ClickCease

Something we said? Don’t leave just yet!

For more information about latest events, news and insights, leave us your email address below.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form
Dismiss

How Legacy Tech Undermines AI in AML

AI alone won’t transform AML. Discover why strong data, architecture, and governance foundations are critical to delivering real, sustainable value.

Kevin McGuinness
June 25, 2026

There’s no shortage of conversation about AI in financial crime.

Boards expect it. Vendors promise it. Regulators are increasingly focused on it.

But there’s a more difficult reality many organisations are still working through; most AML platforms weren’t built to support AI in the first place.

The problem isn’t AI, it’s the foundations it relies upon

Across the industry, pressure on financial crime teams continues to build.

Compliance costs are rising, expectations around real-time risk detection are increasing, and institutions are being asked to do more with less; reducing false positives while maintaining robust, defensible controls. As found in the Napier AI / AML Index, in many markets, the cost of compliance is already outpacing the growth of financial crime risk, driven by complexity, fragmented regulation, and operational inefficiencies.

Faced with this, many firms are turning to AI as a way forward. But the instinct to layer AI onto existing systems often leads to a familiar outcome, isolated improvements in specific areas combined with growing complexity across the wider architecture.

The issue is not the technology itself. It is the environment it is being introduced into.

Why layering AI onto legacy systems fails to deliver true value

Most AML environments have not been designed end-to-end; they have evolved over time.

It is common to see transaction monitoring systems sitting alongside separate screening platforms, with data distributed across multiple sources, and controls embedded deeply into workflows. Even small changes require careful coordination to ensure risk is not introduced.

In this context, adding AI often feels like a practical step. A model might be introduced to reduce false positives or to assist investigators with decision-making. These use cases can deliver clear value in the short term.

Over time, however, the limitations resurface. Data remains fragmented, inefficiencies persist, and governance becomes more complex. Institutions can find themselves managing multiple layers of technology, each solving a narrow problem but collectively creating a system that is harder to explain, audit, and evolve.

The result is not transformation, but layered technological debt. Like rock strata formations created from deposits, compacted and eroded over time, but not truly connected.  

What “AI-ready” actually means in practice

“AI-ready” has little to do with whether AI tools are available, and much more to do with whether the underlying environment can support them effectively. An AI-ready AML platform is one where data is accessible, consistent, and governed across the organisation. It is built on an architecture that supports scalability and (increasingly) real-time decisioning. Just as importantly, it operates within a control framework that makes outcomes explainable to regulators and internal stakeholders.

Without these elements, even the most advanced models struggle to deliver lasting value.

A simple test is this. If an institution cannot clearly explain how an alert was generated, why it was discounted, and how that decision aligns with its risk appetite, then introducing AI is more likely to amplify existing problems rather than resolve them.

The risk of trying to move too quickly

There is significant pressure to accelerate transformation programmes, with AI often positioned quick-fix to uplift legacy systems to next-generation capability.

In financial crime, however, sudden change introduces risk. Controls cannot be disrupted, investigators require consistency, and regulators expect stability even as firms modernise.

In practice, the organisations making the most meaningful progress are neither attempting AU-layering onto legacy systems no rapid replacement. Instead, they take a more deliberate approach, introducing new capabilities alongside existing processes, validating outcomes, and building confidence incrementally, but with a clear plan to upgrade the risk engines underpinning operations.  

This might mean improving alert prioritisation in one area, enhancing data visibility in another, or gradually decoupling elements of legacy architecture. Progress remains meaningful, but it is controlled. The pace matters, but the sequencing is what makes it sustainable.

High value use cases for AI in AML

Despite these challenges, AI is already delivering measurable benefits when applied in the right context.

In screening, it can reduce false positives by applying additional analysis to name matching results, allowing firms to process higher volumes without increasing operational cost. In investigations, it can support analysts by surfacing relevant information more quickly or summarising complex regulatory requirements across jurisdictions.

These capabilities are already in use today.

However, they tend to succeed in environments where data is accessible, controls are clearly understood, and decisions can be explained with confidence. Where these conditions are missing, the value of AI is much harder to realise.

Moving beyond the hype cycle

The conversation around AI in AML is evolving.

There is still strong interest, but there is also growing recognition that technology alone is not the answer. The institutions that will see the greatest benefit from AI are not necessarily those that adopt it first, but those that build the right foundations to use it effectively.

This means addressing legacy constraints, improving data quality and accessibility, and strengthening governance frameworks. These are not new challenges, but they have become more urgent and more visible as AI moves from concept into implementation.

Futureproofed fincrime, step by step

Financial institutions do need to modernise. They do need to prepare for AI-enabled AML. They also need to balance innovation with control.

The path forward is not about making a single, transformative leap. It is about making a series of deliberate, well-sequenced decisions that gradually build a more effective and sustainable operating model.

Because in the end, the next generation of AML will not be defined by who adopts AI the fastest.

It will be defined by who creates the conditions for it to work properly.

Learn more in our latest whitepaper on how to build AI ready infrastructure.

Kevin McGuinness
Global Head of Strategy
Kevin McGuinness is the Global Head of Strategy at Napier AI, bringing over 20 years of experience in financial services. With a focus on combating anti-money laundering (AML) and financial crime, he leads a global team of experts in technology and regulation. Kevin's track record includes senior roles in delivery, transformation, and commercial leadership, notably at First Derivative, where he built and managed a global consulting team. Renowned for his innovative approach, Kevin integrates agile technologies, strategic partnerships, and best-in-class operating models to ensure compliance and drive commercial advantage for institutions worldwide.
What’s popular./
AI in AML Compliance: Validating Anti-Money Laundering Outcomes Under Regulatory Supervision
Janet Bastiman
April 15, 2026
New Swedish AML/CFT Guidance Targets Cash-Based Money Laundering
Kevin McGuinness
April 1, 2026
Napier AI Targets Critical Gaps in AML with Insights AI, Tested in FCA Supercharged Sandbox
Napier AI
March 12, 2026