AWS for Industries

Operational risk management and AI for banks and financial services customers

Introduction

In 2022 we published a blog entitled “Is your Enterprise Risk Management Framework ready for the Cloud?” that set out how and why Enterprise Risk Management Frameworks (ERMFs) needed to change to accommodate the adoption of Cloud technology. In the intervening three years, we have observed that those customers who are making the most progress with their digital transformation have indeed thought differently about technology risk and adapted their ERMFs to reflect this. Among other things, it has given senior business decision makers and stakeholders (i.e. those outside of the technology function) more confidence to use the cloud to innovate and to build resilience into their organizations because the nature of technology risk they are taking is better understood and therefore managed.

It is worth returning to this topic in the light of developments in generative and more recently agentic AI in order to highlight how these technologies change the nature of operational risk and what might be done to harness the value they create whilst managing the operational risks that they generate.

AI use is not new

Banks and other financial institutions have been using machine learning and AI for at least a decade now. Banks and Fintechs, for example, use inference models for business use cases, such as credit risk assessment and fraud detection and prevention. Risk management strategies have developed alongside this to manage and mitigate operation risks such as model bias.

Non-deterministic outcomes are not the only risk to consider

The development of generative AI has changed the nature of operational risk, however, and not just because its outputs are non-deterministic. Its capabilities have also changed how banks and financial services customers use the technology, and this has implications too. The table below highlights some differences between more traditional machine learning and generative AI.

The different nature of operational risk, traditional AI/ML and Generative AI compared:

Traditional AI/ML versus Generative AI/ML chartFigure 1: AI Operational Risk Considerations

While agentic AI uses generative AI foundational models, the technology significantly expands the range of business challenges that AI can address. The pace of change in this area is fast, and we are seeing it have a transformational impact in many industries. The potential in banking and financial services is significant. However, agentic AI will have a more direct impact on the way operational risk is managed than simply generative AI. For example, in your agentic system there may be:

  • Conflicting decisions or actions taken by different agents
  • Inconsistent customer experiences delivered by agents across channels or products
  • Unintended regulatory breaches due to localized design choices in a wider enterprise system
  • A loss of explainability and control over automated outcomes

Agentic AI is more than a technology shift. Agentic AI requires an operational redesign to ensure proper oversight. Agentic AI operates across functions like operations, risk, compliance, and customer service because it follows end-to-end goals rather than siloed or sequential tasks. Agentic AI doesn’t execute rules; it interprets, reasons and takes initiative. This is a business risk issue as agentic AI, if not governed effectively, can:

  • Rephrase information incorrectly
  • Apply judgement that isn’t compliant
  • Miss escalation triggers that invoke human in the loop safeguards
  • Create inconsistent outcomes

At scale, operational risk shifts from execution errors to oversight failures.

How can we better understand and manage these emergent risks?

“If a machine is expected to be infallible, it cannot also be intelligent”- Alan Turing.

While the potential value that all forms of AI can generate is significant, that value comes at a risk. It is how that risk is evaluated and managed that determines the value customers derive from it. So how do we manage the operational risk of AI, as distinct from the technology risks of building and managing AI systems/solutions?

Humans vs AI

Humans and AI both make mistakes, but they do so differently. The alternative to using AI is not risk-free. Both humans and AI need oversight, governance, and control.

Humans versus AI chartFigure 2: Humans vs AI

  • Both can cause reputational damage, compliance breaches, and customer harm if unmanaged.
  • Both produce errors that require review, escalation, and QA controls.
  • Both can mis-reason, both can misbehave, both can breach trust.

Why is this important?

How operational risk is managed and the confidence that executives derive from its governance and control determine the value that AI can deliver in an organization. The complex and probabilistic nature of AI systems can lead to bias, unfair treatment, security, or compliance breaches (e.g. under GDPR, DORA, SR 11-7, SS1/23 principles). Importantly, operational risk, real and imagined, also undermines executive trust in AI deployment, which can hold back execution and the business value targeted. Without effective means of monitoring and controlling AI use, responsible AI policies become difficult to enforce. Under-performing models can also lead to poor customer outcomes and inefficient decision making.

“40% of agentic AI projects will be cancelled by the end of 2027, due to escalating costs, unclear business value, or inadequate risk controls”- Gartner, June 2025

INNOVATION: Each of the top challenges that we see our customers face when operationalizing AI / ML has risk and governance implications.

  1. Lack of cross–functional collaboration – Teams often work in silos, resulting in redundancy and slow time to value. A lack of collaboration and inconsistent approaches to tasks often leads to a proliferation of different standards and processes that are difficult to manage- resulting in unnecessary operational risk.
  2. Ineffective tooling – A lack of robust AIOps platforms for centralized experiment tracking, model versioning, and CI/CD can lead to manual/ad hoc processes that slow down iteration and innovation. Inefficient build and deploy workflows create inconsistent approaches, resulting in unnecessary operational risk.
  3. Poor data and AI governance – Customers can struggle with data silos, discoverability, and quality. A lack of governance and lineage erodes trust in the compliant use of data. Data and model governance, guardrails, security, and compliance are often opaque and standards difficult to enforce- resulting in unnecessary operational risk.

GOVERNANCE: Also, ERMFs themselves need to adapt to accommodate the change in the nature of risk because of AI use:

  • The need to evolve from static, periodic risk assessment to a more dynamic, continuous monitoring approach to match how the technology is used
  • Unlike people-driven processes, generative AI is much more amenable to rapid scale, governance and control need to scale too.
  • Technology risk managers alone cannot adequately manage operational risk. Governance and control should map to the existing management structure in the business to align risk appetite in each case and expected return.

