How to Build a compliance checking Agent Using AutoGen in TypeScript for banking

A compliance checking agent reviews banking content, transactions, or customer-facing messages against policy rules before anything is sent or approved. In practice, it reduces manual review load while giving compliance teams an auditable decision trail for AML, KYC, sanctions, marketing approvals, and data-handling checks.

Architecture

Build this agent as a small workflow, not a single prompt.

• •

  Input adapter

  • •Normalizes the source artifact: email draft, chat transcript, loan note, transaction memo, or policy exception request.
  • •Strips or masks regulated fields that the model does not need.
• •

  Policy retrieval layer

  • •Pulls the relevant bank policy snippets, regulatory guidance, and product-specific rules.
  • •Keeps policy text versioned so every decision can be traced to a policy revision.
• •

  Compliance reviewer agent

  • •Uses AutoGen to inspect the artifact against retrieved rules.
  • •Produces structured findings: pass/fail, risk level, violated clause, recommended fix.
• •

  Escalation / human review agent

  • •Handles ambiguous cases and routes them to compliance ops.
  • •Forces escalation when confidence is low or when the content touches restricted categories.
• •

  Audit logger

  • •Persists prompt inputs, retrieved policies, model output, timestamps, and final disposition.
  • •This is non-negotiable for banking audits.
• •

  Policy enforcement layer

  • •Blocks downstream actions if the agent flags a hard violation.
  • •Integrates with your workflow engine or case management system.

Implementation

1) Install AutoGen and define the compliance result shape

Use the TypeScript AutoGen package and keep outputs structured. For banking workflows, you want deterministic fields you can store in an audit table.

npm install @autogenai/autogen openai zod

import { AssistantAgent } from "@autogenai/autogen";
import { z } from "zod";

const ComplianceResultSchema = z.object({
  decision: z.enum(["approve", "reject", "escalate"]),
  riskLevel: z.enum(["low", "medium", "high"]),
  findings: z.array(z.string()),
  violatedPolicies: z.array(z.string()),
  recommendedAction: z.string(),
});

type ComplianceResult = z.infer<typeof ComplianceResultSchema>;

2) Create the reviewer agent with strict instructions

The key pattern is to make the agent act like a reviewer, not a general assistant. Keep it focused on policy interpretation and structured output.

import OpenAI from "openai";
import { AssistantAgent } from "@autogenai/autogen";

const client = new OpenAI({
  apiKey: process.env.OPENAI_API_KEY,
});

const complianceAgent = new AssistantAgent({
  name: "compliance_reviewer",
  modelClient: client,
  systemMessage: `
You are a banking compliance reviewer.
Only assess content against provided policies.
Do not invent policy clauses.
If policy coverage is unclear, return decision=escalate.
Return JSON with keys:
decision, riskLevel, findings, violatedPolicies, recommendedAction
`,
});

3) Feed the agent policy context and parse the result

In banking, do not rely on raw chat output. Parse it into a schema and reject anything malformed. That gives you a clean boundary between model output and business logic.

async function reviewContent(inputText: string, policyText: string): Promise<ComplianceResult> {
  const message = `
Policy:
${policyText}

Content to review:
${inputText}

Check for:
- prohibited promises
- missing disclosures
- sanctions/AML red flags
- PII handling issues
- misleading customer statements
`;

  const response = await complianceAgent.send(message);
  const raw = typeof response === "string" ? response : JSON.stringify(response);

  const parsed = ComplianceResultSchema.parse(JSON.parse(raw));
  return parsed;
}

async function main() {
  const policyText = `
1. No guarantees of loan approval.
2. Marketing claims must include required APR disclosures.
3. Do not expose account numbers or full SSNs.
4. Escalate any mention of sanctioned jurisdictions.
`;

  const inputText = `
Customer email draft:
"We can guarantee approval for your business loan. Reply with your full account number for faster processing."
`;

  const result = await reviewContent(inputText, policyText);
  console.log(result);
}

main().catch(console.error);

4) Add escalation logic for human-in-the-loop review

For banking use cases, anything ambiguous should go to a human reviewer. The model should not be allowed to auto-approve borderline cases just because it sounds confident.

function routeDecision(result: ComplianceResult) {
  if (result.decision === "reject") {
    return { action: "block_workflow", reason: result.findings.join("; ") };
    }

  if (result.decision === "escalate" || result.riskLevel === "high") {
    return { action: "send_to_compliance_queue", reason: result.recommendedAction };
  }

  return { action: "approve_and_continue" };
}

Production Considerations

• •

  Deploy in-region

  • •Banking data residency matters. Keep inference endpoints in approved regions and avoid sending regulated content across borders unless your legal team has signed off.
• •

  Log for auditability

  • •Store the exact input text hash, retrieved policy version, model version, timestamp, and final routing decision.
  • •If regulators ask why something was approved or blocked, you need evidence fast.
• •

  Add deterministic guardrails

  • •Use hard rules before the model runs for obvious violations like account numbers in free-text channels or missing mandatory disclosures.
  • •Let AutoGen handle judgment calls; let code handle non-negotiable controls.
• •

  Monitor false positives and false negatives

  • •Track how often human reviewers override the agent.
  • •If it blocks too much marketing copy or misses sanction-related language, tune prompts and policy retrieval before expanding scope.

Common Pitfalls

1. •

   Treating the agent as a final authority

   • •Don’t let it approve high-risk banking content without human sign-off on edge cases.
   • •Use escalate as a first-class outcome.
2. •

   Sending raw sensitive data into prompts

   • •Mask account numbers, tax IDs, SSNs, and unnecessary PII before calling AssistantAgent.
   • •Only pass what the compliance check actually needs.
3. •

   Skipping policy versioning

   • •If your policies change weekly but your logs don’t record which version was used, your audit trail is weak.
   • •Always bind each decision to a specific policy snapshot and model version.
4. •

   Accepting unstructured output

   • •Free-form text is hard to validate in production.
   • •Force JSON output and validate with zod before anything reaches downstream systems.

Keep learning

• •The complete AI Agents Roadmap — my full 8-step breakdown
• •Free: The AI Agent Starter Kit — PDF checklist + starter code
• •Work with me — I build AI for banks and insurance companies

By Cyprian Aarons, AI Consultant at Topiax.