BIS warns of hidden AI risks reshaping global banking security

The Bank for International Settlements (BIS) has issued a warning about the risks of integrating AI deeper into financial systems. As banks adopt AI for fraud detection, underwriting, and customer services, new vulnerabilities are emerging that traditional security measures may not address. Banks are rapidly expanding AI use across core operations. These systems now handle transaction monitoring, personalised services, and support functions. Yet, as AI becomes more autonomous, decisions affecting customers may happen without clear explanations.

The BIS highlights several key risks. Integrity risks arise when manipulated data or compromised integrations skew AI outputs. Dependency risks grow as institutions rely on cloud providers, third-party models, and APIs, widening the attack surface. Trust is also fragile, with consumers already wary of digital security failures.

Attackers may not need to target the AI model directly. Manipulating APIs or data sources could still influence decisions on a large scale. To counter this, institutions must continuously assess AI workflows, prioritise exploitability, and validate runtime behaviour while keeping human oversight for critical decisions. The next phase of AI in banking will involve systems making more decisions independently. Without stronger security frameworks, financial vulnerabilities could increase. Banks and regulators must adapt to mitigate real, exploitable risks in these evolving systems.