Effective risk governance and control should enable innovation using technology in a long-term sustainable way and reflecting how the technology is used.

Most ERMFs were developed before generative AI. As a result, they can often restrict technology enabled innovation because:

  • They do not reflect the changed nature of the risk, resulting in higher default risk ratings
  • They rely on linear approval processes that are not suited to rapid/iterative technology development
  • Risk teams can lack AI literacy
  • They were not designed for general-purpose AI models that can be deployed for many business purposes without retraining.

Rather than adding a “generative AI Risk” section, customers adopting this technology most successfully are embedding generative AI into their existing operational risk categories and updating their risk taxonomy, KRIs, and controls accordingly. To illustrate, the table below highlights the potential impact that using generative AI at an enterprise scale can have on typical operational risk categories.

generative AI tools and service featuresFigure 3: Operational Risk Taxonomy

Understanding how generative AI tools and service features can be leveraged to encourage innovation significantly reduces costs and increases speed to market. Not managing operational risk as it presents itself leads to increased costs and, as importantly, blunts an organization’s ability to innovate. It can also lead to regretted attrition of staff as those with AI-related skills look elsewhere to develop their careers.

New risks, new tools to manage them

The intention of this blog is to highlight some of the less considered aspects of this exciting technology and to note that the changing nature of operational risk is not necessarily incremental if managed diligently. Work by organizations such as FINOS is helping to develop AI governance frameworks to define risks and mitigants to make it easier to adopt.

New technologies also have the potential to reduce risk proactively. We see this in the falling incidence of air travel fatalities per passenger mile, for example. New technologies also bring new tools to help manage risk. We know from the adoption of cloud infrastructure that automation over time typically leads to lower risks as governance and control processes become integrated and ‘compliant by design’.

At AWS, we have been inventing and simplifying on behalf of customers to provide them with the tools to manage effectively the operational risks that can be created by AI. For example:

  • Amazon Bedrock Guardrails– Guardrails enables business analysts (using natural language prompts) to set conditions for how generative AI responds to prompts so that it can be tailored to, for example, not provide ‘financial advice’ as per regulations, or respond in rude or other way offensive terms. They can be used for more positive outcomes too, such as tone and brand voice. They help detect and prevent hallucinations and provide auditable logs of a model’s use for verification- useful for regulatory reporting circumstances or investigations.
  • Amazon Bedrock Automated Reasoning checks verify natural language content against a company’s defined policies, ensuring strict compliance with your defined guardrails (auditable, mathematically verifiable explanations for validation decisions with 99% accuracy). These checks help systematically block harmful or non-compliant content before it reaches users. Unlike pattern-matching approaches, Automated Reasoning delivers higher accuracy with fewer false positives, particularly for complex policy requirements.
  • Amazon Bedrock AgentCore Identity centrally manages agent identity to each customer’s defined rules, ensuring that they have least-privilege access to data, full audit trails, and strong credential controls to enforce segregation of duties, control tool access and reduce risks related to unauthorized access or leakage of, say PII, data.
  • Amazon Bedrock AgentCore Observability gives real-time, step-by-step visibility into how agents behave in production. This makes it easier to detect failures, control costs, evidence controls and investigate incidents in a way that a compliance or internal audit function might of a manual process.
  • Amazon Bedrock AgentCore Gateway Policy and Evaluations actively blocks unauthorized agent actions through real-time, deterministic controls that operate outside of the agent code and helps developers continuously inspect the quality of an agent based on its behavior.

Overall, Amazon Bedrock Guardrails, Automated Reasoning and the various features of Amazon Bedrock AgentCore enables AI to be less ‘black box’ and into more traceable, measurable processes that sit inside a three-lines-of-defense model with clear KPIs, SLOs, and audit trails that operational risk management frameworks and functions require.

Call to action/next steps

Our experience recommends the following executive priorities when thinking about effectively managing the operational risks created by using AI to deliver business value:

  • Establish clear leadership and accountability
    • Appoint a dedicated AI Model Operations Lead who coordinates with Model Risk Management
    • Create an AI governance board with representation from key business units and risk functions
  • Invest in robust infrastructure
    • Implement comprehensive monitoring and optimization capabilities from day one
    • Build scalable MLOps practices that support rapid, controlled deployment
  • Ensure financial sustainability
    • Implement cost tracking and optimization measures from the start
    • Maintain clear metrics linking AI investments to business value
  • Build long-term organizational capability
    • Invest in training and upskilling across all levels of the organization
  • Drive data-driven decision making
    • Deploy real-time dashboards tracking key operational and business metrics
    • Use performance benchmarks to guide investment decisions
    • Establish clear KPIs and KRIs for model performance and business impact
  • Maintain regulatory readiness
    • Ensure auditability and transparency of AI systems
    • Maintain documentation and controls that satisfy regulatory requirements
  • Plan for Scale
    • Design governance frameworks that grow with AI adoption
    • Create reusable components and best practices for AI deployment and management

Your AWS account team can help you get in touch with the AWS specialists and Solution Architects who can help you build your AI infrastructure so that you can manage operational risk more using AWS services and features. We also encourage customers to reference the Generative AI Lens – AWS Well-Architected Framework and speak to their solutions architect for more technical guidance of how to build securely and compliantly with AWS.

Richard Caven

Richard Caven

is a Worldwide Banking Specialist at AWS. He is responsible for the development and execution of strategic initiatives to help customers migrate to the cloud and drive their digital transformation journey. Richard joined AWS in 2018 from Barclays where he was a Managing Director and COO for the Global Treasury function.