A few years ago, a loan officer would sit across from you, ask a few questions, maybe raise an eyebrow at your spending habits, and make a call. You could argue with that person. You could explain the rough patch on your credit report. Today, that officer is often a model, software trained on millions of past decisions, quietly deciding whether you’re worth the risk. You can’t argue with it. Most of the time, you don’t even know it exists.

That’s the backdrop to a conversation building steam across boardrooms and regulators alike: how do you govern something that decides faster than any human can review it, at a scale nobody can fully audit?
Plenty of sectors are wrestling with AI oversight right now. But finance carries a particular kind of risk, because money doesn’t stay in one place. It moves, it connects, it cascades. A recommendation algorithm messing up on a shopping app is annoying. A risk model messing up inside a major bank can spread through markets before anyone notices the source.
A few things make finance especially tricky:
Regulators clearly see this coming. The EU’s AI Act, fresh guidance from the Federal Reserve and OCC, and ongoing work from bodies like the Financial Stability Board are all starting to treat AI as its own category of risk, not an IT upgrade, but something that belongs alongside credit risk and market risk.
It’s not one policy or checklist. It’s closer to a set of habits a bank builds into how it treats every model, from the day it’s built to the day it’s retired. Institutions doing this well tend to focus on a handful of things:
None of this sounds exciting. It’s closer to fire codes than innovation. But that’s kind of the point, the boring stuff is usually what stops a small glitch from becoming a front-page problem.
The trickier issue might not be technical at all. It’s cultural. Data science teams are rewarded for accuracy and speed. Risk teams are trained to ask what could go wrong. For a long time, these were basically two departments that rarely spoke the same language. Good AI governance forces them into the same room, and that’s where things get uncomfortable.
Deployment slows down. A fraud model that looked ready to ship might sit in review for months while someone stress-tests it against every weird scenario they can think of. It’s frustrating short-term. But banks that lean into that friction, instead of fighting it, tend to end up ahead, not behind.
A few examples make it concrete:
Seen this way, governance isn’t fighting innovation. It’s the scaffolding that keeps innovation from collapsing on itself.
A few things seem likely to shape the next stretch of this story.
None of this gets solved with one law or one audit. It gets solved the slow, unglamorous way most financial infrastructure gets built, through mistakes, corrections, and repetition.
AI in finance isn’t going anywhere, and neither is the risk that comes with it. The banks that come out ahead won’t be the ones shipping the flashiest models first. They’ll be the ones that can explain what their models did, defend those decisions, and fix them fast when something goes sideways. Governance isn’t slowing this industry down, it’s the seat-belt that lets it move fast without everything falling apart.
The rules are still being figured out, in real time, by people who don’t have all the answers yet. But the institutions taking this seriously now will probably be the ones still standing the next time something breaks.
Who’s Watching the Algorithm That’s Watching Your Money? was originally published in Coinmonks on Medium, where people are continuing the conversation by highlighting and responding to this story.