The Carver Knowledge Index
Authoritative definitions across compliance automation, risk governance, and decision intelligence.
Authoritative definitions across compliance automation, risk governance, and decision intelligence.
Anti-Money Laundering / Countering the Financing of Terrorism. A core compliance domain in financial services, encompassing rules fordetecting, reporting, and preventing illicit financial flows. AML/CFT regulations are a primary focus of global regulatory activity and enforcement, and among the most frequently updated rule sets.
AI systems that operate autonomously — observing inputs, forming plans, and taking actions without requiring step-by-step human instruction. Carver's platform is built on agentic AI that continuously monitors regulatory sources, classifies changes, and surfaces relevant signals in real time.
Regulatory bodies whose decisions tend to presage global trends. The ECB and US Federal Reserve are the primary global influencers. The Monetary Authority of Singapore (MAS) leads on digital assets; the FCA sets the tone for consumer protection. Tracking these bodies can provide 12–18 months of advance warning on emerging regulatory directions.
A backward-looking function that tracks whether an organisation is meeting currently published rules. Distinguished from regulatory risk intelligence, which is forward-looking and aimed at anticipating changes before they become binding obligations. Compliance monitoring answers "are we compliant?" — regulatory intelligence answers "what's changing next?"
A pre-legislative document published by a regulator to solicit public feedback on a proposed rule or policy. Tracking consultation papers provides 12–18 months of advance notice, since over 80% of proposals eventually become binding. Firms that engage during comment periods can also influence final rule language.
Carver's AI-powered regulatory risk intelligence platform. Monitors 1,000+ regulators across 50+ countries in real time and delivers structured alerts classified across 20 attributes per change — including impact level, urgency, affected business functions, and specific actionables by team (policy, process, reporting, technology, training). Built for compliance, risk, legal, and strategy teams at mid-market financial services firms.
Carver's custom intelligence agent offering. Allows organisations to deploy bespoke agents that monitor proprietary intelligence sources, deliver complex analysis, and integrate with internal systems and workflows — beyond the standard RegWatch coverage universe.
Regulatory signals that have been classified, contextualised, and prioritised to the point where they can directly inform a strategic or operational decision — rather than raw regulatory text that requires manual interpretation. The defining output of a regulatory risk intelligence platform.
EU regulation that sets a new standard for operational resilience in financial services, requiring extensive resilience testing, strict vendor oversight, and 24-hour incident reporting. Full EU compliance was required by early 2025. Similar frameworks are being adopted in Singapore, Australia, and Canada.
A formal regulatory measure taken against an institution for non-compliance — including fines, consent orders, or supervisory actions. Monitoring enforcement trends reveals where regulators are directing attention before formal guidance is updated, helping firms anticipate where examination scrutiny will land next.
Publicly stated or inferable areas of focus for upcoming regulatory examinations. Monitoring exam priorities alongside enforcement actions reveals where regulators are heading before formal guidance changes — a critical forward-looking intelligence signal for risk and compliance teams.
Financial Action Task Force — an intergovernmental body that sets international standards for combating money laundering, terrorist financing, and related threats. FATF recommendations often precede national regulatory implementation by 12–24 months, making them a high-value horizon scanning signal.
Governance, Risk, and Compliance platform — software used to manage compliance workflows, internal policies, controls, and risk assessments (e.g., RSA Archer, ServiceNow GRC, MetricStream). RegWatch functions as an intelligence layer that feeds these systems, rather than replacing them.
Monitoring the full regulatory ecosystem — consultations, draft rules, enforcement trends, and legislative signals — before changes become binding obligations. Effective horizon scanning gives teams 3–18 months of advance warning. One of the three core capabilities of regulatory risk intelligence, alongside signal detection and impact modelling.
An international messaging standard for financial transactions that significantly enriches the data accompanying payments. Adoption deadlines set by ECB, SWIFT, and FedNow are driving major infrastructure changes across the industry, and creating regulatory risk for firms not yet migrated to the new standard.
Translating a regulatory change into concrete business actions — identifying which team owns it, what needs to change in policy, process, reporting, technology, or training, and what the deadline is. Turns raw regulatory intelligence into an actionable workstream.
An open standard for enabling AI agents to connect with external tools, data sources, and systems. RegWatch is MCP-native, meaning it can be integrated into agentic workflows and advanced analytics pipelines that use this protocol.
A Carver module focused on third-party and partner risk monitoring. Tracks regulatory developments affecting partners and vendors — including enforcement actions, licence changes, and executive moves — providing early warning of partner risks before they surface in headlines or affect the customer's business.
The practice of tracking updates published by regulatory bodies in real time — including mandates, sanctions, guidance, and policy statements. The foundation layer of a regulatory intelligence function, distinct from the analytical and predictive work of horizon scanning and impact modelling.
Structured attributes attached to each regulatory update to enable classification and prioritisation. At minimum: jurisdiction, regulator, impacted system, effective date, risk level, team ownership, and action required. RegWatch classifies each update across 20 such attributes, enabling meaningful filtering and routing.
The continuous process of monitoring, classifying, and interpreting regulatory change in real time so organisations can act on it strategically, not just comply reactively. It goes beyond tracking what regulators publish — it connects regulatory signals to business decisions across risk, strategy, legal, and product functions.
An open benchmark released by Carver Agents for evaluating whether AI agents can correctly respond to regulatory change. Designed to establish a standard for assessing accuracy and reliability of AI-driven regulatory intelligence systems — the first benchmark of its kind in the domain.
RegWatch's programmatic interface for integrating regulatory intelligence into customers' own systems. Supports real-time alert webhooks, query endpoints, relevance scoring on demand, and bulk data exports in JSON, CSV, PDF, and XML formats.
The practice of identifying and exploiting differences in regulatory regimes across jurisdictions — for example, launching a product in a more permissive market before stricter rules converge globally. RegWatch surfaces early arbitrage opportunities before markets converge, enabling strategic market entry timing.
The degree to which an organisation's products, markets, or operations are subject to potential regulatory action or restriction. Understanding regulatory exposure early — before product launch, market entry, or partnerships — allows firms to reduce risk and preserve strategic flexibility.
The process of filtering thousands of regulatory publications down to what actually matters for a specific business. In RegWatch, AI classifies each signal by impact, urgency, affected business functions, and deadlines, so teams see relevant updates — not everything published across 1,000+ regulatory sources.
A third-party audit certification confirming that a service organisation's security, availability, and confidentiality controls are operating effectively over an extended period (typically 6–12 months). RegWatch is SOC 2 Type II certified, meeting the vendor risk expectations of financial services customers.
Tracking updates from sanctioning authorities (OFAC, OFSI, EU, UN) that restrict transactions with designated entities or individuals. Sanctions updates represent the fastest-moving regulatory risk — sometimes requiring action within hours of publication — making automation essential for timely compliance.
The window between when a regulation is published and when it goes into effect. Windows vary widely — as short as 24 hours for sanctions updates, to several months for AML rules, or longer for infrastructure changes like ISO 20022 migration. Short windows are a direct test of a firm's agility and the speed of its intelligence function.
Categorising regulatory updates by topic — fraud, consumer protection, digital assets, resilience — to identify patterns across jurisdictions and time. Trend tagging transforms reactive alerts into predictive intelligence: for example, spotting a cross-jurisdictional shift toward linking instant payments with fraud controls months before it becomes a binding requirement.
A real-time integration method where RegWatch pushes alerts to a customer's system immediately when new intelligence is available. Webhooks can be filtered by relevance score, jurisdiction, or topic. Each payload includes full regulatory text, AI analysis, and metadata in JSON format.