Built by Hong Kong compliance practitioners — running live today

A professional compliance team,plus the AI platform we built for it.

At a fraction of what the big players spend.

For Hong Kong’s small licensed corporations: you focus on your clients. Our fractional compliance practitioners and our agentic compliance software carry the compliance workload — support and advisory, while accountability stays where the SFC put it: with your firm.

Real practitioners, fractional costAgentic software does the legworkAI drafts — never decides
Working product, not a mock-up — the demo runs on three realistic fictional firms.

Your Compliance Health

Meridian Peak Asset Management

Healthy

Handled for you this week

  • radarSweep · agentNew SFC circular triaged — firm-specific impact memo drafted
  • trainingRollout · agentCPT shortfall spotted and chased — two staff rebooked
  • staffDeclarations · agentAnnual declarations distributed — 12 of 14 already returned
  • Nexus practitioner · advisoryIncident assessed — self-report recommendation prepared for your MIC's sign-off

The machine does the legwork

Your practitioners make the calls

AI Weekly Briefing: “A quiet week — two items need your eyes on Monday…”

Encodes the rules you’re actually held to

Securities and Futures OrdinanceSFC Code of ConductAMLOSFC AML/CFT GuidelineFinancial Resources RulesClient Money RulesClient Securities RulesManager-In-Charge regimeResponsible Officer rulesCPT requirementsProfessional Investor (HKPI) thresholdsFund Manager Code of ConductInternal Control GuidelinesHKEX participant obligationsKeeping of Records RulesContract Notes Rules

If you run a licensed firm

Compliance feels like a fog.

You are personally responsible for it — but you can’t actually see it.

How compliant are we?

There is no clear picture of the firm's overall health. You find out where you stand when something breaks — or when the regulator tells you.

Where are we exposed?

High-risk areas stay invisible until an inspection points at them. Nothing ranks your exposures or warns you early.

What's due, and when?

Filings, returns, reviews and CPT hours live across mailboxes, spreadsheets and one person's memory.

And the fog isn’t even the worst of it. The worst of it is the grind underneath…

The daily reality

A five-person broker owes the SFC the same rulebook as a five-hundred-person bank.

The obligation set doesn’t scale down with headcount — the same MIC regime, the same AML/CDD standard, the same CPT and licensing obligations. Big firms throw people and six-figure platforms at it. In a small firm, it lands on one overworked person’s desk, next to their day job.

A hundred small tasks

Filings, CPT hours, policy reviews, declarations — none heavy alone, all of them together consuming your best people.

Deadlines that don't wait

Problems surface when a date is already missed, not before. There is no early warning in a spreadsheet.

The regulator calls ad hoc

An RFI, a new circular, an inspection notice, a licensing follow-up — each lands on top of everything else, on the regulator's clock.

The tools are priced for banks

Enterprise GRC platforms need a team to run and a bank's budget to buy. Small firms get the rulebook without the tooling.

This is the pain we built our practice — and our software — to take off your desk.

Our approach · first, the philosophy

Everything a licensed firm must stay on top of — organised.

This is our organised compliance framework: eight elements on a foundation of day-to-day regulatory compliance, capturing everything a licensed firm must stay on top of — so nothing falls between the cracks. It’s how we ran compliance inside global banks. We brought it with us.

1Governancereporting2Policies&procedures3Complianceriskassessment4Targetedriskassessment5Monitoring&testing6Training7Regulationchange8IssuemanagementTOTALCOMPLIANCE

Tap any segment — every element is a live, working module in compli.ai.

Nothing falls between the elements — that’s the point of the framework.

The foundation it all stands on

Our approach · then, the machine

And then we built the machine for it.

compli.ai is an AI-powered, agentic compliance software modelled element-for-element on this framework — built to do the legwork, so the framework runs every day without consuming your people. We didn’t license someone else’s tool; we encoded how we actually run compliance.

The tracking
The chasing
The drafting
The monitoring

Why choose us

Man + machine is the whole point.

Practitioners alone

Expensive — and no human can watch every register, deadline and circular daily. You pay senior rates for legwork.

Software alone

Can't exercise judgement, sign off a risk assessment, or stand in front of a regulator when it matters.

We combine both

The software carries the repetitive load; the practitioners carry the judgement. A small firm gets a full compliance function's coverage.

