Qomply Brings Regulatory Intelligence Into AI Compliance Workflows

Qomply has launched QomplyAI, a new capability designed to make its regulatory intelligence available through AI assistants including ChatGPT, Claude and other Model Context Protocol-compatible clients.

QomplyAI is intended to let reporting, compliance and oversight teams ask regulatory questions in natural language and receive structured answers that can support workflow decisions. Example use cases include checking whether an instrument is MiFID reportable on a given trade date, retrieving reportable ISINs from a CFI code, or obtaining a UPI for an ISIN from within an AI assistant.

The capability connects AI tools to Qomply’s centralised regulatory intelligence hub, using the same data and logic that support the firm’s transaction reporting solutions. That positioning is important as compliance teams assess how AI can be used without weakening governance, auditability or control over regulatory interpretation.

Michelle Zak, Co-Founder of Qomply, said: “Firms are increasingly working in AI-enabled environments, but the key is ensuring the answers they rely on are accurate, consistent and based on trusted regulatory logic. QomplyAI brings our intelligence directly into those workflows, so teams can move faster while maintaining control.”

Qomply cites recent KPMG research suggesting that AI agent adoption is moving beyond exploratory use. According to the survey of more than 2,100 global leaders, 54% of organisations are actively deploying AI agents, while organisations globally plan to spend an average of $186 million on AI over the next 12 months, compared with $207 million in the U.S.

Zak added: “With global AI-adoption, users are demanding accurate and defendable results. Qomply sits at the heart of that regulatory intelligence.” For regulated firms, the practical value lies in bringing verified regulatory logic into everyday AI workflows while retaining explainability and consistency.

Comply Sets Out MCP Layer for Agentic Compliance Workflows

Comply has announced general availability in May 2026 for its  ComplyAI MCP Server, an enterprise-grade Model Context Protocol server designed to connect the firm’s compliance intelligence with major AI platforms used by financial services teams. The server is intended to let authorised compliance, advisor and operations users build custom AI agents in tools such as Claude, Microsoft Copilot and ChatGPT without developer support or separate IT projects.

Initial use cases include trade pre-clearance, policy guidance, morning compliance briefings, certification and onboarding workflows, annual review preparation, and natural-language reporting. So, a compliance officer could ask an AI tool to surface open certifications, open pre-clearance requests, certification gaps, and regulatory alerts, or support a pre-clearance request while maintaining the relevant compliance record.

The first enabled use case will be trade pre-clearance, where a fund manager or other financial services user can instruct an AI orchestrator to submit a request and receive an approval or denial, with audit logs retained in the Comply platform. Policy guidance through ComplyAI Policy Guide is available for testing and is expected to be available through the MCP Server in mid-2026.

Comply is framing the infrastructure layer as central to the reliability of agentic compliance. The company says its data foundation maintains regulatory content, firm-specific policies, supervisory procedures and employee compliance data for environments including the SEC, FINRA and FCA. Client data is stored, processed and audited within the Comply platform and is not shared with other firms.

Michael Stanton, CEO of Comply, linked the launch to the sequencing of data infrastructure and AI access: “We built the compliance data infrastructure before we built the AI.” David Bliss, Chief Product Officer, added: “You cannot get there by starting with AI. You have to earn it.”

UAE Central Bank Taps Norbloc for Nationwide e-KYC Platform

The Central Bank of the UAE (CBUAE) is developing a nationwide electronic Know Your Customer (e-KYC) platform with Norbloc AB, creating a unified national approach intended to reduce duplicated ‘customer due diligence’ across the country’s financial sector. The initiative forms part of the CBUAE’s Financial Infrastructure Transformation (FIT) Programme and is designed to support more efficient onboarding for individuals and businesses while strengthening Know Your Customer and Know Your Business controls.

The platform will use automated workflows, trusted data sources and privacy-by-design technology to support customer due diligence, anti-money laundering and combatting the financing of terrorism (AML/CFT). It will enable secure data sharing based on explicit customer consent, with the aim of reducing turnaround times, operational costs and repeated checks across financial institutions and fintech companies.

For regulated firms, the project points to a more shared model for identity verification and compliance data, where trusted customer information can be reused with explicit consent rather than repeatedly collected across institutions. Future phases will focus on expanding the platform’s capabilities and deepening integration with relevant stakeholders.

