Earlier this month, CUBE joined over 700 senior risk and compliance leaders at XLoD Global London, the flagship event for non-financial risk and control. Hosted just minutes from CUBE’s global headquarters in London, the two-day conference featured 100+ sessions and 100 expert speakers, including regulators, Tier-1 banks, and technology innovators. The focus? How the Three Lines of Defence must evolve to meet the demands of an AI-driven, data-centric future.
Conversations reflected a global shift toward automation, data-driven decision-making, and AI-enabled compliance. With regulators signaling clear expectations for automation within the next 24 months, the urgency for change has never been greater.
Key Themes from XLoD Global
1. Not All Controls Are Created Equal
Banks are rethinking control frameworks, tiering controls, and streamlining control libraries. A digitised, well-enforced control inventory is now seen as foundational for effective risk management. Many firms are moving toward a single firmwide source for group controls to reduce duplication, improve consistency across the three lines and unlock capacity.
2. Controls Must Be Connected to Risk
Controls cannot exist in isolation. The industry is shifting toward a model where controls are associated with risk, enabling better insights and decision-making. This partnership between risk and control functions is critical to avoid siloed approaches and build a proactive compliance framework.
3. Automation Is No Longer Optional
Momentum toward automation is undeniable, with 69% of attendees polled selecting “automation of controls” as their biggest priority over the next 12-24 months. Regulatory expectations around automation are increasing, and firms are investing in technology to move preventative controls upstream, improve data quality, and free up resources for higher-value activities.
4. Quality Over Quantity
As firms grow, control proliferation becomes a challenge. The consensus at XLoD was clear: fewer, clearer controls lead to better risk outcomes and lower costs. Achieving this requires organisational change from the top down, supported by high-quality firmwide data and modernised frameworks. Firmwide consistency remains a challenge.
5. AI and Human Collaboration
While AI is transforming compliance, the “human in the loop” remains essential. The future lies in a hybrid architecture where AI agents deliver scale and speed, and humans provide judgment and trust. This approach ensures that automation enhances – rather than replaces – critical decision-making.
CUBE on the Plenary Panel
CUBE Founder and CEO, Ben Richmond, joined leaders from Barclays, Citigroup, Bloomberg, and Bank of America on the Q&A Plenary Panel: The Evolution of the 3 Lines of Defence: Modernising Risk & Controls in Financial Services.
Ben shared his predictions on the future of automated regulatory compliance: “It is very clear how the industry has evolved, but also how much potential remains untapped. The opportunity now is progressing toward a human–AI architecture, where AI agents and people work side by side – agents bringing scale and speed, humans bringing judgment and trust, leveraging data to inform risk appetite and enabling focus on what matters.”
The Future of Compliance Is Automated, Connected, and Intelligent
At CUBE, we’re helping firms move beyond reactive compliance toward a fully orchestrated, data-driven capability. By connecting regulations, risks, and controls, we enable compliance leaders to reduce complexity, improve resilience, and stay ahead of regulatory change.
Ready to transform your compliance strategy?
Talk to our experts today to see how CUBE’s market-leading AI compliance solutions reduce risk and improve outcomes for companies of all shapes and sizes.