DEV Track Spotlight: Anti-Money Laundering Multi-agent Orchestration with AWS Strands (DEV326)

Financial crime is a global crisis of staggering proportions. In 2023-2024 alone, approximately $3.1 trillion in illicit funds flowed through the global financial system - money from drug trafficking, human trafficking, terrorism, and fraud. Traditional rule-based Anti-Money Laundering (AML) systems struggle to keep pace, generating false positive rates as high as 95%. This means compliance teams spend countless hours reviewing legitimate transactions while real threats slip through undetected.

At AWS re:Invent 2025, three AWS Heroes - Ayyanar Jeyakrishnan (AWS AI Hero, Executive Director at WellsFargo), Bhuvaneswari Subramani (AWS DevTools Hero, Chief Cloud Evangelist at Intuitive.Cloud), and Vivek Raja P S (AWS AI Hero, VP Product at Nexstem) - presented DEV326, demonstrating how to build a production-ready, serverless AML system that combines the power of Strands Agents SDK with Amazon Bedrock AgentCore. Their solution features eight specialized agents working in orchestration to provide intelligent financial crime detection with semantic reasoning, real-time API integration, and explainable AI decisions.

Watch the full session:

The Challenge: Moving Beyond Rule-Based Systems

Bhuvaneswari opened the session by highlighting the fundamental problem with traditional AML systems: "Financial organizations deal with diverse data - financial transactions, customer profiles, KYC data, news feeds. Traditional rule-based systems have too many false alarms, up to 95% false positives. If a system reports anything above $10,000 USD, there could be hundreds of legitimate transactions that month. This slows down real threat detection."

The evolution of AML regulations has only increased the complexity:

• 1970: Bank Secrecy Act established foundational requirements
• 1989: Financial Action Task Force (FATF) created with 40 specific standards
• 1992: Suspicious Activity Reports (SARs) became mandatory
• 2020: Anti-Money Laundering Act expanded institutional responsibilities

Modern financial institutions need context-aware methods that can cut down false alarms, increase focus on real threats, and detect risks quickly at lower cost. This is where agentic AI workflows come into play.

Understanding Agentic AI Workflows

Before diving into the solution architecture, the speakers clarified an important distinction. An agentic AI system is an autonomous entity that makes decisions and acts upon those decisions to accomplish a goal with minimal human intervention. An agentic AI workflow, however, is a coordinated sequence where multiple agents orchestrate to accomplish complex goals.

When should you use agentic AI workflows versus traditional approaches?

Use Agentic AI Workflows when:

• Dealing with complex, multi-step workflows
• Processing diverse, unstructured datasets
• Requiring memory retention across conversations
• Needing semantic reasoning beyond fixed rules

Use Traditional Approaches when:

• Mission-critical applications require 100% deterministic results
• Ultra-low latency is essential
• Fixed rule-based systems provide adequate results

For AML, the complexity of data sources, the need for contextual understanding, and the requirement for explainable decisions make agentic AI workflows the ideal choice.

The Technology Stack: Strands Agents SDK and Amazon Bedrock AgentCore

The solution leverages two powerful technologies working in harmony:

Strands Agents SDK

Strands Agents SDK is an open-source framework that enables developers to create agents with just a few lines of code, without worrying about infrastructure complexity. As mentioned in the session, Strands Agents has already achieved over 5 million downloads, demonstrating its widespread adoption.

Key capabilities:

• Native integration with AWS services
• Seamless connection to tools and MCP servers
• Model-agnostic design (works with any LLM)
• Minimal code required for agent creation

Amazon Bedrock AgentCore

While Strands Agents SDK makes it easy to build agents, Amazon Bedrock AgentCore makes it possible to deploy them at production scale. As Bhuvaneswari explained: "Imagine you have a stream of agents interconnected to think, act, and remember all at once at massive scale. That's when we need a service like Bedrock AgentCore."

