The agentic advantage: why regulated firms are built to win with AI

Start with what is working. 75% of UK financial-services firms already use AI, up from 58% in 2022, with another 10% planning to follow within three years (Bank of England and FCA survey, 2024). This is no longer an early-adopter story. It is the sector's operating reality.

Compliance is where it pays first. The work is document-heavy, rule-bound and evidence-driven: exactly what AI does well, in exactly the setting where every decision needs to be on the record.

At Walker Morris, service-agreement reviews that took four hours of line-by-line reading now take fifteen minutes with automated checking. Across UK mortgage networks, the same pattern holds on case files: the reading happens at machine speed, and qualified people spend their judgement where it matters.

Here's the bit the risk headlines miss. For most compliance teams, review capacity is the constraint on growth. Checking knowledge sits with two or three senior people, and when they leave, quality drops immediately. Encoding that judgement into governed automation is how firms stop depending on heroics.

So the board question has rightly moved on from whether to use AI to how to use it without creating a new exposure. That question has a good answer. It starts with being precise about what actually goes wrong.

The incidents making headlines are worth reading closely, because they share a trait. In December 2025, an AI coding agent at Amazon reportedly decided the fastest way to fix a bug was to delete and rebuild a production environment; Amazon disputes the cause, but on any reading, peer review had been waived for AI-assisted changes.

A few months later, an internal agent at Meta posted unapproved advice that led to internal data being exposed to unauthorised employees for two hours.

Nobody breached anything. In each case a general-purpose agent, wired up in-house, was trusted to supervise its own output. McKinsey's research describes agents as "digital insiders" that "operate within systems with varying levels of privilege and authority. Just like their human counterparts, these digital insiders can cause harm unintentionally." It also found that 80% of organisations have already encountered risky behaviours from AI agents, including improper data exposure and unauthorised system access.

Note what that is evidence of. Not that AI is unsafe for regulated work; that ungoverned AI is. Agents act on goals, not just instructions. A chatbot that gets something wrong produces a bad answer you can read and discard. An agent that gets something wrong takes an action on a live file. The risk has moved from content to conduct.

And conduct is the thing regulated firms already know how to govern.

Ask a firm how they govern AI and the answer is nearly always the same: there's a human in the loop. Someone signs off before anything touches a customer.

The question that matters is what the loop actually does. In a generic agent deployment, the agent improvises its own escalation policy: it grades its own work and chooses what is worth showing you. The reviewer sees what the agent chooses to surface, and at volume, "review" drifts towards a rubber stamp. That isn't a loop. It's a funnel.

Human-in-the-loop is an architecture, not a checkbox. If the agent sets its own rules for what needs a human, the loop is broken. When the firm sets the rules and the human holds the decision, agents are governable today.

Built properly, the loop is the strongest control a regulated firm owns. The agent does the reading at machine speed; the human makes the call with the evidence in front of them. The FCA holds a named senior manager accountable for the outcome; a real loop is what lets that person sign with confidence.

This is how we built Curvestone: the agent surfaces findings against the source document, a person makes the final decision on every case, and every decision and override is logged. SM&CR stops being a worry and becomes the spec. Whatever the tooling: define what the agent may decide alone, what must escalate, and what must remain reversible. That is the foundation of real-time compliance monitoring rather than after-the-fact sampling.

If you are waiting for an AI rulebook before committing, here is the news: there isn't one coming, and that is good news. The FCA's approach to AI is technology-neutral, principles-based and outcomes-focused. In December 2025, chief executive Nikhil Rathi confirmed the FCA will not introduce AI-specific rules. There is no new senior management function for AI either. Accountability sits exactly where it already sits: with the senior managers named under SM&CR, governed by the Consumer Duty, SYSC and the operational resilience rules you already run.

That is not a regulatory gap. It is a green light with guardrails.

The regulator has, in effect, said: you already know how to govern capable, semi-autonomous actors working on your behalf. You do it for advisers every day. Bounded authority, mandatory escalation, supervision on outcomes, an audit trail a regulator can follow, and the ability to unwind a bad decision. The rules that govern an adviser already govern an agent.

For firms that get this, SM&CR clarity is an advantage, not a burden.

It tells you exactly what your AI deployment has to produce: a named person who holds the decision, and the evidence that lets them stand behind it. Build to that spec and there is nothing to wait for.

So the practical question is not whether to adopt agents. It is how to get the governed architecture without spending a year building it.

Because that is the honest cost of the DIY route. The firms we have seen build in-house typically spend twelve to eighteen months getting general-purpose tooling to production grade, and the governance layer (escalation triggers, reversibility, audit of reasoning) is precisely the part generic agent frameworks leave to you. It is also the part the regulator cares about most.

This is why the partner route is winning in regulated sectors. A purpose-built compliance AI partner ships governance as the product, not as an afterthought: least-privilege authority scoped to the job, escalation defined in advance rather than chosen by the agent, reversibility on anything that touches a live case, and an audit trail of why, not just what. It is why every decision, override and timestamp in our platform is logged, and why the human makes the final call on every case.

Whatever partner you choose, hold them to that standard: the human holds the decision, the evidence sits alongside it, and the audit trail is regulator-ready on day one. A vendor who cannot show you those three things is selling you the headlines.

The agentic era rewards exactly what regulated firms already have: the discipline of bounded authority, named accountability and evidence. Trust is not bolted on after deployment; it is designed into what the agent may decide, when it must ask, what can be undone, and who answers for it.

The board question is "does a person hold the final decision, and can we evidence it?" With the right architecture and the right partner, the answer is yes from day one, and the upside comes with it: reviews in minutes, capacity without heroics, evidence on tap.

Human-in-the-loop is an architecture, not a checkbox. Get it right and the agentic era isn't a threat to regulated firms. It's home advantage.

If you're weighing building that governance yourself against partnering with someone who already runs it inside FCA-regulated workflows, that's the conversation we have every day. We've written about how this works in mortgage compliance, in practice. Curious where you're drawing the line.