If 2025 was the year financial institutions finally stopped asking if AI worked and started asking how to scale it, 2026 is the year that scaling becomes a competitive mandate. We are moving past the era of air traffic control-type of compliance where every plane on the radar triggers a frantic alert and into a world of autonomous, risk-aware orchestration. In this Q&A, John Flowers, Head of Global Financial Markets Services at eClerx, explores the shift from rigid, rule-based legacy systems to signal-driven intelligence. From the rise of agentic payments to the extinction of the siloed Fraud and AML departments, Flowers outlines a future where identity is a living behavioral signal and Payment Service Providers must choose between becoming smart decision engines or invisible utilities.
- If 2025 marked the year that AI evolved from proof-of-concept to proof-of-value, how will AI evolve and redefine productivity of FCC in 2026?
Today, financial institutions’ financial crime compliance functions are overwhelmed by the tremendous volumes of alerts, even though more than 90% of the alerts wind up being determined to be false-positive. Highly skilled investigators spend their days searching for the needle in an ever‑growing haystack making the cost of these risk controls extremely high.
For example, if we think about financial crime compliance processes in terms of air traffic control, it would be as if every plane on the radar screen were constantly alerting the controller about a potential issue even though most of the time the plane is actually just fine, cruising along at altitude. Today, financial firms need to have enough controllers so that every alert can be reviewed.
In 2026, this balance will shift dramatically. Not only are AI models maturing, but more importantly, firms will significantly improve their ability to work with the right partners to adopt and operationalize AI within their complex risk and compliance ecosystems. They will drastically increase the efficiency of their risk control tools and allow their personnel to focus on addressing real risks.
- We’ve moved from mobile-first to agentic payments, where AI agents can negotiate and transact on behalf of users. How must payment orchestration layers evolve by 2026 to verify the intent and permission of a machine-initiated transaction rather than a human click?
This is one of the most under-discussed shifts. A human click is easy to understand. A machine-initiated transaction is not. Orchestration layers need to answer three basic questions in real time: Who is the agent? Who authorized it? And under what conditions is it allowed to act? That means intent, permission, and accountability have to be embedded into the transaction itself.
So orchestration becomes less about routing and more about real-time governance. You need persistent agent identity, policy based intent verification, clear delegation rules, and the ability to revoke or throttle authority instantly. Without that, agentic payments won’t scale,regulators and consumers won’t tolerate “the bot did it” as an explanation.
- With AI now able to dynamically route payments across the most efficient rails in real-time, how will this change the competitive landscape for traditional Payment Service Providers?
It compresses margins very quickly. If AI can always find the cheapest or fastest rail, then just being a processor stops being a differentiator.
Consider a merchant paying a supplier invoice: an AI agent can automatically choose between ACH, RTP, card, or alternative rails. But the real value isn’t just in choosing the cheapest path. The PSPs that win will be the ones that add an intelligence layer on top—answering questions such as:
- What’s the fraud or counterparty risk on this transaction?
- Which rail has the highest approval rate for this supplier?
- If a payment fails, what’s the liability and operational impact?
- Should the firm prioritize cost, speed, or maintaining a strategic supplier relationship?
This kind of contextual, risk‑aware orchestration is what merchants will pay for. In an environment where real‑time payments settle instantly and mistakes become expensive immediately, risk intelligence becomes more valuable than raw connectivity.
In other words, PSPs either become utilities, or they become decision engines. There’s not much room in the middle anymore.
- With synthetic identities and deepfakes becoming the primary threat vectors in 2026, how does Agentic AI shift the defense strategy from simple name screening to analyzing deep behavioral biometrics?
Name screening is a necessity, but it can be spoofed. What we should be striving toward is behavioral truth, basically how someone interacts over time, across channels, and across sessions. Agentic AI can continuously analyze patterns that humans can’t: typing rhythm, navigation behavior, device consistency, transaction sequencing.
The real shift is from asking “does this name match a list?” to asking “does this identity behave like a consistent, persistent human?” Agentic AI makes that possible at scale—continuously analyzing behavioral patterns across thousands of customers without waiting for human review.
Identity verification becomes identity monitoring—always on, always learning. And that’s where fraud prevention and KYC begin to converge, because identity is no longer a static record. It becomes a living, behavioral signal.
- In 2026, what are the tangible benefits of a unified Fraud + AML (FRAML) department compared to the siloed compliance teams of the past?
The biggest benefit is clarity. One customer. One risk view. One decision path.
When fraud and anti money laundering are separate, you end up investigating the same customer twice, each time with only a part of the picture. A unified model reduces false positives, accelerates intervention, and ultimately produces better regulatory outcomes.
It also matters more in a real-time world. You don’t have the luxury of slow escalation when money moves instantly. FRAML isn’t just more efficient, it’s structurally necessary.