AgentCore is not a single service but a composite suite addressing the complete logistics of production agent deployment:

AgentCore Runtime

• Provides managed sandboxed serverless environments (unlike traditional serverless functions)
• Each environment runs for up to 8 hours to serve agent functionality
• Supports agents built with any framework (LangChain, LangGraph, LlamaIndex, CrewAI, etc.)
• Creates Docker Compose files and deploys to Amazon Elastic Container Registry
• Provides endpoints for application integration

AgentCore Gateway

• Manages inbound authentication
• Connects agents to Amazon API Gateway, AWS Lambda functions, and other AWS services
• Enables seamless tool interaction without exposing internal complexity
• Handles communication between agents and external tools/MCP servers

AgentCore Memory

• Short-term memory: Stores messages and state for up to 365 days (configurable)
• Long-term memory: Automatic memory extraction module processes short-term data asynchronously
• Extracts insights, summaries, and semantic data for future reference
• Enables agents to access user preferences and historical insights

The Eight-Agent Architecture

The solution implements a modular, layered architecture with eight specialized agents, each playing a distinct role in the AML workflow:

1. Perception Agent

The Perception Agent serves as the entry point for transaction data. When a transaction arrives via Amazon Kinesis, this agent:

• Understands the transaction details (amount, currency, sender, receiver, location)
• Retrieves KYC (Know Your Customer) data for both parties
• Connects to diverse data sources (CRM systems, Amazon RDS databases)
• Calculates additional features like device information and amount deviation
• Enriches the transaction with contextual perception

As Vivek demonstrated in the live demo, the Perception Agent identified that both sender and receiver in a high-risk scenario were marked as high-risk entities in their KYC profiles - a critical early indicator.

2. Context Agent

The Context Agent builds upon the Perception Agent's output by:

• Retrieving 60-day transaction history for sender and receiver
• Calculating behavioral features like rolling averages
• Connecting to historical data stored in Amazon DynamoDB
• Using AgentCore Gateway to access multiple Lambda-based tools
• Providing pattern analysis for anomaly detection

The modular design means adding new data sources simply requires building an additional tool - no architectural changes needed.

3. News Agent

One of the most innovative aspects of the solution, the News Agent adds real-time external context:

• Monitors real-time news feeds and adverse media
• Checks sanctions lists (OFAC - Office of Foreign Assets Control)
• Assesses geopolitical situations affecting transactions
• Uses Amazon Bedrock Knowledge Bases for sanctions list storage
• Employs browser tools to access current geopolitical information

Vivek explained the importance: "Usually this would be multiple APIs, but for simplicity we stored sanctions lists in a knowledge base. The agent can determine if sender or receiver is sanctioned. But it's not just about sanctions - we actively monitor geopolitical situations. A war-stricken country making unusually high transactions would be flagged."

The News Agent stores its findings in AgentCore Memory, ensuring that if the same entity appears in future transactions, the context is immediately available.

4. Reasoning Agent

The Reasoning Agent is the cognitive core of the system, built using Strands Agents SDK with Anthropic's Claude model in Amazon Bedrock. This agent:

• Receives context from Perception, Context, and News agents via AgentCore Memory
• Creates hypotheses about transaction legitimacy
• Identifies specific indicators of suspicious activity
• Provides detailed explanations for its reasoning
• Assigns confidence scores to its assessments
• Recommends next steps in the workflow

In the demo, when analyzing a PEP (Politically Exposed Person) donation to a microstate NGO, the Reasoning Agent created a hypothesis about suspicious involvement, identified multiple risk indicators, provided a detailed explanation, and assigned an 85% confidence score - all with complete transparency.

5. Risk Agent

The Risk Agent demonstrates how to integrate legacy systems with modern agentic workflows:

• Connects to existing ML classification or clustering models
• Applies organization-specific rule engines
• Combines classical ML outputs with agentic insights
• Evaluates contributing factors from the entire workflow
• Assigns risk bands (low, medium, high)

Ayyanar emphasized: "We're not replacing legacy ML models - we're augmenting them. The Risk Agent combines your existing models with agentic workflow intelligence, keeping compliance intact while adding new capabilities."

