Beyond Automation: Exploring the Potential of Agentic AI in Risk Management and Fraud Detection in Banks

As the banking system is undergoing a seismic transformation, a considerable body of research and literature has emerged in the past few years on the topic of operational risk. Risk management is a high-profile activity for any banking or financial institution, due to stringent regulations on the amount of equity capital to be held, and the amount of trading or operational losses that can be sustained each year. A bank's risk monitoring and pricing methodologies remain critical in the changing market context of steadily increasing trading volumes and speeds, growing diversity of instruments, emergence of new financial products, and collection of myriad data sources. Understanding risk is key to building confidence with clients. Hence risk management will always be a hot topic in the banks. The rapid investor adoption of agentic AI technologies has far exceeding the banks' expectations. In parallel, a rise in adverse or unwanted activities has become more visible. This poses a new set of risks that impact the financial industry. Financial institutions are faced with a “success-liability equation,” where the effective use of agentic AI tools can have both significant upside but equally significant downside. Banks need to rethink AI as a technology that is no longer solely in their control. Furthermore, regulatory and risk management challenges are relevant today, as they will concern most players in the financial industry next year. The rapid spread of artificial intelligence (AI) using large language models (LLMs) poses risks that banks must address to avoid financial, operational, regulatory, reputational, compliance, and engagement impact. Banks are currently as dominant as other industries, and their response will have ripple effects. The topic is timely, relevant, and considerable in scope. To manage the risk of agentic AI tools, the banks' existing Cultivating Confidence controls and processes for more traditional AI implementations should be refreshed or strengthened in certain areas. These include Auditability, Explainability, Transparency, Supervision, and Human-in-the-loop. New operational risk considerations should also be introduced, including Speed, Externality, Disruption paths, and Reliability checks. Although many banks will consider similar risk and control enhancements, institutions will differ in their current maturity, resulting in potentially different levels of risk exposure.