Skip to main content
CAIBots
KYC / AML Agentic AI · Secure Access
Tier 2 · Post-Demo Access
Authorized access only · contact​@caibots​.com
C
CAIBots
Platform Capability Reference · Restricted Distribution
CAIBots © 2025 · caibots.com
Architecture v2.1 · 7 Sub-Agents · 5 Source Tools
Platform
Capability
Matrix
KYC / AML Agentic AI
Covered Now — Production Ready Phase 2 Roadmap Out of Scope
Document Class
Platform Capability Reference · Restricted Distribution
Audience
Chief Compliance Officer · BSA Officer · Head of AML Technology · Chief Risk Officer
Regulatory Scope
BSA · FinCEN · FATF · OFAC · FFIEC · SR 11-7 · CTA 2024 · NIST 800-63-3
Architecture
v2.1 · 7 Sub-Agents Parallel · 5 Source Tools · Mandatory HITL · 5 Scenarios + Live Custom
Confidential · For Authorized Personnel Only CAIBots © 2025–2026 · caibots.com contact​@caibots​.com · +1 (609) 721-2815
Confidential · Restricted Distribution
01
Platform Overview
The Platform at a Glance
Continuously running compliance intelligence across three simultaneous time horizons
7
Sub-Agents
Simultaneous Parallel
5
Source Tools
Equal Authority
52
FATF Typologies
Pattern-Matched
3
Time Horizons
Simultaneous

The CAIBots KYC/AML Agentic AI platform is a continuously running compliance intelligence layer that operates across three simultaneous time horizons: new customer onboarding (CDD/EDD), perpetual KYC monitoring, and real-time transaction screening. Seven specialized AI sub-agents run in parallel against five peer data source tools.

Mandatory HITL — Non-Negotiable

Every critical action is gated behind a mandatory human-in-the-loop checkpoint. The system cannot auto-file a SAR, auto-exit a customer, or resolve a sanctions hit without an authorized human decision. The agent prepares — the BSA Officer decides.

01 · BSA / AML Compliance Core — US Commercial & Institutional Banking

Capability
Status
Implementation Notes
Retail / Commercial / Institutional CDD/EDD
Covered
All three DD levels. Correct regulatory routing. 25%/10% UBO thresholds enforced. FinCEN CDD Rule 31 C.F.R. §1010.230 compliant. Automatic tier assignment — SDD (<30), CDD (30–65), EDD (>65 or any PEP/sanction adjacency).
Perpetual KYC — Event-Driven Monitoring
Covered
Score drift >15pts triggers automated refresh with no analyst request. Replaces calendar-based periodic review entirely. 60–70% pKYC workload reduction vs. traditional scheduled review programs.
FATF 52-Typology Transaction Monitoring
Covered
All 52 typologies: structuring, layering, TBML, bulk cash, MSB patterns, hawala (core). Actimize/Verafin bidirectional integration. For structuring: calculates total avoided CTR reporting amount and maps full counterparty network.
OFAC / EU / UN / HMT Sanctions Screening
Covered
Real-time — not batch. Fuzzy name matching handles transliteration variants and name permutations. 2-hop PEP proximity screening. SDN cache TTL 1 hour — system never relies on stale list data for more than 60 minutes. Immediate blocking on any SDN hit.
SAR / CTR Filing Automation
Covered
Mandatory HITL approval gates all filings. Direct FinCEN BSA E-Filing post-approval. Agent never auto-files. BSA Officer is always the filer of record. 30-day SAR clock tracked with T-14 and T-5 escalation alerts. CTR auto-populated on qualifying cash events.
FinCEN 314(a) / 314(b)
Covered
14-day window tracking. Automated search executed on every 314(a) batch receipt. 5-year lookback applied automatically. HITL gate for BSA Officer response decision. 314(b) voluntary sharing referral generated when Knowledge Graph identifies cross-institution patterns.
Beneficial Ownership & CTA 2024 BOI
Covered
Full UBO traversal to natural persons. Shell company, circular ownership, and nominee structure detection. FinCEN BOI registry cross-reference on all commercial entity onboarding. CTA 2024 discrepancy flags triggered automatically when filed BOI diverges from detected ownership.
Correspondent Banking Risk
Covered
SWIFT path risk assessment, nested correspondent chain analysis, HIFCA designation checking, de-risking workflow with advisory HITL for significant relationships. Multi-hop correspondent risk propagated through Knowledge Graph.
PEP Screening & Adverse Media NLP
Covered
Dow Jones, Refinitiv World-Check, LexisNexis. 300+ monitored sources. 0–100 adverse media score with network propagation — UBO adverse media contaminates related-party network risk scores.
SR 11-7 Model Governance Framework
Covered
Back-testing (Gini >0.65 target), material change taxonomy with 7 defined change types, independent validation requirement framework. Full MRM documentation package included with every production deployment.
GDPR & Data Residency Architecture
Covered
PII boundary design — no PII in LLM prompts. DPIA template provided. EU regional deployment available (Pinecone Frankfurt, Neo4j AuraDB EU). Anthropic EU DPA with Standard Contractual Clauses available.
BSA Lookback Review Automation
Phase 2
Consent order lookback requires a distinct retroactive pipeline with different trigger logic and historical data traversal. Architecturally designed — not yet built. Estimated 8–12 weeks to production.
Real-Time Payments (FedNow / RTP)
Phase 2
Sub-100ms latency screening not yet architected. Current CDD pipeline target: <90 seconds end-to-end. Real-time payment rail screening requires dedicated low-latency inference path. Estimated 10–14 week build.
Capital Markets Surveillance
Out of Scope
Layering, spoofing, wash trading, MiFID II MAR — market abuse monitoring is a separate product domain from BSA/AML. Extension path available: 12–16 weeks as a parallel development track.
Confidential · Restricted Distribution
02
Intelligence Architecture
5 Peer Source Tools
Equal authority · No hierarchy · Parallel execution — every trigger dispatches all five simultaneously
Architecture Principle

