Regulation has never been a fixed destination; it’s a moving target shaped by new risks, political shifts and rapid technological change. For financial institutions, keeping pace is no longer about simply interpreting rules — it’s about anticipating them. As compliance teams grapple with increasing complexity and shrinking reaction times, data is emerging as the only force capable of bringing clarity to an ever-evolving rulebook. But can analytics, automation and AI truly make sense of regulatory turbulence, or are we expecting too much from the numbers?
For Supradeep Appikonda, COO and co-founder of 4CRisk.ai, he believes firms need to research and correlate changes to laws, regulations, rules and standards applicable to their organizations by reviewing alerts and notifications from agencies and regulatory sources.
“AI data analysis can do this 20, 30 or 40 times faster,” he said. “AI can gather and curate this regulatory intelligence from feeds, emails and subscriptions that provide guidance and examination requirements, across multiple document types.”
Importantly, Appikonda explains, AI agents are able to organise changes by topics, and understand which alerts are actually in scope for a particular organisation.
He said, “AI can extract key obligations and requirements, categorize them by relevance, and automatically map changes to a company’s internal jurisdictions, risks, products, services, policies, procedures, and controls. This drastically reduces the time it takes to identify new requirements and plan a response. Automation, leveraging data analytics and AI, transforms regulatory change management by automating the entire workflow – from scanning and alerting to analysis and collaboration.”
Can machine learning truly capture the nuance and intent behind evolving regulations? Here, Appikonda made clear that machine learning uses special techniques to understand the nuance and intent in regulations, rules, laws and standards.
He said, “One technique is Semantic Analysis that used word embeddings such as Word2Vec or language models to map words and phrases into numerical vectors, then look at words used in similar contexts to set up vectors close to each other, allowing the model to grasp semantic similarity and context.
“Another technique is Named Entity Recognition which identifies and classifies key components in a highly structured way. AI analyzes the text for entities such as actors, such as “financial institutions,” or “the regulator” as well as Actions such as “must report,” or “shall prevent”, Dates, and other items.”
Going into a third technique, known as Sentiment and Tone Analysis, Appikonda explained that this can detect intent by analysing words like prescriptive (must), prohibitive (shall not), or discretionary (may). In addition, when small, specialized language models (SLMs) curated on validated, authoritative sources are used, context can be analysed, contributing more to uncovering true nuance and intent, said Appikonda.
Appikonda summarised, “When AI analyzes and interprets phrases within the entire text of a regulation, it can see and resolve ambiguities, identify cross-references, and flag those components that are highly dependent on the surrounding phrases, components and clauses, which significantly improves nuance and intent. By further embedding human oversight, AI algorithms can be continuously improved.”
A key barrier preventing organisations from turning regulatory text into actionable intelligence is a lack of automation, Appikonda said.
He remarked, “Without automation, in particular, AI that can process, analyze and extract patterns from multiple document forms such as PDFs, spreadsheets and emails, organizations will continue to be burdened with massive amounts of data that take months to process. That opens them up to failures, fines and breaches. On the other hand, with AI-powered regulatory intelligence, these functions can be done in minutes, rather than months.”
A question asked by some in the industry has been whether regulators themselves start to rely on similar technology to oversee compliance more dynamically. Here, Appikonda said that regulators have expressed keen interest in how AI-powered agents can transform regulatory compliance processes to reduce risk and raise compliance across organizations.
He finished, “These solutions not only protect firms but also make the regulator’s role in reviews and examinations more effective and meaningful for the industry.”
No longer static
Regulation is no longer a fixed rulebook; it has become a constantly expanding ecosystem of legislation, guidelines, consultations and enforcement actions. For financial institutions, that creates a relentless challenge: tracking, interpreting and implementing change quickly and consistently across multiple jurisdictions.
According to Rory McGrath, Global Head of Pre-Sales at Corlytics, firms have now accepted that manual processes simply cannot keep pace. Automation, structure and intelligent insight have become essential. He describes data as the foundation of regulatory clarity, with institutions increasingly adopting structured data models and analytical tools to monitor the global regulatory landscape, identify relevant material, and assess impact with speed and precision.
Corlytics’ own regulatory monitoring system continuously aggregates and enriches data from trusted global sources, classifying every publication—from legislative updates to enforcement actions—within a regulatory taxonomy tagged by jurisdiction, topic and risk theme. This allows clients to view change as it happens and understand what it means for their business. Beyond tracking, analytics help firms uncover broader patterns: enforcement trends signalling rising priorities such as operational resilience or ESG disclosures. When aligned with business operations, this enables firms to anticipate regulatory direction and respond proactively rather than reactively.
