Artificial intelligence (AI) has been used by financial institutions for many years to enhance efficiencies, improve risk management and foster innovation. At the same time, like other technologies, AI may introduce challenges for firms in relation to data governance, regulatory compliance and risk oversight. Therefore, a regulatory framework that balances innovation and risk management while aligning with global standards is necessary. To achieve this, policymakers should maintain a principles-based and technology-neutral regulatory approach that builds on existing frameworks to avoid unnecessary complexity.

While the EU AI Act provides an important step towards harmonising AI governance, some areas would benefit from further clarification through technical standards or delegated acts, such as the definition of AI. However, since financial institutions are already familiar with the technology and managing the associated risks in line with existing financial services regulations, sector-specific guidance for financial services is not needed at this stage. Any potential future guidance should emerge from a collaborative approach among financial institutions, third-party AI providers and regulatory bodies, taking into account existing financial services legislation and risk management practices to ensure proportionality and no additional regulatory complexity.