H.E. Saif Humaid Al Dhaheri, Assistant Governor for Banking Operations and Support Services at the CBUAE, framed the project as a shift away from resource-heavy onboarding and compliance processes. “The development of the e-KYC Platform represents a strategic transformation towards a more efficient and resilient financial ecosystem. Through this platform, we are enabling the sector to move away from resource-intensive traditional processes towards progressive digital models that accelerate access to financial services and reduce operational costs. At the CBUAE, we aim to enhance efficiency and establish a financial environment characterised by transparency and the protection of customer privacy, in a way that reinforces the UAE’s competitiveness as a leading global financial centre.”

Norbloc will act as technology partner for the platform. Astyanax Kanakakis, Chief Executive Officer of Norbloc AB, said: “We are proud to partner with the Central Bank of the UAE in delivering this platform, which sets a new benchmark in digital compliance globally. By leveraging advanced technologies, we will enable financial institutions to access trusted and secure data in real time from multiple sources, enhancing operational efficiency while adhering to the highest international standards. It also empowers users with full control over the management of access to their data.”

Mizuho Securities Adopts Behavox for AI-Powered Communications Surveillance

Mizuho Securities has implemented Behavox Quantum AI for communications surveillance, extending monitoring across chat and email in Japanese, English and other languages. The deployment points to strategic advancement from standalone surveillance tools towards more integrated control environments, where communications monitoring sits alongside trade surveillance, data retention and policy management.

At Mizuho Securities, the project appears to be part of a wider compliance build-out. Yutaka Wakabayashi, Chief Compliance Officer at Mizuho Securities, said the firm has made “the development and reinforcement of our compliance framework” a priority and is “actively working to leverage AI technology.” He described Behavox Quantum as “an AI solution that analyzes internal e-communications consistently and comprehensively regardless of channel or language,” adding that Mizuho expects it to strengthen monitoring coverage, reinforce detective controls and support “appropriate and prompt business operations.”

The implementation also suggests that firms assessing surveillance technology are placing as much emphasis on governance and operational fit as on detection capability. Behavox said the deployment followed a selection process that included technical due diligence, model risk review and security review, before going live within three months of the decision to proceed. That timeline indicates a relatively rapid rollout, but one framed around oversight and control expectations for AI adoption in a regulated environment.

Rather than positioning communications surveillance as a discrete compliance function, the architecture described here places it within a broader internal controls framework. In practice, that means linking surveillance outputs to evidence preservation, model governance and risk reduction workflows, with the aim of creating clearer traceability from initial detection through to resolution.

For Behavox, the Mizuho Securities deployment also adds weight to its Japan strategy. Nabeel Ebrahim, Chief Revenue Officer at Behavox, said the go-live shows that “Accountable AI — AI that is governable, auditable, and built to stand up to regulatory scrutiny — is already a reality for Tier 1 institutions today.” He added that the firm remains focused on “delivering integrated controls that protect firms and empower their compliance programmes.”

Behavox has operated in Japan since 2020 and has been building local delivery capabilities, including in-person support, multilingual surveillance coverage and a Japanese-language user interface across its product suite. In that context, the Mizuho Securities implementation is less a simple product deployment than an example of how large financial institutions are looking to embed AI-enabled surveillance into a broader, regulator-aware compliance operating model.

DTCC and CME Secure Approval to Expand U.S. Treasury Cross-Margining for End Users

DTCC and CME Group have received approval from the SEC and CFTC to extend their U.S. Treasury cross-margining arrangement to end-user clients of dually registered broker/dealers and futures commission merchants that are common members of DTCC’s Fixed Income Clearing Corporation (FICC) and CME.

The expanded service is due to go live on April 30 and broadens a long-standing house-account arrangement into client accounts. In practice, it will allow eligible end users clearing U.S. Treasury securities through FICC and interest rate futures through CME to offset positions with opposing risk exposures across the two clearing venues. The aim is to reduce margin requirements, release capital and improve liquidity for firms active in cash Treasuries and rates futures.

The extension comes as the US Treasury market adjusts to the practical effects of expanded central clearing requirements, with market participants under pressure to manage collateral, balance sheet usage and operational complexity more efficiently. Against that backdrop, cross-margining is being positioned as a way to soften the funding and margin impact of clearing related Treasury and futures positions through separate infrastructures.

DTCC pointed to the scale of the existing arrangement in proprietary accounts. Frank La Salla, President & CEO at DTCC, said the current model has “a proven track record of creating an average of $1 billion across both clearing houses in risk offsets every day,” and added that “we expect the end-user cross margin effort will lead to additional offsets for the industry.”