But McGrath notes that the real goal is not just to collect regulatory data, but to connect it—linking obligations to internal policies, controls and processes. This is where data and analytics deliver their true value: transforming a vast, unstructured rulebook into a clear, actionable picture of risk and responsibility.
The rise of machine learning is pushing this further. McGrath says the technology now accelerates document classification, obligation extraction, summarisation and cross-jurisdiction correlation. Corlytics uses AI to automate repetitive analytical tasks so compliance teams can focus on interpretation and strategy. Yet he is clear-eyed about its limits. Regulation is full of nuance, intent and contextual dependencies that models cannot fully grasp.
Subtle shifts in phrasing can reshape obligations, and understanding these distinctions often demands expert legal interpretation. This is why Corlytics takes a hybrid approach: combining the scale and speed of AI with human oversight. Analysts validate and refine outputs to preserve context, safeguard accuracy and maintain trust. Machine learning enhances understanding, he says, but performs best when guided by expert judgment and strong governance.
For many organisations, the biggest barriers to turning regulatory text into actionable intelligence stem not from a lack of information, but from difficulties in making it usable. McGrath points to data fragmentation across sources and jurisdictions, the semantic and legal complexity of interconnected documents, and the need for explainability in analytics and AI.
Resource and skills gaps add further strain, while firms also struggle with process and cultural alignment—ensuring that insight actually translates into compliant action. Corlytics addresses these challenges with structured taxonomies, explainable outputs and tools designed to embed regulatory intelligence directly into operational workflows, enabling firms to bridge the gap between understanding and implementation.
McGrath also sees regulators adopting similar capabilities. Supervisory technology, or SupTech, is already gaining traction globally as authorities turn to data analytics, AI and automation to monitor markets and oversee compliance in near real time. As supervisors become more data-driven, they will expect the same from the institutions they regulate.
This shift, he argues, marks a new phase of regulatory evolution—one that could foster greater transparency, faster remediation and more consistent application of rules across markets. The next stage may involve direct data sharing, automated evidence provision and continual dialogue supported by trusted analytics platforms. Firms that have invested early in data governance, explainability and automation will be better prepared for this emerging model of supervision.
Ultimately, while the rulebook will continue to evolve, the tools to make sense of it are improving rapidly. Data and analytics have transformed how firms monitor and interpret regulatory change, machine learning is delivering speed and efficiency, and expert oversight ensures nuance is not lost.
The remaining barriers—fragmentation, complexity and process alignment—are steadily being dismantled through structured data, explainable AI and integrated workflow automation. As regulators move in the same direction, those with a strong data-driven compliance foundation will find themselves ahead of the curve. Corlytics’ mission, McGrath says, is to turn regulation into intelligence—empowering institutions to navigate an ever-changing landscape with clarity and confidence.
A need for experts
Allison Lagosh, head of compliance at Saifr, stated that firms are using data within AI platforms to help track regulatory changes in real time for immediate compliance needs.
She said, “This is a new practice, and legal and compliance teams are taking advantage of the AI tools in this area. These tools enable them to become less manual with their research and more effective of delivering outputs that they can further refine and analyse. However, there will always be a need for compliance and legal experts to distil these complex regulations to truly capture the nuances and recommend actions.”
Furthermore, Lagosh waxed that regulators have already started to rely on AI tools as well.
“The SEC has enhanced their operations through the responsible use of AI. The SEC’s divisions and offices are building enterprise capacity for AI innovation and implementing AI solutions that are mission enhancing. Acknowledging the transformative impact of AI, the SEC’s AI Task Force was created in August 2025 and is accelerating AI integration to bolster the SEC’s mission. More regulators are in a similar process of interweaving AI within their daily operations to support their goals as well.”
Unprecedented evolution
The compliance ecosystem is consistently showing signs of evolving at ‘unprecedented pace’, claims Gion-Andri Büsser, co-CEO of IMTF, with new regulations, emerging risks, and increasing reporting requirements constantly reshaping the landscape.
He said, “Making sense of this complexity requires more than data aggregation; it demands the ability to connect and interpret data across silos. One perfect illustration of this complexity is trade-based money laundering: today, by linking transaction data, shipment details, and counterpart information, financial institutions can turn fragmented records into actionable intelligence that reveals hidden patterns.”
He also emphasised that IMTF’s core product, Siron One, helps provide this holistic view, enabling companies to align data, processes and controls dynamically as regulations evolve. As compliance teams become more data-driven, regulators are following suit, speedily developing SupTech solutions to boost oversight and monitor compliance more dynamically.
Büsser concluded, “Data alone doesn’t create clarity — context does. The power lies in connecting data, rules, and human insight to turn constant change into confident action.”
Find more on RegTech Analyst.
Copyright © 2025 FinTech Global
The post Can data make sense of an ever-changing rulebook? appeared first on FinTech Global.