AI Governance Is Becoming Operational Risk Governance
Executive Summary
Financial institutions should no longer view artificial intelligence governance as a standalone innovation initiative. Across the United States and Europe, regulators are increasingly applying existing supervisory expectations — governing cybersecurity, operational resilience, model risk management, third-party oversight, and consumer protection — directly to AI-enabled systems.
This shift reflects two converging realities. First, AI capabilities are rapidly expanding across core financial operations including fraud detection, customer servicing, surveillance, cybersecurity operations, investment research, and workflow automation. Second, regulators increasingly view AI not as an isolated technology category, but as a potential amplifier of operational, cyber, conduct, and systemic risk.
Recent developments involving the U.S. Treasury, banking regulators, the SEC, the EU AI Act, and DORA collectively indicate that institutions should expect AI-enabled business activities to be examined through existing governance and supervisory frameworks — not through isolated AI-only programs.
The implication is operational rather than theoretical: AI governance is becoming part of enterprise risk governance.
1. AI as a Cybersecurity and Operational Resilience Issue
Regulators and cybersecurity agencies are increasingly focused on how generative AI may accelerate existing threat patterns rather than create entirely new categories of cyber risk. Public and private sector reporting throughout 2025 and 2026 has highlighted growing concerns around AI-assisted phishing and social engineering, automated reconnaissance, malicious code generation, synthetic identity fraud, deepfake-enabled impersonation, and accelerated vulnerability discovery.
For financial institutions, the concern is not simply that attackers are “using AI.” The larger concern is operational scale. AI-enabled tooling may reduce the cost, skill threshold, and speed required to execute fraud, cyberattacks, and influence operations across financial ecosystems. This materially changes the risk equation for fraud operations, customer authentication, privileged access management, call center security, insider threat monitoring, and third-party exposure.
The European Central Bank and several supervisory authorities have highlighted concerns that AI-assisted cyber capabilities could increase systemic operational vulnerabilities across the banking sector, particularly where institutions rely heavily on shared cloud and technology providers. ENISA’s 2024 AI Threat Landscape report reinforced this assessment, identifying AI-enabled social engineering and automated attack tooling as accelerating threats to critical infrastructure sectors including financial services.
This represents an important governance shift. AI risk is increasingly being evaluated within operational resilience and cybersecurity supervision — not remaining confined to innovation or data science functions. Under the FS AI RMF, this aligns with control MS-ADV-01 (continuous adversarial testing) and ML-VULN-01 (continuous vulnerability monitoring for AI systems), both of which require institutions to treat AI attack surfaces with the same rigor as traditional cybersecurity threats.
2. Extending Existing Governance Frameworks into AI
A notable regulatory trend in 2026 is that supervisory authorities are generally not creating entirely separate AI governance regimes for financial institutions. Instead, they are extending existing governance expectations into AI-enabled business activities.
U.S. Treasury and the FS AI RMF
The U.S. Department of the Treasury released the Financial Services AI Risk Management Framework (FS AI RMF) in February 2026, providing 230 control objectives that translate the NIST AI RMF’s four pillars — Govern, Map, Measure, Manage — into sector-specific operational requirements. The framework explicitly integrates AI risk into existing enterprise governance structures including cybersecurity, operational risk, compliance, and model governance programs.
Key controls that operationalize this integration include:
| FS AI RMF Control | Requirement | Supervisory Alignment |
|---|---|---|
| GV-BOARD-01 | Board approval of AI risk appetite | Fed SR 11-7, NY DFS 500.4 |
| GV-ERM-02 | AI risk integrated into enterprise risk taxonomy | OCC risk management expectations |
| MP-INV-01 | Comprehensive AI inventory | DORA ICT asset management |
| GV-TPR-04 | Third-party AI providers meet equivalent standards | OSFI B-13, DORA Art. 28–44 |
| MS-ADV-01 | Continuous adversarial testing | NIST CSF Detect function |
| MG-INC-01 | AI-specific incident response plans | NY DFS 500.16, DORA Art. 17–23 |
The regulatory direction is clear: institutions are expected to govern AI systems using the same control disciplines already applied to material technology and model risk.
Banking Regulators: AI as a Risk Multiplier
U.S. banking regulators including the OCC and Federal Reserve have increasingly focused on explainability, model governance, data integrity, third-party dependencies, cyber-enabled AI misuse, and concentration risk involving major technology providers. Importantly, regulators are not only focused on internally developed AI systems. Vendor-provided AI capabilities embedded within cloud, cybersecurity, productivity, and enterprise platforms are increasingly falling within supervisory scope — consistent with the FS AI RMF’s treatment of third-party AI under control GV-TPR-04.
SEC: Beyond Cybersecurity into AI Governance
The SEC’s 2026 examination priorities suggest increasing scrutiny around how firms govern, disclose, and supervise AI-enabled activities. Areas of growing focus include AI-related disclosures, governance accountability, cybersecurity controls, investment adviser responsibilities, and misleading “AI-washing” claims. For public companies and regulated financial institutions, this creates both disclosure and litigation exposure. AI governance is becoming connected to disclosure governance, supervisory controls, legal defensibility, and board oversight responsibilities.
3. Europe: From AI Policy to Operational Enforcement
European regulators are entering a more operational phase of AI oversight through both the EU AI Act and the Digital Operational Resilience Act (DORA). The intersection of these two regulations creates a supervisory environment where AI systems are governed from multiple angles simultaneously.
