Duco van Lanschot

Duco van Lanschot – Founder of Duna – navigating AI-adoption in finance, compliance automation, and transforming customer experiences

Jeroen Broekema: What does that mean, an AI-native platform?

Duco van Lanschot: Maybe good to start with what Duna actually is. We’re an AI-native business identity platform for regulated companies – like large banks, fintechs, platforms, and other financial institutions. We help them understand who they’re doing business with, through processes like “know your customer” (KYC), “know your business” (KYB), customer due diligence (CDD), and anti-money laundering (AML).

So what does AI-native mean? It means the platform is built around AI from the ground up, not bolted onto an existing system. We call it an AI-native identity system of record – basically, the central place where everything we know about a business customer lives and gets updated.

Here’s how it works. At the base, we break business identity data into very granular pieces of evidence. By “evidence” we just mean individual facts about a company – who owns it, where it’s registered, what it does, whether it’s on any sanctions list. This is the information banks and fintechs use for those KYB, KYC, and AML checks.

On top of that sits our policy engine. That’s the part of the system that translates a customer’s compliance rules into code, so the platform knows what to check and when.

Then, wherever those rules would normally trigger a manual task – someone reading a document, calling a registry, comparing a name against a list – we deploy virtual agents to handle it instead. They either evaluate evidence that’s already there, or go and find new evidence where a person used to do the work.

So three layers: the facts at the bottom, the rules on top of that, and AI agents wherever a human would otherwise step in.

Jeroen Broekema: Do you have examples of that?

Duco van Lanschot: Sure. But maybe useful to first say something about how we think about AI in this space. Our view is that AI in compliance has to be deterministic – meaning it produces the same result every time, with a clear paper trail you can audit. It’s not about replacing humans with a black box; it’s about taking the manual, repetitive work off their plate so they can focus on the actual judgment calls. And we focus on use cases where that delivers real, measurable impact: better conversion, lower costs, or reduced risk.

With that in mind, let me give you a few concrete examples.

The first is smart document uploads. When someone uploads a document during onboarding – say, a proof of address or a registry extract – it’s validated in real time against the compliance requirements. Is it the right type of document? Is the signature correct? Does it fall within the valid time window? If something’s off, you can ask for the correct version right away. Without that, what typically happens is people submit the wrong thing, finish the application, and then disappear when you come back to them later. That creates delays and drop-offs.

A second example is auto-filling applications. We can pre-fill a lot of the required information using publicly available data from the web – company registration details, addresses, ownership structure – which makes the process much faster and smoother for the user.

A third is AI assistants for screening and monitoring– the AML side of things, where you’re checking customers against sanctions lists, watchlists, and adverse media. In many cases, more than 95% of the alerts that come up are false positives – the system flags someone, but it turns out to be a different person with a similar name, or an old article that’s no longer relevant. The challenge is figuring out quickly which alerts are real and which aren’t. AI can dramatically speed up those investigations, so analysts spend their time on the alerts that actually matter.

Then there are automated case summaries – where instead of an analyst writing up the investigation by hand, AI drafts the summary for them. And continuous web monitoring, which means analyzing a customer’s website at scale to check whether it lines up with what they told you during onboarding: their terms of service, supported payment methods, company disclosures, and so on. It can also flag inconsistencies, like links to prohibited industries or connections to restricted countries.

So overall, these are the kinds of applications where we’re using AI to reduce manual work, speed up decision-making, and improve accuracy – all at the same time.

Jeroen Broekema: Are these AI-tools you build yourself or are you using external AI-engines to kind of fuel your own proposition?

Duco van Lanschot: We build about 99% of our AI features in-house. Anything that sits within our own system is built by Duna. The AI features that come from outside are in very specific parts of the data integrations – for example biometrics or ID-document verification, where a passport is checked for authenticity, or a selfie is matched against the photo on an ID. Those happen at the underlying vendors themselves, because they’re highly specialized areas where it makes more sense to plug in a best-in-class solution than to build it ourselves.

What we build ourselves is mostly the real-time validation against a customer’s compliance rules – improving conversion, reducing drop-off, catching issues early in the onboarding process. That work has to be deeply tailored to each customer’s own KYB and KYC framework, so it has to be ours.

So we’re pragmatic about it: in-house where customization and control are critical, external where specialists already do it best.

Jeroen Broekema: Do you see a lot of AI-adoption in financial services? I mean you speak to a lot of customers and potential customers, then obviously you talk to these financial institutions. Do you have a view on that?

Duco van Lanschot: When we talk to industry leaders, like at the AI in Compliance dinner we hosted lately, it’s clear that while AI is top-of-mind for everyone, very few have actually moved past just using ChatGPT on the side. The number of companies that have truly built it into their core workflows remains incredibly low. My rough estimate is that maybe 10% have made a meaningful impact with AI so far. Companies like Adyen, Stripe, and Revolut are leading the way. But the majority haven’t really started yet, and a lot of them aren’t sure how to.

There are very logical reasons for that.