But the practical reality is that convergence only works when risk and compliance controls become far more efficient. Today, many functions are overwhelmed by the sheer volume of alerts generated by low‑precision systems. Teams spend most of their time clearing false positives rather than evaluating real risk. Until firms modernize these sensors and streamline operations, fraud and AML teams function more like large‑scale processing centers than analytical risk units.
- We’ve talked about “KYC drag” for years. What are the technological orchestration layers that will finally make real-time, perpetual KYC realistic for a global Tier-1 bank in 2026?
In 2026, the biggest breakthrough for real‑time, perpetual KYC will come from the orchestration layers that sit above individual data sources and regulatory regimes. And that’s critical because global banks operate across dozens of jurisdictions, each with its own AML and KYC rules, corporate disclosure standards, and data‑privacy constraints. This fragmented landscape was never designed for perpetual KYC. It was built for periodic, document‑driven reviews.
That said, we’re starting to see the foundations for real‑time KYC emerge—particularly in European and Asia-Pacific markets, where regulatory frameworks and public‑sector infrastructure make near‑real‑time access to entity information possible. These environments create the conditions for more proactive, intelligence‑driven monitoring.
This is where orchestration technology becomes essential. Platforms like our Compliance Manager continuously monitor authoritative data sources across jurisdictions, detect changes as they occur, and automatically trigger the appropriate due‑diligence workflows. Instead of waiting for an annual or event‑driven refresh, the system identifies the signal—a beneficial owner change, a corporate event, a risk‑relevant update—and initiates the right review instantly.
In other words, perpetual KYC becomes realistic only when three layers come together: 1) Regulatory environments that enable timely access to high‑quality data; 2) Standardized orchestration technology that can normalize and interpret that data; 3) Automated workflows that drive the right response the moment a material change occurs.
- If you had to pick one legacy process or traditional banking habit that will officially become extinct by 2026 because of these AI shifts, what would it be?
If I had to pick one legacy process that becomes extinct by 2026, it’s rigid, rule‑driven workflows in risk and compliance. For years, banks have relied on static, sequential rule trees—“if X then Y”—to manage fraud, AML, KYC, onboarding, and payment risk. These workflows were built around deterministic logic and human‑triggered checkpoints. They’re slow, brittle, and incredibly expensive to maintain. Every policy change requires re‑coding. Every exception requires human intervention. And the combinatorial explosion of “edge cases” makes them impossible to scale.
AI makes this entire model obsolete.
By 2026, workflows stop being rule‑driven and become signal‑driven. Instead of pushing a customer or transaction through a predefined sequence of steps, AI evaluates risk continuously and dynamically. This shift is especially important for global banks. Manual rule maintenance across dozens of jurisdictions isn’t just inefficient—it’s operationally unsustainable. With AI, workflows become living, self‑optimizing systems that learn from outcomes and adjust in real time.
- Many firms struggle to move AI from a sandbox to the enterprise scale. How does eClerx help clients bridge that gap?
Most organizations don’t fail because the model doesn’t work. They fail because the operating model doesn’t change. What we focus on is production reality for example, data readiness, governance, controls, and workflow redesign.
Where we differentiate ourselves is in the blend of operations, technology, and deep domain expertise. Many firms approach AI as a pure technology problem. We don’t. We come in as a transformation partner who understands compliance, risk, and operational execution as deeply as we understand machine learning.
Our clients recognize that the services we provide are extremely resilient, scalable and agile. We help them compress the innovation lifecycle, increasing the throughput of ideas into real business and process improvements. Practically, that means we start with how the firm operates today: the data flows, the handoffs, the control environment, the reporting obligations, and the failure points.
Then we redesign the workflow end‑to‑end so AI can operate within it while maintaining auditability, regulatory explainability, and human oversight where it truly matters. We’re not bolting AI onto broken processes; we’re rebuilding the process so AI can deliver tangible impact—fewer false positives, faster case resolution, higher control effectiveness, and outcomes regulators can trust.
Ultimately, the difference between a successful AI deployment and another failed pilot is usually domain knowledge, not technology. Firms that scale AI in financial crime and compliance succeed with partners who understand the regulatory context, the operational realities, and the nuances of the risk decisions being automated.
About John Flowers
John Flowers serves as the head of Global Financial Markets Services at eClerx, leading strategy and delivery across the firm’s financial services portfolio and developing innovative, technology-driven solutions. His responsibilities span the alignment of eClerx’s global operations with evolving market demands, while also driving initiatives that enhance efficiency, resilience, and client experience.
With over 30 years of experience working in the financial markets landscape, John has held several senior roles with international firms before joining eClerx, as well as having successfully built two financial technology companies, giving him a unique perspective when delivering large-scale transformations. John holds a Bachelor’s Degree in Cognitive Science from the University of California San Diego.
