← All examples
Compliance · Recommendation autonomy
Regulatory Monitoring
An agent that watches regulatory sources, identifies changes relevant to the business, and drafts impact summaries for the compliance team.
30 HAL Score / 40 Governed
See the worked example ↓ Workflow
- 1 Agent polls regulatory feeds and publications
- 2 Agent filters for relevance to the firm
- 3 Agent drafts a plain-language impact summary
- 4 Agent tags affected policies and owners
- 5 Compliance officer validates and actions
Governance design
- ✓Read-only authority over external sources.
- ✓No authority to amend policies. Drafts only.
- ✓Source links retained as evidence for every claim.
- ✓Monitoring tracks source coverage and false-negative rate.
Escalation paths
- ↗High-impact change detected → compliance lead, same day.
- ↗Source unreachable for 24h → owner alerted (coverage gap).
- ↗Low confidence on relevance → flagged for human triage.
Ownership model
Chief Compliance Officer, with a named deputy.
Lessons learned
- Evidence (source links for every assertion) made the summaries trustworthy enough to act on.
- Watching the false-negative rate mattered more than accuracy. A missed change is the real risk is the real risk.
Worked example
Regulatory Change Monitoring
Recommendation
A compliance team deployed an agent to watch regulatory feeds and alert them to relevant changes.
Initial workflow
The agent summarised regulatory changes and emailed the team, but cited no sources, kept no record, and silently skipped feeds it could not reach.
Risks identified
- !Summaries could not be verified without source links.
- !Silent coverage gaps when a feed was unreachable.
- !No evidence trail for what was reviewed and when.
- !No monitoring of missed (false-negative) changes.
HAL assessment
Low autonomy kept the action risk modest, but Evidence and Monitoring were weak enough that the team could not trust or defend the output.
Improvements made
- ✓Attached a source link to every assertion in a summary.
- ✓Alerted the owner when any feed was unreachable for 24h.
- ✓Retained an immutable record of every summary and its sources.
- ✓Began tracking the false-negative rate against spot checks.
| Domain | Before | After | Change |
|---|---|---|---|
| Ownership | 3 | 4 | +1 |
| Authority | 4 | 5 | +1 |
| Limits | 3 | 4 | +1 |
| Escalation | 2 | 4 | +2 |
| Evidence | 1 | 5 | +4 |
| Monitoring | 1 | 4 | +3 |
| Review | 2 | 3 | +1 |
| Liability | 2 | 3 | +1 |
Deployment recommendation
Approved. Evidence and coverage monitoring transformed an unverifiable feed into a defensible compliance control.