Understanding AI-Powered Risk Scoring Models in Compliance Processes
Compliance management
AI in Compliance

Most automated onboarding tools, transaction monitoring systems, or ongoing client monitoring platforms, almost certainly has an AI-powered risk scoring model somewhere in their workflow. It might produce a number between one and a hundred. It might assign a category: low, medium, high, or critical. It might generate a recommended action. And in most compliance teams, the output of that model is treated as a starting point for human review, or in some cases, as the effective decision itself.
What is happening inside that model is something that many compliance professionals have limited visibility into, and that is a problem, because the regulatory framework is about to make that visibility a non-negotiable requirement. The EU AI Act (Regulation (EU) 2024/1689) requires that deployers of high-risk AI systems, which includes AI used in AML risk profiling and decisions affecting access to financial services, ensure those systems can be effectively overseen by humans with the necessary competence and understanding. The Anti-Money Laundering Regulation (AMLR, Regulation (EU) 2024/1624), applicable from 10 July 2027, requires that risk assessments are documented and defensible. And the EBA's July 2025 Opinion on ML/TF risks found that more than one third of competent authorities report significant or very significant risks from the unthinking use of onboarding and CDD RegTech solutions.
"Unthinking" is the key word. The risk the EBA is identifying is not that AI-powered risk scoring models are inherently unreliable. It is that compliance teams are using them without adequately understanding what they are doing or why. This article changes that. It explains what AI risk scoring models are, how the different types work, what they score and when, and what governing them correctly actually requires.
What an AI-Powered Risk Scoring Model Actually Does
At its most basic, a risk scoring model takes inputs, processes them according to some logic, and produces a score or category as output. The inputs, the processing logic, and the form of the output differ significantly depending on the type of model and the compliance workflow it is serving.
In the compliance context, the inputs to a risk scoring model typically fall into four categories.
Entity data covers the identifiable attributes of the business or individual being assessed: legal name, jurisdiction of incorporation, business type, ownership structure, and beneficial owner identities.
Registry and verification data covers what official sources confirm about those attributes: registration status, director appointments, ownership filings, and any publicly available compliance or sanctions history.
Contextual risk factors cover the characteristics that the institution has identified as relevant to its risk appetite: sector, geographic footprint, complexity of ownership structure, and relationship to known higher-risk typologies.
And, for transaction monitoring models, behavioural data covers the actual pattern of transactions associated with the client over time.

The processing logic is where the types of models diverge fundamentally, and understanding that divergence is the foundation for understanding both the models' strengths and their risks.
The output is typically a numerical score on a defined scale, a categorical rating, or a prioritised alert. What varies enormously between models and between vendors is whether the output comes with an explanation: a readable account of which inputs drove the score and how much each contributed. That explainability question is not a technical nicety. It is, as this article will show, a regulatory requirement.
The Three Approaches to Compliance Risk Scoring
Rules-Based Scoring: Transparent by Design, Rigid by Nature
A rules-based risk scoring model operates on explicit if-then logic. The model is essentially a structured set of conditional statements: if the client is incorporated in a jurisdiction on a specified high-risk list, add a defined number of points to the score; if the ownership structure includes more than two layers of legal entities, add another set of points; if any beneficial owner appears on a sanctions or PEP list, trigger an elevated risk category regardless of other scores.
Rules-based models are the most common approach in EU-regulated compliance operations and have been for decades. Their primary strength is transparency. Because every rule is explicitly defined and the contribution of each rule to the final score can be stated precisely, the institution can explain exactly why a particular client received a particular score in terms that a compliance officer, an examiner, and a regulator can all follow without difficulty. When a supervisor asks "why was this client rated high risk," the answer is a specific list of the rules that were triggered, the factors that satisfied each rule, and the cumulative score that resulted. This is the kind of documented, defensible risk assessment that the AMLR's risk-based approach requires.
