Mid-Market Banks Turn to AI as Compliance Burden Outpaces Headcount — WorkFusion — January 20, 2026
By Staff Reports - January 20th, 2026
For mid-market financial institutions, financial crime compliance is emerging as a broader risk-management challenge, one that extends beyond meeting regulatory requirements to integrating fraud prevention, customer risk, and operational controls across the bank. Regional and super-regional banks face many of the same anti-money-laundering (AML), sanctions, and know-your-customer (KYC) obligations as the largest global institutions, but without comparable scale, staffing depth, or technology budgets. As regulatory expectations continue to cascade downstream, these banks are increasingly turning to artificial intelligence not as an experimental add-on, but as a way to keep their compliance programs viable, according to David Caruso, vice president of financial crimes and compliance at WorkFusion, speaking during a BizTechReports executive vidcast interview.
Full Vidcast Interview w/ David Caruso
That shift reflects a broader inflection point in financial crime oversight. After roughly 25 years of increasingly prescriptive regulation, policymakers and regulators are questioning whether compliance programs are truly effective at identifying illicit activity or simply optimized to pass examinations. For mid-market banks, this debate arrives at a moment when legacy operating models that are built around manual review, layered staffing that are focused on procedural adherence are proving to be operationally ineffective.
Caruso argues that artificial intelligence is emerging as one of the few realistic levers mid-sized institutions can pull to reconcile regulatory pressure with constrained resources while moving beyond paper compliance to disrupt financial crimes. This realization comes after decades of incremental staffing, outsourcing, and process redesign initiatives that have failed to close the gap between workload and capacity.
“There’s been a chronic imbalance,” he said. “Too much work, not enough people, and no scalable way to staff your way out of executing effective financial crime reduction initiatives.”
Regulatory gravity moves downstream
Financial crime compliance has long been a heavily regulated domain, with banks obligated to identify suspicious activity, investigate it, and report findings to government authorities. While global banks initially absorbed the bulk of enforcement actions and regulatory scrutiny, expectations have steadily migrated to smaller institutions. Today, examinations at regional and super-regional banks increasingly resemble those conducted at money-center institutions.
For mid-market banks, this convergence creates a disproportionate burden because alert notices and investigative response requirements scale with transaction diversity and customer behavior, not balance-sheet size. The headcount and technology budgets of smaller institutions, by contrast, remain tightly constrained. The result has been persistent backlogs, reliance on contractors, and periodic spending spikes that address symptoms rather than root causes.
Industry research reinforces this imbalance. Surveys of compliance leaders consistently identify alert volume growth, accelerating regulatory change, and staffing shortages as top operational risks. These are pressures that analysts describe as structural rather than cyclical, particularly for mid-market banks.
Caruso said regulators appear increasingly aware that this model has reached its limits. It has prompted government agencies, in recent years, to signal that banks should adopt modern technologies to improve outcomes, not just documentation.
“The discussion has moved from ‘Can we do this?’ to ‘How fast can we do it responsibly?’” he said.
AI as a co-worker, not a replacement
The near-term value of AI for institutions in this size category lies less in radical reinvention than in operational stabilization. To this end, AI is mostly being deployed as a “co-worker” that absorbs high-volume, repetitive tasks such as document gathering, sanctions screening resolution, adverse media review, and preliminary transaction analysis.
The impact is most visible at the front end of compliance operations. Traditional AML programs rely on a two-tier structure in which junior analysts perform rapid reviews to filter alerts, while senior investigators conduct deeper, multi-hour investigations. That structure emerged to manage volume, not necessarily to maximize insight.
As AI begins to handle much of the initial screening work, Caruso said banks are starting to question whether this hierarchy still makes sense. If volume is no longer the binding constraint, the rationale for large entry-level review teams weakens, pushing human expertise toward higher-judgment investigative work.
Indeed, recent academic and analyst research indicates that AI-enabled compliance tools can compress investigations from hours to minutes in areas such as alert review, KYC refresh, and adverse media screening. This fundamentally changes the economics of compliance from labor-intensive to compute-driven workflows.