CME framed the move in the context of regulatory change in the Treasury market. Terry Duffy, CME Group Chairman and Chief Executive Officer, said: “With the SEC’s central clearing mandates now taking effect, cross-margining is essential — not only for operational efficiency, but to help end users manage the real costs of compliance.”

Cross-margining between CME and FICC has been available for proprietary, or house, accounts since 2004, and the firms announced significant enhancements to the arrangement in 2024. This latest step extends comparable treatment to client business, giving clearing members a way to pass margin efficiencies on to end users where positions meet the eligibility criteria.

Under the model, FICC will designate cross-margin accounts so eligible positions can offset against CME interest rate futures. CME Clearing will allow participants to direct futures into end-user cross-margin accounts during the trading day, making those positions available for inclusion in the offset calculation.

CUBE Launches Certified Connector for Service Now

CUBE has launched a certified connector for ServiceNow Integrated Risk Management (IRM), making its regulatory intelligence and change management capabilities available within enterprise risk workflows. The integration is aimed at helping firms, particularly in highly regulated sectors such as financial services, connect regulatory updates and obligations more directly to compliance, risk and legal processes.

The integration links real-time regulatory updates and obligations from CUBE’s RegPlatform to ServiceNow IRM. CUBE is positioning that as a way to help organisations operationalise regulatory change more effectively within existing risk and compliance workflows, rather than relying on separate manual processes.

That positioning comes through clearly in the executive commentary. Ben Richmond, Founder & CEO of CUBE, said: “As regulatory complexity continues to grow, organisations need intelligence that works inside their existing platforms. Our partnership with ServiceNow extends CUBE’s mission to make regulatory change automated, actionable and embedded across the enterprise. Together with ServiceNow, we’re enabling firms to move faster, act earlier and manage compliance and risk at scale with far greater confidence.”

ServiceNow frames the integration in similar terms, with an emphasis on automation and workflow orchestration. “Regulatory change shouldn’t require manual tracking and endless coordination – it needs intelligent automation,” said Vasant Balasubramanian, Group Vice President and General Manager of Risk, ServiceNow. “By embedding CUBE’s intelligence into ServiceNow IRM, our AI agents can assess regulatory impact, trigger risk workflows, and orchestrate responses across the business. This gives risk and compliance leaders the ability to stay ahead of regulations and turn compliance obligations into competitive advantage.”

The broader significance is that regulatory change management is being tied more closely to enterprise risk operations. Instead of sitting outside core workflows, regulatory intelligence is being fed into the systems firms use to assess impact, assign actions and manage response processes.

CUBE says the partnership is backed by executive leadership and supported by a coordinated product and go-to-market strategy. It also expects to integrate select CUBE AI regulatory agents into the ServiceNow AI Control Tower, extending automation for shared customers using CUBE RegPlatform alongside ServiceNow IRM.

Quest Launch Bridges Identity Threat Detection and Recovery for Microsoft Operational Resilience

Quest Software has introduced a new Security Management Platform that brings together identity threat detection and response, recovery, and migration for Microsoft environments. The launch reflects a broader shift in identity security: firms are looking beyond detection alone and towards platforms that can also support resilience, recovery, and lower-risk modernization.

The company is positioning the platform around a practical problem many organizations face as identity becomes a more exposed control point. Hybrid Microsoft estates, the expansion of non-human identities, and wider AI adoption are increasing the volume and complexity of identity-related risk. In that context, Quest is combining threat management with secure migration and disaster recovery, aiming to reduce the operational gaps that can appear during periods of change such as cloud transitions, mergers, or infrastructure modernization.

Identity remains a growing attack surface, but recovery readiness is often less mature than detection. Quest points to its own research showing that more than 75 percent of global organizations do not test identity recovery often enough. It also cites the rapid growth of non-human identities, which it says now outnumber human identities by an estimated 82:1 ratio. Against that backdrop, the new platform is designed to give organizations broader visibility across identities, faster incident response, and a more structured way to recover critical services after an attack.

“AI fundamentally threatens the identity landscape at a level never before seen, and one thing is clear – identity security must include rapid recovery, not just detection and response,” said Michael Laudon, Chief Product and Technology Officer at Quest Software. “The Quest Security Management Platform delivers solutions that address how identity risk actually occurs within organizations – across daily operations, active attacks, and during high-risk moments of change such as AI adoption amid migration and modernization. By unifying our industry-leading solutions into one modern platform, customers no longer need multiple solutions to protect their most important assets.”

