Anthropic's announcement this May of AI agents for financial services—drafting pitch decks, reviewing statements, escalating compliance cases—will attract serious interest from UK banking, insurance and asset management firms. The promise is real: fewer hours spent on repetitive client-facing work and faster compliance triage. But here is what matters more to the FCA, the PRA and your external auditors: Anthropic has built capability without addressing the question regulators now ask every mid-market firm. When your AI agent drafts a financial statement review or flags a compliance escalation, can you prove what it did, why it did it, and that it did it consistently? Anthropic's release does not answer that. Most firms deploying these agents will discover this gap the moment their compliance officer or auditor asks for the decision trail.
We are watching a pattern repeat across the AI products flooding into financial services—from Harvey and Legora in legal, to Luminance in document review, to Microsoft's Copilot stack. The industry is racing to build speed and automation. What it is not racing to build is the governance layer that regulators now demand. The FCA's Consumer Duty work (PS22/9) and the emerging expectations around ISO 42001 and AI risk governance are clear: speed without auditability is liability. Firms are installing these tools and discovering later that they cannot satisfy the basic regulatory requirement: show your work. The EU AI Act is coming. The ICO is watching. UK regulators expect you to know what your AI is doing, document it, and be able to explain it. Agents that operate without built-in governance trails are expensive insurance claims waiting to happen.
Trovix's view is direct: agentic AI in regulated firms requires governance first, not after. We built Trovix Audit precisely because tools like Anthropic's agents solve the wrong half of the problem. An AI agent that drafts faster is useful. An AI agent that drafts faster and logs every decision, flags uncertainty, maintains an audit trail, and integrates with your compliance framework is actually deployable. The difference is not cosmetic. When Luminance reviews a contract or Harvey drafts a memo, firms should be asking: does this tool record why? What happens when the AI is uncertain? Can I prove to the FCA that this was not a black box? Most cannot answer yes. Trovix Audit is built to answer yes. That is not a feature. That is a regulatory requirement you cannot avoid.
If you are a mid-market financial services firm, law firm, insurer or accountancy practice considering these new agents: ask the vendor three questions before you pilot anything. One: show me the audit trail. What exactly will be logged? Two: show me the uncertainty handling. When your agent is unsure, what happens—does it flag it, escalate it, or hide it? Three: how does this integrate with my existing compliance reporting and my auditors' requirements? If the vendor cannot answer with specifics, do not deploy it. The speed gain is not worth the regulatory risk. Work with tools that have governance built in, not bolted on. That means either demanding it from your agent provider, or using a governance layer—Trovix Audit—that sits on top of the agent and does the work the vendor should have done. Mid-market firms do not have the legal and compliance resources of JPMorgan. You cannot afford to treat AI as experimental. Treat it as regulated infrastructure from day one.
Source: Bloomberg News