How to Build a compliance checking Agent Using LangGraph in TypeScript for banking

A compliance checking agent reviews customer requests, transactions, and generated content against banking policy before anything is approved or sent downstream. In banking, that matters because a bad decision is not just a product bug; it can trigger regulatory exposure, audit findings, and customer harm.

Architecture

• •

  Input normalizer

  • •Takes raw request data from chat, API, or workflow systems.
  • •Extracts the minimum fields needed for compliance checks.
• •

  Policy retrieval layer

  • •Pulls relevant controls from a policy store, rule engine, or document index.
  • •Keeps checks current when regulations or internal policies change.
• •

  Compliance evaluation node

  • •Applies deterministic rules first.
  • •Uses an LLM only for classification, summarization, or ambiguity resolution.
• •

  Escalation and remediation node

  • •Flags violations, assigns severity, and routes to manual review when needed.
  • •Produces a clear remediation message for the requester.
• •

  Audit logging sink

  • •Stores input, policy version, decision path, and output.
  • •Supports model risk management and regulatory audits.
• •

  State machine orchestration

  • •Uses LangGraph to control branching between approve, reject, and escalate paths.
  • •Makes the flow explicit and testable.

Implementation

1) Define the graph state and compliance result shape

For banking workflows, keep the state narrow. Do not pass full customer records through every node; pass only what the agent needs for the decision and audit trail.

import { Annotation } from "@langchain/langgraph";

type ComplianceDecision = "approve" | "reject" | "escalate";

type ComplianceResult = {
  decision: ComplianceDecision;
  reason: string;
  policyIds: string[];
  severity: "low" | "medium" | "high";
};

const ComplianceState = Annotation.Root({
  requestText: Annotation<string>(),
  jurisdiction: Annotation<string>(),
  policyVersion: Annotation<string>(),
  result: Annotation<ComplianceResult | null>(),
});

2) Build deterministic checks before any model call

This is where most banking controls should live. If a request obviously violates policy, stop early and return a rejection with an audit-friendly reason.

function deterministicCheck(input: {
  requestText: string;
  jurisdiction: string;
}): ComplianceResult | null {
  const text = input.requestText.toLowerCase();

  if (text.includes("guaranteed return")) {
    return {
      decision: "reject",
      reason: "Prohibited investment performance claim detected.",
      policyIds: ["INV-004", "MARKETING-002"],
      severity: "high",
    };
  }

  if (input.jurisdiction === "EU" && text.includes("send to us-only processor")) {
    return {
      decision: "escalate",
      reason: "Potential data residency conflict requires manual review.",
      policyIds: ["DATA-RESIDENCY-001"],
      severity: "high",
    };
  }

  return null;
}

3) Add LangGraph nodes for evaluation and routing

Use StateGraph to wire the workflow. The pattern below keeps deterministic logic first, then falls back to an LLM-based review only when needed.

import { StateGraph, START, END } from "@langchain/langgraph";
import { ChatOpenAI } from "@langchain/openai";

const llm = new ChatOpenAI({
  modelName: "gpt-4o-mini",
});

async function evaluateCompliance(state: typeof ComplianceState.State) {
  const deterministic = deterministicCheck({
    requestText: state.requestText,
    jurisdiction: state.jurisdiction,
  });

  if (deterministic) {
    return { result: deterministic };
  }

  const prompt = `
You are a banking compliance reviewer.
Classify the request as approve, reject, or escalate.
Return JSON with keys decision, reason, policyIds, severity.

Request:
${state.requestText}

Jurisdiction:
${state.jurisdiction}

Policy version:
${state.policyVersion}
`;

  const response = await llm.invoke(prompt);
  const content = String(response.content);

  const parsed = JSON.parse(content) as ComplianceResult;

  

Keep learning

• •The complete AI Agents Roadmap — my full 8-step breakdown
• •Free: The AI Agent Starter Kit — PDF checklist + starter code
• •Work with me — I build AI for banks and insurance companies

By Cyprian Aarons, AI Consultant at Topiax.