Financial Crime Operations
Agentic KYC, AML, fraud, and sanctions casework with policy-bound investigation, human adjudication, and audit evidence.
Purpose
Help financial-crime teams move from alert queues to evidence-bound case decisions. ContextOS coordinates investigation agents that gather facts, compare policy, draft narratives, and recommend disposition while keeping final high-risk decisions with accountable humans.
Why this is agentic-first
KYC, AML, sanctions, and fraud workflows are not single prompts. They require multiple evidence sources, policy interpretation, identity resolution, adverse-media review, transaction analysis, case writing, and supervisory approval. McKinsey describes agentic AI in financial-crime contexts for client onboarding, KYC refreshes, transaction monitoring, sanctions, and fraud investigations from alert to case closure.
ContextOS is useful because every case must explain why the agent touched each source, which rule fired, who approved the disposition, and which evidence snapshot supports the decision.
Context Pack
| Layer | Required entries |
|---|---|
decision_layer.decision_specs[] | fincrime.alert.triage, fincrime.kyc.refresh, fincrime.case.disposition, fincrime.report.file |
policy_layer.policy_bundles[] | AML policy, sanctions policy, fraud policy, customer risk policy, data-retention policy |
policy_layer.approval_gates[] | GATE_INVESTIGATOR_REVIEW, GATE_MLRO_APPROVAL, GATE_REGULATORY_REPORT |
tooling_layer.adapter_registry[] | adp_corebanking.lookup, adp_kyc.fetch, adp_txn.analyze, adp_sanctions.screen, adp_case.update, adp_report.file |
memory_layer.write_classes_allowed | case_pattern, policy_correction, decision_outcome |
evaluation_layer.eval_targets[] | false-negative rate, escalation quality, case-narrative completeness, audit acceptance |
Agent roles
| Agent | Responsibility | Boundary |
|---|---|---|
| Alert Triage Agent | Clusters alerts and resolves customer, account, and transaction identity. | Cannot close cases. |
| Evidence Agent | Fetches KYC, sanctions, transaction, and adverse-media evidence. | Read-only except case notes. |
| Policy Agent | Maps evidence to policy rules and required case fields. | Cannot override policy. |
| Narrative Agent | Drafts case summary, rationale, and regulator-ready timeline. | Draft only. |
| Supervisor Agent | Checks completeness, contradictions, and approval requirements. | Can block disposition. |
Execution flow
invokeAgentarrives withintent=fincrime.investigate, alert IDs, jurisdiction, customer ID, and queue priority.- Compiler pins policy bundles, permitted data sources, jurisdiction overlays, retention limits, and case schema.
- Alert Triage Agent clusters duplicate or related alerts.
- Evidence Agent gathers account, KYC, transaction, sanctions, and adverse-media evidence.
- Policy Agent evaluates rule matches and required fields.
- Narrative Agent drafts a case package with citations and gaps.
- Supervisor Agent verifies evidence completeness and conflict status.
- Low-risk false positives can be recommended for human batch approval. Suspicious activity, sanctions hits, or regulatory filings require named approval.
- Tool Gateway updates case system or files report only after gate approval.
- ContextOS emits a
DecisionRecordwithdecision_key="fincrime.case.disposition".
Decision gates
| Gate | Trigger | Required evidence |
|---|---|---|
GATE_INVESTIGATOR_REVIEW | Any case closure, escalation, or customer risk-rating change. | alert cluster, rule matches, evidence refs, narrative |
GATE_MLRO_APPROVAL | Suspicious activity recommendation or high-risk jurisdiction. | full case package, policy citations, reviewer notes |
GATE_REGULATORY_REPORT | Filing, correction, or withdrawal of regulated report. | filing payload, jurisdiction rule, approval chain |
Failure modes
- Identity collision - CEID/SID resolution must prove the customer, account, and transaction belong to the same entity.
- Source conflict - contradictory KYC or sanctions data triggers
escalateinstead of disposition. - Policy version mismatch - Compiler refuses packs that mix incompatible policy versions.
- Narrative without evidence - Supervisor blocks case updates when claims lack
evidence_refs. - Over-automation risk - high-risk decisions stay as recommendations until human approval.
Metrics
- Case package completeness.
- False-positive reduction with no increase in false negatives.
- Investigator acceptance rate.
- Time from alert to first decision.
- Regulatory filing defect rate.
- Number of policy gaps discovered through operator correction.
Research signals
- McKinsey describes agentic AI across KYC, transaction monitoring, sanctions, and fraud investigations.
- McKinsey’s corporate credit process article describes layered agents for analysis, controls, synthesis, and human validation.
- Gartner’s guardian-agent research reinforces the need for automated oversight as agent power increases.