Two new capabilities sit at the centre of the release. Quest Identity Defence is described as an AI-powered security layer for hybrid Active Directory and Entra ID environments. It is intended to identify identity risk continuously, block unauthorized changes to critical Tier 0 assets, and improve visibility across both human and non-human identities. The emphasis is on making investigation and remediation more manageable in complex hybrid estates.

Quest Identity Recovery extends that focus into resilience. The offering is positioned as a hybrid Active Directory and Entra ID recovery solution that can restore identity services more quickly after a ransomware incident. A new Standby Active Directory Forest provisioning feature is intended to automate the creation of recovery environments, strengthening disaster recovery preparedness rather than treating recovery as a separate downstream process.

The platform also incorporates On Demand Migration, Quest’s Microsoft 365 certified tenant-to-tenant migration technology, covering Exchange, OneDrive, SharePoint, Teams, as well as Active Directory and Entra ID. That inclusion is notable because migration is often one of the periods when identity controls are under the most strain. Folding migration into the same platform as detection and recovery suggests Quest is framing modernization itself as a security and resilience issue, not just an infrastructure project.

Quest says the overall platform aligns with the National Institute of Standards and Technology Cybersecurity Framework 2.0 and Gartner recommendations. Structurally, it groups the offering into two main solution areas: Quest Secure Migration, which focuses on modernization with a security-first approach, and Quest Identity Security and Resilience, which is positioned as a full Identity Threat Detection and Response capability spanning prevention, detection, response, and recovery.

Regnology Extends Ascend Platform with Agentic AI to Operationalise Continuous Regulatory Intelligence

Regnology has expanded its Ascend platform with an agentic AI layer and deeper integration of its Regnology Supervisory Hub (RSH), positioning the platform as a unified environment for both regulatory reporting and supervisory oversight. The update builds on Ascend’s initial rollout in late 2025, which focused on data governance, automation and workflow orchestration across regulatory reporting processes.

The latest iteration shifts the emphasis from workflow automation to adaptive, intelligence-led operations. By embedding AI agents directly into the platform, Regnology is aiming to move reporting processes away from periodic, rules-based execution towards continuous monitoring and decision support. These agents are designed to manage workflows, analyse regulatory data and generate context-specific insights on an ongoing basis, operating on the firm’s unified regulatory data (RGD) model.

This architecture is consistent with broader industry moves towards granular, data-centric regulatory reporting, where consistency of underlying data models becomes a prerequisite for automation at scale. In this context, Ascend’s reliance on a single data foundation is intended to support both institutional reporting and supervisory consumption without duplication or transformation across systems.

The integration of RSH into the Ascend platform extends this model to regulators. Workflow agents are applied across supervisory processes such as data collection, validation and examination, while analytics agents surface key risk indicators and interpret outputs ranging from granular data points to narrative reports. The result is a more continuous oversight approach, where supervisory activities are embedded into the same data and workflow infrastructure used by reporting firms.

Regnology frames this as a step towards its long-standing Straight-Through-Reporting (STR) vision, in which regulatory reporting becomes a largely automated, end-to-end process supported by standardised data, embedded controls and real-time analytics. The addition of agentic AI introduces a layer of orchestration that can dynamically adjust workflows and prioritise risk signals, rather than relying on static reporting cycles.

“Our position at the nexus of risk, regulation, and finance gives Regnology a unique vantage point to support the industry’s evolution,” said Rob Mackay, CEO of Regnology. “Our next-gen Ascend platform is the engine of a paradigm shift transforming compliance into a single strategic command centre where high-quality data, continuous insight, and intelligent orchestration converge.”

The emphasis on convergence between reporting and supervision is notable. By extending the same AI-enabled infrastructure to both sides of the regulatory relationship, the platform aligns with emerging supervisory expectations around data lineage, transparency and near real-time access to granular information. This mirrors regulatory initiatives globally that are moving away from template-based submissions towards direct consumption of firm-level data.

“Ascend was designed as the foundation for a new era of regulatory reporting —bringing automation, transparency, and intelligence to the core of the financial operating model,” said Linda Middleditch, Chief Product Officer at Regnology. “By extending agentic AI to both regulators and the regulated on a trusted RGD data backbone, we empower the industry to move from reactive reporting to continuous intelligence for faster decisions and more resilient oversight.”