The first is risk. These organizations are extremely risk-averse, and the incentives are asymmetric – meaning, if things go right you don’t get much credit, but if things go wrong, you can really get hurt. At an individual level, the upside of adopting AI is often limited, but the downside is huge. If an analyst approves something using AI and it turns out to be wrong, that can seriously damage their career. So people default to caution. Before anything else, the downside has to be fully covered.

The second is the quality bar. It’s not enough for something to work most of the time. Every decision has to be reliable, repeatable, and explainable – meaning you can show, step by step, why the system reached the conclusion it did. You need configurable guardrails– basically built-in limits that keep the AI inside the rules – that align with compliance and internal policies. And if there’s an audit, you have to be able to rerun the exact same process and get the exact same result, or clearly explain why it differs.

The third is the policy layer. A lot of these institutions still run on legacy compliance policies – hundreds of pages of internal rulebooks, written years ago, leaning heavily on human judgment. To make AI work, those policies need to be translated into something a system can actually enforce on its own – clear, machine-readable rules instead of paragraphs of text. Otherwise the AI simply doesn’t know where the boundaries are.

And on top of all that, everything is constantly changing – customer relationships, data, regulation, context. So the system has to adapt as things move, which adds another layer of complexity.

All of this makes deploying AI in financial institutions significantly harder than in most other industries. That’s why I see financial services as the second wave of AI adoption, not the first. The first wave is happening in areas like customer service, where the stakes are lower – if a customer is already having a poor experience, AI doesn’t meaningfully increase the downside. In financial services, the stakes are much higher, and the tolerance for error is much lower.

Jeroen Broekema: About Duna. What is it that financial institutions want to work with you? What are the main reasons?

Duco van Lanschot: It comes down to a few things: a much better experience for the businesses they’re onboarding, automated compliance checks, and lower costs.

Today, the reality is that in many compliance teams, about 99% of an analyst’s time is spent on checkbox exercises – collecting the right documents, filling in the right fields, ticking the right boxes. Only about 1% is actually spent using human judgment to decide whether you want to work with this customer in the first place. And that 1% – the actual judgment call – is what “know your customer” is really supposed to be about.

Our view is that this should be flipped completely. The data collection and box-ticking should take 1% of the time, because all of it is automated – both gathering the information and checking it against the rules. The remaining 99% is where humans should focus: looking at the customer as a whole, making the actual decision, and spotting the kinds of red flags an AI agent might miss.

Right now, it’s the other way around. That’s what we’re trying to change. We’re not fully there yet, but that’s very much the direction we’re heading.

Jeroen Broekema: So, you use a lot of AI in your product, but on a more personal note, are you using AI yourself a lot?

Duco van Lanschot: Yes, of course.

Jeroen Broekema: For what kind of things?

Duco van Lanschot: From a hobby project to internal productivity, or the whole company is all over Claude code. And I think if you don’t use the leading model and the latest model, then it’s very hard to really understand how good it already is.

Jeroen Broekema: Is there a particular, provider you use mainly?

Duco van Lanschot: We’re currently using Anthropic’s latest model. Honestly, if people weren’t flabbergasted by it in the first quarter of this year, they’re probably not using it, because the improvement, especially in Claude Code, has been incredible. The progress is genuinely hard to believe.

For example, in our day-to-day work, like producing our podcast, but especially in engineering, we’ve seen a major boost in productivity. Our coding velocity in Q1 increased by roughly 175% to nearly 200% compared to the second half of last year.

Part of that growth comes from expanding the team and onboarding more engineers. But even accounting for that, we’ve still seen at least a twofold increase in productivity, measured by things like pull requests. And importantly, this isn’t due to inflating the size of the code we ship, we’re delivering more output at a consistent level of quality compared to H2 last year.

Duco will speak at the leaders in finance AI-event on June 4

Jeroen Broekema: Last question. So you will be speaking as I said, this is a pre event interview in the run up to the 4th of June, at the leaders in finance AI-event 2026. So there will be 100 plus people from all kinds of financial institutions across the country. Is there something, I mean we are quite clear what you are going to bring there and more but is there something you would like to learn from them?

Duco van Lanschot: I’d really like to understand what’s holding financial institutions back from deploying more AI – where the boundaries are for them, and what they still need internally to scale its use.

There was also a really interesting post on Twitter recently – I’m not sure if you saw it – where someone described this as their “COVID moment.” Like hearing the early reports out of Wuhan before the rest of the world caught on. That analogy stuck with me, because if you’ve been using the latest models, you can already see what’s coming.

The productivity we’re seeing in our engineering teams is off the charts. Even people who were skeptical about AI have completely turned around – a full U-turn. It’s gone from “this might be useful” to “holy shit, this is actually really good.”

And it’s way more than just a copilot now. You can really put it to work. You still need to guide it, of course – you can’t just let it run completely on its own – but the impact of the latest model improvements has been massive.

Jeroen Broekema: Thanks a lot Duco. Duco van Lanschot founder of Duna for this short pre event interview.