From reactive to continuous monitoring
Adverse media analysis, in which teams review news and public records for indicators of criminal or reputational risk tied to customers, is a good case in point in how AI enables monitoring practices that have ben impractical for mid-market banks without the technology.
Most institutions have treated adverse media reactively, responding to tips or discrete triggers rather than scanning continuously. The scale of daily global media made proactive monitoring cost-prohibitive. AI changes that equation by processing tens of thousands of articles daily and surfacing relevant signals without requiring proportional staffing increases.
The stakes are high. Estimates from industry trackers suggest that less than one percent of global money laundering activity is detected annually, despite decades of regulatory investment. This is fueling concern among policymakers that traditional compliance models are optimized for documentation rather than effectiveness.
For mid-market banks, continuous monitoring represents a qualitative shift, allowing compliance teams to identify risk earlier and with greater context, aligning more closely with the intent behind modern financial crime regulation.
Economics under pressure
Compliance economics are especially acute in the mid-market. Large regional banks often operate legacy transaction monitoring systems that required tens of millions of dollars in upfront investment, followed by significant annual maintenance costs. Many mid-sized institutions cannot justify or sustain those economics, leading them to layer newer tools on top of aging infrastructure.
Market data suggests those pressures will intensify. Analysts project the global anti-money-laundering technology market to grow at a double-digit compound annual growth rate through the end of the decade, driven by regulatory scrutiny and demand for AI-enabled tools—raising baseline compliance costs even for institutions whose risk profiles remain stable.
Caruso expects AI to gradually displace these legacy systems rather than merely augment them. While compute costs may rise as models process larger and more diverse data sets, investigations that once consumed hours of analyst time can now be completed in minutes, shifting cost from labor to computation.
Workforce implications for mid-market banks
AI’s impact on entry-level compliance roles poses a particular challenge for mid-market institutions. Traditionally, junior analysts learned investigative skills through repetitive casework, gradually developing judgment over time. If AI absorbs much of that work, banks risk weakening their future talent pipeline.
Persistent shortages of experienced investigators, with mid-market institutions disproportionately affected as competition for skilled compliance professionals intensifies. Analysts warn that automating entry-level work without rethinking training and development models could deepen these shortages over time.
As banks look to automation to relieve mounting staffing pressures, attention is increasingly shifting from whether AI can be deployed to how its decisions can be governed, explained, and defended.
This is because regulatory acceptance of AI will hinge on the ability to show how conclusions are reached and what data informed them. For mid-market banks, this requirement is both a constraint and an opportunity.
As a result, the concept of “explainability” has moved from best practice to baseline expectation. Regulators increasingly require compliance systems to be transparent, auditable, and explainable, effectively limiting the use of opaque “black box” models in financial crime operations.
Caruso describes this approach as a “glass box,” where AI automates defined reasoning steps that human analysts previously performed, allowing regulators to trace decisions back to specific data and logic—an especially critical capability for mid-market institutions with limited regulatory leverage.
Fraud and compliance begin to converge
Another emerging dynamic is the convergence of fraud detection and AML. While historically treated as separate domains with distinct systems and teams, both rely on investigative skills, pattern recognition, and evidence assembly.
Researchers note that fraud and AML operations are increasingly converging as institutions seek unified detection platforms capable of addressing both customer harm and regulatory risk. This is an evolution that Caruso suggests could simplify technology stacks for mid-market banks while increasing analytical sophistication.
That said, convergence alone does not resolve the broader structural challenges facing compliance programs, particularly for mid-market institutions operating under fixed regulatory expectations and limited resources.
AI will not eliminate the compliance burden for mid-market financial institutions, nor will it resolve policy questions about how much illicit activity banks are expected to detect. What it can do is force a reassessment of operating models that have relied too long on incremental staffing and procedural conformity.
For regional and super-regional banks, AI adoption in financial crime compliance is less about technological ambition than institutional sustainability. As regulatory expectations rise and labor markets tighten, automation is becoming the mechanism that allows mid-market institutions to remain competitive, credible, and compliant.
Whether that leads to more effective crime detection or simply leaner compliance operations, concludes Caruso, will depend on decisions made well beyond the technology stack—but standing still is no longer an option.