AI in mortgage compliance: oversight first, speed follows

AI in mortgage compliance is the use of artificial intelligence to check a mortgage case file against regulatory rules — verifying documents, affordability and disclosures — and flag issues for a human to approve before a lender decides. The part of that definition that matters is the end of it: the AI assists the people accountable for the decision. It doesn't make the decision.

In practice it covers the things that slow a case down and create regulatory exposure:

1. Document integrity — are the right documents present, legible, consistent and unaltered? 2. Land registry reading — pulling and cross-checking title and charge data. 3. Affordability and income/expenditure validation against the evidence on file. 4. Vulnerability signals drawn from the communications around the case. 5. Product selection and disclosure checks — was the right thing recommended, and explained?

None of that is exotic. It's the work a good compliance officer already does. The difference is whether it happens on every file, or only on the ones a sampling rota happens to reach.

It is also not the same thing as AI underwriting, which is where all the attention has gone.

Every lender right now is being told the AI prize is faster underwriting. But your brokers just told you the bigger prize is compliance — and an underwriting engine that can't show its working isn't speed, it's a faster way to be wrong. Compliance you can't audit isn't compliance.

A decision in minutes makes a great press release, and it genuinely helps a broker chasing a deadline. But look at the pain points brokers actually listed: complex cases, manual document submission, inconsistent underwriting decisions. None of those are speed problems. They're compliance problems wearing a speed costume, because every one of them comes down to whether the case file is complete, correct and evidenced before anyone makes the call. Get that right and the speed follows. Get it wrong and you've automated your way to a faster Consumer Duty breach.

None of this is an argument against fast — our own checks run in minutes, not hours. It's an argument about which fast you buy: speed you can evidence, or speed you'll end up explaining to a regulator.

Here's the bit nobody talks about. The risk most lenders carry isn't that an AI makes a mistake on a file. It's the 85% of files no human ever fully checks.

Manual review realistically covers around 15% of cases through sampling. The other 85% go through on trust. AI-based checking runs across 100% of files, at a consistency a reviewer on their fortieth case of the week can't match. In our own deployments that lands at proven accuracy of around 99% on mortgage compliance checks.

How you get there matters more than the number. Accuracy in compliance is a compound error problem: one clever model making one pass will miss things, so you run several independent checks that cross-validate each other, and an error in one layer gets caught by another. That's also the honest answer to the fifth of brokers who are sceptical AI will help at all — most AI tools weren't built for compliance-grade work, and scepticism about them is earned.

What separates the ones that are built for it isn't a louder accuracy claim. It's the audit trail. Every flag traceable to the source document. Every decision and human override logged with a timestamp. If you can't reconstruct why a case was treated the way it was, you don't have a compliance tool — you have a liability with a nice interface.

This is where Consumer Duty and the Senior Managers regime stop being a constraint and become the design brief. The FCA doesn't prohibit AI, but it insists a named, accountable person stays responsible for the outcome. So the only deployment that survives a regulator's questions is one where the AI surfaces findings and a human signs off the exceptions, never one where a black box quietly auto-approves cases.

We've had to prove this in harder rooms than mortgages. At the law firm Walker Morris, we cut a complex document review from 4 hours to 15 minutes, a 93% reduction — and what made it usable wasn't the speed, it was that every conclusion was traceable. The same discipline holds for a regulation as new as DORA, where "we followed the model" isn't an answer anyone wants to give.

Picture a complex case from a broker: multiple income sources, a limited-company structure, a couple of documents that don't line up. The old path is a queue, a reviewer eventually sampling cases like it, and a bounce-back to the broker a week later if something's missing. Everyone loses time and the broker loses confidence.

With compliance checking at intake, the file is read the moment it arrives. The missing payslip, the affordability gap, the disclosure that wasn't quite right — all surfaced before underwriting, with the document and rule attached. A human reviews the exceptions, not the whole queue. Clean cases move. The rest get one clear, early request instead of a late, vague rejection.

The check that took over an hour takes about eight minutes, and every step is logged. The pain points brokers named — fewer resubmissions, faster decisions in principle, consistent treatment — get solved as a byproduct of doing the compliance properly. You don't have to choose between fast and defensible. You build the defensible part first.

If you're weighing this up, start here:

1. Separate the compliance-check layer from the underwriting-decision layer — don't let speed bury the audit. 2. Require a full audit trail — every flag traceable to source, every override logged. 3. Keep an SM&CR-accountable owner signing off the exceptions, not the whole queue. 4. Test accuracy on your own broker-submitted files in a pilot before you trust any coverage claim. 5. Confirm UK/EU data residency and ISO 27001 before a single case file moves.

Get those right and AI stops being a risk you're nervous about. It becomes the thing that lets you say, on any file, exactly why you treated a customer the way you did. That's what brokers were asking for. If you want to see it on your own cases, talk to us.