Because the machine does the legwork, the human hours drop — and that saving is passed on to you.

How it works

The machine half, up close.

Three parts carry the repetitive load — a live view of your compliance health, a deterministic KYC risk engine, and the AI advisors and agents that do the legwork. Here’s each one.

01 Your Compliance Health

One live view of your firm’s compliance state.

Overall health, high-risk areas ranked, every deadline listed — kept current by the working modules underneath, each scoring itself from its own real data and calibrated by a practitioner who has actually sat in the Head-of-Compliance seat. So the three fog questions finally have answers:

How compliant are we?

One number.

A live firm-wide score on a four-tier scale — and one failing area can never be averaged away.

Where are we exposed?

Ranked.

High-risk areas surfaced and ordered in a “Needs your attention” list, deep-linked to the underlying record.

What's due, and when?

Listed.

An obligation calendar generated from your licence types, escalating as items approach and pass due.

The four-tier health scale

0508092100

You can’t average your way out of a failure. Any single red module caps the whole firm at “Needs Attention”; two amber modules block “Exemplary”. A weighted average is never allowed to hide a serious problem.

Score trend, snapshotted daily

Improvement — or drift — is visible before it becomes a finding.

79 → 88 in six weeks

Regulator-Readiness Lens

“If the SFC inspected tomorrow, here are your gaps — ranked by exposure.” Every below-target module reframed as inspection risk, in the language of your actual fear.

AI Weekly Briefing

A board-ready State-of-Compliance memo, streamed live from your actual module data — plus a Reporting Studio that exports the monthly board deck to PowerPoint, Excel and PDF.

Kept current by nine working modules:Calendar & ObligationsAML/KYC & ScreeningLicensing & IndividualsTraining & CPTMonitoring & ControlsBreach & IncidentsPolicies & ManualsRegulatory Change RadarGovernance & Secretariat

02 KYC Risk Engine

Onboarding, handled by rules. Try it right here.

Hong Kong’s AML/KYC rules are deterministic — so we encoded them as auditable logic, not AI guesswork. Flip the case facts and watch the assessment recompute, exactly as it does in the product.

Case facts

Entity type

Risk factors

Deterministic assessment

Medium riskStandard CDDReview every 24 months
No senior-management approval trigger

Documents this case must collect · 3

  • Incorporation docs & directors
  • UBO identification (≥25%)
  • Certificate of incumbency

The AI drafts the memo on top — it never sets the rating.

An illustrative subset — the production engine also weighs FATF lists, screening outcomes, source-of-wealth clarity and professional-investor evidence.

03 AI Advisors & Agentic Workers

The legwork, done while you serve your clients.

A streaming AI Compliance Advisoranswers “do we have an RO shortfall on Type 4?” from your actual register — and five agents run the repetitive-but-important jobs, grounded in your firm’s dossier, licences and live module data.

radarSweepSweeps SFC circulars and turns them into firm-specific impact assessments.

obligationSweepBuilds your obligation catalogue from your licence types and financial year-end.

trainingRolloutDeck → library → schedule → distribute → track, end to end.

craAssessmentRuns the annual risk assessment — and never downgrades a signed-off risk.

staffDeclarationsAnnual declarations rolled out and chased, per staff member.

radarSweep

Regulatory change agent · Meridian Peak

Running…
  • Fetching latest circulars from sfc.hk…
  • 4 new circulars found · screening against firm profile
  • Triaging: 2 relevant to Type 9 / Type 4 activities
  • Drafting firm-specific impact assessments…
  • 2 action items filed to the Obligation Calendar

The AI drafts — it never decides. Regulated judgements stay deterministic, auditable and human-owned.

All AI is decision support — never legal or regulatory advice, and never the regulated judgement.

Fractional Compliance Support

The human half — the part no software company can copy.

When judgement is needed, real practitioners step in with in-person advisory and support — named people from US, European and Asian investment-bank compliance backgrounds, standing beside your firm in the moments that matter.

Fractional compliance support

Ongoing, named practitioner support and advisory — without the full-time hire.

Inspection & RFI response

The governance and P&P pack assembled — coherent, consistent, fast.

Licensing applications

Handled end-to-end, through every round of regulator follow-up.

Incident & breach reporting

Drafted properly, in the regulator's template, under real time pressure.

