Architecting Explainable AI Agents for Financial Compliance Monitoring

Building AI Agents for Compliance Monitoring in Finance: Architecture That Passes Auditors

Dextra Labs proposes a multi-agent architecture for financial screening. Major regulators including FINRA, FCA, and RBI require documented reasoning for automated decisions, rendering ‘the AI said so’ an unacceptable answer.

Why This Matters

The technical reality is that high accuracy and low false-positive rates are insufficient for regulatory approval if the system lacks explainability. In finance, a model providing a raw probability score (e.g., 0.87) without a human-readable evidence chain is considered worse than having no compliance AI at all because it cannot be challenged or reviewed by an auditor.

Key Insights

• Regulatory mandates from FINRA, FCA, and RBI require that automated decisions include documented reasoning available for human audit.
• Watchlist version traceability requires recording the exact version ID (e.g., OFAC SDN List version 20260415-1423) active at the time of screening rather than just confirming the list was used.
• Decision immutability must be enforced via append-only stores; using databases where records can be updated leads to audit failure.
• Explainability is achieved by separating raw risk scores from plain-language rationales that cite specific data points, such as similarity percentages to sanctioned entities and FinCEN Advisory references.

Working Examples

Regulatory Ingestion Agent implementing provenance tracking and structured parsing of watchlist updates.

from anthropic import Anthropic
from datetime import datetime
import hashlib
import json
client = Anthropic()
class RegulatoryIngestionAgent:
def __init__(self, db_connection, audit_logger):
self.db = db_connection
self.audit = audit_logger
async def ingest_watchlist_update(
self,
source: str,
raw_data: bytes,
update_metadata: dict
) -> dict:
"""
Ingests watchlist updates with full provenance tracking.
Every entry gets a source, version and effective date.
"""
# Parse with Claude for flexible format handling
response = client.messages.create(
model="claude-sonnet-4-5",
max_tokens=4000,
system="""Parse regulatory watchlist data into
structured entities. Handle variations in format
across different regulatory sources.
extract for each entity:
- canonical_name (primary identifier)
- aliases (all alternative names)
- entity_type (individual/organisation/vessel/aircraft)
- identifiers (passport, tax ID, registration numbers)
- addresses (with country codes)
- listing_reason (sanctions program or crime category)
- effective_date
- source_reference (regulatory document ID)
Return JSON array of entities.
Flag any entries with ambiguous identity markers."",
messages=[{
"role": "user",
"content": f"Source: {source}\\ n\\ n{raw_data.decode('utf-8', errors='replace')}"	}]
enentities = json.loads(response.content[0].text)
iversion control for watchlist entries
for entity in entities:
entity['_provenance'] = {	'source': source,	'ingest_timestamp': datetime.utcnow().isoformat(),	'source_document_hash': hashlib.sha256(raw_data).hexdigest(),	'regulatory_effective_date': update_metadata.get('effective_date'),	'version_id': self.generate_version_id(entity, source)	}
avait self.db.upsert_watchlist_entities(entities)
self.audit.log({	'event': 'watchlist_update_{ingested}',	'source': source,	'entities_{added}': len(entities),	'timestamp': datetime.utcnow().isoformat()	})
return {	'entities_{processed}': len(entities),	'flagged_{for}_{review}': [e for e in entities if e.get('ambiguous')] 	}

Transaction Screening Agent combining rule-based pre-screening with LLM analysis for fuzzy matching.

class TransactionScreeningAgent:
RISK_THRESHOLDS = {	'auto_{clear}': 0.25,	'analyst_{review}': 0.6,	'block_{and}_{escalate}': 0.85	}
async def screen_{transaction}(	self,
transaction: dict	n) -> dict:	n"""
Samples transaction against watchlists and risk models.
screens decision with full reasoning chain for audit trail.	n"""
t# Fast rule based pre screen 
rule matches = await self run rule engine(transaction)	if rule matches['exact match']:	run self build decision(
transaction,	risk score=0 95,
decision='BLOCK',	reasoning type='exact watchlist match',	evidence=rule matches 	n)
t# Claude analysis for fuzzy matching and context 
entity context = await self get entity context (
transaction['counterparty'] 
n)
tresponse = client messages create (
tmodel="claude sonnet 4 5", 
tmax tokens=1500 ,	system="""You are a compliance analyst screening financial transactions... Return as JSON with schema: { \ "risk score": float , "risk factors": [ { "factor": str , "evidence": str , "weight": str } ] , "mitigating factors": [ str ] , "decision rationale": str , "recommended action": str , "confidence": str , "additional checks required": [ str ] } """, 	messages=[ { "role": "user", "content": f... } ] )	analysis = json loads(response content[ 0 ] text ) 	run self build decision (
transaction ,	risk score=analysis ['risk score'], 
decision=analysis ['recommended action'], 	reasoning type='claude analysis', 
evidence=analysis ) 

Practical Applications

• [AML Monitoring] System flags counterparty names based on similarity to sanctioned entities on lists like OFAC SDN; Pitfall: Providing only a risk score instead of specific regulatory references leads to audit failure.
• [Regulatory Reporting] Audit Trail Agent generates examination reports summarizing high-risk transactions; Pitfall: Using a mutable database for logs allows record modification after the fact, causing examination failure.

References:

• https://dev.to/dextralabs/building-ai-agents-for-compliance-monitoring-in-finance-architecture-that-passes auditors -4i9g