The limitations of rules-based models are equally significant. Rules are static. A rule written today reflects what the institution knows about risk today, based on the typologies it has observed, the jurisdictions it has assessed as high-risk, and the ownership structure patterns it has identified as elevated. As the institution's client base evolves, as new fraud and money laundering typologies emerge, and as the regulatory framework updates its high-risk third-country designations, the rules need to be manually updated to remain current. Institutions whose compliance teams cannot resource this ongoing maintenance work accumulate stale rules that were relevant at one point in time and have not been revisited since. The EBA's finding that 52 percent of competent authorities cited inadequate transaction monitoring capabilities is partly a finding about rules-based systems whose rules have drifted out of alignment with current risk.
Rules-based models also have a structural blind spot: they cannot detect what they were not designed to detect. A money laundering typology that does not match any of the predefined rules will produce a low risk score even when other indicators are present that a more adaptive model would surface.

Machine Learning Models: Adaptive and Powerful, With an Explainability Problem
A machine learning model learns patterns from data rather than operating on explicitly programmed rules. In the compliance context, a machine learning model is trained on historical examples of client relationships and transaction patterns, typically including labelled cases where suspicious activity was confirmed, cases where it was not, and the associated data characteristics. The model learns to recognise statistical associations between data features and risk indicators, and applies those learned associations to new cases.
The practical advantages of machine learning in compliance risk scoring are significant. A well-trained model can detect patterns in combinations of factors that no individual rule would capture, recognise subtle deviations from expected behaviour that are invisible to rule-based filters, adapt to new typologies as they appear in the training data, and process far more input features simultaneously than any rules-based system can handle efficiently. Many institutions using machine learning for transaction monitoring report meaningful reductions in false-positive alert rates compared to their rules-based predecessors, because the model discriminates between genuine risk signals and background variation more accurately than a set of threshold-based rules.
The core limitation of machine learning models in a compliance context is the explainability problem. A machine learning model, particularly a complex model trained on large datasets with many features, typically cannot articulate in human-readable terms exactly why it produced a particular score. It can say the score was the result of a weighted combination of 47 input features, but it cannot easily explain why feature 23 contributed more weight than feature 12 in this specific case. This creates a direct tension with the AMLR's requirement that risk assessments are documented and defensible, and with the EU AI Act's requirements for explainability and traceability in high-risk AI systems.
Machine learning models also carry the risk of encoding bias from training data. If the historical data used to train the model reflects past supervisory or investigative priorities that were themselves shaped by bias, the model may learn to score certain jurisdictions, sectors, or ownership structures as higher risk not because they are inherently more risky but because they have historically been subject to more scrutiny. This is a genuine regulatory risk that the EU AI Act addresses directly: Article 26 requires deployers to ensure that input data is relevant and sufficiently representative in view of the system's intended purpose, which means assessing whether the training data introduces systematic bias.
Finally, machine learning models are subject to drift. The statistical associations the model learned during training degrade over time as the underlying data distribution changes. A model trained in 2022 on a particular pattern of transaction behaviour may produce unreliable scores for the patterns that characterise client behaviour in 2026. Without an active programme of performance monitoring and retraining, the model's accuracy silently deteriorates.
Hybrid Models: The Regulatory Pragmatism Solution
The hybrid approach combines rules-based and machine learning components within a single risk scoring workflow, typically using each for what it does best.
In the most common hybrid architecture, rules-based logic handles the threshold conditions that must be met regardless of statistical probability: sanctions hits, PEP status, high-risk third-country designations, and similar categorical requirements that are regulatory mandates rather than risk indicators. Machine learning handles the behavioural and pattern-based scoring that identifies elevated risk across combinations of factors that no individual rule would capture. The final output combines both layers, with the rules-based components providing the explainable, documented foundation and the machine learning components providing the adaptive signal.
This architecture is increasingly common in EU-regulated compliance operations, particularly for transaction monitoring, because it manages the explainability problem without sacrificing the adaptive capabilities of machine learning. When a supervisor asks why a case was escalated, the institution can point to the specific rules that were triggered at the categorical level and then supplement that with the higher-level pattern signal from the machine learning layer, rather than having the machine learning model's output be the only or primary explanation.
The limitation of hybrid models is governance complexity. Two different types of component need to be separately maintained, monitored, and calibrated. The rules need to be updated when the regulatory framework changes. The machine learning component needs to be monitored for drift, retrained when its performance degrades, and assessed for bias. An institution with a hybrid model that maintains one layer diligently but neglects the other has not reduced its risk: it has concentrated it.