No source tool has authority over another. All five execute simultaneously on every trigger event. Conflicting signals are resolved by the orchestrator through weighted synthesis — not by tool priority. Every determination is traceable to a specific source tool, specific data input, and specific regulatory citation.

[VECTOR-RAG] Regulatory Playbooks Pinecone + pgvector DR
Technology: Pinecone (production, namespaced by LOB/regulation/jurisdiction) + pgvector (DR). Chunked 600–900 tokens with text-embedding-3-large, fine-tuned on FinCEN SAR narratives and BSA exam findings. MMR hybrid retriever with Cohere reranker · Top-8 chunks · Cross-encoder reranking.
Contents: FinCEN CDD Rule (2016), FFIEC BSA/AML Examination Manual, FATF 40 Recommendations + 52 Typologies, OFAC compliance framework, FinCEN guidance letters 2012–2025, state MSB regulations, institution's internal BSA/AML policy manual (institution-specific namespace), prior SAR filings (PII-stripped). Updated on every FinCEN guidance release and FATF mutual evaluation publication.
[API-CALLS] Live Screening Parallel Real-Time APIs
Vendors: Jumio / Onfido / IDEMIA (identity verification + biometrics) · OFAC SDN + Consolidated, EU/UN/HMT sanctions · Dow Jones + Refinitiv World-Check + LexisNexis Bridger (PEP/adverse media) · D&B ORBIS + FinCEN BOI + OpenCorporates (ownership). All results normalized to CAIBots Evidence Schema v2.
Real-time parallel API calls dispatched on every trigger event. Identity documents authenticated, biometric liveness confirmed, synthetic identity scored (Socure/Alloy). Sanctions lists queried with fuzzy name matching, transliteration variants, and 2-hop PEP proximity. All API calls execute in parallel — not sequentially — to meet latency SLA.
[SQL-DB] Customer Intelligence Snowflake Data Warehouse
Technology: Snowflake (read-only connection). CAIBots never writes to core banking data. Velocity aggregation windows pre-computed at 7d/30d/90d/12mo. Query SLA: <5 seconds for 36-month lookback.
Contains: 36-month transaction history with counterparty analysis and velocity windows, current and historical risk scores, prior KYC review outcomes with reviewer decisions, SAR/CTR filing history, FinCEN 314(a) match history, correspondent bank profiles with SWIFT BIC risk tiers, regulatory exam findings and MRA/MRIA tracker, prior bank exit records.
[KNOW-GRAPH] Ownership & Networks Neo4j AuraDB Enterprise
Technology: Neo4j (AuraDB Enterprise or self-hosted). Node types: Customer, Entity, Person, Account, Transaction, NewsArticle, RegulatoryAction. All relationships typed and weighted. Incremental updates from ownership change events and adverse media pipeline.
Models: UBO chains with 25%/10% threshold enforcement enforced at graph level, PEP → family member → associate → business entity networks with cross-jurisdiction linkage, correspondent bank chains with SWIFT routing path risk, SAR subject ↔ account ↔ counterparty linkages, adverse media → allegation type → entity clustering. Enables multi-hop risk propagation across the full relationship network — risk score contamination travels through UBO and network edges automatically.
[MEMORY] Compliance Intelligence 4-Tier Memory Architecture
Technology: In-Weights (fine-tuned model) + Redis (long-term KV) + In-Context (session state) + KV Cache (TTL-managed list data).
Tier 1 — In-Weights: Model fine-tuned on institution's closed KYC case library, SAR narrative style guide, and risk appetite calibration. This is the institution's "compliance voice" embedded in the model — narratives match the filing style examiners expect. Tier 2 — Long-Term/Redis: Prior case decisions, examiner findings, remediation patterns from MRA/MRIA tracker. Tier 3 — In-Context: Session state carrying risk score evolution across multi-trigger investigations. Tier 4 — KV Cache: OFAC SDN TTL 1hr, PEP list TTL 4hr, adverse media alert cache, 314(a) batch cache.
Confidential · For Authorized Personnel Only · CAIBots © 2025–2026 CAIBots KYC/AML Agentic AI · Platform Capability Matrix · Architecture v2.1 contact​@caibots​.com · caibots.com