Multi-Jurisdiction Compliance: Why One-Size-Fits-All No Longer Works

Here is a scenario that will be familiar to almost every compliance professional working across borders. A financial institution is onboarding a corporate client with operations in the UAE, the UK, and the EU. The compliance team needs to confirm AML obligations across all three jurisdictions before the relationship can proceed. Simple enough, in theory. In practice, it means navigating three separate regulatory frameworks, each with its own source documents, its own terminology, its own interpretation of what “adequate” due diligence looks like and its own enforcement priorities that may or may not be written down anywhere obvious.

Three jurisdictions. Three different answers to what should be a straightforward question. And a compliance team that has to reconcile all three before anyone can sign anything.

This is the daily reality of multi-jurisdiction compliance. And the tools most teams are using to manage it were not built for this level of complexity.

The Illusion of Harmonisation

There is a widespread assumption in financial services that global regulatory frameworks have largely converged. FATF sets the standards. Jurisdictions implement them. The details differ, but the substance is broadly aligned. Compliance teams can apply a consistent approach and adjust at the margins.

This assumption is wrong and acting on it is where multi-jurisdiction compliance risk is born.

Take AML obligations as a concrete example. The UAE, UK, and EU all operate within FATF’s framework. All three require customer due diligence, beneficial ownership identification, transaction monitoring, and suspicious activity reporting. At that level of abstraction, the frameworks look similar. Drill into the detail, and the divergence is significant.

The UAE’s AML framework is administered across multiple regulators the Central Bank of the UAE, the DFSA in the Dubai International Financial Centre, and the FSRA in Abu Dhabi Global Market each with jurisdiction-specific rules that apply to different categories of firm. The DFSA’s AML rulebook is not the same as the Central Bank’s. A firm operating across both free zones and onshore UAE is navigating at least two distinct regulatory environments within a single country.

The UK’s AML framework sits under the Money Laundering Regulations 2017, as amended, supervised by the FCA for most financial services firms but with significant FCA guidance that goes beyond the base regulations and carries its own supervisory weight. Post-Brexit, the UK has diverged from EU standards in several areas, including its approach to high-risk third countries and its implementation timeline for certain beneficial ownership requirements.

The EU’s AML framework is currently transitioning. The sixth Anti-Money Laundering Directive has been followed by a new AML Regulation that will apply directly across member states removing the implementation discretion that created divergence within the bloc alongside the establishment of AMLA, the new EU Anti-Money Laundering Authority. For firms operating across EU member states, understanding which rules are currently in force, which are transitional, and which vary by member state is a research task in itself.

Three jurisdictions. Three regulatory architectures. Meaningful divergence at the level of detail that actually determines how a compliance programme is designed and operated.

Why Cross-Border Regulatory Research Breaks Down

The challenge of cross-border regulatory research is not just that rules differ across jurisdictions. It is that the information required to understand those differences is fragmented, inconsistently structured, and spread across dozens of primary sources regulatory websites, official guidance, enforcement notices, consultation papers, and supervisory statements that are updated on irregular schedules with no central coordination.

A compliance team researching AML obligations across UAE, UK, and EU simultaneously is not doing one piece of research. They are doing three separate research exercises, each requiring familiarity with a different regulatory architecture, and then synthesising the results into something coherent enough to inform a practical compliance decision.

In most teams, that work falls to senior professionals who already carry full workloads. It takes days. The outputs are inconsistently documented. And when the regulatory landscape shifts to a new FATF mutual evaluation, an updated supervisory expectation, a change in the list of high-risk jurisdictions the research has to be redone from scratch.

This is where AML obligations research, in the traditional model, consistently breaks down. Not because compliance professionals lack expertise. But because the research infrastructure they are working with was not designed for the volume and complexity of cross-border regulatory work in 2026.

How Sherlocq’s Multi-Jurisdiction Engine Works

Sherlocq’s multi-jurisdiction compliance engine was built specifically for this problem. It does not offer a generic regulatory database with a search interface. It offers structured, jurisdiction-specific regulatory intelligence delivered in response to the actual questions compliance professionals need to answer, with primary source citations for every output.

The architecture reflects how experienced compliance professionals actually think through a cross-border question. A user does not search for documents. They ask a question: what are the customer due diligence requirements for corporate clients in the UAE, UK, and EU, and where do they materially differ? Sherlocq returns a structured answer that addresses each jurisdiction specifically, not a blended generalisation that loses the jurisdictional nuance with citations to the primary regulatory sources so the professional can verify and build on the output.

The jurisdiction-specific tagging that underpins this is critical. Sherlocq does not blend UAE Central Bank guidance with DFSA rules and presents them as a single UAE position. It maintains the distinction. A question about onshore UAE returns onshore UAE sources. A question about DIFC returns DFSA sources. The professional gets the answer that is actually applicable to their specific situation, not an approximation.

For the AML obligations use case specifically, the workflow looks like this. A compliance officer at a firm with operations across the UAE, UK, and EU needs to assess whether their current CDD framework meets requirements in all three jurisdictions. They query Sherlocq with that specific question. Within minutes, they receive a structured comparison: the applicable framework in each jurisdiction, the key requirements, the areas of divergence, and the specific sources, regulatory texts, guidance notes, supervisory statements, that underpin each element of the answer. Where sanctions exposure is part of the picture, Sherlocq searches 320+ data sources spanning global sanctions regimes, including OFAC, OFSI, EU, UN, and UAE designations, in a single query, making it the first AI-native platform to deliver this level of depth and traceability across multiple sanctions regimes simultaneously.

What would previously have taken a senior compliance professional, the better part of a week now takes minutes to research and hours to review and apply. That compression does not reduce the quality of the compliance work. It eliminates the research volume that was consuming the time required to do the professional work well.

The Compliance Function Deserves Better Infrastructure

Multi-jurisdiction compliance is genuinely hard. The regulatory complexity is real, the stakes are high, and the margin for error is narrow. What should not be hard is getting access to accurate, structured, jurisdiction-specific regulatory intelligence in a reasonable timeframe.

Compliance professionals globally spend an estimated 40% of their working time on manual research. Across a function of 10 million professionals navigating $300 billion in annual compliance obligations, that is an enormous volume of expert time being consumed by information retrieval rather than professional judgement.

Sherlocq exists to change that ratio. Not by replacing the professional judgement that cross-border compliance requires but by making the research infrastructure worthy of the professionals who depend on it.

Multi-jurisdiction compliance will never be simple. Getting the intelligence to navigate it should be.

About Sherlocq

Sherlocq is an AI-native regulatory intelligence platform designed for financial services teams that can no longer afford to treat compliance research as a manual process. It does not surface more alerts. It surfaces the right answers, in context, with reasoning you can trace and trust. For compliance teams ready to move from monitoring to intelligence, Sherlocq is where that shift begins.

Get Started with Sherlocq

• Try the free tier at sherlocq.ai, no credit card required
• Pro plan available at $79/month or $790 annually for advanced capabilities
• Book a demo for your team or institution at hello@sherlocq.com