What is prompt engineering in AI Agents? A Guide for compliance officers in banking

Prompt engineering is the practice of writing instructions for an AI agent so it produces the output you want, within the constraints you set. In banking, prompt engineering is how you tell an AI agent what it can do, what it must not do, and how it should respond when handling regulated information.

How It Works

Think of prompt engineering like writing a bank policy memo for a junior analyst who never sleeps.

If the memo is vague, you get inconsistent work:

• •One analyst escalates everything
• •Another takes shortcuts
• •A third ignores edge cases

An AI agent behaves the same way. It reads your instructions, then decides how to act based on the prompt, the tools it has access to, and any context it receives from the customer or internal systems.

A good prompt usually defines:

• •Role: “You are a banking compliance assistant”
• •Task: “Classify this customer message”
• •Rules: “Do not provide legal advice”
• •Boundaries: “Escalate anything involving sanctions, fraud, or suspicious activity”
• •Output format: “Return JSON with risk level, reason, and next action”

For compliance teams, the key point is this: prompt engineering is not just wording. It is part of the control layer around an AI agent.

If you are reviewing an AI agent that drafts responses to customers or helps triage alerts, the prompt is effectively one of its operating procedures. A weak prompt can cause:

• •Over-disclosure of sensitive information
• •Inconsistent handling of complaints
• •Missed escalations for AML or sanctions-related content
• •Hallucinated answers that sound confident but are wrong

A useful analogy is a branch teller script.

A teller script tells staff:

• •What questions to ask
• •What not to say
• •When to escalate to a manager
• •How to handle unusual cases

Prompt engineering does the same thing for an AI agent. The difference is that the AI does not follow rules by memory; it follows patterns from instructions and context. That means wording, structure, and examples matter.

Why It Matters

Compliance officers should care because prompt engineering affects how an AI behaves in regulated workflows.

• •

  It shapes control outcomes

  • •The same model can behave safely or unsafely depending on the prompt.
  • •Good prompts reduce accidental disclosure and policy drift.
• •

  It affects escalation quality

  • •If the prompt does not define escalation triggers clearly, the agent may miss suspicious activity or over-escalate routine issues.
  • •That creates operational noise and control gaps.
• •

  It supports auditability

  • •Well-designed prompts make behavior more consistent and easier to test.
  • •That helps when documenting model governance, change management, and review evidence.
• •

  It reduces regulatory risk

  • •Prompts can enforce constraints around suitability language, complaints handling, fair treatment, and privacy.
  • •They also help prevent unsupported claims or advice-like outputs.

Real Example

Let’s say a retail bank deploys an AI agent to help customer service teams draft responses to inbound chat messages.

The business goal is simple:

• •Answer routine questions faster
• •Escalate risky cases
• •Avoid giving regulated advice

A weak prompt might be:

Help answer customer questions about accounts and payments.

That is not enough. The agent may answer too broadly, mention account-specific details without proper checks, or try to interpret legal/compliance issues.

A better production-style prompt would look more like this:

You are a banking customer support assistant.
Your job is to draft short responses for routine service queries only.

Rules:
1. Never provide legal, tax, investment, or credit advice.
2. Never reveal account balances, transaction details, or personal data unless verification status = verified.
3. If the message mentions fraud, scams, sanctions, money laundering, account takeover, or suspicious activity:
   - do not answer substantively
   - mark as HIGH RISK
   - instruct escalation to Compliance Operations
4. If the request involves complaints about fees, declined payments, frozen accounts, or disputes:
   - use neutral language
   - avoid admitting fault
   - suggest formal complaint handling if needed
5. Output must be valid JSON with:
   - risk_level
   - response_draft
   - escalation_required
   - reason

Customer message:
{{message}}
Verification status:
{{verification_status}}

Why this works better:

• •It narrows scope to routine service queries.
• •It defines hard stops for high-risk topics.
• •It standardizes output so downstream systems can route cases reliably.
• •It reduces ambiguity for both business users and engineers.

A compliance reviewer would still want testing around this prompt:

• •Can it be bypassed by adversarial phrasing?
• •Does it escalate enough?
• •Does it ever produce prohibited content?
• •Are there logging controls for review?

That is the practical reality: prompt engineering is one layer in a larger control framework. It does not replace policy rules, human review, access controls, or monitoring. But if the prompt is weak, every other layer has more work to do.

Related Concepts

• •

  System prompts

  • •The top-level instructions that define behavior across sessions or tasks.
• •

  Guardrails

  • •Rules and filters that restrict unsafe outputs or actions.
• •

  RAG (Retrieval-Augmented Generation)

  • •A way for agents to pull approved internal documents before answering.
• •

  Tool use / function calling

  • •How an agent interacts with systems like case management or KYC platforms.
• •

  Model governance

  • •The controls around testing, approval, monitoring, and change management for AI systems.

Keep learning

• •The complete AI Agents Roadmap — my full 8-step breakdown
• •Free: The AI Agent Starter Kit — PDF checklist + starter code
• •Work with me — I build AI for banks and insurance companies

By Cyprian Aarons, AI Consultant at Topiax.