What Risk Scoring Models Score and When
Risk scoring models serve different functions at different points in the client relationship lifecycle, and the appropriate model type and governance approach differs across those points.
At the initial KYB onboarding stage, risk scoring determines the risk rating that will govern the entire subsequent relationship, including the level of CDD applied, the frequency of ongoing monitoring, and whether enhanced due diligence is required before the relationship is established. The inputs at this stage are largely static: entity data, ownership structure, jurisdiction, sector, and the results of initial verification checks. A miscalibrated score at this stage compounds through the entire relationship, as discussed in the previous article in this series.
During ongoing relationship monitoring, risk scoring is applied periodically to reassess whether the original risk rating remains appropriate, and dynamically when specific trigger events occur such as a change in beneficial ownership, a new adverse media alert, or a change in transaction behaviour. The AMLR requires a risk-based approach to ongoing monitoring, which means the frequency and intensity of re-verification must be proportionate to the assigned risk level. If the risk scoring model assigns a risk level that is too low, the institution conducts less frequent monitoring than the risk profile warrants, which is precisely the gap that supervisors examine.
For transaction monitoring, risk scoring operates at the level of individual transactions or patterns of transactions, generating alerts for human investigation when patterns exceed defined thresholds or statistical anomalies are detected. This is where alert volume, false-positive rates, and the resource implications of the scoring model's calibration are most immediately visible to the compliance team.
The Regulatory Framework Governing AI Risk Scoring in the EU
Three overlapping regulatory frameworks govern how AI-powered risk scoring models can and must be used in EU compliance operations. Understanding all three, and where they create overlapping or reinforcing obligations, is essential for institutions that want to govern these models correctly.
The AMLR's Risk-Based Approach and Documentation Requirements
The AMLR does not prescribe a specific type of risk scoring model. What it does prescribe is that risk assessments must be risk-based, proportionate to the institution's actual risk exposure, and documented in a form that can be assessed by a competent authority. Under Article 8, the business-wide risk assessment must be drawn up by the compliance officer and approved by the management body. Under Article 20, customer due diligence must use a risk-sensitive approach. Under Article 77, the records of those assessments must be retained for five years in a form usable for investigation purposes.
The interaction between these requirements and an AI risk scoring model is direct: the model's output is a compliance record. The score it produces for a client is part of the CDD documentation for that client relationship. And that documentation must, in the words of the AMLR, be usable for the purposes of investigation by a competent authority. A score without an explanation is not a document that a supervisor can meaningfully investigate. It is a number attached to a client file that says very little about why the institution assessed the risk the way it did.
AMLA's ongoing development of Regulatory Technical Standards on CDD is expected to produce more specific guidance on what AI-generated risk assessments must document and what human review is required before they are acted upon. Compliance teams should treat AMLA's consultation outputs as mandatory reading throughout 2026.
GDPR Article 22 and the Automated Decision Constraint
Article 22 of the GDPR establishes that individuals have the right not to be subject to a decision based solely on automated processing where that decision produces significant legal or similarly significant effects. In the compliance context, a risk score that triggers the denial of a financial service, the blocking of an account, or the filing of a suspicious transaction report that directly affects an individual is a decision with significant effects.
The constraint the GDPR creates is specifically on "solely automated" decisions. Human review that is genuine, informed, and capable of overriding the automated output satisfies the human involvement requirement. The critical word is "capable." A reviewer who does not understand what the risk scoring model is doing, or who does not have access to the information needed to challenge the score, is not providing the human involvement the GDPR requires. This reinforces the AI Act's explainability obligation from a different legal direction.
The EU AI Act's Explainability and Governance Requirements
The EU AI Act classifies AI systems used in AML risk profiling, fraud detection, and decisions affecting access to financial services as high-risk AI systems under Annex III. For these systems, the Act imposes requirements on both providers (who develop and supply the systems) and deployers (the regulated institutions that use them in practice).
