FYI | 10:00 AM
Financial institutions using AI without proper monitoring risk being exposed to unintended consequences, warns Jason Duerden, Area Vice President ANZ at SentinelOne.

A financial services employee uses a public AI tool to summarise a customer complaint.
A developer experiments with an AI API to speed up internal testing.
A business unit pilots an AI agent to help triage claims, customer enquiries or fraud alerts.
Individually, each use case can look harmless.
Together, they point to one of the fastest-growing security blind spots in financial services; AI adoption that has moved beyond approved pilots and into the day-to-day operating environment.
That is the challenge now facing banks, insurers and super funds. AI is no longer confined to innovation teams, strategy decks or controlled proof-of-concepts.
It is being used by executives, employees, developers and business units across the enterprise, often before security, risk and governance teams have full visibility of where it is being used, what data it can access, where the data is sent and which systems it can touch.
In April, APRA, ASIC and ASD each sharpened their focus on the operational, cyber and governance risks created by AI.
For boards and executives, the challenge is becoming increasingly urgent; can the institution see where AI is being used, control how it is being used, secure the credentials and systems connected to it, and prove that governance is working in practice?
Cloud risk casting shadows
Many financial institutions do not know which AI tools are being used, which credentials are exposed, or what systems AI-enabled tools can reach.
This is where individual experimentation can become exposure.
Once AI tools are connected to cloud environments, enterprise applications, development workflows or customer data, they become part of the institution’s broader attack surface.
Without the same controls applied to other business-critical technology, shadow AI can create new pathways into sensitive systems and information.
The data shows how quickly this risk is growing. Our recent report found that AI-specific secrets, including OpenAI, Azure OpenAI and Hugging Face API keys, grew by around 140% year on year across the environments analysed.
At the same time, the number of critical secret types exposed doubled, spanning cloud provider keys, payment keys and development tokens.
This matters because AI risk reaches across cloud security, identity governance, data protection and third-party risk.
Consider a simple scenario. An exposed AI access key gives an attacker reach to an internal AI assistant connected to customer systems.
What begins as a credential-management failure can quickly become a pathway to sensitive customer or financial data.
AI agents raise the stakes further. Unlike traditional software tools, they may be able to do more than retrieve information.
They can call APIs, move between systems, trigger workflows and perform actions across multiple applications.
If an agent has excessive permissions, or if the credentials behind it are exposed, the potential blast radius can extend well beyond the task it was originally designed to perform.
For financial services boards, this changes the nature of the risk. Shadow AI is an operational control and resilience issue with direct implications for customer trust.
What mature AI governance looks like
Many financial institutions have already started building AI governance frameworks.
They have policies, principles and internal guidance. Some have training programs. Others have committees and formal approval processes.
These are useful foundations, but they only go so far if the institution cannot see how AI is actually being used across the organisation.
Intention is not the issue. Most boards and executives understand that guardrails are needed. The gap is operational control.
Many financial institutions now have an AI strategy, but far fewer have an AI control strategy capable of showing where AI is being used, what information it can access and whether its activity remains appropriate.
That needs to change quickly.
Visibility should be the first priority. Management needs to be able to identify which AI tools and agents are operating across the business, along with what data and credentials they can access and rely on.
This includes approved systems, as well as tools used independently by employees and developers.
A unified view of AI, cloud, identity, and endpoint activity can help institutions investigate incidents quickly and provide evidence of how AI-related risks are being monitored and controlled.
From there, institutions need controls that can detect exposure of sensitive data, monitor how AI agents interact with business systems, and block unsafe activity where necessary.
Access should be limited to only what is required for a specific task. AI agents should be treated as non-human identities with defined permissions, clear ownership and an auditable record of their activity.
Their access should be limited to what is required for a specific task, and any expansion in permissions should trigger review rather than occur by default.
Financial institutions should also test these controls before an incident occurs. Tabletop exercises, where leaders work through a simulated AI-related breach and test how it would be identified, escalated and contained, can expose gaps in ownership and response processes.
The key shift is from having just an AI strategy to having an AI control strategy.
For financial services leaders, that means being able to show where AI is used, who is accountable for it and how the institution would respond if something went wrong.
The goal is not to slow AI down
None of this is about slowing AI down. For financial institutions, the bigger risk is allowing AI to spread faster than the controls needed to govern it.
Organisations that build those controls will be better placed to use AI confidently, safely and at scale.
They will also be better prepared to demonstrate to regulators, customers and shareholders that innovation is not outpacing governance.
That is the leadership test now facing financial services boards. AI will keep moving into the operating environment, whether through approved enterprise platforms, developer workflows or agentic systems connected to business applications.
The institutions best placed to benefit will be those that can see it, secure it and govern it before unmanaged AI adoption creates another pathway into sensitive systems.
Views expressed are not by association FNArena’s.
Find out why FNArena subscribers like the service so much: “Your Feedback (Thank You)” – Warning this story contains unashamedly positive feedback on the service provided.
FNArena is proud about its track record and past achievements: Ten Years On

