AI agents Skills for compliance officer in investment banking: What to Learn in 2026

AI is already changing compliance work in investment banking in very practical ways. Screening alerts are getting triaged by models, surveillance teams are using AI to spot patterns across chat, trade, and email data, and regulators expect faster evidence when something looks off.

For a compliance officer, the job is shifting from manual review to oversight of AI-assisted controls. That means you need enough technical fluency to challenge model outputs, test workflows, and explain decisions to audit, legal, and regulators.

The 5 Skills That Matter Most

1. •

   AI-assisted surveillance triage

   You do not need to build the surveillance model, but you do need to understand how it ranks alerts and where false positives come from. In investment banking, this matters for market abuse surveillance, communications monitoring, and trade anomaly detection.

   Learn how to review alert logic, thresholds, and escalation rules. If you can explain why an alert fired and whether the model is overfitting to harmless behavior, you become useful fast.

2. •

   Prompting for compliance analysis

   Compliance teams are already using LLMs to summarize policy gaps, draft first-pass issue logs, and compare regulatory text across jurisdictions. The skill is not “chatting with AI”; it is asking for structured outputs that can survive review.

   You should know how to prompt for tables, citations, exception lists, and red-flag extraction from long documents. In practice, this saves hours on policy mapping for MiFID II, MAR, FCA conduct rules, or internal controls testing.

3. •

   Model risk basics

   If your bank uses AI in KYC screening, transaction monitoring, or case prioritization, compliance has to understand model governance. You need the basics of validation, drift, explainability limits, bias testing, and human override.

   This is especially important when a model influences SAR decisions or client risk ratings. A compliance officer who can ask “what changed in the training data?” or “how was this threshold validated?” is much harder to ignore.

4. •

   Data literacy for control evidence

   Most compliance failures are not caused by missing policy; they are caused by bad data lineage or weak evidence trails. You should be comfortable reading CSV extracts, spotting missing fields, understanding joins between trade data and communications data, and checking whether a control actually ran.

   This skill matters because AI tools only help if the underlying data is clean enough. If you can verify source-to-report traceability for monitoring outputs, you can challenge both vendors and internal technology teams.

5. •

   Workflow automation with no-code/low-code tools

   Compliance work still has repetitive steps: intake forms, case routing, evidence collection, periodic attestations, and escalation tracking. Learning tools like Power Automate or basic Python lets you automate low-risk parts of that workflow without waiting on engineering.

   The goal is not to replace controls; it is to reduce manual drag around them. A compliance officer who can automate evidence collection for quarterly reviews becomes more valuable than one who only writes comments in Word docs.

Where to Learn

• •

  Coursera — “AI For Everyone” by Andrew Ng

  Good first pass on how AI systems work without getting buried in math. Spend 1 week here if you want a clean vocabulary before moving into governance topics.

• •

  Coursera — “Machine Learning Specialization” by DeepLearning.AI

  You do not need all three courses in depth. Focus on concepts like training data, overfitting, evaluation metrics, and error analysis so you can speak intelligently about surveillance or screening models.

• •

  Book — Designing Machine Learning Systems by Chip Huyen

  Strong practical book for understanding how models fail in production. The chapters on data drift and monitoring are especially relevant if your bank uses AI in AML or conduct surveillance.

• •

  Book — The Data Warehouse Toolkit by Ralph Kimball

  Old-school but still useful for understanding data models behind reporting and control evidence. Compliance officers who understand facts vs dimensions vs lineage ask better questions of analytics teams.

• •

  Tool — Microsoft Power Automate + Excel Power Query

  This is the fastest path to useful automation in a bank environment where Microsoft tooling is already approved. Use it to build intake routing flows or clean recurring control evidence exports.

If you want a realistic timeline: spend 6 weeks building baseline fluency.

• •Weeks 1–2: AI basics + prompting
• •Weeks 3–4: model risk + governance
• •Weeks 5–6: data literacy + one automation tool

How to Prove It

• •

  Build a surveillance alert review pack

  Take a sample set of anonymized alerts and create a dashboard that groups them by reason code, desk, product type, and false-positive rate. Add commentary on which thresholds look noisy and what additional fields would improve triage.

• •

  Create a policy-to-control mapping assistant

  Use an LLM to map one regulation or internal policy set to required controls in a structured table. Include columns for obligation text, control owner role,, evidence type,, and review frequency; then manually validate the output against source documents.

• •

  Automate quarterly attestation collection

  Build a Power Automate flow that sends reminders,, collects responses,, stores evidence,, and flags late submissions. This shows you can remove admin work while preserving auditability.

• •

  Draft a model oversight checklist for compliance

  Write a one-page checklist for any AI tool used in AML,, surveillance,, or client onboarding.

  Include:

  • •training data source
  • •validation owner
  • •override process
  • •drift monitoring
  • •escalation path
  • •record retention

What NOT to Learn

• •

  Deep neural network theory

  Unless you are moving into ML engineering,, this will not help you review controls or challenge vendors. Your time is better spent on governance,, data quality,, and workflow design.

• •

  Generic chatbot building with no compliance use case

  Building random Q&A bots looks impressive but rarely maps to bank controls. Focus on use cases tied to surveillance,, KYC,, policy review,, or audit evidence.

• •

  Vendor marketing language around “autonomous agents”

  A lot of agent talk hides weak process design. In banking compliance,, the question is always: who approved it,, what data did it touch,, what did it decide,, and how do we prove it later?

Keep learning

• •The complete AI Agents Roadmap — my full 8-step breakdown
• •Free: The AI Agent Starter Kit — PDF checklist + starter code
• •Work with me — I build AI for banks and insurance companies

By Cyprian Aarons, AI Consultant at Topiax.