The European Parliament formally voted in June 2026 to adopt the AI Omnibus amendment package, fixing the enforcement deadline for Annex III high-risk AI systems at 2 December 2027. For compliance teams that had not yet begun assessing their AI risk scoring tools against the Act's requirements, the extended timeline is time to close gaps properly, not a reason to delay.
Under Article 26 of the Act, deployers must assign human oversight to persons with the necessary competence, training, and authority; ensure the system is used in accordance with the provider's instructions; and, where the deployer controls input data, ensure that data is relevant and sufficiently representative. Critically, the Act requires that high-risk AI systems be designed with human-machine interface tools that allow effective human oversight, including the ability to interpret the output correctly and to intervene or override where necessary.
For an AI risk scoring model, this means the output must come with enough information for the human reviewer to understand what drove the score, assess whether that reasoning is sound in the specific case, and override the recommendation where their independent judgment differs. A model that produces a score from a process the reviewer cannot follow does not meet this standard.
What Separates a Compliant Risk Scoring Model from a Non-Compliant One
The practical distinction between a risk scoring model that will hold up under regulatory examination and one that will not comes down to five characteristics.
Explainability is the first and most critical. Can the institution produce, for any specific client or transaction, a human-readable account of why the score was what it was? This does not require that every mathematical weight in a machine learning model be enumerated. It requires that the primary factors driving the score can be identified and explained in terms that a compliance officer and a supervisor can follow.
Calibration is the second. Does the model's scoring reflect the institution's current risk profile, including its current client base, geographic footprint, product mix, and regulatory environment? A model that has not been recalibrated since a material change in the institution's business is producing scores that reflect a risk profile that no longer exists.
Input data quality is the third. Is the data feeding the model accurate, current, and appropriate for the model's intended purpose? A model fed stale registry data produces stale risk scores. A model trained on biased historical data produces biased risk assessments. The EU AI Act's deployer obligation to ensure input data is relevant and sufficiently representative directly addresses this.
Documentation is the fourth. Is the model itself documented: its architecture, its data sources, its training history where applicable, its calibration parameters, and the basis on which the institution decided the model was appropriate for its specific risk profile? This documentation is required for DORA compliance for institutions that are in scope, and will be expected by supervisors examining AI-powered compliance tools under the AI Act's governance framework.
Human oversight is the fifth, and connects back to all of the above. The score the model produces must inform a human decision rather than replace it. The governance programme must ensure that the human review is genuine, that the reviewer has the information and authority to override, and that the human decision rather than the model output is the documented basis for the compliance action taken.
How to Govern an AI Risk Scoring Model in Practice
Governing an AI risk scoring model is not a one-time implementation task. It is an ongoing programme with specific components that the compliance function, rather than the technology team, must own.
Model documentation should be established at implementation and maintained throughout the model's operational life. It should cover what data inputs the model uses, what processing logic or training approach was applied, what the intended output represents, and what the known limitations are. For machine learning components, the training data history and the rationale for the data selection should be included.
Performance monitoring should run continuously and trigger a review when defined thresholds are crossed. For rules-based components, monitoring checks whether the rule set reflects current regulatory requirements and the institution's current risk profile. For machine learning components, monitoring checks whether the model's outputs remain predictive and accurate relative to the risk outcomes the institution actually observes.
Recalibration should be formally scheduled and triggered by material changes in the business, with the compliance officer owning the approval of updated parameters rather than treating recalibration as a technical maintenance task.
Vendor governance is essential for any institution using a third-party AI risk scoring tool. The contractual relationship should establish what data sources the vendor uses, how frequently they are refreshed, what the explainability mechanism is and how it works, what the vendor's own model governance programme looks like, and how changes to the model are notified to the deploying institution. Under DORA, this relationship is an ICT third-party service provider arrangement and must be in the register of contractual arrangements.
Annual review by the compliance officer and the management body should assess whether the model remains appropriate for the institution's risk profile, whether the explainability outputs are adequate for regulatory examination purposes, and whether any incidents or performance degradations have been investigated and resolved.