6. Action Agent

Based on the Risk Agent's assessment, the Action Agent automates responses:

• Low risk (score < 30): Straight-through processing, transaction approved
• Medium risk (30-50): Notify operations team, monitor transaction
• High risk (> 50): Freeze transaction, escalate to compliance

The Action Agent uses tools exposed through AgentCore Gateway to:

• Send notifications via Lambda functions
• Flag transactions in the database
• Trigger additional monitoring workflows
• Initiate SAR (Suspicious Activity Report) generation

7. Audit Agent

Regulatory compliance requires complete audit trails. The Audit Agent:

• Captures outputs from every agent in the workflow
• Logs all decision points and reasoning
• Stores comprehensive lineage information in Amazon OpenSearch Service
• Enables compliance teams to understand exactly why decisions were made
• Provides transparency for regulatory review

As Bhuvaneswari noted: "When it comes to any financial institution, auditors play a pivotal role. We want to make sure every information is triaged and logged so anyone can understand why a risk score was assigned."

8. Learning Agent

The Learning Agent creates a feedback loop for continuous improvement:

• Observes patterns across processed transactions
• Stores learnings back to Amazon DynamoDB
• Updates entity risk profiles based on new information
• Enables the system to evolve autonomously over time
• Makes future similar patterns easier to detect

This agent ensures that the system becomes more intelligent with each transaction processed, reducing false positives and improving detection accuracy over time.

The Modular, Layered Approach

One of the most impressive aspects of the architecture is its modular design. The team built the solution in three layers:

Layer 1: Transaction Monitoring

• Core workflow with Perception, Context, Reasoning, Risk, Action, and Audit agents
• Handles basic transaction analysis and decision-making
• Provides foundation for more advanced capabilities

Layer 2: Real-Time Context Enhancement

• Adds News Agent for adverse media monitoring
• Integrates sanctions lists and geopolitical awareness
• Enhances decision-making with external real-time data

Layer 3: Autonomous Learning

• Adds Learning Agent for feedback loops
• Expands audit capabilities
• Creates self-improving system

This layered approach means organizations can start with basic transaction monitoring and progressively add capabilities as needed, without rebuilding the entire system.

Live Demo: Seeing the System in Action

Vivek's live demonstration showcased three different scenarios, each highlighting different aspects of the system:

Scenario 1: PEP Donation to Microstate NGO (High Risk)

Using the behavioral signal triage orchestration (5 agents), the system processed a transaction from a Politically Exposed Person to a microstate NGO:

• Perception Agent: Identified both sender and receiver as high-risk entities in KYC data
• Context Agent: Retrieved 60-day transaction patterns showing unusual activity
• Reasoning Agent: Created hypothesis about suspicious PEP involvement with 85% confidence
• Action Agent: Recommended freezing transaction and filing SAR
• Audit Agent: Logged complete decision trail

Verdict: File SAR, freeze transaction

Scenario 2: Singapore Public Official Payroll (Medium Risk)

Using the reputation pulse scan orchestration (adding News Agent):

• News Agent: Checked sanctions lists and geopolitical situation
• Reasoning Agent: Identified as legitimate payroll payment but flagged for monitoring
• Action Agent: Allowed transaction but initiated monitoring protocol

Verdict: File SAR for monitoring, allow transaction to proceed

Scenario 3: Synthetic Community Payroll (Low Risk with Learning)

Using the full orchestration (all 8 agents):

• Risk Agent: Applied rule engine combining ML model outputs with workflow context
• Learning Agent: Updated entity profiles based on transaction patterns
• System: Demonstrated how feedback loops improve future decisions

Each scenario showed complete transparency through the audit trail, with detailed explanations of how every agent contributed to the final decision.

