Katherine Yeung, Chief Risk & Compliance Officer at 10x Banking, joined a roundtable hosted by The Banker to explore a vital question: how can banks match AI innovation with uncompromising vigilance? Here, she shares her reflections.
If 95% of international banks are already using or planning to use AI within a year – and they are, according to the Bank of England – then how are they going to match that innovation with vigilance?
Last week, I joined a roundtable of tech leaders from across financial services designed to discuss that very question.
The discussion, hosted by Chris Newlands, Deputy Editor of The Banker, in partnership with Salesforce, coalesced around a critical truth: as banks accelerate into AI-powered transformation, the security landscape is fundamentally shifting, and old paradigms are no longer enough.
Here are my insights from our spirited and enlightening debate on AI in financial services.
AI is amplifying the complexity of risk management for banks. “Vibe coding” – where software developers use AI to generate code without deep code review – is rapidly removing friction from delivery cycles. However, my peers who took part in the discussion flagged how these advances can in some cases outpace the governance frameworks originally designed for more linear software deployment. In some cases, automated code generation cuts visibility for compliance teams, introducing fresh concerns as the velocity of innovation climbs.
The challenge is compounded by third-party platforms with AI features enabled by default, sometimes without granular user awareness or consent. For highly regulated environments, this creates new exposure pathways for sensitive data, requiring fast and robust recalibration of security operations.
A standout takeaway was the way leading banks are developing granular risk taxonomies and risk assessment methodologies for AI, classifying use cases by potential impact. For example, deploying generative AI to create or modify core banking systems is categorised as high risk, demanding intensive oversight and controls.
In contrast, using AI for simple data search or summarization carries lower risk. Some institutions even automate this risk assessment, establishing clear process guardrails and ensuring regulatory and security teams remain plugged in at every stage. This approach brings speed without sacrificing control - a crucial principle as AI gets embedded deeper into financial workflows.
An encouraging theme emerged on the response side: firms are investing heavily in AI & data academies, aiming to build broad-based understanding that bridges business and technical teams. It’s not just about technical skills; regulatory alignment (such as the EU AI Act) and operational nuance are now essential ingredients.
Alongside training, new attestation mechanisms are being put in place. These processes compel direct accountability, making stakeholders explicitly confirm and accept AI-driven changes before they are promoted into live environments. Reinforcing the “human in the loop” principle is critical in safeguarding trust and transparency.
And more broadly, participants emphasised the need to foster a culture of responsible AI use, supported by broader skillsets across business and technology teams.
Speed is essential in today’s financial sector, but so is clarity about roles and risk ownership. Many participants highlighted how secure-by-default architectures, combined with accelerated governance, are becoming key success factors in safe AI deployment.
There’s tension here: traditional risk approval cycles can struggle to keep pace with dynamic AI adoption. The answer lies in adaptive frameworks, balancing controls with the agility needed to innovate without compromise.
Notably, there’s still debate about measuring AI’s return on investment. While efficiency gains are easier to quantify, the indirect benefits – strategic agility, futureproofing, resilience – are equally important.
At 10x, these industry challenges are familiar, and they shape our approach to enabling AI securely, at scale. Our DNA is rooted in delivering compliant, real-time data access as the baseline for resilient financial operations. We believe that:
Ultimately, real-time data and flexible control are what set safe AI apart from the rest, especially in high-stakes environments.
If there’s one constant in financial services, it’s change – yet the breakneck pace of AI adoption makes this a whole new ballgame. The takeaway from the FT roundtable is clear: there’s no room for complacency. Forward-thinking banks are getting comfortable with discomfort, turning risk visibility and rapid response into superpowers rather than stumbling blocks.
At 10x Banking, our mission is to enable clients to harness the benefits of AI securely and confidently, whatever challenges the future brings.