Comparing the Three Risk Scoring Approaches
Dimension | Rules-Based Models | Machine Learning Models | Hybrid Models |
|---|---|---|---|
How the score is produced | Explicit if-then logic applied to defined inputs; each rule's contribution to the score is fixed and stated | Statistical patterns learned from training data; the model weights input features based on historical associations with risk outcomes | Rules handle categorical requirements; ML handles pattern-based and behavioural scoring; outputs combined |
Explainability for regulators | High: every rule can be articulated; exact contribution of each factor to the score is documented | Low to medium without post-hoc tools: model may identify the most influential features but cannot always explain why those features weighted the way they did | Medium to high: rules layer is fully explainable; ML layer requires post-hoc explanation tools |
Adaptability to new typologies | Low: only detects what the rules were designed to detect; misses novel patterns until rules are updated | High: learns new patterns from updated training data; can surface risk signals across combinations of factors that no individual rule captures | Medium to high: ML layer adapts; rules layer requires manual update for new categorical requirements |
Primary governance challenge | Stale rules: institutions must actively update rules when the regulatory framework, risk landscape, or business profile changes | Model drift and explainability: the model's accuracy degrades over time; outputs must be explainable under EU AI Act and AMLR standards | Dual maintenance: both the rules and the ML components need separate governance programmes |
EU AI Act compliance | Easier: rules-based outputs are inherently explainable; documentation of the rule set satisfies the traceability requirement | More complex: explainability tools required; post-hoc explanation methods must be assessed for reliability; Article 26 documentation obligations are substantial | Achievable: rules layer provides the compliant foundation; ML layer's explainability must be specifically addressed |
Risk of automation bias | Lower: rules output is more clearly mechanical; reviewers are more likely to question a rule they can see than a black-box score | Higher: the confidence implied by a precise numerical score can discourage human override even when independent judgment would lead differently | Medium: depends on how the output is presented and whether the rules and ML contributions are clearly distinguished |
Appropriate for KYB onboarding | Yes, particularly for initial risk rating where categorical factors dominate | Yes, where behavioural data from comparable clients is available and the explainability gap can be addressed through hybrid architecture or post-hoc tools | Yes, this is the approach most institutions are adopting for the combination of compliance defensibility and detection capability |
Appropriate for transaction monitoring | Partly: effective for threshold-based monitoring but misses complex behavioural patterns | Yes, particularly for anomaly detection and alert prioritisation where volume is high and pattern complexity is beyond what rules can capture | Yes, increasingly standard: rules for regulatory coverage, ML for behavioural pattern detection |
About SpeedyDD
SpeedyDD is a KYB and due diligence platform whose mission is to ensure that the data layer feeding any risk scoring model, whatever type an institution uses, is accurate, current, and documented in a form that satisfies regulatory requirements.
No risk scoring model is better than the information it processes. A risk score produced from stale registry data, an incomplete beneficial ownership chain, or an unverified self-declaration does not reflect the actual risk of the client in front of the institution. SpeedyDD addresses that problem at source by connecting to more than 3000 corporate registry data sources across more than 200 countries and territories, integrating directly with The KYB for registry data retrieval, and logging every query, result, and verification decision with an automatic timestamp. The audit trail that the AMLR requires, and that any AI risk scoring model's output needs to be embedded within, is captured by default rather than reconstructed after the fact.
For compliance teams whose risk scoring models are only as reliable as the information they receive, SpeedyDD provides the data quality and audit documentation layer that the regulatory framework requires: current data, independent sources, and a retrievable record of what was verified, when, and on the basis of which source. Learn more about SpeedyDD here
Frequently Asked Questions
What is an AI-powered risk scoring model in compliance?
An AI-powered risk scoring model in compliance is a system that takes structured inputs about a client, a transaction, or a business relationship and produces a numerical score or categorical rating indicating the assessed level of risk. The model may use rules-based logic, machine learning, or a combination of both to produce the score. In a compliant compliance programme, the score informs a human decision rather than making one, and the factors driving the score are documented in a way that can be reviewed by the compliance officer and, where necessary, a regulatory examiner.
What is the difference between a rules-based and a machine learning risk scoring model?