EU AI Act (Enforceable August 2, 2026)
The EU AI Act introduces a risk-based framework governing certain categories of AI systems. Financial institutions using AI for credit scoring, insurance pricing, or financial risk assessment fall into the high-risk category under Article 6, triggering obligations around transparency, technical documentation, data governance, human oversight, and cybersecurity controls. Non-compliance carries fines of up to 3% of global annual turnover.
DORA (Effective January 17, 2025)
DORA materially expands operational resilience obligations for financial institutions and critical ICT providers. Under DORA, firms must strengthen capabilities involving third-party monitoring, operational resilience testing, incident response, ICT dependency management, and concentration risk oversight. AI systems — particularly those dependent on external cloud providers and foundation model vendors — fall squarely within DORA’s scope.
The Convergence
The practical effect is that AI systems in European financial services are now subject to overlapping supervisory expectations from both AI-specific regulation (EU AI Act) and operational resilience regulation (DORA). An institution deploying a vendor-sourced AI model for credit decisioning must simultaneously satisfy EU AI Act documentation and human oversight requirements, DORA third-party risk and resilience testing obligations, and national supervisory expectations around model governance and consumer protection.
This convergence means AI governance cannot be siloed. It must be integrated into the same operational resilience and third-party risk programs that institutions already maintain for critical ICT services.
4. The Real Governance Challenge: Operational Integration
The central challenge facing many institutions is no longer whether to adopt AI. It is whether governance structures can scale quickly enough to support safe, explainable, and defensible deployment.
Many firms still lack centralized AI inventories, consistent risk classification methodologies, model lineage visibility, explainability standards, AI-specific incident response procedures, and clearly defined accountability structures. This becomes increasingly problematic as AI capabilities expand into customer servicing, fraud operations, software engineering, compliance monitoring, cybersecurity operations, and autonomous workflow execution.
The governance problem is organizational rather than purely technical. Institutions that continue treating AI governance as an isolated innovation workstream will struggle to satisfy evolving expectations across cybersecurity, operational resilience, model governance, compliance, audit, and third-party oversight functions.
The FS AI RMF provides a practical integration path. Control GV-ERM-02 requires AI risk to be incorporated into the enterprise risk taxonomy — not maintained as a separate register. Control MP-INV-01 mandates visibility into all AI deployments across the organization. Control MG-HITL-01 requires human-in-the-loop mechanisms for high-risk AI decisions. Together, these controls establish that AI governance is enterprise governance — not a parallel program.
5. What Senior Leadership Should Prioritize
For executive leadership teams, the immediate priority is not building standalone AI governance offices. The priority is integrating AI oversight into existing enterprise control structures with clear accountability and measurable outcomes.
-
Enterprise AI inventory and risk classification — Establish visibility into where AI is deployed, what business processes it influences, what data it accesses, and which vendors are involved. Without this baseline, governance is impossible. (FS AI RMF MP-INV-01)
-
Extend model risk management to AI systems — Apply SR 11-7 principles including effective challenge, independent validation, and ongoing monitoring to material AI-enabled systems, whether built or bought. (FS AI RMF GV-ERM-02)
-
Incorporate AI into cybersecurity and resilience exercises — Include AI threat scenarios — prompt injection, synthetic identity attacks, deepfake-enabled fraud — in penetration testing, red-team exercises, and business continuity planning. (FS AI RMF MS-ADV-01)
-
Expand third-party risk to cover AI dependencies — Assess concentration risk, governance asymmetry, and operational dependency on AI vendors. Require equivalent control standards from third-party AI providers. (FS AI RMF GV-TPR-04)
-
Define board-level AI reporting — Establish metrics for AI governance posture, incidents, material exposures, and remediation progress. Boards must be able to articulate the institution’s AI risk profile. (FS AI RMF GV-BOARD-01)
-
Clarify cross-functional accountability — AI governance spans cybersecurity, risk, compliance, legal, audit, and technology. Define ownership, escalation paths, and decision rights explicitly.
Institutions that operationalize governance early are likely to experience lower regulatory friction, stronger audit defensibility, improved operational resilience, and more sustainable AI adoption.
6. Conclusion
The regulatory direction is increasingly clear. Supervisory authorities are not treating AI as a separate governance domain detached from existing enterprise controls. Instead, they are progressively applying established expectations governing cybersecurity, operational resilience, model risk management, third-party oversight, and consumer protection directly to AI-enabled business activities.
For financial institutions, this represents a structural shift in risk governance. The institutions that adapt fastest will be those that stop building parallel AI governance programs and start integrating AI oversight into the operational risk, cybersecurity, and resilience frameworks they already maintain.
The question is no longer whether AI requires oversight. It is whether existing governance programs are mature enough to absorb AI-driven operational complexity at enterprise scale.
References
- U.S. Department of the Treasury: Financial Services AI Risk Management Framework (FS AI RMF) (February 2026).
- National Institute of Standards and Technology: AI Risk Management Framework (AI RMF 1.0) (January 2023).
- European Parliament: Regulation (EU) 2024/1689 — The EU AI Act (August 2024).
- European Parliament: Regulation (EU) 2022/2554 — Digital Operational Resilience Act (DORA) (December 2022).
- European Union Agency for Cybersecurity: ENISA Threat Landscape 2024 (2024).
- U.S. Securities and Exchange Commission: 2026 Examination Priorities (2026).
- Board of Governors of the Federal Reserve System: SR 11-7: Guidance on Model Risk Management (April 2011).
- Office of the Superintendent of Financial Institutions: Guideline B-13: Technology and Cyber Risk Management (2022).
- Cyber Risk Institute: Financial Services AI Risk Management Framework (FS AI RMF) (February 2026).
- New York Department of Financial Services: 23 NYCRR 500 — Cybersecurity Requirements (Amended November 2023).