Technical Implementation Highlights

Multi-Model Strategy

The solution uses different Amazon Bedrock models for different purposes:

• Reasoning Agent: Anthropic's Claude for semantic analysis and hypothesis generation
• Other agents: Various models optimized for specific tasks
• Flexibility: Easy to swap models based on performance and cost requirements

Memory Management

The team employed strategic memory management:

• Short-term memory stores agent outputs during workflow execution
• Manual writes ensure critical context is preserved
• Long-term memory extracts insights for future reference
• Memory enables agents to access historical context instantly

Security and Compliance

• All data encrypted in transit and at rest
• VPC endpoints for Amazon Bedrock and AgentCore connectivity
• Complete audit trails in Amazon OpenSearch Service
• Explainable AI decisions for regulatory compliance

Observability

AgentCore Observability provides:

• Complete visibility into tool calls and execution times
• Performance metrics for each agent
• Debugging capabilities for workflow optimization
• No additional instrumentation required

Results and Impact

The solution delivers measurable improvements over traditional AML systems:

✅ Reduced Manual Review: Automated SAR report generation using LLMs eliminates hours of manual work

✅ Fewer False Positives: Context-aware semantic reasoning dramatically reduces the 95% false positive rate of rule-based systems

✅ Earlier Threat Detection: Real-time news monitoring and geopolitical awareness enable proactive risk identification

✅ Complete Audit Compliance: OpenSearch-based audit trails provide full transparency for regulatory review

✅ Continuous Improvement: Learning agent creates feedback loops that make the system more accurate over time

✅ Cost-Effective Deployment: Serverless architecture with AgentCore Runtime eliminates infrastructure management overhead

Key Takeaways

1. Augment, Don't Replace Legacy Systems The Risk Agent demonstrates how to integrate existing ML models and rule engines with modern agentic workflows, preserving compliance while adding new capabilities.

2. Modularity Enables Progressive Enhancement The three-layer architecture allows organizations to start simple and add sophistication incrementally, reducing implementation risk.

3. Context is King Combining internal historical data, real-time external news, and semantic reasoning provides the context needed to dramatically reduce false positives.

4. Memory Makes Agents Smarter AgentCore Memory's short-term and long-term storage enables agents to learn from past transactions and make better decisions over time.

5. Explainability Builds Trust Complete audit trails showing how each agent contributed to decisions provides the transparency required for regulatory compliance and human oversight.

6. Production Deployment Requires More Than Code AgentCore's runtime, gateway, memory, and observability components address the real challenges of deploying multi-agent systems at scale.

7. Open Source + Managed Services = Best of Both Worlds Strands Agents SDK provides flexibility and community innovation, while AgentCore provides production-grade infrastructure and operations.

---

About This Series

This post is part of DEV Track Spotlight, a series highlighting the incredible sessions from the AWS re:Invent 2025 Developer Community (DEV) track.

The DEV track featured 60 unique sessions delivered by 93 speakers from the AWS Community - including AWS Heroes, AWS Community Builders, and AWS User Group Leaders - alongside speakers from AWS and Amazon. These sessions covered cutting-edge topics including:

• 🤖 GenAI & Agentic AI - Multi-agent systems, Strands Agents SDK, Amazon Bedrock
• 🛠️ Developer Tools - Kiro, Kiro CLI, Amazon Q Developer, AI-driven development
• 🔒 Security - AI agent security, container security, automated remediation
• 🏗️ Infrastructure - Serverless, containers, edge computing, observability
• ⚡ Modernization - Legacy app transformation, CI/CD, feature flags
• 📊 Data - Amazon Aurora DSQL, real-time processing, vector databases

Each post in this series dives deep into one session, sharing key insights, practical takeaways, and links to the full recordings. Whether you attended re:Invent or are catching up remotely, these sessions represent the best of our developer community sharing real code, real demos, and real learnings.

Follow along as we spotlight these amazing sessions and celebrate the speakers who made the DEV track what it was!