Technology and Innovation Community

 View Only
Back to discussions
Expand all | Collapse all

Agentic AI has gone mainstream but governance has not

  • 1.  Agentic AI has gone mainstream but governance has not

    Posted 6 days ago
      |   view attached

    Shraing an interesting report on AI in Financial Services published yesterday by Cambridge Centre for Alternative Finance (CCAF), University of Cambridge.

    The report examines how far AI especially agentic AI is actually being adopted in financial services, what impact it is having, and where the biggest risks, governance gaps, and regulatory challenges lie. It is one of the most comprehensive global AI surveys in finance to date, covering 628 organisations across 151 jurisdictions.

    AI adoption is widespread, but shallow

    • Over 80% of financial services firms are using AI in some form.
    • However, most usage is incremental (productivity, efficiency, cost reduction) rather than transformational (new business models or market structures). 
    • AI is concentrated in back-office functions such as software development and data management, rather than core revenue-generating activities

    Fintechs lead, incumbents follow, regulators lag

    • Fintechs are significantly ahead of traditional financial institutions in deploying AI, particularly in customer support and product experimentation.
    • Regulators are well behind the industry: Nearly 48% of regulators are still in the "exploration" phase or not engaged with AI at all. 
    • This creates a policy and supervisory mismatch at a time when agentic systems are entering mainstream use.

    Agentic AI has gone mainstream but governance has not

    • Agentic AI systems (models that can plan, execute, and adapt with limited human intervention) are now widely deployed.
    • Yet:
      • Accountability for AI failures is unresolved
      • Oversight mechanisms struggle to keep up with system autonomy and speed. 
    • The report explicitly describes the industry as "navigating without a map".

    Cyber and operational risks are rising fast

    Cyber risk is the top concern, especially Adversarial AI, software engineering vulnerabilites, model manipulation

    A serious perception gap between industry, vendors, and regulators

    • AI vendors consistently downplay risks compared to Financial institutions and regulators
      • This misalignment complicates shared responsibility models and vendor risk management.

      Foundation models dominate

      • Most organisations build on external foundation models, not in‑house AI.
      • OpenAI is the most-used provider, followed by Google and Anthropic, across both firms and regulators. 
      • This deepens concentration risk and dependency on a small number of AI suppliers.


      ------------------------------
      Aya Pariy
      ------------------------------


    Related Content