A rules-based model applies explicitly programmed if-then logic to defined inputs. Every rule is visible, and the contribution of each rule to the final score can be stated precisely. A machine learning model learns statistical patterns from training data rather than operating on programmed rules. It can detect more complex and novel patterns than a rules-based model but produces outputs that are harder to explain in human-readable terms. Most institutions operating at meaningful compliance scale are moving toward hybrid models that combine the explainability of rules-based components with the adaptive detection capability of machine learning.
Why is explainability required for AI risk scoring models under EU regulations?
The EU AI Act's Article 26 requires that deployers of high-risk AI systems, which includes AI used in AML risk profiling and decisions affecting access to financial services, ensure those systems can be effectively overseen by humans with the competence to understand and interpret the output. If the output of a risk scoring model cannot be explained in terms a compliance officer and a regulator can follow, effective oversight is not possible. Separately, the AMLR requires that risk assessments are documented and defensible, which a score without an explanation is not. And GDPR Article 22 requires meaningful human involvement in decisions with significant legal effects, which requires that the reviewer understands what the model is recommending and why they might override it.
What does the EU AI Act's enforcement deadline of December 2027 mean for risk scoring models?
The European Parliament formally adopted the AI Omnibus amendment to the EU AI Act in June 2026, fixing the enforcement deadline for Annex III high-risk AI systems at 2 December 2027. AI systems used in AML risk profiling, fraud detection, and decisions affecting access to financial services fall within that Annex III category. Institutions deploying such systems have until that date to meet the full set of high-risk AI obligations, including human oversight requirements, documentation standards, and input data quality obligations. This is preparation time, not permission to delay. Compliance teams that have not yet mapped their AI-powered risk scoring tools against the Act's requirements should begin that assessment now.
What is model drift and why does it matter for compliance risk scoring?
Model drift is the gradual degradation in the accuracy of a risk scoring model's outputs as the underlying data distribution changes over time. A model trained on client transaction patterns and risk outcomes from one period may produce systematically less accurate scores as client behaviour, fraud typologies, and the risk landscape evolve. In compliance terms, this means a model that was well-calibrated at implementation progressively produces risk scores that do not reflect the institution's current actual risk exposure. The practical result is misclassified clients: some who should receive enhanced due diligence do not, and some who present lower risk are subject to unnecessary scrutiny. Both create compliance exposure, and the first is the one that produces regulatory findings.
How should a compliance officer govern a third-party AI risk scoring tool?
The compliance officer should treat the third-party AI risk scoring tool as what it is under DORA: an ICT third-party service provider relationship that carries specific governance obligations. The contractual arrangement should specify the data sources the vendor uses, how frequently they are updated, what the explainability mechanism is and how it works, what the vendor's own model governance programme covers, and how changes to the model are notified. Beyond the contract, the compliance officer should ensure that internal staff using the tool have received specific training on its logic, limitations, and the indicators that should prompt an override of its output. Annual review of the model's continued fitness for the institution's risk profile should be part of the compliance governance calendar.
What inputs do AI risk scoring models use for KYB onboarding?
In a KYB onboarding context, risk scoring models typically take inputs across four categories: entity data including legal name, jurisdiction, business type, and ownership structure; verification data including registry-confirmed status, director appointments, and ownership filings; contextual risk factors including sector, geographic footprint, and relationship to known higher-risk typologies; and, where available, any historical information about the specific client or comparable entities. The quality of those inputs determines the quality of the output, which is why the data retrieval layer, including the sources used, the freshness of the data, and the completeness of the ownership mapping, is foundational to whether the risk score produced is meaningful.
Can an AI risk scoring model replace the compliance officer's judgment?
No. Under the AMLR, the compliance officer bears personal accountability for the day-to-day operation of the AML/CFT programme and specifically for reporting suspicious transactions to the FIU. That personal accountability cannot be delegated to a system. An AI risk scoring model can produce an output that informs the compliance officer's judgment. It cannot make the judgment, bear the accountability for it, or file the suspicious transaction report. The EU AI Act reinforces this by requiring that high-risk AI systems be designed for effective human oversight throughout their use, and by placing obligations on deployers to assign that oversight to natural persons with the necessary competence, training, and authority.
