Navigating Complexity: Lessons Learned from Developing a Swiss AML Compliance Chatbot


Background

In early 2025, Synpulse surveyed Swiss and Liechtenstein banks on their Use of AI in Compliance. The feedback highlighted chatbots as one of the top use cases. Discussions with clients and analysis of available market solutions revealed varying quality among existing chatbots. This led us, Synpulse’s Regulatory Compliance and Risk team in Switzerland, to embark on developing a chatbot on Swiss anti-money laundering (AML) regulations, with the goal of gaining firsthand insights into the development process and user experience.

Approach

Anyone familiar with AML regulations knows that Swiss (and other) AML rules are not always fully consistent and comprehensive – i.e. scattered across primary legislation, ordinances, circulars, self-regulatory and guidance documents. Due to inconsistencies, ambiguities and gaps, interpretation practice is key. This is part of the daily compliance work. To address this situation, Synpulse set up the chatbot using a multi-stage process:

  1. Segregation of different document types into specialised vector databases for Retrieval Augmented Generation (RAG)
  2. Use of agents to interpret the intent of the user query, refine it and sufficiently iterate the search
  3. Comprehensive prompt engineering and testing
  4. No integration of any reinforcement learning functionality, but manual consideration of feedback


Chatbot development in 6 steps
Figure 1: Chatbot development in 6 steps

Challenges

Prompt Engineering

While the chatbot, after its initial setup, performed better than many solutions we could gain insights into, inconsistencies or ambiguities in underlying documents posed difficulties. The chatbot then occasionally "hallucinated" answers, offered vague responses or missed vital context.

Writing a comprehensive and logically clear prompt proved central to overcoming weaknesses in underlying documents. Revisions of the prompt brought sometimes unpredictable results, reinforcing the importance of testing.

Inaccuracies and errors occurred for questions regarding beneficial owner vs. controlling person documentation, differentiation between operating vs. domiciliary companies, exemptions (e.g. for certain capital market transactions), identification of entities without legal personality, differentiation between duty and right to report and process steps after SAR filing as well as for the provision of quotes and sources.

When we speak of ‘inconsistencies’, ‘weaknesses’, ‘ambiguities’ and ‘gaps’ in documents and regulations, we mean it in the context of how an LLM processes text — not as a judgment on the regulatory quality itself. Swiss regulations, being principle-based and risk-oriented, are not meant to describe every detail comprehensively.

Technical Setup

Another challenge was building a solution that was secure, reliable, performant and cost-efficient within a budget of CHF 1,000 for two months infrastructure running costs. For this we established a lean yet performant infrastructure, although compromises were necessary. For example, we did not integrate on-the-fly model switching between different LLM providers as that would have added engineering costs.

We ensured performance and reliability by relying on AWS (Amazon Web Services) provided infrastructure and managed services where possible.

Data Protection

For the purposes of simple and rapid implementation, we opted for hosting by AWS in Germany and agents from OpenAI and LangChain in the USA. This setup was not ideal from a data protection perspective: In a real-world deployment, such a setup would be unacceptable, as there is always the risk that users enter client-related data into the chatbot. An end-to-end data processing in Switzerland would be advisable1.

Outcome

We then made this chatbot available to 30 Swiss banks – mainly represented by compliance officers and AML experts – for testing and received around 70 questions. The chatbot delivered an approx. 8% error rate, mainly for questions around documentation of trusts and foundations and SAR filing.

While the error rate may seem low given the short development time, in Compliance even one incorrect answer can expose the bank to significant risk. Therefore, organizations must ensure that they maintain oversight and do not blindly rely on chatbot responses – a prerequisite that should be met in compliance-relevant processes regardless of whether a chatbot is used: Where compliance risks arise, a bank will already have controls in place (e.g. review by a compliance officer). A chatbot can then serve as a tool to speed up analyses or guide users to relevant sources of information. Employees may also be more likely to quickly ask the chatbot a compliance question than to do their own research or contact the compliance department. Nevertheless, the integration of chatbots into compliance processes should be accompanied by training and awareness-raising for users to ensure that employees treat the answers critically.

Key Takeaways

  • A good chatbot that supports compliance questions and speeds up analyses can be developed at a reasonable effort
  • Input from Compliance SMEs for prompt engineering is essential to compensate for inaccuracies and inconsistencies in the underlying documents
  • Data protection is crucial – a production-ready setup for a Swiss bank should ensure that data is processed within Switzerland1
  • Control is essential – chatbots can supplement compliance expertise, not replace it

For a good cause

We conducted this initiative together with Powercoders, a Swiss charity that supports the integration of refugees and migrants into the job market through IT and business skills training. For every incorrect answer given by the chatbot, we reserved four hours of pro bono work for training in agile project management and Java programming. We rounded up the budget to 80 hours, thereby reinforcing our commitment to social responsibility.

About Synpulse

Synpulse is a global management consulting firm and trusted partner to financial services providers. We support our clients in the sustainable use of new technologies and accompany them from strategy to implementation. With nearly 30 years of experience in technology and business consulting, we combine regulatory and compliance expertise with technology and implementation competencies helping our clients meet regulatory expectations and increase the effectiveness of their compliance and risk management.

Would you like to test the chatbot or learn more about how you can set up your own chatbot for policies and regulations? Then contact our AI and compliance experts, who will be happy to help you.

Additional information about our solutions can be found on our service page.

1 Any other jurisdiction with adequate data protection regulation in case the Swiss bank secrecy has been waived for such purposes.


Our experts in this topic