Modernizing AML Compliance in Credit Unions: Expert Panel
AI adoption for credit unions presents new opportunities and takes on more urgency as fraudsters weaponize AI technology against community financial institutions. Regulators are increasingly supportive of institutions implementing AI to fight fire with fire, but explainability and validation remain critical for successful implementations.
In our recent fireside chat, Jim Ryan (VP of Strategic Partnerships at Curql), Nicki Kenyon (Supervisor of BSA/AML at Navy Federal Credit Union), Kalyani Ramadurgam (CEO and Co-Founder of Kobalt Labs) and Peter Piatetsky (CEO and Co-Founder of Castellum.AI) discussed practical AI implementation strategies for credit union compliance teams.
Why Credit Unions Have Become Prime Targets for Financial Crime
Credit unions face unique vulnerabilities that criminals actively exploit. As Kenyon explained, "Credit unions at one time were considered safe from financial activity that's sketchy or illicit, because they're tied to their communities, they're tied to their members." This inherent trust creates blind spots.
The targeting is strategic. As larger financial institutions spend heavily on compliance programs, "some of these illicit actors who thought they could hide in large volumes, like a needle in a haystack, might start thinking, ‘Maybe we should look at credit unions who they might perceive as having fewer resources and less stringent compliance programs,’" Kenyon noted.
How Regulatory Attitudes Toward AI Have Recently Shifted
In the last year, regulators have shifted toward broader support for the adoption of AI-based tools by credit unions and banks. This shift stems from two factors.
The first is that AI has been recognized and implemented across other industries to streamline manual workflows, with provable results. The second is that regulators see criminals using AI. Credit unions report fraud volumes increasing dramatically, particularly in romance scams and elder abuse.
The panel additionally highlighted that so long as institutions can answer regulators’ key question around AI – explainability – efforts to counteract fraud and money laundering with new technology will be supported.
Most Effective AI Entry Points for Credit Union AML Programs
Ryan emphasized the interconnected nature of current fintech trends, observing that “right now, with the focus on fintech with credit unions, a lot of it's going to digital banking, but a whole lot of it's going to fraud prevention. That’s what's interesting about this – the connection between the two."
Successful adoption of AI tools for credit unions requires strategic focus on narrow use cases. Alert resolution is the most accessible entry point, particularly for credit unions with 200,000+ members generating significant alert volumes.
Real-time fraud prevention offers the second most valuable application, enabling immediate transaction analysis versus traditional overnight batch processing. Additional high-impact use cases include:
Enhanced due diligence investigations
Automated SAR and CTR narrative generating
Regulatory guidance translation into operational language
Policy gap identification across documentation repositories
Human Oversight Remains Non-Negotiable
The panel unanimously emphasized that AI augments rather than replaces human expertise. Linguistic, cultural and jurisdictional nuances are areas where human expertise is critical.
Ramadurgam highlighted some best practices for effective human-AI collaboration: "Make sure that whatever AI tool you're using is also communicating where it might not know what it doesn't know," she said. Systems must clearly indicate confidence levels and trigger human review for low-confidence recommendations.
The goal, Piatetsky noted, is separation, where "AI handles information gathering, summarization and initial analysis, while [analysts] retain responsibility for final determinations and complex judgments requiring cultural or contextual expertise."
How AI Transforms Compliance Program Management
AI makes policy management more efficient by systematically identifying gaps and contradictions across documentation. Ramadurgam explained how AI can analyze policy repositories and flag issues. For example, AI agents can inform compliance officers that their OFAC policy does not cover new regulatory guidance issued last month.
AI in AML and Fraud for Credit Unions: A Practical Guide
Critical Implementation Considerations
Rather than replacing legacy systems, successful AI implementations layer new capabilities over existing infrastructure. Rather than going through the costly and time-consuming process of radically changing your compliance stack, AI agents can sit alongside existing workflows and processes to address common pain points like high false positive rates.
Ryan highlighted the evolution of comprehensive solutions in the credit union tech space: "I think what we'll see is more and more fintech platforms out and be able to solve multiple problems with one tech stack, as opposed to knitting together a tech stack that may not be totally efficient."
Implementation success depends heavily on data quality and integration capabilities. Ramadurgam emphasized the importance of proper foundation work: "When I see successful implementations of this kind of tech, it's because on the credit union side, they're doing their homework up front." She noted that institutions should prioritize "open APIs that are generalizable and can plug into major systems" when evaluating vendors.
Crucially, vendor evaluation must prioritize explainability. As Piatetsky warned, "If your vendor can't explain how an agent comes to its decision, then you can't explain that to your regulators. That's a non-starter."
Building Proactive Regulatory Relationships
Ramadurgam emphasized that regulators consistently communicate support for properly implemented AI: "The thing that they always say is, we are on board for AI as long as the institution is showing that it's making them better at their job."
Communication becomes particularly important when implementing enhanced monitoring capabilities. As Kenyon noted: "The biggest thing is communicating with your members as to why – why are we implementing these systems? We're trying to protect you."
Bottom Line: It’s Time for Credit Unions to Take AI Tools Seriously
Credit unions across all asset sizes are already deploying AI solutions, making adoption a strategic necessity rather than an optional enhancement. Institutions that delay the process of assessing where AI tools might fit into their technology stack risk falling behind in an arms race against increasingly sophisticated financial crime threats.
As Kenyon emphasized from her practitioner perspective, the focus should remain on core institutional purpose: "Understand the system, understand your mission and learn how to apply that system to the mission."
The window for strategic implementation continues to narrow as fraudsters advance their AI capabilities. Success requires starting with focused use cases, building internal expertise gradually and maintaining human oversight throughout. The goal is sustainable AI adoption that enhances rather than replaces human judgment in protecting credit union members and the financial system.