Regnology said it will progressively migrate its broader solution set onto the Ascend platform, indicating a longer-term strategy to consolidate its regulatory reporting, risk and finance capabilities within a single, AI-enabled architecture. For firms, the practical implication is a continued shift towards platforms that combine data standardisation, workflow automation and supervisory alignment—reducing fragmentation across reporting regimes while increasing expectations around data quality and control.

Bloomberg Expands MAC3 Risk Models for Enhanced Portfolio and Risk Forecasting Across Public and Private Investments

Bloomberg has expanded its MAC3 multi-asset risk models to cover private markets, extending the platform’s portfolio and risk forecasting capabilities beyond traditional public asset classes into private equity, private credit, real estate, infrastructure, hedge funds and liquid alternatives. The update reflects growing demand among institutional investors for more consistent measurement of risk across portfolios spanning both public and private investments. Bloomberg presents the expansion as a way to bring those exposures into a broader portfolio risk framework.

“Institutional investors are increasingly allocating across both public and private markets, yet risk is often measured in silos,” said Jose Menchero, Head of Portfolio Analytics Research at Bloomberg. “With these new models, MAC3 delivers a consistent, cross-asset factor framework that enables Bloomberg clients to understand and manage risk seamlessly across their entire portfolio in an increasingly complex investment landscape.”

Bloomberg MAC3 is a multi-asset class risk factor model that combines quantitative research techniques with Bloomberg security data to provide institutional investors with a unified view of risk across the portfolio. The platform currently includes more than 3,000 individual risk factors and supports risk forecasting, risk attribution, performance attribution, stress testing and optimization. The model also offers six time horizons, ranging from a responsive daily model to a stable long-term model, giving firms flexibility to align risk forecasts with different investment decision-making processes.

The new private markets capability adds MAC3 models for private asset funds, hedge funds and liquid alternative funds, allowing investors to forecast and decompose risk more consistently across public and private markets and support a total portfolio view across asset types. Bloomberg says the private fund model is constructed using dedicated private-asset factors and data on approximately 50,000 private funds covering private equity, private credit, real estate and infrastructure strategies, alongside hedge funds and liquid alternatives.

Across the alternatives fund suite, the models capture exposures across strategies, regions, sectors, styles and key macro sensitivities including rates, commodities, volatility and FX. Bloomberg says this can help investors identify shared risk drivers across managers and strategies, supporting portfolio construction, risk budgeting and governance at total portfolio level. Bloomberg’s MAC3 risk models are available to Terminal subscribers, who can use them to explore portfolio risk across public and private assets. Bloomberg PORT Enterprise customers can also license the underlying risk data, including risk factor exposures, volatilities, correlations and historical returns, with programmatic access available via API.

More broadly, Bloomberg positions MAC3 and PORT Enterprise as part of its wider buyside solutions suite, spanning research management, order and execution management, portfolio and risk analytics, trade compliance and operations. In that sense, the private markets expansion extends Bloomberg’s effort to support cross-asset investment workflows through a common data and analytics foundation.

FIX Trading Community Urges Regulatory Alignment in Response to FCA Consultations

The FIX Trading Community has called for significant changes to UK financial regulation in its formal response to FCA consultations on the UK consolidated tape and transaction reporting. Executive Director Jim Kaye emphasised that harmonising UK reporting rules more closely with EU standards would reduce complexity, lower the reporting burden, and improve the quality of market data. By addressing current concerns with post-trade transparency, the association aims to boost investor confidence in UK-based liquidity.

Regarding the 2027 equities consolidated tape, FIX recommends a single provider to ensure a “single source of truth.” Key proposals include aligning off-venue transparency exemptions with off-book exchange trades, removing duplicative reporting for trades already captured by EU Approved Publication Arrangements, and introducing disclosures for trade execution methodology. The association also seeks clearer regulatory guidelines for order chains and cross-border transactions to eliminate ambiguity in reporting responsibilities.

On transaction reporting, FIX advocates for a pragmatic approach to data sourcing, including the use of Legal Entity Identifiers for trusts and the FCA’s FIRDS as a primary data source. The response suggests removing specific RTS 22 fields while preserving essential transparency data. However, the association cautioned that proposed changes to data points, such as DEA indicators, may require significant system upgrades for firms. Overall, the recommendations focus on simplifying logic and maintaining data quality to support market integrity.