The temptation is to throw AI at everything and see what sticks. But if you blur the line between adaptive and compliance processes, you end up with the worst of both worlds: compliance processes that are inconsistent and adaptive processes that are rigid to deal with reality.
- Compliance processes are about consistency, repeatability, and auditability. Things that should ideally happen the same way every time.
- Adaptive processes are ones that can manage exceptions well, have clear escalations, and have built-in flexibility to deal with dynamic situations. Adaptive processes recognize that no process can ever cover every scenario.
All processes contain elements of both. However, when we think of processes we often jump to compliance. But anything that touches "People" needs some level of adaptability. People get sick, don't show, dates move, addresses can be wrong, payments fail, documents can be out-of-date.
AI is brilliant at many classes of adaptive processes. It can weigh options, synthesize context, and adjust on the fly. It thrives where (1) the "right answer" depends on the situation, and (2) the situation presents sufficient and complete data to make a good determination.
But compliance processes are a different beast. SOC2, HIPAA, financial audits, regulatory reporting. These aren't making a determination — they're about proving you followed the prescribed steps. The value isn't in the outcome being smart, it's in the outcome being deterministic and auditable.
AI struggles here. The point is the paper trail, so overly automating it has questionable benefit.
There's also the nature of LLM-style AIs — they're fundamentally probabilistic, which is exactly what makes them powerful for adaptive work and unreliable for compliance. Take running tests in Software Engineering — a mandatory step that shouldn't be overlooked. Even with strong prompting and configuration, coding tools will occasionally forget. They have a limited context and will drop things over time. "Occasionally forgets" is fine[1] for adaptive work; it's a failing grade for compliance. So for coding we provide scaffolding — hooks, human checks, and CI/CD — to deliver the compliance we need.
Know which type of process you're dealing with. Let AI adapt when that is powerful, but don't make it responsible for compliance.