course and respond swiftly.
Validation is equally crucial. Another panelist stressed, “We define what we evaluate and how frequently… don’t just set it and leave it.” Such diligence means regularly challenging the AI’s logic and verifying outputs against known standards. It involves documenting override decisions, capturing the rationale behind them, and ensuring models don’t remain static.
Panellists cautioned against forgetting to acknowledge the human factor—interpretations vary, cognitive biases creep in, and consensus on what constitutes a true positive or false positive may not always be easy to reach with LLM-generated output.
Integrating heuristic layers, running scenario-based tests, and including feedback loops from end-users all contribute to more nuanced, consistent, and ultimately trusted validation processes.
Barriers to Adoption
For a naturally risk-averse function like compliance, GenAI and LLMs raise multiple concerns, many of which are the result of misinformation and a lack of knowledge. Panellists argued that the real risk often lies in maintaining the status quo.
One panelist advocated reframing the discussion, “Surface the business risk and when people realize that that dwarfs the model risk, suddenly the conversation changes.” By showcasing previously unseen threats—such as hidden compliance gaps or emerging market abuses—GenAI reframes innovation from a hazard to a safeguard. The narrative shifts: failing to adopt these tools may be costlier than embracing them.
This reframing encourages practitioners to view GenAI not as an opaque black box but as a productivity-enhancing tool that can be trusted. The technology can automate tedious tasks, freeing professionals to focus on analysis, strategy, and judgment. By emphasizing tangible benefits—quicker response times, reduced false positives, improved investigative accuracy—leadership can motivate teams to lean into the change. Training sessions and pilot projects help individuals gain hands-on experience, building confidence in the tools and eroding entrenched scepticism over time.
Addressing Hallucinations
Hallucinations—instances where LLMs produce plausible but incorrect outputs—pose unique challenges. One panelist remarked, “It’s like one of my uncles, which is always confident and sometimes right,” capturing the paradox of these models. Their structural tendencies can blur distinctions between related concepts, leading to confidently delivered inaccuracies. Addressing these issues demands a multifaceted approach.
Robust governance frameworks help define acceptable error thresholds, while heuristic and deterministic layers can filter out the most glaring mistakes. Firms can run controlled scenarios that stress-test the model, prompting it to reveal common failure modes.
Another panelist recommended strategically deploying LLMs where they add the most value and are less likely to produce harmful misinformation: “Save the LLMs for the harder problems that don’t scale to human effort.” By understanding the nature of hallucinations, firms can craft guardrails—ranging from automated checks to human review at critical junctures—to keep these confident-yet-flawed outputs from undermining trust in the system
Collaborative Compliance
True progress in AI-enabled compliance requires more than cutting-edge tech; it needs genuine collaboration. One panelist said, “You need the people who understand the data generating process and… the research design enough… to assign some confidence to this.” Data scientists might grasp the model’s technical nuances, but compliance officers know the legal and ethical parameters, while business leaders understand strategic priorities. Bringing these perspectives together in structured working groups fosters a balanced view of risk, efficiency, and effectiveness.
This collaboration is not limited to the initial rollout. During pilot phases, open forums and workshops can surface unintended consequences or overlooked intricacies. As solutions mature, ongoing dialogue keeps evolving technologies aligned with regulatory changes and business goals. One panelist emphasized a phased approach: “Start with free-form experimentation to discover what GenAI can do, then layer in governance, audit trails, and version controls to make it production-ready.” Over time, these cross-functional collaborations produce AI systems that are not only technically sound but contextually informed—tools that integrate seamlessly into the firm’s culture of compliance, accountability, and continuous improvement.
Final Takeaways
In summarizing their reflections, the panellists offered a few final tips for firms venturing into GenAI deployments. One panelist urged organizations to explore a broad range of implementation strategies: “There are various ways of implementing the generative AI technologies. You could do large language models. You could do small language models. You could do local implementations,” they noted.
Additionally, recent advancements in confidential computing options guarantee that “your data stays very secure where it is… there’s no leakage even though it’s in the cloud.” As companies select their technology stack, they should prioritize solutions that provide robust encryption and privacy controls, preventing any unintended exposure of critical information.
Another panelist advised, “Get your data infrastructure right and then make sure to have good plans from POC to production.”
And finally, “Use [GenAI] in your personal life… because you’ve got to understand the shape of this thing… the output of this thing. The barrier to entry is really low… so using it and understanding what it’s actually doing will help you understand its limitations and then help build risk management procedures around it.”
Panellists expressed hope that a year or two from now, with an audience of regulatory compliance professionals and a lot more experience, the manifestation of hallucinations in LLM-generated outputs will be a non-issue.
These shared insights offer firms valuable guidance for integrating GenAI and LLMs into compliance processes to improve productivity and agility in response to managing regulatory change.
Subscribe to our newsletter