Annual CRA, done with you

Conducted together and documented to a defensible standard.

Policies & manuals

Drafted and refreshed — mapped to the obligations you actually have.

The same practitioners who built the framework — and the software — are the ones who answer when the regulator writes in. That’s the half of the offer you can’t download.

Cost comparison

What a healthy compliance function actually costs.

The traditional route

Option 1 · Build an in-house team

HKD 60K–250K /month

A small team of compliance officers — plus recruitment, retention and key-person risk.

Option 2 · Outsource to a traditional consultancy

HKD 80K–160K /month

Delivered as documents and point-in-time reviews that go stale between visits.

Option 3 · The founders do it themselves

No invoice.

The hidden cost is the most expensive of all: partner time, missed deadlines, and personal regulatory exposure.

The way forward

Fractional professional compliance team

+ our AI compliance platform

a fraction of the traditional cost.

Plans from HKD 15,000/month — a fraction of an in-house hire.

The machine does the legwork, so you only pay for human judgement — and we pass the saving on.

Get a number for your firm’s shape

Cost ranges are indicative market figures for Hong Kong licensed corporations. Nexus Compliance provides compliance support and advisory services — regulatory responsibility, including Manager-In-Charge accountability, remains with the licensed firm at all times.

You focus on your clients. We’ll carry the compliance workload.

A thirty-minute walkthrough — the platform, the practitioners behind it, and what the combination would cost for your firm’s shape. A fraction of what the big players spend.

The live demo runs entirely on fictional firms and fictional client data.

Questions, answered straight

Compliance buyers are professional sceptics. Good.

Is this a real product or a concept deck?+

Real and running. Nine CRUD-capable modules, deterministic scoring, five AI agents, the onboarding rules engine and the reporting studio are all built and deployed. Today it runs on three richly detailed fictional demo firms; multi-tenant onboarding of real firms is the current roadmap step — the schema has been firm-scoped from day one.

Does the AI make compliance decisions?+

No — and this is a design principle, not a disclaimer. Regulated judgements (risk ratings, CDD levels, approval triggers, scores) are deterministic, auditable rules. The AI drafts on top: memos, briefings, board decks, impact assessments. Decision support, never legal or regulatory advice.

Which firms is it built for?+

Small Hong Kong SFC-licensed firms: boutique asset and hedge fund managers (Type 9/4), licensed family offices, legacy brokers (Type 1/2), PE/VC managers.

What regulatory ground does it actually cover?+

The MIC eight-core-function regime, the two-RO-per-activity rule, CPT tracking, the AMLO CDD/EDD/SDD ladder, HKPI classification thresholds, the client-asset regime, the FRR, and a ~35-item obligation catalogue mapped to specific legal bases across the SFO, Code of Conduct, AMLO, FMCC and more — authored and calibrated by a practitioner.

Why does the scoring use four tiers?+

Because the practitioner running it judged three tiers too blunt. The four-tier scale (Exemplary ≥92, On Track 80–92, Needs Attention 50–80, At Risk <50) makes the top achievable and red rarer and more meaningful — and one red module still caps the whole firm. You can't average your way out of a failure.

Where does our data sit — and does AI train on it?+

Every record is scoped to your firm at the schema level, from day one. AI calls send only the minimum firm context needed to draft the document in front of you, and compli.ai never trains models on your data. The public demo contains no real firm or client data at all — every name and number in it is fictional.

Who's behind compli.ai?+

Nexus Compliance — a Hong Kong team led by a practising compliance executive who runs a fractional compliance consultancy for SFC-licensed firms. compli.ai is the product arm of that practice: we are our own first customer, and the demo firms are drawn from years of real small-firm archetypes.

What does it cost?+

We're onboarding an early cohort of design-partner firms, so pricing is agreed per firm — sized for small-firm budgets, not enterprise GRC contracts. Book a demo and we'll quote for your shape.

How do we get started?+

Book a live demo and we'll walk your team through the product on the three demo firms — then talk about standing up your own firm dossier and obligation catalogue as a design partner.

Free briefing

SFC Radar — a free biweekly briefing on new SFC circulars, translated into action items for small licensed firms.

Biweekly, plain-English, unsubscribe any time. No product pitch — just what changed and what to do about it.