Financial services firms racing into AI risk leaving gaps in safety controls
26% of financial services firms have no or limited controls to ensure AI systems comply with laws and regulations, new research from EY reveals, while just under a quarter lack safeguards against unauthorised access or corruption.
As financial services leaders ramp up investment in artificial intelligence (AI), more than half of firms plan to increase their AI spending over the next 12 months. Despite this, the data highlights significant gaps in governance. Nearly six in ten firms use AI to automate routine tasks, and 62% are deploying it to simplify complex tasks that would otherwise require specialist skills.
Preetham Peddanagari, EY’s UK Financial Services tech consulting leader, warns: “Without robust oversight and governance frameworks, the sector risks leaving itself and its customers exposed to significant threats.”
Anssi Ruokonen, head of data and AI at Basware commented: “AI should be embraced – but its effectiveness depends on the quality and management of the data behind it. Our AI to ROI report shows that 94% of finance leaders are already using AI to streamline operations, and 73% report these investments improve compliance.
“By analysing large volumes of financial data, reducing errors, and increasing transparency, AI delivers measurable ROI and strengthens decision-making. Without accurate, well-managed data and a clear strategy, the cost can be huge for organisations, risking compliance failures, inefficiency, and even stunting growth.”
Greg Watson, chief executive officer of Napier AI, commented: “A lack of safe AI controls across financial services is creating serious vulnerabilities. As AI adoption accelerates, many firms are deploying AI at scale without the governance, transparency and oversight frameworks required to ensure it is both secure and accountable. This gap risks exposing institutions to regulatory breaches, operational failures and heightened financial crime threats, which can undermine customer trust.
The Napier AI / AML Index 2024-2025 found that financial crime compliance alone cost UK financial institutions over £6.2bn in 2023. UK financial institutions could save £2.2bn annually through AI-driven AML solutions, and the FCA’s supercharged sandbox is a step towards this.
This is not a challenge that financial services firms can solve alone. It needs a coordinated effort across the industry, regulatory and technology providers, supported by robust risk management frameworks to meet shifting regulatory expectations.
Establishing effective AI controls today is the only way to protect customers, uphold trust and ensure the sector can innovate responsibly.”
The financial services industry is rapidly incorporating AI through high-profile partnerships and in-house innovation. NatWest and OakNorth have partnered with OpenAI, while Lloyds has launched a “Centre for Excellence and Advanced Analytics.” The banking industry alone is projected to invest over £1.8bn into AI by 2030. Firms cite efficiency, automating repetitive tasks,and proficiency, tackling complex problems faster and more accurately, as key drivers of AI adoption.
The Financial Conduct Authority (FCA) recently confirmed it will not introduce additional AI regulations but will monitor risks through its existing framework. The launch of the FCA’s “supercharged” AI sandbox with Nvidia aims to provide firms with resources to safely innovate.